Prosím o kontrolu logu - pomalý notebook

[RitterQa]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Lucka on po 01.07.2013 at 19:10:48,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6D6B82F7-187C-4CDD-89C4-E3A096FBDA9F}



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\Lucka\AppData\Roaming\big fish games"
Successfully deleted: [Empty Folder] C:\Users\Lucka\appdata\local\{E08C047E-22A9-4D0F-9386-70DFEE55626B}
Successfully deleted: [Empty Folder] C:\Users\Lucka\appdata\local\{E0D28BE3-7B54-48D9-BB45-317CCECD36F9}



~~~ FireFox

Emptied folder: C:\Users\Lucka\AppData\Roaming\mozilla\firefox\profiles\830xafq3.default\minidumps [78 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 01.07.2013 at 19:18:39,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Reklama]

[RitterQa]

19:21:18.0331 4880 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:21:18.0549 4880 ============================================================
19:21:18.0549 4880 Current date / time: 2013/07/01 19:21:18.0549
19:21:18.0549 4880 SystemInfo:
19:21:18.0549 4880
19:21:18.0549 4880 OS Version: 6.1.7601 ServicePack: 1.0
19:21:18.0549 4880 Product type: Workstation
19:21:18.0549 4880 ComputerName: LUCKA-PC
19:21:18.0549 4880 UserName: Lucka
19:21:18.0549 4880 Windows directory: C:\Windows
19:21:18.0549 4880 System windows directory: C:\Windows
19:21:18.0549 4880 Running under WOW64
19:21:18.0549 4880 Processor architecture: Intel x64
19:21:18.0549 4880 Number of processors: 2
19:21:18.0549 4880 Page size: 0x1000
19:21:18.0549 4880 Boot type: Normal boot
19:21:18.0549 4880 ============================================================
19:21:19.0126 4880 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:21:19.0126 4880 ============================================================
19:21:19.0126 4880 \Device\Harddisk0\DR0:
19:21:19.0126 4880 MBR partitions:
19:21:19.0126 4880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
19:21:19.0126 4880 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x23A97AB0
19:21:19.0126 4880 ============================================================
19:21:19.0173 4880 C: <-> \Device\Harddisk0\DR0\Partition2
19:21:19.0173 4880 ============================================================
19:21:19.0173 4880 Initialize success
19:21:19.0173 4880 ============================================================
19:21:20.0905 4808 ============================================================
19:21:20.0905 4808 Scan started
19:21:20.0920 4808 Mode: Manual;
19:21:20.0920 4808 ============================================================
19:21:21.0419 4808 ================ Scan system memory ========================
19:21:21.0419 4808 System memory - ok
19:21:21.0419 4808 ================ Scan services =============================
19:21:21.0669 4808 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:21:21.0669 4808 1394ohci - ok
19:21:21.0731 4808 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
19:21:21.0731 4808 acedrv11 - ok
19:21:21.0778 4808 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:21:21.0778 4808 ACPI - ok
19:21:21.0841 4808 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:21:21.0841 4808 AcpiPmi - ok
19:21:21.0919 4808 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:21:21.0934 4808 Adobe LM Service - ok
19:21:22.0121 4808 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:21:22.0121 4808 AdobeFlashPlayerUpdateSvc - ok
19:21:22.0199 4808 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:21:22.0199 4808 adp94xx - ok
19:21:22.0231 4808 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:21:22.0231 4808 adpahci - ok
19:21:22.0277 4808 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:21:22.0293 4808 adpu320 - ok
19:21:22.0324 4808 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:21:22.0324 4808 AeLookupSvc - ok
19:21:22.0371 4808 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:21:22.0371 4808 AFD - ok
19:21:22.0433 4808 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
19:21:22.0449 4808 AgereModemAudio - ok
19:21:22.0496 4808 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
19:21:22.0496 4808 AgereSoftModem - ok
19:21:22.0543 4808 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:21:22.0543 4808 agp440 - ok
19:21:22.0589 4808 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:21:22.0589 4808 ALG - ok
19:21:22.0636 4808 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:21:22.0636 4808 aliide - ok
19:21:22.0683 4808 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:21:22.0683 4808 amdide - ok
19:21:22.0730 4808 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:21:22.0730 4808 AmdK8 - ok
19:21:22.0745 4808 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:21:22.0745 4808 AmdPPM - ok
19:21:22.0792 4808 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:21:22.0792 4808 amdsata - ok
19:21:22.0823 4808 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:21:22.0839 4808 amdsbs - ok
19:21:22.0886 4808 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:21:22.0886 4808 amdxata - ok
19:21:22.0933 4808 [ 9815014F3E30357168DA272088C6F12F ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:21:22.0948 4808 ApfiltrService - ok
19:21:23.0011 4808 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:21:23.0011 4808 AppID - ok
19:21:23.0057 4808 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:21:23.0057 4808 AppIDSvc - ok
19:21:23.0120 4808 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
19:21:23.0120 4808 Appinfo - ok
19:21:23.0182 4808 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:21:23.0182 4808 Apple Mobile Device - ok
19:21:23.0260 4808 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:21:23.0260 4808 arc - ok
19:21:23.0276 4808 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:21:23.0276 4808 arcsas - ok
19:21:23.0354 4808 [ 4CA8E3A70263C3029935551204586701 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:21:23.0354 4808 aswFsBlk - ok
19:21:23.0416 4808 [ CF6A24076F978BF9C1FE61EE8595DB66 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:21:23.0416 4808 aswMonFlt - ok
19:21:23.0510 4808 [ 24EB5B96B8D215BAC4FC280D39B73049 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:21:23.0510 4808 aswRdr - ok
19:21:23.0572 4808 [ 76A2BD420185B468B6DE89AED1EEAE40 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:21:23.0572 4808 aswRvrt - ok
19:21:23.0681 4808 [ 5EB2FC36BD4639097A2F9BB68C825604 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:21:23.0697 4808 aswSnx - ok
19:21:23.0775 4808 [ AB1403AF5CC781D5148096216DA3A2A3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:21:23.0775 4808 aswSP - ok
19:21:23.0853 4808 [ 6A2D4BB9DDAA7D74839936403BB31F06 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:21:23.0853 4808 aswTdi - ok
19:21:23.0931 4808 [ 0A83FFF1AEF6113EF8DCBB32D5014AB1 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:21:23.0947 4808 aswVmm - ok
19:21:23.0962 4808 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:21:23.0962 4808 AsyncMac - ok
19:21:24.0009 4808 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:21:24.0009 4808 atapi - ok
19:21:24.0071 4808 [ 5D4529AC4156E16BEDB01441AE0CF984 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:21:24.0087 4808 athr - ok
19:21:24.0165 4808 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:21:24.0165 4808 atksgt - ok
19:21:24.0227 4808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:21:24.0259 4808 AudioEndpointBuilder - ok
19:21:24.0274 4808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:21:24.0274 4808 AudioSrv - ok
19:21:24.0399 4808 [ AEF6E1DE647339C4990586D1DE427BBB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:21:24.0399 4808 avast! Antivirus - ok
19:21:24.0461 4808 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:21:24.0461 4808 AxInstSV - ok
19:21:24.0524 4808 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:21:24.0524 4808 b06bdrv - ok
19:21:24.0555 4808 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:21:24.0555 4808 b57nd60a - ok
19:21:24.0633 4808 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:21:24.0649 4808 BCM43XX - ok
19:21:24.0680 4808 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:21:24.0680 4808 BDESVC - ok
19:21:24.0711 4808 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:21:24.0711 4808 Beep - ok
19:21:24.0773 4808 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:21:24.0789 4808 BFE - ok
19:21:24.0851 4808 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:21:24.0898 4808 BITS - ok
19:21:24.0945 4808 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:21:24.0945 4808 blbdrive - ok
19:21:25.0023 4808 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:21:25.0023 4808 Bonjour Service - ok
19:21:25.0054 4808 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:21:25.0054 4808 bowser - ok
19:21:25.0117 4808 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:21:25.0117 4808 BrFiltLo - ok
19:21:25.0117 4808 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:21:25.0117 4808 BrFiltUp - ok
19:21:25.0163 4808 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:21:25.0163 4808 BridgeMP - ok
19:21:25.0210 4808 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:21:25.0210 4808 Browser - ok
19:21:25.0241 4808 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:21:25.0241 4808 Brserid - ok
19:21:25.0257 4808 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:21:25.0257 4808 BrSerWdm - ok
19:21:25.0273 4808 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:21:25.0273 4808 BrUsbMdm - ok
19:21:25.0288 4808 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:21:25.0288 4808 BrUsbSer - ok
19:21:25.0382 4808 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:21:25.0382 4808 BthEnum - ok
19:21:25.0413 4808 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:21:25.0413 4808 BTHMODEM - ok
19:21:25.0475 4808 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:21:25.0475 4808 BthPan - ok
19:21:25.0553 4808 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:21:25.0553 4808 BTHPORT - ok
19:21:25.0600 4808 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:21:25.0600 4808 bthserv - ok
19:21:25.0631 4808 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:21:25.0631 4808 BTHUSB - ok
19:21:25.0678 4808 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:21:25.0694 4808 btwaudio - ok
19:21:25.0725 4808 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:21:25.0725 4808 btwavdt - ok
19:21:25.0803 4808 [ 9B3BD0ECD82CC08409C55A36D8F56B93 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:21:25.0819 4808 btwdins - ok
19:21:25.0850 4808 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:21:25.0850 4808 btwl2cap - ok
19:21:25.0897 4808 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:21:25.0897 4808 btwrchid - ok
19:21:25.0928 4808 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:21:25.0928 4808 cdfs - ok
19:21:25.0990 4808 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:21:25.0990 4808 cdrom - ok
19:21:26.0037 4808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:21:26.0053 4808 CertPropSvc - ok
19:21:26.0084 4808 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:21:26.0084 4808 circlass - ok
19:21:26.0131 4808 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:21:26.0146 4808 CLFS - ok
19:21:26.0193 4808 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:21:26.0209 4808 clr_optimization_v2.0.50727_32 - ok
19:21:26.0255 4808 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:21:26.0255 4808 clr_optimization_v2.0.50727_64 - ok
19:21:26.0380 4808 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:21:26.0396 4808 clr_optimization_v4.0.30319_32 - ok
19:21:26.0474 4808 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:21:26.0489 4808 clr_optimization_v4.0.30319_64 - ok
19:21:26.0521 4808 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:21:26.0521 4808 CmBatt - ok
19:21:26.0552 4808 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:21:26.0552 4808 cmdide - ok
19:21:26.0599 4808 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:21:26.0599 4808 CNG - ok
19:21:26.0645 4808 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:21:26.0645 4808 Compbatt - ok
19:21:26.0692 4808 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:21:26.0692 4808 CompositeBus - ok
19:21:26.0723 4808 COMSysApp - ok
19:21:26.0755 4808 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:21:26.0755 4808 crcdisk - ok
19:21:26.0817 4808 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:21:26.0817 4808 CryptSvc - ok
19:21:26.0879 4808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:21:26.0895 4808 DcomLaunch - ok
19:21:26.0957 4808 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:21:26.0957 4808 defragsvc - ok
19:21:27.0020 4808 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:21:27.0020 4808 DfsC - ok
19:21:27.0082 4808 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:21:27.0082 4808 Dhcp - ok
19:21:27.0129 4808 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:21:27.0129 4808 discache - ok
19:21:27.0160 4808 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:21:27.0160 4808 Disk - ok
19:21:27.0269 4808 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
19:21:27.0269 4808 DKbFltr - ok
19:21:27.0301 4808 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:21:27.0301 4808 Dnscache - ok
19:21:27.0379 4808 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:21:27.0394 4808 dot3svc - ok
19:21:27.0441 4808 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:21:27.0441 4808 DPS - ok
19:21:27.0488 4808 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:21:27.0488 4808 drmkaud - ok
19:21:27.0550 4808 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:21:27.0566 4808 DXGKrnl - ok
19:21:27.0644 4808 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:21:27.0659 4808 EapHost - ok
19:21:27.0784 4808 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:21:27.0800 4808 ebdrv - ok
19:21:27.0847 4808 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:21:27.0847 4808 EFS - ok
19:21:27.0925 4808 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:21:27.0940 4808 ehRecvr - ok
19:21:28.0003 4808 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:21:28.0003 4808 ehSched - ok
19:21:28.0065 4808 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:21:28.0065 4808 elxstor - ok
19:21:28.0159 4808 [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:21:28.0174 4808 ePowerSvc - ok
19:21:28.0190 4808 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:21:28.0190 4808 ErrDev - ok
19:21:28.0252 4808 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:21:28.0252 4808 EventSystem - ok
19:21:28.0283 4808 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:21:28.0283 4808 exfat - ok
19:21:28.0315 4808 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:21:28.0315 4808 fastfat - ok
19:21:28.0377 4808 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:21:28.0393 4808 Fax - ok
19:21:28.0439 4808 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:21:28.0439 4808 fdc - ok
19:21:28.0455 4808 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:21:28.0455 4808 fdPHost - ok
19:21:28.0471 4808 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:21:28.0486 4808 FDResPub - ok
19:21:28.0502 4808 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:21:28.0502 4808 FileInfo - ok
19:21:28.0517 4808 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:21:28.0517 4808 Filetrace - ok
19:21:28.0564 4808 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:21:28.0564 4808 flpydisk - ok
19:21:28.0595 4808 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:21:28.0595 4808 FltMgr - ok
19:21:28.0689 4808 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
19:21:28.0736 4808 FontCache - ok
19:21:28.0829 4808 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:21:28.0829 4808 FontCache3.0.0.0 - ok
19:21:28.0876 4808 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:21:28.0876 4808 FsDepends - ok
19:21:28.0939 4808 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:21:28.0939 4808 fssfltr - ok
19:21:29.0095 4808 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:21:29.0157 4808 fsssvc - ok
19:21:29.0204 4808 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:21:29.0204 4808 Fs_Rec - ok
19:21:29.0266 4808 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:21:29.0282 4808 fvevol - ok
19:21:29.0329 4808 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:21:29.0329 4808 gagp30kx - ok
19:21:29.0391 4808 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:21:29.0422 4808 gpsvc - ok
19:21:29.0531 4808 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
19:21:29.0547 4808 Greg_Service - ok
19:21:29.0625 4808 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:21:29.0625 4808 gupdate - ok
19:21:29.0656 4808 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:21:29.0656 4808 gupdatem - ok
19:21:29.0703 4808 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:21:29.0703 4808 hcw85cir - ok
19:21:29.0781 4808 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:21:29.0781 4808 HdAudAddService - ok
19:21:29.0828 4808 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:21:29.0828 4808 HDAudBus - ok
19:21:29.0859 4808 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:21:29.0859 4808 HidBatt - ok
19:21:29.0875 4808 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:21:29.0875 4808 HidBth - ok
19:21:29.0875 4808 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:21:29.0875 4808 HidIr - ok
19:21:29.0921 4808 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:21:29.0921 4808 hidserv - ok
19:21:29.0953 4808 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:21:29.0953 4808 HidUsb - ok
19:21:29.0999 4808 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:21:29.0999 4808 hkmsvc - ok
19:21:30.0062 4808 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:21:30.0062 4808 HomeGroupListener - ok
19:21:30.0093 4808 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:21:30.0109 4808 HomeGroupProvider - ok
19:21:30.0140 4808 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:21:30.0140 4808 HpSAMD - ok
19:21:30.0202 4808 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:21:30.0218 4808 HTTP - ok
19:21:30.0265 4808 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:21:30.0265 4808 hwpolicy - ok
19:21:30.0311 4808 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:21:30.0311 4808 i8042prt - ok
19:21:30.0389 4808 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:21:30.0405 4808 IAANTMON - ok
19:21:30.0436 4808 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:21:30.0452 4808 iaStor - ok
19:21:30.0514 4808 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:21:30.0514 4808 iaStorV - ok
19:21:30.0592 4808 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:21:30.0623 4808 idsvc - ok
19:21:30.0857 4808 [ DFEAF0A1D98D397035012C8E28D1520F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:21:30.0904 4808 igfx - ok
19:21:30.0951 4808 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:21:30.0951 4808 iirsp - ok
19:21:31.0013 4808 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:21:31.0060 4808 IKEEXT - ok
19:21:31.0154 4808 [ 9AA6A93852E36FE76C3F7FC2904F3B01 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:21:31.0185 4808 IntcAzAudAddService - ok
19:21:31.0232 4808 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
19:21:31.0232 4808 IntcHdmiAddService - ok
19:21:31.0279 4808 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:21:31.0279 4808 intelide - ok
19:21:31.0310 4808 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:21:31.0310 4808 intelppm - ok
19:21:31.0341 4808 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:21:31.0341 4808 IPBusEnum - ok
19:21:31.0403 4808 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:21:31.0403 4808 IpFilterDriver - ok
19:21:31.0450 4808 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:21:31.0481 4808 iphlpsvc - ok
19:21:31.0528 4808 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:21:31.0528 4808 IPMIDRV - ok
19:21:31.0544 4808 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:21:31.0544 4808 IPNAT - ok
19:21:31.0575 4808 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:21:31.0575 4808 IRENUM - ok
19:21:31.0622 4808 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:21:31.0622 4808 isapnp - ok
19:21:31.0669 4808 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:21:31.0669 4808 iScsiPrt - ok
19:21:31.0715 4808 [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
19:21:31.0715 4808 k57nd60a - ok
19:21:31.0747 4808 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:21:31.0747 4808 kbdclass - ok
19:21:31.0793 4808 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:21:31.0793 4808 kbdhid - ok
19:21:31.0825 4808 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:21:31.0840 4808 KeyIso - ok
19:21:31.0871 4808 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:21:31.0871 4808 KSecDD - ok
19:21:31.0903 4808 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:21:31.0903 4808 KSecPkg - ok
19:21:31.0949 4808 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:21:31.0949 4808 ksthunk - ok
19:21:31.0981 4808 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:21:31.0981 4808 KtmRm - ok
19:21:31.0996 4808 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
19:21:31.0996 4808 L1E - ok
19:21:32.0043 4808 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:21:32.0059 4808 LanmanServer - ok
19:21:32.0105 4808 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:21:32.0121 4808 LanmanWorkstation - ok
19:21:32.0199 4808 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:21:32.0199 4808 lirsgt - ok
19:21:32.0230 4808 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:21:32.0246 4808 lltdio - ok
19:21:32.0277 4808 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:21:32.0308 4808 lltdsvc - ok
19:21:32.0339 4808 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:21:32.0355 4808 lmhosts - ok
19:21:32.0386 4808 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:21:32.0386 4808 LSI_FC - ok
19:21:32.0417 4808 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:21:32.0417 4808 LSI_SAS - ok
19:21:32.0417 4808 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:21:32.0417 4808 LSI_SAS2 - ok
19:21:32.0449 4808 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:21:32.0449 4808 LSI_SCSI - ok
19:21:32.0480 4808 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:21:32.0480 4808 luafv - ok
19:21:32.0542 4808 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:21:32.0542 4808 MBAMProtector - ok
19:21:32.0605 4808 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:21:32.0605 4808 MBAMScheduler - ok
19:21:32.0683 4808 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:21:32.0698 4808 MBAMService - ok
19:21:32.0761 4808 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:21:32.0761 4808 Mcx2Svc - ok
19:21:32.0823 4808 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:21:32.0823 4808 megasas - ok
19:21:32.0839 4808 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:21:32.0854 4808 MegaSR - ok
19:21:32.0885 4808 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:21:32.0901 4808 MMCSS - ok
19:21:32.0901 4808 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:21:32.0901 4808 Modem - ok
19:21:32.0979 4808 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:21:32.0979 4808 monitor - ok
19:21:33.0010 4808 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:21:33.0010 4808 mouclass - ok
19:21:33.0026 4808 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:21:33.0026 4808 mouhid - ok
19:21:33.0088 4808 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:21:33.0088 4808 mountmgr - ok
19:21:33.0135 4808 MozillaMaintenance - ok
19:21:33.0166 4808 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:21:33.0166 4808 mpio - ok
19:21:33.0197 4808 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:21:33.0197 4808 mpsdrv - ok
19:21:33.0244 4808 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:21:33.0307 4808 MpsSvc - ok
19:21:33.0369 4808 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:21:33.0369 4808 MRxDAV - ok
19:21:33.0416 4808 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:21:33.0416 4808 mrxsmb - ok
19:21:33.0463 4808 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:21:33.0463 4808 mrxsmb10 - ok
19:21:33.0494 4808 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:21:33.0494 4808 mrxsmb20 - ok
19:21:33.0525 4808 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:21:33.0525 4808 msahci - ok
19:21:33.0572 4808 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:21:33.0572 4808 msdsm - ok
19:21:33.0603 4808 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:21:33.0619 4808 MSDTC - ok
19:21:33.0681 4808 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:21:33.0681 4808 Msfs - ok
19:21:33.0697 4808 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:21:33.0697 4808 mshidkmdf - ok
19:21:33.0728 4808 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:21:33.0728 4808 msisadrv - ok
19:21:33.0790 4808 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:21:33.0790 4808 MSiSCSI - ok
19:21:33.0806 4808 msiserver - ok
19:21:33.0868 4808 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:21:33.0868 4808 MSKSSRV - ok
19:21:33.0931 4808 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:21:33.0931 4808 MSPCLOCK - ok
19:21:33.0931 4808 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:21:33.0946 4808 MSPQM - ok
19:21:33.0993 4808 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:21:34.0009 4808 MsRPC - ok
19:21:34.0071 4808 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:21:34.0071 4808 mssmbios - ok
19:21:34.0102 4808 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:21:34.0102 4808 MSTEE - ok
19:21:34.0102 4808 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:21:34.0102 4808 MTConfig - ok
19:21:34.0165 4808 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:21:34.0165 4808 Mup - ok
19:21:34.0196 4808 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:21:34.0196 4808 mwlPSDFilter - ok
19:21:34.0211 4808 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:21:34.0211 4808 mwlPSDNServ - ok
19:21:34.0227 4808 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:21:34.0227 4808 mwlPSDVDisk - ok
19:21:34.0289 4808 [ 0F5FAAC852DB4C340B7A2F187E3358B8 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
19:21:34.0305 4808 MWLService - ok
19:21:34.0367 4808 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:21:34.0399 4808 napagent - ok
19:21:34.0492 4808 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:21:34.0492 4808 NativeWifiP - ok
19:21:34.0555 4808 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:21:34.0570 4808 NDIS - ok
19:21:34.0601 4808 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:21:34.0601 4808 NdisCap - ok
19:21:34.0633 4808 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:21:34.0633 4808 NdisTapi - ok
19:21:34.0679 4808 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:21:34.0679 4808 Ndisuio - ok
19:21:34.0726 4808 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:21:34.0726 4808 NdisWan - ok
19:21:34.0757 4808 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:21:34.0757 4808 NDProxy - ok
19:21:34.0804 4808 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:21:34.0804 4808 NetBIOS - ok
19:21:34.0851 4808 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:21:34.0851 4808 NetBT - ok
19:21:34.0882 4808 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:21:34.0898 4808 Netlogon - ok
19:21:34.0945 4808 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:21:34.0960 4808 Netman - ok
19:21:34.0991 4808 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:21:35.0007 4808 netprofm - ok
19:21:35.0038 4808 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:21:35.0038 4808 NetTcpPortSharing - ok
19:21:35.0101 4808 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:21:35.0101 4808 nfrd960 - ok
19:21:35.0163 4808 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:21:35.0179 4808 NlaSvc - ok
19:21:35.0210 4808 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:21:35.0210 4808 Npfs - ok
19:21:35.0225 4808 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:21:35.0241 4808 nsi - ok
19:21:35.0288 4808 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:21:35.0288 4808 nsiproxy - ok
19:21:35.0381 4808 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:21:35.0397 4808 Ntfs - ok
19:21:35.0444 4808 [ 70E3EB0CEF795D348F05E5A9B115F491 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
19:21:35.0444 4808 NTI IScheduleSvc - ok
19:21:35.0491 4808 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
19:21:35.0506 4808 NTIBackupSvc - ok
19:21:35.0537 4808 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
19:21:35.0537 4808 NTIDrvr - ok
19:21:35.0569 4808 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
19:21:35.0584 4808 NTISchedulerSvc - ok
19:21:35.0615 4808 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:21:35.0615 4808 Null - ok
19:21:35.0678 4808 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:21:35.0678 4808 nvraid - ok
19:21:35.0725 4808 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:21:35.0725 4808 nvstor - ok
19:21:35.0771 4808 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:21:35.0771 4808 nv_agp - ok
19:21:35.0849 4808 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:21:35.0865 4808 odserv - ok
19:21:35.0912 4808 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:21:35.0912 4808 ohci1394 - ok
19:21:35.0943 4808 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:21:35.0959 4808 ose - ok
19:21:35.0990 4808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:21:36.0021 4808 p2pimsvc - ok
19:21:36.0068 4808 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:21:36.0099 4808 p2psvc - ok
19:21:36.0146 4808 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:21:36.0146 4808 Parport - ok
19:21:36.0177 4808 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:21:36.0177 4808 partmgr - ok
19:21:36.0208 4808 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

[RitterQa]

19:21:36.0208 4808 PcaSvc - ok
19:21:36.0255 4808 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:21:36.0255 4808 pci - ok
19:21:36.0271 4808 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:21:36.0271 4808 pciide - ok
19:21:36.0302 4808 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:21:36.0302 4808 pcmcia - ok
19:21:36.0333 4808 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:21:36.0333 4808 pcw - ok
19:21:36.0364 4808 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:21:36.0364 4808 PEAUTH - ok
19:21:36.0458 4808 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:21:36.0458 4808 PerfHost - ok
19:21:36.0551 4808 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:21:36.0598 4808 pla - ok
19:21:36.0645 4808 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:21:36.0661 4808 PlugPlay - ok
19:21:36.0692 4808 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:21:36.0707 4808 PNRPAutoReg - ok
19:21:36.0723 4808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:21:36.0739 4808 PNRPsvc - ok
19:21:36.0785 4808 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:21:36.0801 4808 PolicyAgent - ok
19:21:36.0848 4808 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:21:36.0863 4808 Power - ok
19:21:36.0910 4808 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:21:36.0926 4808 PptpMiniport - ok
19:21:36.0941 4808 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:21:36.0941 4808 Processor - ok
19:21:36.0988 4808 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:21:37.0004 4808 ProfSvc - ok
19:21:37.0019 4808 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:21:37.0035 4808 ProtectedStorage - ok
19:21:37.0082 4808 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:21:37.0082 4808 Psched - ok
19:21:37.0144 4808 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:21:37.0160 4808 ql2300 - ok
19:21:37.0175 4808 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:21:37.0175 4808 ql40xx - ok
19:21:37.0207 4808 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:21:37.0222 4808 QWAVE - ok
19:21:37.0238 4808 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:21:37.0238 4808 QWAVEdrv - ok
19:21:37.0238 4808 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:21:37.0253 4808 RasAcd - ok
19:21:37.0285 4808 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:21:37.0285 4808 RasAgileVpn - ok
19:21:37.0316 4808 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:21:37.0316 4808 RasAuto - ok
19:21:37.0347 4808 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:21:37.0363 4808 Rasl2tp - ok
19:21:37.0409 4808 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:21:37.0409 4808 RasMan - ok
19:21:37.0425 4808 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:21:37.0425 4808 RasPppoe - ok
19:21:37.0441 4808 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:21:37.0441 4808 RasSstp - ok
19:21:37.0503 4808 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:21:37.0519 4808 rdbss - ok
19:21:37.0534 4808 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:21:37.0534 4808 rdpbus - ok
19:21:37.0550 4808 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:21:37.0550 4808 RDPCDD - ok
19:21:37.0581 4808 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:21:37.0581 4808 RDPENCDD - ok
19:21:37.0597 4808 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:21:37.0597 4808 RDPREFMP - ok
19:21:37.0643 4808 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:21:37.0643 4808 RDPWD - ok
19:21:37.0690 4808 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:21:37.0690 4808 rdyboost - ok
19:21:37.0721 4808 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:21:37.0737 4808 RemoteAccess - ok
19:21:37.0753 4808 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:21:37.0768 4808 RemoteRegistry - ok
19:21:37.0815 4808 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:21:37.0815 4808 RFCOMM - ok
19:21:37.0831 4808 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:21:37.0846 4808 RpcEptMapper - ok
19:21:37.0877 4808 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:21:37.0877 4808 RpcLocator - ok
19:21:37.0940 4808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:21:37.0940 4808 RpcSs - ok
19:21:37.0987 4808 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:21:37.0987 4808 rspndr - ok
19:21:38.0018 4808 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
19:21:38.0018 4808 RSUSBSTOR - ok
19:21:38.0033 4808 RtsUIR - ok
19:21:38.0065 4808 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:21:38.0065 4808 SamSs - ok
19:21:38.0080 4808 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:21:38.0080 4808 sbp2port - ok
19:21:38.0111 4808 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:21:38.0127 4808 SCardSvr - ok
19:21:38.0158 4808 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:21:38.0158 4808 scfilter - ok
19:21:38.0236 4808 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:21:38.0283 4808 Schedule - ok
19:21:38.0314 4808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:21:38.0314 4808 SCPolicySvc - ok
19:21:38.0361 4808 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:21:38.0361 4808 SDRSVC - ok
19:21:38.0408 4808 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:21:38.0408 4808 secdrv - ok
19:21:38.0455 4808 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:21:38.0455 4808 seclogon - ok
19:21:38.0486 4808 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:21:38.0501 4808 SENS - ok
19:21:38.0517 4808 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:21:38.0517 4808 SensrSvc - ok
19:21:38.0548 4808 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:21:38.0548 4808 Serenum - ok
19:21:38.0564 4808 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:21:38.0564 4808 Serial - ok
19:21:38.0595 4808 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:21:38.0595 4808 sermouse - ok
19:21:38.0642 4808 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:21:38.0657 4808 SessionEnv - ok
19:21:38.0689 4808 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:21:38.0689 4808 sffdisk - ok
19:21:38.0704 4808 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:21:38.0704 4808 sffp_mmc - ok
19:21:38.0720 4808 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:21:38.0720 4808 sffp_sd - ok
19:21:38.0751 4808 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:21:38.0751 4808 sfloppy - ok
19:21:38.0782 4808 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:21:38.0798 4808 SharedAccess - ok
19:21:38.0845 4808 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:21:38.0860 4808 ShellHWDetection - ok
19:21:38.0907 4808 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:21:38.0907 4808 SiSRaid2 - ok
19:21:38.0907 4808 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:21:38.0907 4808 SiSRaid4 - ok
19:21:38.0938 4808 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:21:38.0938 4808 Smb - ok
19:21:38.0985 4808 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:21:38.0985 4808 SNMPTRAP - ok
19:21:39.0001 4808 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:21:39.0001 4808 spldr - ok
19:21:39.0047 4808 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:21:39.0063 4808 Spooler - ok
19:21:39.0203 4808 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:21:39.0313 4808 sppsvc - ok
19:21:39.0344 4808 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:21:39.0344 4808 sppuinotify - ok
19:21:39.0422 4808 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
19:21:39.0437 4808 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
19:21:39.0437 4808 sptd ( LockedFile.Multi.Generic ) - warning
19:21:39.0437 4808 sptd - detected LockedFile.Multi.Generic (1)
19:21:39.0484 4808 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:21:39.0484 4808 srv - ok
19:21:39.0531 4808 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:21:39.0531 4808 srv2 - ok
19:21:39.0562 4808 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:21:39.0562 4808 srvnet - ok
19:21:39.0609 4808 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:21:39.0609 4808 SSDPSRV - ok
19:21:39.0625 4808 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:21:39.0625 4808 SstpSvc - ok
19:21:39.0656 4808 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:21:39.0656 4808 stexstor - ok
19:21:39.0718 4808 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:21:39.0749 4808 stisvc - ok
19:21:39.0796 4808 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:21:39.0796 4808 swenum - ok
19:21:39.0843 4808 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:21:39.0874 4808 swprv - ok
19:21:39.0952 4808 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:21:40.0015 4808 SysMain - ok
19:21:40.0061 4808 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:21:40.0061 4808 TabletInputService - ok
19:21:40.0108 4808 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:21:40.0155 4808 TapiSrv - ok
19:21:40.0202 4808 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:21:40.0202 4808 TBS - ok
19:21:40.0295 4808 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:21:40.0311 4808 Tcpip - ok
19:21:40.0389 4808 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:21:40.0420 4808 TCPIP6 - ok
19:21:40.0451 4808 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:21:40.0467 4808 tcpipreg - ok
19:21:40.0514 4808 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:21:40.0514 4808 TDPIPE - ok
19:21:40.0561 4808 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:21:40.0561 4808 TDTCP - ok
19:21:40.0607 4808 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:21:40.0623 4808 tdx - ok
19:21:40.0639 4808 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:21:40.0639 4808 TermDD - ok
19:21:40.0701 4808 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:21:40.0732 4808 TermService - ok
19:21:40.0763 4808 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:21:40.0763 4808 Themes - ok
19:21:40.0810 4808 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:21:40.0810 4808 THREADORDER - ok
19:21:40.0826 4808 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:21:40.0841 4808 TrkWks - ok
19:21:40.0904 4808 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:21:40.0904 4808 TrustedInstaller - ok
19:21:40.0951 4808 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:21:40.0951 4808 tssecsrv - ok
19:21:41.0029 4808 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:21:41.0029 4808 TsUsbFlt - ok
19:21:41.0075 4808 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:21:41.0075 4808 tunnel - ok
19:21:41.0122 4808 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:21:41.0122 4808 uagp35 - ok
19:21:41.0169 4808 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
19:21:41.0169 4808 UBHelper - ok
19:21:41.0216 4808 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:21:41.0216 4808 udfs - ok
19:21:41.0278 4808 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:21:41.0278 4808 UI0Detect - ok
19:21:41.0325 4808 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:21:41.0325 4808 uliagpkx - ok
19:21:41.0387 4808 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:21:41.0387 4808 umbus - ok
19:21:41.0419 4808 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:21:41.0419 4808 UmPass - ok
19:21:41.0528 4808 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:21:41.0528 4808 Updater Service - ok
19:21:41.0575 4808 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:21:41.0590 4808 upnphost - ok
19:21:41.0637 4808 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:21:41.0637 4808 usbccgp - ok
19:21:41.0637 4808 USBCCID - ok
19:21:41.0699 4808 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:21:41.0699 4808 usbcir - ok
19:21:41.0746 4808 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:21:41.0746 4808 usbehci - ok
19:21:41.0809 4808 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:21:41.0809 4808 usbhub - ok
19:21:41.0824 4808 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:21:41.0824 4808 usbohci - ok
19:21:41.0855 4808 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:21:41.0855 4808 usbprint - ok
19:21:41.0887 4808 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:21:41.0887 4808 USBSTOR - ok
19:21:41.0918 4808 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:21:41.0918 4808 usbuhci - ok
19:21:41.0949 4808 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:21:41.0949 4808 usbvideo - ok
19:21:41.0980 4808 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:21:41.0980 4808 UxSms - ok
19:21:41.0996 4808 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:21:41.0996 4808 VaultSvc - ok
19:21:42.0043 4808 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:21:42.0043 4808 vdrvroot - ok
19:21:42.0105 4808 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:21:42.0136 4808 vds - ok
19:21:42.0167 4808 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:21:42.0167 4808 vga - ok
19:21:42.0183 4808 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:21:42.0199 4808 VgaSave - ok
19:21:42.0214 4808 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:21:42.0230 4808 vhdmp - ok
19:21:42.0261 4808 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:21:42.0261 4808 viaide - ok
19:21:42.0308 4808 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:21:42.0308 4808 volmgr - ok
19:21:42.0355 4808 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:21:42.0355 4808 volmgrx - ok
19:21:42.0402 4808 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:21:42.0417 4808 volsnap - ok
19:21:42.0433 4808 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:21:42.0433 4808 vsmraid - ok
19:21:42.0511 4808 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:21:42.0573 4808 VSS - ok
19:21:42.0604 4808 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:21:42.0604 4808 vwifibus - ok
19:21:42.0636 4808 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:21:42.0636 4808 vwififlt - ok
19:21:42.0667 4808 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:21:42.0682 4808 W32Time - ok
19:21:42.0714 4808 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:21:42.0714 4808 WacomPen - ok
19:21:42.0760 4808 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:21:42.0760 4808 WANARP - ok
19:21:42.0776 4808 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:21:42.0792 4808 Wanarpv6 - ok
19:21:42.0885 4808 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:21:42.0932 4808 WatAdminSvc - ok
19:21:43.0010 4808 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:21:43.0057 4808 wbengine - ok
19:21:43.0088 4808 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:21:43.0104 4808 WbioSrvc - ok
19:21:43.0150 4808 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:21:43.0182 4808 wcncsvc - ok
19:21:43.0197 4808 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:21:43.0213 4808 WcsPlugInService - ok
19:21:43.0260 4808 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:21:43.0260 4808 Wd - ok
19:21:43.0322 4808 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:21:43.0322 4808 Wdf01000 - ok
19:21:43.0353 4808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:21:43.0353 4808 WdiServiceHost - ok
19:21:43.0369 4808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:21:43.0369 4808 WdiSystemHost - ok
19:21:43.0431 4808 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:21:43.0447 4808 WebClient - ok
19:21:43.0478 4808 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:21:43.0478 4808 Wecsvc - ok
19:21:43.0509 4808 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:21:43.0509 4808 wercplsupport - ok
19:21:43.0540 4808 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:21:43.0556 4808 WerSvc - ok
19:21:43.0572 4808 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:21:43.0572 4808 WfpLwf - ok
19:21:43.0618 4808 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:21:43.0618 4808 WIMMount - ok
19:21:43.0634 4808 WinDefend - ok
19:21:43.0650 4808 WinHttpAutoProxySvc - ok
19:21:43.0712 4808 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:21:43.0712 4808 Winmgmt - ok
19:21:43.0790 4808 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:21:43.0868 4808 WinRM - ok
19:21:43.0930 4808 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:21:43.0977 4808 Wlansvc - ok
19:21:44.0040 4808 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:21:44.0040 4808 wlcrasvc - ok
19:21:44.0180 4808 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:21:44.0196 4808 wlidsvc - ok
19:21:44.0227 4808 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:21:44.0227 4808 WmiAcpi - ok
19:21:44.0274 4808 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:21:44.0289 4808 wmiApSrv - ok
19:21:44.0320 4808 WMPNetworkSvc - ok
19:21:44.0367 4808 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:21:44.0383 4808 WPCSvc - ok
19:21:44.0414 4808 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:21:44.0430 4808 WPDBusEnum - ok
19:21:44.0461 4808 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:21:44.0461 4808 ws2ifsl - ok
19:21:44.0476 4808 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:21:44.0492 4808 wscsvc - ok
19:21:44.0492 4808 WSearch - ok
19:21:44.0617 4808 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:21:44.0695 4808 wuauserv - ok
19:21:44.0742 4808 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:21:44.0742 4808 WudfPf - ok
19:21:44.0788 4808 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:21:44.0788 4808 WUDFRd - ok
19:21:44.0835 4808 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:21:44.0835 4808 wudfsvc - ok
19:21:44.0882 4808 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:21:44.0898 4808 WwanSvc - ok
19:21:44.0929 4808 ================ Scan global ===============================
19:21:44.0960 4808 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:21:44.0991 4808 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:21:45.0022 4808 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:21:45.0069 4808 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:21:45.0100 4808 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:21:45.0116 4808 [Global] - ok
19:21:45.0116 4808 ================ Scan MBR ==================================
19:21:45.0132 4808 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:21:45.0397 4808 \Device\Harddisk0\DR0 - ok
19:21:45.0397 4808 ================ Scan VBR ==================================
19:21:45.0397 4808 [ 8B0D31AA39380AF8334BDBB7E1ECE41A ] \Device\Harddisk0\DR0\Partition1
19:21:45.0397 4808 \Device\Harddisk0\DR0\Partition1 - ok
19:21:45.0428 4808 [ 2AFDD0E7C8AE275A5205D7E60D26605D ] \Device\Harddisk0\DR0\Partition2
19:21:45.0444 4808 \Device\Harddisk0\DR0\Partition2 - ok
19:21:45.0444 4808 ============================================================
19:21:45.0444 4808 Scan finished
19:21:45.0444 4808 ============================================================
19:21:45.0459 1676 Detected object count: 1
19:21:45.0459 1676 Actual detected object count: 1
19:21:50.0280 1676 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:21:50.0280 1676 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:21:57.0050 3020 Deinitialize success

[jaro3]

Psal jsem odebrat zatržítka jen u těch IP...

Ponech zatržítka u:
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NEVYBRÁNO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> NEVYBRÁNO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NEVYBRÁNO

a pak dej smazat.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

ADD: WhoCrashed:

Stáhni si Slim Drivers

Pomůže ti najít a aktualizovat ovladače..

Nebo:
http://www.driverupdate.net/index.php

[RitterQa]

RogueKiller V8.6.1 [Jun 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://www.adlice.com/forum/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Lucka [Práva správce]
Mód : Odebrat -- Datum : 07/02/2013 10:14:12
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{B375193A-ADC3-4D55-978A-C42B9CD3CEFD} : NameServer (62.129.50.20,85.135.32.100) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{B375193A-ADC3-4D55-978A-C42B9CD3CEFD} : NameServer (62.129.50.20,85.135.32.100) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{B375193A-ADC3-4D55-978A-C42B9CD3CEFD} : NameServer (62.129.50.20,85.135.32.100) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systém nemůže nalézt uvedený soubor.

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 +++++
--- User ---
[MBR] 62599c63fd8cecb6d69279dc8e0b982c
[BSP] f9f6c8f030f5b8867686b9a38ea03992 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 26626048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 26830848 | Size: 292143 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07022013_101412.txt >>
RKreport[0]_D_07012013_190744.txt;RKreport[0]_S_07012013_180727.txt;RKreport[0]_S_07012013_190720.txt
RKreport[0]_S_07022013_100651.txt

[RitterQa]

ComboFix 13-06-30.01 - Lucka 02.07.2013 10:20:25.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3001.1767 [GMT 2:00]
Spuštěný z: c:\users\Lucka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-02 do 2013-07-02 )))))))))))))))))))))))))))))))
.
.
2013-07-02 08:34 . 2013-07-02 08:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-02 06:28 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{491A28FD-BC93-4662-879A-769C533485AA}\mpengine.dll
2013-07-01 18:48 . 2013-07-01 18:48 -------- d-----w- c:\program files (x86)\London.2012.The.Official.Video.Game.of.the.Olympic.Games-KaOs
2013-07-01 17:10 . 2013-07-01 17:10 -------- d-----w- c:\windows\ERUNT
2013-07-01 17:10 . 2013-07-01 17:10 -------- d-----w- C:\JRT
2013-07-01 15:52 . 2013-07-01 15:52 172 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-01 14:40 . 2013-07-01 14:41 -------- d-----w- c:\program files\WhoCrashed
2013-07-01 14:29 . 2013-07-01 14:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-01 14:29 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-29 16:24 . 2013-07-01 19:11 -------- d-----w- c:\users\Lucka\AppData\Local\VirtuaTennis2009
2013-06-29 16:12 . 2013-06-29 16:12 -------- d-----w- c:\program files (x86)\SEGA
2013-06-18 17:10 . 2013-06-18 17:10 -------- d-----w- c:\program files (x86)\BitTorrent
2013-06-14 09:42 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-06-14 09:42 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-06-14 09:42 . 2002-12-05 12:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-06-14 09:42 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-06-14 09:42 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-06-14 09:42 . 2013-06-14 09:42 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-06-14 09:42 . 2013-06-14 09:42 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-06-12 21:23 . 2013-05-17 01:25 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-06-12 21:23 . 2013-05-17 00:58 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-06-12 21:23 . 2013-05-17 01:25 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-06-12 21:23 . 2013-05-17 01:25 817664 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-06-12 21:23 . 2013-05-17 00:58 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-06-12 21:23 . 2013-05-17 00:58 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-06-12 21:23 . 2013-05-17 01:25 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-06-12 21:23 . 2013-05-17 00:59 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-06-12 10:21 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-12 10:21 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-07 21:27 . 2013-06-07 21:27 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-03 10:01 . 2013-06-03 10:01 -------- d-----w- c:\users\Lucka\AppData\Local\ElevatedDiagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 21:24 . 2011-03-31 14:46 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-11 19:46 . 2013-03-19 17:34 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 19:46 . 2011-11-23 13:45 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-07 11:45 . 2013-07-01 18:51 568334 --s-a-w- c:\windows\inf\msfqxtr\msfqxtr.exe
2013-06-07 11:45 . 2013-07-01 18:51 84992 --s-a-w- c:\windows\inf\msfqxtr\zlib1.dll
2013-06-07 11:45 . 2013-07-01 18:51 612352 --s-a-w- c:\windows\inf\msfqxtr\libcurl.dll
2013-06-07 11:45 . 2013-07-01 18:51 364544 --s-a-w- c:\windows\inf\msfqxtr\ssleay32.dll
2013-06-07 11:45 . 2013-07-01 18:51 279955 --s-a-w- c:\windows\inf\msfqxtr\libidn-11.dll
2013-06-07 11:45 . 2013-07-01 18:51 183382 --s-a-w- c:\windows\inf\msfqxtr\librtmp.dll
2013-06-07 11:45 . 2013-07-01 18:51 171008 --s-a-w- c:\windows\inf\msfqxtr\libssh2.dll
2013-06-07 11:45 . 2013-07-01 18:51 1704448 --s-a-w- c:\windows\inf\msfqxtr\libeay32.dll
2013-06-07 11:45 . 2013-07-01 18:51 110094 --s-a-w- c:\windows\inf\msfqxtr\libusb-1.0.dll
2013-05-11 06:39 . 2011-03-31 14:39 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2009-12-06 12:19 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-21 06:13 . 2013-04-21 06:13 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-13 05:49 . 2013-05-16 05:08 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 05:08 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 05:08 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 05:08 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 05:08 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 05:08 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 06:10 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 05:08 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 05:08 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 05:05 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-21 261888]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-08-01 128296]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-08-05 181480]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]
"NtVdmSrv"="c:\windows\inf\ntvdm.vbe" [2013-06-20 1219]
.
c:\users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-18 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswVmm;aswVmm; [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 19:46]
.
2013-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 19:10]
.
2013-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 19:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-07 349480]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-12 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-12 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-12 365592]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-06 828960]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: onlinepianist.com\www
TCP: DhcpNameServer = 62.129.50.20 85.135.32.100
TCP: Interfaces\{B375193A-ADC3-4D55-978A-C42B9CD3CEFD}: NameServer = 62.129.50.20,85.135.32.100
FF - ProfilePath - c:\users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\830xafq3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4143969726-2795517323-3471226254-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4143969726-2795517323-3471226254-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-4143969726-2795517323-3471226254-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:99,6f,aa,aa,a4,13,13,82,cb,29,16,ee,7b,9c,a6,0f,88,0a,44,62,f6,f5,68,
d6,7d,1f,b0,38,74,b2,26,27,40,c5,63,5e,e5,e3,57,f5,18,4d,91,d0,d7,f1,f8,a7,\
"??"=hex:73,25,0b,d6,b1,5f,c6,ae,4a,66,75,95,01,47,03,94
.
[HKEY_USERS\S-1-5-21-4143969726-2795517323-3471226254-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:60,a2,ba,53,0c,90,00,55,5d,96,4c,f1,35,20,64,d4,00,8d,73,a5,c6,
a6,fe,39,32,1b,8a,38,f2,1a,cf,04,86,2a,bb,c7,55,f6,4f,ce,36,9f,c6,8f,fb,e9,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-07-02 10:38:45
ComboFix-quarantined-files.txt 2013-07-02 08:38
.
Před spuštěním: Volných bajtů: 45 721 554 944
Po spuštění: Volných bajtů: 45 990 219 776
.
- - End Of File - - 9F2454211FA26BF46A8FBF67CCEC0048
5C616939100B85E558DA92B899A0FC36

[RitterQa]

System Information (local)
--------------------------------------------------------------------------------

computer name: LUCKA-PC
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: GenuineIntel Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 3146698752 total
VM: 2147352576, free: 1937391616




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are disabled for your computer.

On Mon 1.7.2013 8:13:44 GMT your computer crashed
crash dump file: C:\Windows\Minidump\070113-45271-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x75C00)
Bugcheck code: 0xF4 (0x6, 0xFFFFFA80052B2060, 0xFFFFFA80052B1760, 0xFFFFF80003191320)
Error: CRITICAL_OBJECT_TERMINATION
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a process or thread crucial to system operation has unexpectedly exited or been terminated.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This problem might be caused by a thermal issue.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.




--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

One crash dump has been found and analyzed. No offending third party drivers have been found. Consider configuring your system to produce a full memory dump for better analysis.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.


SlimDrivers našel celkem 25 aktualizací.

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
c:\windows\DeleteOnReboot.bat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[RitterQa]

ComboFix 13-06-30.01 - Lucka 04.07.2013 9:33.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3001.1991 [GMT 2:00]
Spuštěný z: c:\users\Lucka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lucka\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\DeleteOnReboot.bat"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.145\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.145\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.145\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.145\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4A8A069D-CB21-4AFA-802E-E1E912405C31}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\DeleteOnReboot.bat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-04 do 2013-07-04 )))))))))))))))))))))))))))))))
.
.
2013-07-04 07:47 . 2013-07-04 07:47 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-07-04 07:47 . 2013-07-04 07:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-03 10:05 . 2013-07-03 10:05 -------- d-----w- c:\program files (x86)\Ubisoft
2013-07-02 19:31 . 2013-07-02 19:31 -------- d-----w- c:\users\Lucka\AppData\Local\2012
2013-07-02 08:41 . 2013-07-04 07:50 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-07-02 08:41 . 2013-07-02 08:41 -------- d-----w- c:\users\Lucka\AppData\Local\SlimWare Utilities Inc
2013-07-02 08:41 . 2013-07-02 08:41 -------- d-----w- c:\program files (x86)\SlimDrivers
2013-07-02 06:28 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{491A28FD-BC93-4662-879A-769C533485AA}\mpengine.dll
2013-07-01 18:48 . 2013-07-01 18:48 -------- d-----w- c:\program files (x86)\London.2012.The.Official.Video.Game.of.the.Olympic.Games-KaOs
2013-07-01 17:10 . 2013-07-01 17:10 -------- d-----w- c:\windows\ERUNT
2013-07-01 17:10 . 2013-07-01 17:10 -------- d-----w- C:\JRT
2013-07-01 14:40 . 2013-07-02 08:44 -------- d-----w- c:\program files\WhoCrashed
2013-07-01 14:29 . 2013-07-01 14:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-01 14:29 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-29 16:24 . 2013-07-01 19:11 -------- d-----w- c:\users\Lucka\AppData\Local\VirtuaTennis2009
2013-06-29 16:12 . 2013-06-29 16:12 -------- d-----w- c:\program files (x86)\SEGA
2013-06-18 17:10 . 2013-06-18 17:10 -------- d-----w- c:\program files (x86)\BitTorrent
2013-06-14 09:42 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-06-14 09:42 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-06-14 09:42 . 2002-12-05 12:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-06-14 09:42 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-06-14 09:42 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-06-14 09:42 . 2013-06-14 09:42 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-06-14 09:42 . 2013-06-14 09:42 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-06-12 21:23 . 2013-05-17 01:25 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-06-12 21:23 . 2013-05-17 00:58 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-06-12 21:23 . 2013-05-17 01:25 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-06-12 21:23 . 2013-05-17 01:25 817664 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-06-12 21:23 . 2013-05-17 00:58 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-06-12 21:23 . 2013-05-17 00:58 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-06-12 21:23 . 2013-05-17 01:25 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-06-12 21:23 . 2013-05-17 00:59 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-06-12 10:21 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-12 10:21 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-07 21:27 . 2013-06-07 21:27 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 21:24 . 2011-03-31 14:46 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-11 19:46 . 2013-03-19 17:34 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 19:46 . 2011-11-23 13:45 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-07 11:45 . 2013-07-01 18:51 568334 --s-a-w- c:\windows\inf\msfqxtr\msfqxtr.exe
2013-06-07 11:45 . 2013-07-01 18:51 84992 --s-a-w- c:\windows\inf\msfqxtr\zlib1.dll
2013-06-07 11:45 . 2013-07-01 18:51 612352 --s-a-w- c:\windows\inf\msfqxtr\libcurl.dll
2013-06-07 11:45 . 2013-07-01 18:51 364544 --s-a-w- c:\windows\inf\msfqxtr\ssleay32.dll
2013-06-07 11:45 . 2013-07-01 18:51 279955 --s-a-w- c:\windows\inf\msfqxtr\libidn-11.dll
2013-06-07 11:45 . 2013-07-01 18:51 183382 --s-a-w- c:\windows\inf\msfqxtr\librtmp.dll
2013-06-07 11:45 . 2013-07-01 18:51 171008 --s-a-w- c:\windows\inf\msfqxtr\libssh2.dll
2013-06-07 11:45 . 2013-07-01 18:51 1704448 --s-a-w- c:\windows\inf\msfqxtr\libeay32.dll
2013-06-07 11:45 . 2013-07-01 18:51 110094 --s-a-w- c:\windows\inf\msfqxtr\libusb-1.0.dll
2013-05-11 06:39 . 2011-03-31 14:39 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2009-12-06 12:19 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-21 06:13 . 2013-04-21 06:13 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-13 05:49 . 2013-05-16 05:08 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 05:08 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 05:08 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 05:08 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 05:08 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 05:08 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 06:10 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 05:08 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 05:08 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 05:05 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-21 261888]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-08-01 128296]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-08-05 181480]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]
"NtVdmSrv"="c:\windows\inf\ntvdm.vbe" [2013-06-20 1219]
.
c:\users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-18 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswVmm;aswVmm; [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 19:46]
.
2013-07-04 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-06-21 08:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-07 349480]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-12 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-12 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-12 365592]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-06 828960]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: onlinepianist.com\www
TCP: DhcpNameServer = 62.129.50.20 85.135.32.100
TCP: Interfaces\{B375193A-ADC3-4D55-978A-C42B9CD3CEFD}: NameServer = 62.129.50.20,85.135.32.100
FF - ProfilePath - c:\users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\830xafq3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4143969726-2795517323-3471226254-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4143969726-2795517323-3471226254-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-4143969726-2795517323-3471226254-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:99,6f,aa,aa,a4,13,13,82,cb,29,16,ee,7b,9c,a6,0f,88,0a,44,62,f6,f5,68,
d6,7d,1f,b0,38,74,b2,26,27,40,c5,63,5e,e5,e3,57,f5,18,4d,91,d0,d7,f1,f8,a7,\
"??"=hex:73,25,0b,d6,b1,5f,c6,ae,4a,66,75,95,01,47,03,94
.
[HKEY_USERS\S-1-5-21-4143969726-2795517323-3471226254-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:60,a2,ba,53,0c,90,00,55,5d,96,4c,f1,35,20,64,d4,00,8d,73,a5,c6,
a6,fe,39,32,1b,8a,38,f2,1a,cf,04,86,2a,bb,c7,55,f6,4f,ce,36,9f,c6,8f,fb,e9,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Celkový čas: 2013-07-04 09:57:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-04 07:57
ComboFix2.txt 2013-07-02 08:38
.
Před spuštěním: Volných bajtů: 45 462 523 904
Po spuštění: Volných bajtů: 45 075 968 000
.
- - End Of File - - 467B68A478A9B118AA22629B5E1F82B8
5C616939100B85E558DA92B899A0FC36

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


+ nový HJT
+ info o stavu PC

[RitterQa]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:58:18, on 5.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Users\Lucka\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{B375193A-ADC3-4D55-978A-C42B9CD3CEFD}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10708 bytes


Vypadá to v pohodě, jen mi začalo po přihlášení vyskakovat toto okno:

Nepojmenovaný 1.jpg (45.45 KiB) Zobrazeno 217 x

A ještě se chci zeptat, často se mi u Mozzily stává, že jakoby asi na 10 vteřin zamrzne, objeví se, že program neodpovídá, ale poté se zase rozjede. Je možné, že tento stav je způsoben velkým množstvím záložek a velkou historií?

[memphisto]

Tohle znáš?

O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe