Prosím o kontrolu - pomalý internet Vyřešeno

[Peťa]

Zdravím, výrazně se mi zpomalilo prohlížení internetu. Pozoruji to na všech wifi sítích, takže to asi nebude záležitost poskytovatele.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:58:19, on 9.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\PETR\Downloads\RSIT.exe
C:\Program Files\trend micro\PETR.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BatteryCare] C:\Program Files\BatteryCare\BatteryCare.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AB29756-B6E5-46BF-BC56-F3E930C6C40B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 8793 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Peťa]

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
PETR :: PETR-PC [administrátor]

24.3.2013 19:09:15
MBAM-log-2013-03-24 (19-19-39).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 207856
Uplynulý čas: 7 minut, 25 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\WINDOWS\AutoKMS.exe (Riskware.Keygen) -> Nebyla provedena žádná instrukce.

(konec)


# AdwCleaner v2.115 - Log vytvooen 24/03/2013 v 19:20:21
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : PETR - PETR-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\PETR\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\Users\PETR\AppData\LocalLow\boost_interprocess
Složka Nalezeno : C:\Users\PETR\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\PETR\AppData\LocalLow\TheBflix
Složka Nalezeno : C:\Users\PETR\AppData\Roaming\OCS
Složka Nalezeno : C:\Users\PETR\AppData\Roaming\OpenCandy
Složka Nalezeno : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Users\PETR\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\IGearSettings
Klíe Nalezeno : HKCU\Software\InstallCore
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKU\S-1-5-21-2566762723-2239351334-1036541059-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKU\S-1-5-21-2566762723-2239351334-1036541059-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKU\S-1-5-21-2566762723-2239351334-1036541059-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKU\S-1-5-21-2566762723-2239351334-1036541059-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16470

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v11.0 (cs)

Soubor : C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\q4q7mgby.default\prefs.js

Nalezeno : user_pref("browser.search.defaultenginename", "AVG Secure Search");

-\\ Google Chrome v22.0.1229.94

Soubor : C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [4821 octets] - [24/03/2013 19:02:48]
AdwCleaner[R2].txt - [4752 octets] - [24/03/2013 19:20:21]

########## EOF - C:\AdwCleaner[R2].txt - [4812 octets] ##########

[memphisto]

V Mbam i AdwCleaner nech vše smazat a dodej logy

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[Peťa]

Mbam i AdwCleaner je tady. TDSSKiller a ComboFix udělám zítra. Jinak už od projetí ATF pociťuji zlepšení. Normálně na čištění používám CCleaner.

# AdwCleaner v2.115 - Log vytvooen 24/03/2013 v 19:59:19
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : PETR - PETR-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\PETR\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
Složka Vymazáno : C:\ProgramData\ICQ\ICQToolbar
Složka Vymazáno : C:\ProgramData\InstallMate
Složka Vymazáno : C:\Users\PETR\AppData\LocalLow\boost_interprocess
Složka Vymazáno : C:\Users\PETR\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\PETR\AppData\LocalLow\TheBflix
Složka Vymazáno : C:\Users\PETR\AppData\Roaming\OCS
Složka Vymazáno : C:\Users\PETR\AppData\Roaming\OpenCandy
Složka Vymazáno : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Vymazáno : C:\Users\PETR\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\IGearSettings
Klíe Vymazáno : HKCU\Software\InstallCore
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\PIP

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16470

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v11.0 (cs)

Soubor : C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\q4q7mgby.default\prefs.js

Vymazáno : user_pref("browser.search.defaultenginename", "AVG Secure Search");

-\\ Google Chrome v22.0.1229.94

Soubor : C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [4821 octets] - [24/03/2013 19:02:48]
AdwCleaner[R2].txt - [4881 octets] - [24/03/2013 19:20:21]
AdwCleaner[S1].txt - [4219 octets] - [24/03/2013 19:59:19]

########## EOF - C:\AdwCleaner[S1].txt - [4279 octets] ##########


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
PETR :: PETR-PC [administrátor]

24.3.2013 20:19:01
mbam-log-2013-03-24 (20-19-01).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 208020
Uplynulý čas: 7 minut, 17 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Peťa]

ComboFix 13-03-26.01 - PETR 26.03.2013 19:00:11.6.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3069.1971 [GMT 1:00]
Spuštěný z: c:\users\PETR\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-26 do 2013-03-26 )))))))))))))))))))))))))))))))
.
.
2013-03-26 18:08 . 2013-03-26 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-26 14:06 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F7520305-1734-4A09-A95F-93DECB9C243B}\mpengine.dll
2013-03-24 18:07 . 2013-03-24 18:07 -------- d-----w- c:\users\PETR\AppData\Local\ATI
2013-03-21 18:53 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2013-03-21 18:53 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-19 19:03 . 2013-03-19 19:11 -------- d-----w- C:\Merged Volume 'P'
2013-03-18 22:06 . 2013-03-18 22:06 47368 ----a-w- c:\windows\system32\certsentry.dll
2013-03-18 18:58 . 2013-03-19 19:04 -------- d-----w- c:\windows\Acronis
2013-03-18 18:54 . 2013-03-18 18:54 166976 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-03-18 18:53 . 2013-03-18 18:53 -------- d-----w- c:\program files\Acronis
2013-03-18 18:53 . 2013-03-18 18:54 -------- d-----w- c:\program files\Common Files\Acronis
2013-03-18 17:15 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-18 17:15 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-18 16:55 . 2013-03-18 16:55 -------- d-----w- c:\programdata\ATI
2013-03-16 19:16 . 2013-03-18 19:05 -------- d---a-w- C:\Merged Volume 'Local Volume' (F)
2013-03-16 13:59 . 2013-03-16 13:59 -------- d-----w- c:\programdata\AMD
2013-03-16 13:59 . 2013-03-16 14:00 -------- d-----w- c:\program files\ATI Technologies(0)
2013-03-16 13:53 . 2013-03-16 13:53 -------- d-----w- C:\AMD
2013-03-16 09:53 . 2013-03-16 16:47 -------- d-----w- c:\users\PETR\{2db372de-6502-40eb-809e-5cb2559bf69e}
2013-03-15 19:42 . 2013-03-16 16:47 -------- d-----w- C:\Fraps
2013-03-15 18:06 . 2013-03-16 16:47 -------- d-----w- c:\program files\SaveSnap
2013-03-15 15:49 . 2013-03-16 16:47 -------- d-----w- c:\program files\Cheat Engine 6.2
2013-03-14 18:20 . 2013-03-16 16:47 -------- d-----w- c:\program files\Euro Truck Simulator 2
2013-03-07 21:18 . 2013-03-07 21:18 -------- d-----w- c:\program files\SecurityXploded
2013-02-26 06:55 . 2013-02-26 06:55 65536 ----a-w- c:\windows\system32\frapsvid.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 15:01 . 2012-04-22 13:09 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-14 15:01 . 2011-07-05 22:20 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:33 . 2012-05-01 16:01 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-05-01 16:01 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2012-05-01 16:01 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-05-01 16:01 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-05-01 16:01 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2012-05-01 16:01 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2012-05-01 16:00 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-05-01 16:00 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-17 00:28 . 2011-04-23 08:41 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:26 . 2013-02-13 16:10 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:26 . 2013-02-13 16:10 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 11:28 . 2013-02-13 16:10 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:38 . 2013-02-13 16:10 2048512 ----a-w- c:\windows\system32\win32k.sys
2011-06-03 14:25 . 2011-07-25 20:17 625984 ----a-w- c:\program files\Common Files\ZugoInstaller.exe
2012-03-13 04:38 . 2012-04-01 14:28 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-12-14 15:49 512360 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 12:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 15:01]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.0.250
TCP: Interfaces\{4AB29756-B6E5-46BF-BC56-F3E930C6C40B}: NameServer = 8.8.4.4,8.8.8.8
FF - ProfilePath - c:\users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\q4q7mgby.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-26 19:12
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\TEMP\_avast_\unp40424661.tmp 110699 bytes
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
Binary file temp00 matches
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(412)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\vfsFPService.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Comodo\Dragon\dragon_updater.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\System32\vdsldr.exe
.
**************************************************************************
.
Celkový čas: 2013-03-26 19:18:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-26 18:17
ComboFix2.txt 2012-10-31 18:14
ComboFix3.txt 2012-03-02 22:01
.
Před spuštěním: Volných bajtů: 177 809 375 232
Po spuštění: Volných bajtů: 177 734 152 192
.
- - End Of File - - 8C3456B63C2F222AA496DA2C29BB9843

[Peťa]

18:52:00.0317 0900 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:52:00.0494 0900 ============================================================
18:52:00.0494 0900 Current date / time: 2013/03/26 18:52:00.0494
18:52:00.0494 0900 SystemInfo:
18:52:00.0495 0900
18:52:00.0495 0900 OS Version: 6.0.6002 ServicePack: 2.0
18:52:00.0495 0900 Product type: Workstation
18:52:00.0495 0900 ComputerName: PETR-PC
18:52:00.0495 0900 UserName: PETR
18:52:00.0495 0900 Windows directory: C:\Windows
18:52:00.0495 0900 System windows directory: C:\Windows
18:52:00.0495 0900 Processor architecture: Intel x86
18:52:00.0495 0900 Number of processors: 2
18:52:00.0495 0900 Page size: 0x1000
18:52:00.0495 0900 Boot type: Normal boot
18:52:00.0495 0900 ============================================================
18:52:01.0986 0900 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:52:01.0989 0900 ============================================================
18:52:01.0989 0900 \Device\Harddisk0\DR0:
18:52:01.0989 0900 MBR partitions:
18:52:01.0989 0900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x807, BlocksNum 0x1BC497F9
18:52:01.0989 0900 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C249000, BlocksNum 0xF7B000
18:52:02.0009 0900 ============================================================
18:52:02.0105 0900 C: <-> \Device\Harddisk0\DR0\Partition1
18:52:02.0170 0900 D: <-> \Device\Harddisk0\DR0\Partition2
18:52:02.0170 0900 ============================================================
18:52:02.0170 0900 Initialize success
18:52:02.0170 0900 ============================================================
18:52:07.0713 5896 ============================================================
18:52:07.0713 5896 Scan started
18:52:07.0713 5896 Mode: Manual;
18:52:07.0713 5896 ============================================================
18:52:08.0823 5896 ================ Scan system memory ========================
18:52:08.0824 5896 System memory - ok
18:52:08.0824 5896 ================ Scan services =============================
18:52:08.0997 5896 [ 3B10711AD8656C097E0D16A41B29C54C ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
18:52:08.0999 5896 Accelerometer - ok
18:52:09.0050 5896 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:52:09.0055 5896 ACPI - ok
18:52:09.0164 5896 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:52:09.0169 5896 AdobeFlashPlayerUpdateSvc - ok
18:52:09.0231 5896 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:52:09.0239 5896 adp94xx - ok
18:52:09.0257 5896 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:52:09.0263 5896 adpahci - ok
18:52:09.0283 5896 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:52:09.0285 5896 adpu160m - ok
18:52:09.0299 5896 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:52:09.0303 5896 adpu320 - ok
18:52:09.0353 5896 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:52:09.0355 5896 AeLookupSvc - ok
18:52:09.0781 5896 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
18:52:09.0784 5896 AESTFilters - ok
18:52:09.0844 5896 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
18:52:09.0850 5896 AFD - ok
18:52:09.0900 5896 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:52:09.0902 5896 agp440 - ok
18:52:09.0936 5896 [ E331924FDF522CD7CEA1B647503784E8 ] ahcix86s C:\Windows\system32\DRIVERS\ahcix86s.sys
18:52:09.0937 5896 ahcix86s - ok
18:52:09.0965 5896 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:52:09.0968 5896 aic78xx - ok
18:52:09.0989 5896 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
18:52:09.0991 5896 ALG - ok
18:52:10.0005 5896 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
18:52:10.0006 5896 aliide - ok
18:52:10.0024 5896 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:52:10.0026 5896 amdagp - ok
18:52:10.0082 5896 [ BAFEC23FC76AB781DFE9169F9B8DBEBB ] Amddfltr C:\Windows\system32\DRIVERS\Amddfltr.sys
18:52:10.0084 5896 Amddfltr - ok
18:52:10.0093 5896 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
18:52:10.0094 5896 amdide - ok
18:52:10.0101 5896 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:52:10.0103 5896 AmdK7 - ok
18:52:10.0111 5896 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:52:10.0112 5896 AmdK8 - ok
18:52:10.0160 5896 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
18:52:10.0161 5896 Appinfo - ok
18:52:10.0230 5896 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
18:52:10.0233 5896 arc - ok
18:52:10.0256 5896 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:52:10.0259 5896 arcsas - ok
18:52:10.0319 5896 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
18:52:10.0321 5896 aswFsBlk - ok
18:52:10.0355 5896 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:52:10.0357 5896 aswMonFlt - ok
18:52:10.0390 5896 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
18:52:10.0393 5896 AswRdr - ok
18:52:10.0447 5896 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
18:52:10.0450 5896 aswRvrt - ok
18:52:10.0516 5896 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:52:10.0552 5896 aswSnx - ok
18:52:10.0597 5896 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:52:10.0604 5896 aswSP - ok
18:52:10.0641 5896 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
18:52:10.0644 5896 aswTdi - ok
18:52:10.0680 5896 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
18:52:10.0684 5896 aswVmm - ok
18:52:10.0746 5896 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:52:10.0747 5896 AsyncMac - ok
18:52:10.0776 5896 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
18:52:10.0777 5896 atapi - ok
18:52:10.0836 5896 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys
18:52:10.0871 5896 athr - ok
18:52:10.0927 5896 [ 443CA4F36D0E2576AC0BD7A73A45F32B ] athur C:\Windows\system32\DRIVERS\athur.sys
18:52:10.0972 5896 athur - ok
18:52:11.0037 5896 [ 740B9B4140CACCD0513D999EAB488E48 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
18:52:11.0060 5896 Ati External Event Utility - ok
18:52:11.0222 5896 [ 7526AD10925D1AA9E4E6B0FB393B701F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:52:11.0320 5896 atikmdag - ok
18:52:11.0339 5896 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
18:52:11.0341 5896 AtiPcie - ok
18:52:11.0393 5896 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:52:11.0400 5896 AudioEndpointBuilder - ok
18:52:11.0409 5896 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:52:11.0412 5896 Audiosrv - ok
18:52:11.0544 5896 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:52:11.0546 5896 avast! Antivirus - ok
18:52:11.0607 5896 [ 69A7CE53FFA89E0116FAF5369384BBE5 ] AVerAF15 C:\Windows\system32\Drivers\AVerAF15.sys
18:52:11.0613 5896 AVerAF15 - ok
18:52:11.0683 5896 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
18:52:11.0706 5896 BCM43XV - ok
18:52:11.0741 5896 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
18:52:11.0743 5896 Beep - ok
18:52:11.0804 5896 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
18:52:11.0811 5896 BFE - ok
18:52:11.0871 5896 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
18:52:11.0905 5896 BITS - ok
18:52:11.0913 5896 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:52:11.0915 5896 blbdrive - ok
18:52:11.0947 5896 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:52:11.0949 5896 bowser - ok
18:52:12.0007 5896 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:52:12.0008 5896 BrFiltLo - ok
18:52:12.0019 5896 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:52:12.0023 5896 BrFiltUp - ok
18:52:12.0065 5896 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
18:52:12.0068 5896 Browser - ok
18:52:12.0102 5896 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:52:12.0104 5896 Brserid - ok
18:52:12.0111 5896 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:52:12.0113 5896 BrSerWdm - ok
18:52:12.0121 5896 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:52:12.0123 5896 BrUsbMdm - ok
18:52:12.0131 5896 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:52:12.0132 5896 BrUsbSer - ok
18:52:12.0177 5896 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
18:52:12.0178 5896 BthEnum - ok
18:52:12.0213 5896 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:52:12.0216 5896 BTHMODEM - ok
18:52:12.0246 5896 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:52:12.0264 5896 BthPan - ok
18:52:12.0312 5896 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
18:52:12.0334 5896 BTHPORT - ok
18:52:12.0372 5896 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
18:52:12.0388 5896 BthServ - ok
18:52:12.0422 5896 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
18:52:12.0423 5896 BTHUSB - ok
18:52:12.0469 5896 [ 99AEEA7CEFDFC6E4151A8F620D682088 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:52:12.0472 5896 btwaudio - ok
18:52:12.0505 5896 [ 195872E48A7FB01F8BC9B800F70F4054 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:52:12.0508 5896 btwavdt - ok
18:52:12.0533 5896 [ 0724E7D6C9B6A289EDDDA33FA8176E80 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:52:12.0535 5896 btwrchid - ok
18:52:12.0559 5896 catchme - ok
18:52:12.0600 5896 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:52:12.0603 5896 cdfs - ok
18:52:12.0652 5896 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:52:12.0654 5896 cdrom - ok
18:52:12.0702 5896 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
18:52:12.0704 5896 CertPropSvc - ok
18:52:12.0720 5896 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:52:12.0722 5896 circlass - ok
18:52:12.0745 5896 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
18:52:12.0750 5896 CLFS - ok
18:52:12.0809 5896 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:12.0812 5896 clr_optimization_v2.0.50727_32 - ok
18:52:12.0887 5896 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:52:12.0890 5896 clr_optimization_v4.0.30319_32 - ok
18:52:12.0931 5896 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:52:12.0932 5896 CmBatt - ok
18:52:12.0955 5896 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:52:12.0956 5896 cmdide - ok
18:52:12.0977 5896 cnnctfy2MP - ok
18:52:13.0080 5896 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:52:13.0086 5896 Com4QLBEx - ok
18:52:13.0106 5896 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:52:13.0107 5896 Compbatt - ok
18:52:13.0114 5896 COMSysApp - ok
18:52:13.0154 5896 [ C2EB4539A4F6AB6EDD01BDC191619975 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x32.sys
18:52:13.0156 5896 cpuz135 - ok
18:52:13.0182 5896 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:52:13.0184 5896 crcdisk - ok
18:52:13.0199 5896 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:52:13.0201 5896 Crusoe - ok
18:52:13.0242 5896 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:52:13.0246 5896 CryptSvc - ok
18:52:13.0317 5896 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:52:13.0339 5896 DcomLaunch - ok
18:52:13.0373 5896 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:52:13.0376 5896 DfsC - ok
18:52:13.0470 5896 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
18:52:13.0525 5896 DFSR - ok
18:52:13.0572 5896 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:52:13.0578 5896 Dhcp - ok
18:52:13.0607 5896 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
18:52:13.0609 5896 disk - ok
18:52:13.0651 5896 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:52:13.0655 5896 Dnscache - ok
18:52:13.0675 5896 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:52:13.0680 5896 dot3svc - ok
18:52:13.0734 5896 [ DB162274197796AC5B3D54DA7ECA1909 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
18:52:13.0739 5896 DpHost - ok
18:52:13.0776 5896 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
18:52:13.0780 5896 DPS - ok
18:52:13.0993 5896 [ F8BCE77F950E5112D7087DCA2A2174D8 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
18:52:14.0060 5896 DragonUpdater - ok
18:52:14.0092 5896 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:52:14.0093 5896 drmkaud - ok
18:52:14.0148 5896 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:52:14.0171 5896 DXGKrnl - ok
18:52:14.0188 5896 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:52:14.0191 5896 E1G60 - ok
18:52:14.0233 5896 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
18:52:14.0237 5896 EapHost - ok
18:52:14.0297 5896 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
18:52:14.0301 5896 Ecache - ok
18:52:14.0365 5896 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:52:14.0371 5896 ehRecvr - ok
18:52:14.0386 5896 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
18:52:14.0389 5896 ehSched - ok
18:52:14.0404 5896 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
18:52:14.0406 5896 ehstart - ok
18:52:14.0459 5896 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:52:14.0466 5896 elxstor - ok
18:52:14.0504 5896 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:52:14.0526 5896 EMDMgmt - ok
18:52:14.0555 5896 [ 4CD6B056C5FD9E97C06FE74C81479517 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
18:52:14.0557 5896 enecir - ok
18:52:14.0602 5896 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:52:14.0603 5896 ErrDev - ok
18:52:14.0658 5896 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
18:52:14.0665 5896 EventSystem - ok
18:52:14.0699 5896 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
18:52:14.0703 5896 exfat - ok
18:52:14.0722 5896 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:52:14.0726 5896 fastfat - ok
18:52:14.0753 5896 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:52:14.0755 5896 fdc - ok
18:52:14.0795 5896 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
18:52:14.0798 5896 fdPHost - ok
18:52:14.0812 5896 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:52:14.0815 5896 FDResPub - ok
18:52:14.0831 5896 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:52:14.0833 5896 FileInfo - ok
18:52:14.0840 5896 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:52:14.0842 5896 Filetrace - ok
18:52:14.0848 5896 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:52:14.0851 5896 flpydisk - ok
18:52:14.0872 5896 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:52:14.0876 5896 FltMgr - ok
18:52:14.0959 5896 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
18:52:14.0981 5896 FontCache - ok
18:52:15.0051 5896 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:52:15.0053 5896 FontCache3.0.0.0 - ok
18:52:15.0092 5896 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:52:15.0094 5896 Fs_Rec - ok
18:52:15.0129 5896 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:52:15.0131 5896 gagp30kx - ok
18:52:15.0178 5896 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
18:52:15.0180 5896 ggflt - ok
18:52:15.0229 5896 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
18:52:15.0231 5896 ggsemc - ok
18:52:15.0261 5896 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
18:52:15.0264 5896 giveio - ok
18:52:15.0313 5896 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
18:52:15.0335 5896 gpsvc - ok
18:52:15.0371 5896 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:52:15.0376 5896 HdAudAddService - ok
18:52:15.0426 5896 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:52:15.0449 5896 HDAudBus - ok
18:52:15.0487 5896 [ FCB3F4BE408F72C1BD81BCABA87FC22F ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:52:15.0489 5896 HidBth - ok
18:52:15.0520 5896 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:52:15.0522 5896 HidIr - ok
18:52:15.0571 5896 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
18:52:15.0575 5896 hidserv - ok
18:52:15.0606 5896 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:52:15.0608 5896 HidUsb - ok
18:52:15.0635 5896 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:52:15.0640 5896 hkmsvc - ok
18:52:15.0705 5896 [ D13E6BFD7E9189D26A42E94CB2447044 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
18:52:15.0708 5896 HP Health Check Service - ok
18:52:15.0736 5896 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:52:15.0738 5896 HpCISSs - ok
18:52:15.0779 5896 [ 24F3F496C18EFC234777723A67A85F81 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
18:52:15.0780 5896 hpdskflt - ok
18:52:15.0818 5896 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:52:15.0820 5896 HpqKbFiltr - ok
18:52:15.0846 5896 [ 115C0933B3ED51DFBEC4449348C8065B ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
18:52:15.0848 5896 HpqRemHid - ok
18:52:15.0915 5896 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
18:52:15.0920 5896 hpqwmiex - ok
18:52:15.0942 5896 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] hpsrv C:\Windows\system32\Hpservice.exe
18:52:15.0946 5896 hpsrv - ok
18:52:15.0980 5896 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:52:15.0985 5896 HSFHWAZL - ok
18:52:16.0028 5896 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:52:16.0061 5896 HSF_DPV - ok
18:52:16.0108 5896 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:52:16.0121 5896 HTTP - ok
18:52:16.0156 5896 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:52:16.0158 5896 i2omp - ok
18:52:16.0219 5896 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:52:16.0221 5896 i8042prt - ok
18:52:16.0248 5896 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:52:16.0254 5896 iaStorV - ok
18:52:16.0327 5896 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:52:16.0329 5896 IDriverT - ok
18:52:16.0393 5896 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:52:16.0427 5896 idsvc - ok
18:52:16.0447 5896 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:52:16.0448 5896 iirsp - ok
18:52:16.0503 5896 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
18:52:16.0527 5896 IKEEXT - ok
18:52:16.0542 5896 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
18:52:16.0544 5896 intelide - ok
18:52:16.0584 5896 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:52:16.0586 5896 intelppm - ok
18:52:16.0628 5896 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:52:16.0633 5896 IPBusEnum - ok
18:52:16.0640 5896 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:52:16.0641 5896 IpFilterDriver - ok
18:52:16.0682 5896 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:52:16.0688 5896 iphlpsvc - ok
18:52:16.0694 5896 IpInIp - ok
18:52:16.0704 5896 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:52:16.0706 5896 IPMIDRV - ok
18:52:16.0725 5896 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:52:16.0728 5896 IPNAT - ok
18:52:16.0734 5896 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:52:16.0736 5896 IRENUM - ok
18:52:16.0760 5896 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:52:16.0762 5896 isapnp - ok
18:52:16.0814 5896 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:52:16.0819 5896 iScsiPrt - ok
18:52:16.0831 5896 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:52:16.0833 5896 iteatapi - ok
18:52:16.0851 5896 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:52:16.0853 5896 iteraid - ok
18:52:16.0888 5896 [ 858C550EBBD243826A2193262C1B54A3 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
18:52:16.0891 5896 JMCR - ok
18:52:16.0909 5896 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:52:16.0911 5896 kbdclass - ok
18:52:16.0930 5896 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:52:16.0932 5896 kbdhid - ok
18:52:16.0961 5896 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
18:52:16.0965 5896 KeyIso - ok
18:52:17.0002 5896 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:52:17.0028 5896 KSecDD - ok
18:52:17.0070 5896 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:52:17.0093 5896 KtmRm - ok
18:52:17.0132 5896 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
18:52:17.0140 5896 LanmanServer - ok
18:52:17.0194 5896 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:52:17.0204 5896 LanmanWorkstation - ok
18:52:17.0281 5896 [ 984ECB68ED2A2B2E6A544E87E24FBA2D ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:52:17.0283 5896 LightScribeService - ok
18:52:17.0312 5896 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:52:17.0314 5896 lltdio - ok
18:52:17.0350 5896 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:52:17.0356 5896 lltdsvc - ok
18:52:17.0382 5896 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:52:17.0386 5896 lmhosts - ok
18:52:17.0415 5896 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:52:17.0418 5896 LSI_FC - ok
18:52:17.0439 5896 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:52:17.0441 5896 LSI_SAS - ok
18:52:17.0471 5896 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:52:17.0474 5896 LSI_SCSI - ok
18:52:17.0493 5896 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
18:52:17.0496 5896 luafv - ok
18:52:17.0517 5896 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:52:17.0522 5896 Mcx2Svc - ok
18:52:17.0563 5896 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
18:52:17.0565 5896 megasas - ok
18:52:17.0610 5896 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:52:17.0618 5896 MegaSR - ok
18:52:17.0807 5896 Microsoft SharePoint Workspace Audit Service - ok
18:52:17.0836 5896 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
18:52:17.0841 5896 MMCSS - ok
18:52:17.0856 5896 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
18:52:17.0858 5896 Modem - ok
18:52:17.0908 5896 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:52:17.0910 5896 monitor - ok
18:52:17.0948 5896 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:52:17.0950 5896 mouclass - ok
18:52:17.0966 5896 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:52:17.0968 5896 mouhid - ok
18:52:17.0988 5896 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:52:17.0990 5896 MountMgr - ok
18:52:18.0019 5896 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
18:52:18.0022 5896 mpio - ok
18:52:18.0036 5896 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:52:18.0038 5896 mpsdrv - ok
18:52:18.0088 5896 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:52:18.0111 5896 MpsSvc - ok
18:52:18.0141 5896 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:52:18.0143 5896 Mraid35x - ok
18:52:18.0160 5896 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:52:18.0163 5896 MRxDAV - ok
18:52:18.0208 5896 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:52:18.0211 5896 mrxsmb - ok
18:52:18.0232 5896 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:52:18.0237 5896 mrxsmb10 - ok
18:52:18.0252 5896 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:52:18.0255 5896 mrxsmb20 - ok
18:52:18.0311 5896 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
18:52:18.0314 5896 msahci - ok
18:52:18.0326 5896 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:52:18.0330 5896 msdsm - ok
18:52:18.0363 5896 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
18:52:18.0369 5896 MSDTC - ok
18:52:18.0388 5896 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:52:18.0390 5896 Msfs - ok
18:52:18.0405 5896 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:52:18.0406 5896 msisadrv - ok
18:52:18.0452 5896 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:52:18.0457 5896 MSiSCSI - ok
18:52:18.0478 5896 msiserver - ok
18:52:18.0509 5896 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:52:18.0510 5896 MSKSSRV - ok
18:52:18.0533 5896 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:52:18.0535 5896 MSPCLOCK - ok
18:52:18.0556 5896 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:52:18.0558 5896 MSPQM - ok
18:52:18.0606 5896 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:52:18.0610 5896 MsRPC - ok
18:52:18.0650 5896 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:52:18.0652 5896 mssmbios - ok
18:52:18.0658 5896 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:52:18.0660 5896 MSTEE - ok
18:52:18.0678 5896 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
18:52:18.0681 5896 Mup - ok
18:52:18.0721 5896 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
18:52:18.0743 5896 napagent - ok
18:52:18.0794 5896 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:52:18.0799 5896 NativeWifiP - ok
18:52:18.0837 5896 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:52:18.0859 5896 NDIS - ok
18:52:18.0877 5896 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:52:18.0878 5896 NdisTapi - ok
18:52:18.0894 5896 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:52:18.0896 5896 Ndisuio - ok
18:52:18.0934 5896 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:52:18.0937 5896 NdisWan - ok
18:52:18.0976 5896 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:52:18.0978 5896 NDProxy - ok
18:52:19.0004 5896 Nero BackItUp Scheduler 4.0 - ok
18:52:19.0030 5896 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:52:19.0032 5896 NetBIOS - ok
18:52:19.0050 5896 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:52:19.0055 5896 netbt - ok
18:52:19.0073 5896 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
18:52:19.0077 5896 Netlogon - ok
18:52:19.0120 5896 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
18:52:19.0143 5896 Netman - ok
18:52:19.0171 5896 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
18:52:19.0179 5896 netprofm - ok
18:52:19.0219 5896 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:52:19.0223 5896 NetTcpPortSharing - ok
18:52:19.0241 5896 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:52:19.0243 5896 nfrd960 - ok
18:52:19.0257 5896 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:52:19.0264 5896 NlaSvc - ok
18:52:19.0297 5896 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:52:19.0299 5896 Npfs - ok
18:52:19.0317 5896 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
18:52:19.0322 5896 nsi - ok
18:52:19.0356 5896 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:52:19.0358 5896 nsiproxy - ok
18:52:19.0405 5896 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:52:19.0439 5896 Ntfs - ok
18:52:19.0456 5896 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:52:19.0458 5896 ntrigdigi - ok
18:52:19.0479 5896 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
18:52:19.0480 5896 Null - ok
18:52:19.0517 5896 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
18:52:19.0539 5896 NVENETFD - ok
18:52:19.0557 5896 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:52:19.0561 5896 nvraid - ok
18:52:19.0578 5896 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:52:19.0580 5896 nvstor - ok
18:52:19.0604 5896 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:52:19.0608 5896 nv_agp - ok
18:52:19.0615 5896 NwlnkFlt - ok
18:52:19.0622 5896 NwlnkFwd - ok
18:52:19.0661 5896 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:52:19.0663 5896 ohci1394 - ok
18:52:19.0757 5896 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:52:19.0760 5896 ose - ok
18:52:19.0950 5896 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:52:20.0060 5896 osppsvc - ok
18:52:20.0132 5896 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:52:20.0154 5896 p2pimsvc - ok
18:52:20.0187 5896 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
18:52:20.0197 5896 p2psvc - ok
18:52:20.0240 5896 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:52:20.0242 5896 Parport - ok
18:52:20.0270 5896 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:52:20.0272 5896 partmgr - ok
18:52:20.0301 5896 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:52:20.0302 5896 Parvdm - ok
18:52:20.0338 5896 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
18:52:20.0344 5896 PcaSvc - ok
18:52:20.0381 5896 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
18:52:20.0384 5896 pci - ok
18:52:20.0424 5896 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
18:52:20.0425 5896 pciide - ok
18:52:20.0449 5896 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:52:20.0453 5896 pcmcia - ok
18:52:20.0507 5896 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:52:20.0530 5896 PEAUTH - ok
18:52:20.0600 5896 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
18:52:20.0644 5896 pla - ok
18:52:20.0675 5896 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:52:20.0684 5896 PlugPlay - ok
18:52:20.0735 5896 [ 713E294439D982BB161317DE0136FAA0 ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
18:52:20.0737 5896 pneteth - ok
18:52:20.0786 5896 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
18:52:20.0793 5896 PnkBstrA - ok
18:52:20.0821 5896 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:52:20.0830 5896 PNRPAutoReg - ok
18:52:20.0854 5896 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:52:20.0863 5896 PNRPsvc - ok
18:52:20.0908 5896 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:52:20.0917 5896 PolicyAgent - ok
18:52:20.0952 5896 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:52:20.0954 5896 PptpMiniport - ok
18:52:20.0989 5896 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:52:20.0991 5896 Processor - ok
18:52:21.0025 5896 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
18:52:21.0033 5896 ProfSvc - ok
18:52:21.0051 5896 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:52:21.0055 5896 ProtectedStorage - ok
18:52:21.0076 5896 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:52:21.0078 5896 PSched - ok
18:52:21.0146 5896 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:52:21.0180 5896 ql2300 - ok
18:52:21.0188 5896 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:52:21.0191 5896 ql40xx - ok
18:52:21.0267 5896 [ 026D1FA4033B82F18B99E44351D7E82E ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
18:52:21.0273 5896 QPCapSvc - ok
18:52:21.0292 5896 [ 7697BCA450EAE30A6CDB98898239E8B7 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
18:52:21.0296 5896 QPSched - ok
18:52:21.0338 5896 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
18:52:21.0347 5896 QWAVE - ok
18:52:21.0364 5896 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:52:21.0366 5896 QWAVEdrv - ok
18:52:21.0391 5896 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:52:21.0393 5896 RasAcd - ok
18:52:21.0416 5896 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
18:52:21.0422 5896 RasAuto - ok
18:52:21.0439 5896 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:52:21.0442 5896 Rasl2tp - ok
18:52:21.0480 5896 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
18:52:21.0490 5896 RasMan - ok
18:52:21.0510 5896 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:52:21.0513 5896 RasPppoe - ok
18:52:21.0533 5896 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:52:21.0536 5896 RasSstp - ok
18:52:21.0583 5896 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:52:21.0589 5896 rdbss - ok
18:52:21.0607 5896 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:52:21.0609 5896 RDPCDD - ok
18:52:21.0640 5896 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:52:21.0645 5896 rdpdr - ok
18:52:21.0670 5896 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:52:21.0672 5896 RDPENCDD - ok
18:52:21.0709 5896 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:52:21.0714 5896 RDPWD - ok
18:52:21.0782 5896 [ B9570481A1BABCC4A9E941C553596077 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
18:52:21.0788 5896 Recovery Service for Windows - ok
18:52:21.0845 5896 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:52:21.0851 5896 RemoteAccess - ok
18:52:21.0891 5896 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:52:21.0898 5896 RemoteRegistry - ok
18:52:21.0941 5896 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:52:21.0945 5896 RFCOMM - ok
18:52:22.0017 5896 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:52:22.0023 5896 RichVideo - ok
18:52:22.0065 5896 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:52:22.0069 5896 RpcLocator - ok
18:52:22.0096 5896 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
18:52:22.0105 5896 RpcSs - ok
18:52:22.0146 5896 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:52:22.0148 5896 rspndr - ok
18:52:22.0183 5896 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
18:52:22.0187 5896 RTL8169 - ok
18:52:22.0231 5896 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
18:52:22.0234 5896 s0016bus - ok
18:52:22.0275 5896 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
18:52:22.0277 5896 s0016mdfl - ok
18:52:22.0293 5896 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
18:52:22.0297 5896 s0016mdm - ok
18:52:22.0323 5896 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
18:52:22.0326 5896 s0016mgmt - ok
18:52:22.0345 5896 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
18:52:22.0347 5896 s0016nd5 - ok
18:52:22.0369 5896 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
18:52:22.0372 5896 s0016obex - ok
18:52:22.0387 5896 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
18:52:22.0391 5896 s0016unic - ok
18:52:22.0427 5896 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
18:52:22.0430 5896 s0017bus - ok
18:52:22.0472 5896 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
18:52:22.0474 5896 s0017mdfl - ok
18:52:22.0494 5896 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
18:52:22.0498 5896 s0017mdm - ok
18:52:22.0516 5896 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
18:52:22.0520 5896 s0017mgmt - ok
18:52:22.0572 5896 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
18:52:22.0574 5896 s0017nd5 - ok
18:52:22.0608 5896 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
18:52:22.0611 5896 s0017obex - ok
18:52:22.0641 5896 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
18:52:22.0644 5896 s0017unic - ok
18:52:22.0698 5896 [ 815445F4676CC96BC9AEEC303C727E19 ] s116bus C:\Windows\system32\DRIVERS\s116bus.sys
18:52:22.0701 5896 s116bus - ok
18:52:22.0735 5896 [ 333D1E0743E6DE1779C3C418AC601C3A ] s116mdfl C:\Windows\system32\DRIVERS\s116mdfl.sys
18:52:22.0737 5896 s116mdfl - ok
18:52:22.0757 5896 [ 50D6E5B021E9EC7553AB8A3553CC1B6B ] s116mdm C:\Windows\system32\DRIVERS\s116mdm.sys
18:52:22.0761 5896 s116mdm - ok
18:52:22.0781 5896 [ 1589AA53E43F8D193A7D4D580D3FFA95 ] s116mgmt C:\Windows\system32\DRIVERS\s116mgmt.sys
18:52:22.0784 5896 s116mgmt - ok
18:52:22.0822 5896 [ 306F85733671FE507470F0273025E768 ] s116nd5 C:\Windows\system32\DRIVERS\s116nd5.sys
18:52:22.0824 5896 s116nd5 - ok
18:52:22.0845 5896 [ EC32601F04A5A5DE89315D0F55E73D66 ] s116obex C:\Windows\system32\DRIVERS\s116obex.sys
18:52:22.0848 5896 s116obex - ok
18:52:22.0890 5896 [ 32E3ECB4B2B5887426EAF241A8149CDE ] s116unic C:\Windows\system32\DRIVERS\s116unic.sys
18:52:22.0893 5896 s116unic - ok
18:52:22.0939 5896 [ AA786AD3A2684D39630744787B00E6F4 ] s3017bus C:\Windows\system32\DRIVERS\s3017bus.sys
18:52:22.0942 5896 s3017bus - ok
18:52:22.0949 5896 [ CBA4CA5BCE44084E98CE420FD6692D3A ] s3017mdfl C:\Windows\system32\DRIVERS\s3017mdfl.sys
18:52:22.0951 5896 s3017mdfl - ok
18:52:22.0959 5896 [ 68036EFF647970D6C0399789C8707CAD ] s3017mdm C:\Windows\system32\DRIVERS\s3017mdm.sys
18:52:22.0962 5896 s3017mdm - ok
18:52:23.0003 5896 [ 3672E7F9349BD98FD3F5AC33E7B2B1A6 ] s3017mgmt C:\Windows\system32\DRIVERS\s3017mgmt.sys
18:52:23.0006 5896 s3017mgmt - ok
18:52:23.0054 5896 [ B1133B37EB184AEF81D56B4302DBAE9C ] s3017nd5 C:\Windows\system32\DRIVERS\s3017nd5.sys
18:52:23.0056 5896 s3017nd5 - ok
18:52:23.0085 5896 [ D81B1D504AA1426622E7EC09F25130A9 ] s3017obex C:\Windows\system32\DRIVERS\s3017obex.sys
18:52:23.0088 5896 s3017obex - ok
18:52:23.0112 5896 [ 7B95C53EA8BB585013767EEF2875C0A0 ] s3017unic C:\Windows\system32\DRIVERS\s3017unic.sys
18:52:23.0115 5896 s3017unic - ok
18:52:23.0140 5896 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
18:52:23.0144 5896 SamSs - ok
18:52:23.0172 5896 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:52:23.0175 5896 sbp2port - ok
18:52:23.0215 5896 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:52:23.0222 5896 SCardSvr - ok
18:52:23.0274 5896 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
18:52:23.0296 5896 Schedule - ok
18:52:23.0325 5896 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:52:23.0327 5896 SCPolicySvc - ok
18:52:23.0342 5896 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:52:23.0346 5896 sdbus - ok
18:52:23.0389 5896 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:52:23.0396 5896 SDRSVC - ok
18:52:23.0418 5896 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:52:23.0420 5896 secdrv - ok
18:52:23.0436 5896 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
18:52:23.0442 5896 seclogon - ok
18:52:23.0508 5896 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
18:52:23.0510 5896 seehcri - ok
18:52:23.0531 5896 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
18:52:23.0537 5896 SENS - ok
18:52:23.0573 5896 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:52:23.0575 5896 Serenum - ok
18:52:23.0582 5896 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:52:23.0585 5896 Serial - ok
18:52:23.0592 5896 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:52:23.0594 5896 sermouse - ok
18:52:23.0620 5896 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
18:52:23.0627 5896 SessionEnv - ok
18:52:23.0634 5896 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:52:23.0636 5896 sffdisk - ok
18:52:23.0645 5896 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:52:23.0647 5896 sffp_mmc - ok
18:52:23.0653 5896 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:52:23.0655 5896 sffp_sd - ok
18:52:23.0663 5896 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:52:23.0665 5896 sfloppy - ok
18:52:23.0706 5896 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:52:23.0718 5896 SharedAccess - ok
18:52:23.0747 5896 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:52:23.0757 5896 ShellHWDetection - ok
18:52:23.0773 5896 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:52:23.0776 5896 sisagp - ok
18:52:23.0794 5896 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:52:23.0797 5896 SiSRaid2 - ok
18:52:23.0808 5896 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:52:23.0811 5896 SiSRaid4 - ok
18:52:23.0863 5896 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:52:23.0867 5896 SkypeUpdate - ok
18:52:23.0986 5896 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
18:52:24.0075 5896 slsvc - ok
18:52:24.0102 5896 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:52:24.0108 5896 SLUINotify - ok
18:52:24.0127 5896 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:52:24.0130 5896 Smb - ok
18:52:24.0173 5896 [ BD3863C139F3380A9F44FB188FEEFC6E ] snapman C:\Windows\system32\DRIVERS\snapman.sys
18:52:24.0177 5896 snapman - ok
18:52:24.0205 5896 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:52:24.0211 5896 SNMPTRAP - ok
18:52:24.0333 5896 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
18:52:24.0339 5896 Sony PC Companion - ok
18:52:24.0380 5896 [ 9F70CD5EDCC4EFC48AE21E04FB03BE9D ] speedfan C:\Windows\system32\speedfan.sys
18:52:24.0386 5896 speedfan - ok
18:52:24.0428 5896 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
18:52:24.0430 5896 spldr - ok
18:52:24.0470 5896 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
18:52:24.0478 5896 Spooler - ok
18:52:24.0478 5896 ================ Scan global ===============================
18:52:24.0513 5896 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:52:24.0550 5896 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:52:24.0594 5896 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:52:24.0644 5896 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:52:24.0666 5896 [Global] - ok
18:52:24.0667 5896 ================ Scan MBR ==================================
18:52:24.0678 5896 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:52:24.0902 5896 \Device\Harddisk0\DR0 - ok
18:52:24.0906 5896 ================ Scan VBR ==================================
18:52:24.0911 5896 [ C374B88A0AC615D9114707BE682B56DF ] \Device\Harddisk0\DR0\Partition1
18:52:24.0913 5896 \Device\Harddisk0\DR0\Partition1 - ok
18:52:24.0947 5896 [ 38831AD5BB221EB6AB76C2DE65B9BF2D ] \Device\Harddisk0\DR0\Partition2
18:52:24.0949 5896 \Device\Harddisk0\DR0\Partition2 - ok
18:52:24.0953 5896 ============================================================
18:52:24.0953 5896 Scan finished
18:52:24.0953 5896 ============================================================
18:52:24.0969 5732 Detected object count: 0
18:52:24.0969 5732 Actual detected object count: 0
18:53:06.0799 4332 Deinitialize success

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Peťa]

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : PETR [Práva správce]
Mód : Kontrola -- Datum : 03/27/2013 17:36:21
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[SERVICES][HIDDEN KEY] HKLM\[...]\ControlSet001\Services\S () -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHZ2250BH G2 SCSI Disk Device +++++
--- User ---
[MBR] cae09f8b85bf1a31b9def1f531af0c3e
[BSP] c6a877e95040b834a349abac878a115b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2055 | Size: 227474 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 472158208 | Size: 7926 Mo
2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 465872896 | Size: 3069 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_03272013_02d1736.txt >>
RKreport[1]_S_03272013_02d1736.txt


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-27 16:55:04
-----------------------------
16:55:04.972 OS Version: Windows 6.0.6002 Service Pack 2
16:55:04.972 Number of processors: 2 586 0x301
16:55:04.972 ComputerName: PETR-PC UserName: PETR
16:55:06.641 Initialize success
16:55:07.499 AVAST engine defs: 13032700
16:55:09.652 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000009f
16:55:09.668 Disk 0 Vendor: FUJITSU_ 1.89 Size: 238475MB BusType: 8
16:55:09.964 Disk 0 MBR read successfully
16:55:09.964 Disk 0 MBR scan
16:55:09.980 Disk 0 Windows 7 default MBR code
16:55:09.995 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 227474 MB offset 2055
16:55:10.027 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 7926 MB offset 472158208
16:55:10.042 Disk 0 Partition - 00 05 Extended 3069 MB offset 465872896
16:55:10.120 Disk 0 Partition 3 00 82 Linux swap 3068 MB offset 465874944
16:55:10.136 Disk 0 scanning sectors +488390656
16:55:10.526 Disk 0 scanning C:\Windows\system32\drivers
16:55:38.387 Service scanning
16:56:07.185 Modules scanning
16:56:26.870 Disk 0 trace - called modules:
16:56:26.886 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll Amddfltr.sys storport.sys ahcix86s.sys usbhub.sys tcpip.sys NETIO.SYS
16:56:26.886 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87e9cac8]
16:56:26.901 3 CLASSPNP.SYS[807a68b3] -> nt!IofCallDriver -> [0x87d99298]
16:56:26.901 5 hpdskflt.sys[8c5b6f05] -> nt!IofCallDriver -> [0x87d99570]
16:56:26.917 7 Amddfltr.sys[8c3170b6] -> nt!IofCallDriver -> \Device\0000009f[0x86c33380]
16:56:27.775 AVAST engine scan C:\Windows
16:56:35.263 AVAST engine scan C:\Windows\system32
17:01:26.172 AVAST engine scan C:\Windows\system32\drivers
17:02:37.916 AVAST engine scan C:\Users\PETR
17:23:30.691 AVAST engine scan C:\ProgramData
17:25:40.358 Scan finished successfully
17:30:21.735 Disk 0 MBR has been saved successfully to "C:\Users\PETR\Desktop\MBR.dat"
17:30:21.735 The log file has been saved successfully to "C:\Users\PETR\Desktop\aswMBR.txt"

[jaro3]

Zavři všechny programy a prohlížeče.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Scan "
- Klikni na "Delete"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1]. txt na ploše.
- Zavři RogueKiller

Ještě nějaké problémy?

[Peťa]

Myslím, že je to ok :)

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : PETR [Práva správce]
Mód : Odebrat -- Datum : 03/28/2013 10:23:18
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[SERVICES][HIDDEN KEY] HKLM\[...]\ControlSet001\Services\S\Start ((unknown)) -> ERROR [0x1]

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHZ2250BH G2 SCSI Disk Device +++++
--- User ---
[MBR] cae09f8b85bf1a31b9def1f531af0c3e
[BSP] c6a877e95040b834a349abac878a115b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2055 | Size: 227474 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 472158208 | Size: 7926 Mo
2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 465872896 | Size: 3069 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[3]_D_03282013_02d1023.txt >>
RKreport[1]_S_03272013_02d1736.txt ; RKreport[2]_S_03282013_02d1021.txt ; RKreport[3]_D_03282013_02d1023.txt

[Žbeky]

Můžeš dát vyřešeno