Prosím o kontrolu - pomalý internet

[memphisto]

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

+ zítra ten TDDS

[Reklama]

[Peťa]

09:48:45.0947 0388 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:48:46.0196 0388 ============================================================
09:48:46.0196 0388 Current date / time: 2013/09/14 09:48:46.0196
09:48:46.0196 0388 SystemInfo:
09:48:46.0196 0388
09:48:46.0196 0388 OS Version: 6.0.6002 ServicePack: 2.0
09:48:46.0196 0388 Product type: Workstation
09:48:46.0196 0388 ComputerName: PETR-PC
09:48:46.0196 0388 UserName: PETR
09:48:46.0196 0388 Windows directory: C:\Windows
09:48:46.0196 0388 System windows directory: C:\Windows
09:48:46.0196 0388 Processor architecture: Intel x86
09:48:46.0196 0388 Number of processors: 2
09:48:46.0196 0388 Page size: 0x1000
09:48:46.0196 0388 Boot type: Normal boot
09:48:46.0196 0388 ============================================================
09:48:48.0770 0388 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:48:48.0786 0388 ============================================================
09:48:48.0786 0388 \Device\Harddisk0\DR0:
09:48:48.0786 0388 MBR partitions:
09:48:48.0786 0388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x807, BlocksNum 0x1BC497F9
09:48:48.0786 0388 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C249000, BlocksNum 0xF7B000
09:48:48.0817 0388 ============================================================
09:48:48.0864 0388 C: <-> \Device\Harddisk0\DR0\Partition1
09:48:49.0098 0388 D: <-> \Device\Harddisk0\DR0\Partition2
09:48:49.0098 0388 ============================================================
09:48:49.0098 0388 Initialize success
09:48:49.0098 0388 ============================================================
09:48:53.0294 4312 ============================================================
09:48:53.0294 4312 Scan started
09:48:53.0294 4312 Mode: Manual;
09:48:53.0294 4312 ============================================================
09:48:55.0088 4312 ================ Scan system memory ========================
09:48:55.0088 4312 System memory - ok
09:48:55.0088 4312 ================ Scan services =============================
09:48:55.0494 4312 [ 3B10711AD8656C097E0D16A41B29C54C ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
09:48:55.0494 4312 Accelerometer - ok
09:48:55.0556 4312 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:48:55.0572 4312 ACPI - ok
09:48:55.0681 4312 [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:48:55.0681 4312 AdobeFlashPlayerUpdateSvc - ok
09:48:55.0837 4312 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:48:55.0946 4312 adp94xx - ok
09:48:56.0227 4312 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:48:56.0243 4312 adpahci - ok
09:48:56.0352 4312 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:48:56.0352 4312 adpu160m - ok
09:48:56.0414 4312 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:48:56.0414 4312 adpu320 - ok
09:48:56.0461 4312 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:48:56.0461 4312 AeLookupSvc - ok
09:48:56.0648 4312 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
09:48:56.0648 4312 AESTFilters - ok
09:48:56.0773 4312 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
09:48:56.0789 4312 AFD - ok
09:48:56.0898 4312 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:48:56.0898 4312 agp440 - ok
09:48:56.0945 4312 [ E331924FDF522CD7CEA1B647503784E8 ] ahcix86s C:\Windows\system32\DRIVERS\ahcix86s.sys
09:48:56.0960 4312 ahcix86s - ok
09:48:56.0992 4312 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:48:56.0992 4312 aic78xx - ok
09:48:57.0007 4312 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
09:48:57.0023 4312 ALG - ok
09:48:57.0054 4312 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
09:48:57.0054 4312 aliide - ok
09:48:57.0085 4312 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:48:57.0101 4312 amdagp - ok
09:48:57.0210 4312 [ BAFEC23FC76AB781DFE9169F9B8DBEBB ] Amddfltr C:\Windows\system32\DRIVERS\Amddfltr.sys
09:48:57.0226 4312 Amddfltr - ok
09:48:57.0257 4312 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
09:48:57.0257 4312 amdide - ok
09:48:57.0304 4312 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:48:57.0304 4312 AmdK7 - ok
09:48:57.0319 4312 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:48:57.0319 4312 AmdK8 - ok
09:48:57.0382 4312 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
09:48:57.0382 4312 Appinfo - ok
09:48:57.0460 4312 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
09:48:57.0460 4312 arc - ok
09:48:57.0506 4312 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:48:57.0522 4312 arcsas - ok
09:48:57.0569 4312 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:48:57.0569 4312 aswFsBlk - ok
09:48:57.0616 4312 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:48:57.0631 4312 aswMonFlt - ok
09:48:57.0678 4312 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
09:48:57.0678 4312 AswRdr - ok
09:48:57.0725 4312 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
09:48:57.0725 4312 aswRvrt - ok
09:48:57.0772 4312 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:48:57.0787 4312 aswSnx - ok
09:48:57.0912 4312 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:48:57.0912 4312 aswSP - ok
09:48:57.0990 4312 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:48:57.0990 4312 aswTdi - ok
09:48:58.0052 4312 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
09:48:58.0052 4312 aswVmm - ok
09:48:58.0130 4312 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:48:58.0130 4312 AsyncMac - ok
09:48:58.0193 4312 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
09:48:58.0208 4312 atapi - ok
09:48:58.0318 4312 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys
09:48:58.0333 4312 athr - ok
09:48:58.0474 4312 [ 443CA4F36D0E2576AC0BD7A73A45F32B ] athur C:\Windows\system32\DRIVERS\athur.sys
09:48:58.0505 4312 athur - ok
09:48:58.0598 4312 [ 740B9B4140CACCD0513D999EAB488E48 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
09:48:58.0614 4312 Ati External Event Utility - ok
09:48:59.0160 4312 [ 7526AD10925D1AA9E4E6B0FB393B701F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:48:59.0846 4312 atikmdag - ok
09:48:59.0924 4312 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
09:48:59.0924 4312 AtiPcie - ok
09:49:00.0112 4312 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:49:00.0127 4312 AudioEndpointBuilder - ok
09:49:00.0236 4312 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:49:00.0236 4312 Audiosrv - ok
09:49:00.0470 4312 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:49:00.0470 4312 avast! Antivirus - ok
09:49:00.0580 4312 [ 69A7CE53FFA89E0116FAF5369384BBE5 ] AVerAF15 C:\Windows\system32\Drivers\AVerAF15.sys
09:49:00.0580 4312 AVerAF15 - ok
09:49:00.0736 4312 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
09:49:00.0751 4312 BCM43XV - ok
09:49:00.0845 4312 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
09:49:00.0845 4312 Beep - ok
09:49:01.0063 4312 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
09:49:01.0547 4312 BFE - ok
09:49:02.0576 4312 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
09:49:04.0339 4312 BITS - ok
09:49:04.0402 4312 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:49:04.0682 4312 blbdrive - ok
09:49:04.0729 4312 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:49:04.0729 4312 bowser - ok
09:49:04.0760 4312 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:49:04.0760 4312 BrFiltLo - ok
09:49:04.0776 4312 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:49:04.0776 4312 BrFiltUp - ok
09:49:04.0807 4312 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
09:49:04.0823 4312 Browser - ok
09:49:04.0870 4312 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:49:04.0870 4312 Brserid - ok
09:49:04.0916 4312 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:49:04.0916 4312 BrSerWdm - ok
09:49:04.0916 4312 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:49:04.0932 4312 BrUsbMdm - ok
09:49:04.0932 4312 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:49:04.0932 4312 BrUsbSer - ok
09:49:04.0994 4312 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
09:49:04.0994 4312 BthEnum - ok
09:49:05.0041 4312 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:49:05.0041 4312 BTHMODEM - ok
09:49:05.0088 4312 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:49:05.0104 4312 BthPan - ok
09:49:05.0213 4312 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
09:49:05.0228 4312 BTHPORT - ok
09:49:05.0291 4312 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
09:49:05.0306 4312 BthServ - ok
09:49:05.0353 4312 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
09:49:05.0353 4312 BTHUSB - ok
09:49:05.0665 4312 [ 99AEEA7CEFDFC6E4151A8F620D682088 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:49:05.0681 4312 btwaudio - ok
09:49:05.0743 4312 [ 195872E48A7FB01F8BC9B800F70F4054 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
09:49:05.0743 4312 btwavdt - ok
09:49:05.0774 4312 [ 0724E7D6C9B6A289EDDDA33FA8176E80 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:49:05.0774 4312 btwrchid - ok
09:49:05.0821 4312 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:49:05.0821 4312 cdfs - ok
09:49:05.0884 4312 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:49:05.0884 4312 cdrom - ok
09:49:05.0930 4312 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
09:49:05.0930 4312 CertPropSvc - ok
09:49:06.0024 4312 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:49:06.0024 4312 circlass - ok
09:49:06.0071 4312 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
09:49:06.0071 4312 CLFS - ok
09:49:06.0180 4312 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:49:06.0180 4312 clr_optimization_v2.0.50727_32 - ok
09:49:06.0539 4312 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:49:07.0444 4312 clr_optimization_v4.0.30319_32 - ok
09:49:07.0615 4312 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:49:07.0615 4312 CmBatt - ok
09:49:07.0646 4312 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:49:08.0005 4312 cmdide - ok
09:49:08.0099 4312 cnnctfy2MP - ok
09:49:08.0333 4312 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
09:49:08.0348 4312 Com4QLBEx - ok
09:49:08.0380 4312 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:49:08.0380 4312 Compbatt - ok
09:49:08.0395 4312 COMSysApp - ok
09:49:08.0520 4312 [ C2EB4539A4F6AB6EDD01BDC191619975 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x32.sys
09:49:08.0520 4312 cpuz135 - ok
09:49:08.0598 4312 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:49:08.0598 4312 crcdisk - ok
09:49:08.0676 4312 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:49:08.0676 4312 Crusoe - ok
09:49:08.0754 4312 [ 684C130BBC6DB681BAD4920A4C944AA5 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:49:09.0487 4312 CryptSvc - ok
09:49:10.0345 4312 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:49:10.0439 4312 DcomLaunch - ok
09:49:10.0486 4312 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:49:10.0486 4312 DfsC - ok
09:49:10.0798 4312 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
09:49:10.0969 4312 DFSR - ok
09:49:11.0125 4312 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:49:11.0125 4312 Dhcp - ok
09:49:11.0156 4312 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
09:49:11.0156 4312 disk - ok
09:49:11.0250 4312 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:49:11.0250 4312 Dnscache - ok
09:49:11.0297 4312 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:49:11.0328 4312 dot3svc - ok
09:49:11.0468 4312 [ DB162274197796AC5B3D54DA7ECA1909 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
09:49:11.0468 4312 DpHost - ok
09:49:11.0531 4312 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
09:49:11.0531 4312 DPS - ok
09:49:12.0046 4312 [ 308195495181C8F3D51E6ED5B58D54AC ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
09:49:12.0077 4312 DragonUpdater - ok
09:49:12.0202 4312 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:49:12.0202 4312 drmkaud - ok
09:49:12.0404 4312 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:49:12.0529 4312 DXGKrnl - ok
09:49:12.0576 4312 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:49:12.0592 4312 E1G60 - ok
09:49:12.0685 4312 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
09:49:12.0685 4312 EapHost - ok
09:49:12.0919 4312 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:49:12.0919 4312 Ecache - ok
09:49:13.0730 4312 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:49:14.0354 4312 ehRecvr - ok
09:49:14.0464 4312 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
09:49:14.0791 4312 ehSched - ok
09:49:15.0103 4312 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
09:49:15.0103 4312 ehstart - ok
09:49:15.0618 4312 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:49:15.0821 4312 elxstor - ok
09:49:15.0946 4312 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:49:15.0961 4312 EMDMgmt - ok
09:49:16.0008 4312 [ 4CD6B056C5FD9E97C06FE74C81479517 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
09:49:16.0008 4312 enecir - ok
09:49:16.0086 4312 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:49:16.0086 4312 ErrDev - ok
09:49:16.0195 4312 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
09:49:16.0211 4312 EventSystem - ok
09:49:16.0242 4312 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
09:49:16.0258 4312 exfat - ok
09:49:16.0304 4312 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:49:16.0304 4312 fastfat - ok
09:49:16.0351 4312 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:49:16.0367 4312 fdc - ok
09:49:16.0414 4312 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
09:49:16.0414 4312 fdPHost - ok
09:49:16.0445 4312 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
09:49:16.0445 4312 FDResPub - ok
09:49:16.0507 4312 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:49:16.0523 4312 FileInfo - ok
09:49:16.0554 4312 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:49:16.0554 4312 Filetrace - ok
09:49:16.0585 4312 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:49:16.0585 4312 flpydisk - ok
09:49:16.0648 4312 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:49:16.0663 4312 FltMgr - ok
09:49:16.0804 4312 [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache C:\Windows\system32\FntCache.dll
09:49:16.0866 4312 FontCache - ok
09:49:16.0960 4312 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:49:16.0975 4312 FontCache3.0.0.0 - ok
09:49:17.0022 4312 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:49:17.0022 4312 Fs_Rec - ok
09:49:17.0084 4312 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:49:17.0084 4312 gagp30kx - ok
09:49:17.0303 4312 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
09:49:17.0303 4312 ggflt - ok
09:49:17.0552 4312 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
09:49:17.0552 4312 ggsemc - ok
09:49:17.0630 4312 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
09:49:17.0630 4312 giveio - ok
09:49:17.0833 4312 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
09:49:17.0849 4312 gpsvc - ok
09:49:17.0974 4312 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:49:17.0989 4312 gupdate - ok
09:49:18.0036 4312 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:49:18.0036 4312 gupdatem - ok
09:49:18.0161 4312 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:49:18.0176 4312 HdAudAddService - ok
09:49:18.0317 4312 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:49:18.0707 4312 HDAudBus - ok
09:49:18.0785 4312 [ FCB3F4BE408F72C1BD81BCABA87FC22F ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:49:18.0785 4312 HidBth - ok
09:49:18.0832 4312 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:49:18.0832 4312 HidIr - ok
09:49:18.0878 4312 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
09:49:18.0878 4312 hidserv - ok
09:49:18.0956 4312 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:49:18.0956 4312 HidUsb - ok
09:49:19.0019 4312 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:49:19.0034 4312 hkmsvc - ok
09:49:19.0159 4312 [ D13E6BFD7E9189D26A42E94CB2447044 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
09:49:19.0159 4312 HP Health Check Service - ok
09:49:19.0222 4312 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:49:19.0222 4312 HpCISSs - ok
09:49:19.0300 4312 [ 24F3F496C18EFC234777723A67A85F81 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
09:49:19.0300 4312 hpdskflt - ok
09:49:19.0409 4312 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
09:49:19.0409 4312 HpqKbFiltr - ok
09:49:19.0456 4312 [ 115C0933B3ED51DFBEC4449348C8065B ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
09:49:19.0456 4312 HpqRemHid - ok
09:49:19.0549 4312 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
09:49:19.0549 4312 hpqwmiex - ok
09:49:19.0596 4312 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] hpsrv C:\Windows\system32\Hpservice.exe
09:49:19.0596 4312 hpsrv - ok
09:49:19.0674 4312 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:49:19.0674 4312 HSFHWAZL - ok
09:49:19.0768 4312 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:49:19.0830 4312 HSF_DPV - ok
09:49:19.0924 4312 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:49:19.0939 4312 HTTP - ok
09:49:19.0970 4312 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:49:19.0970 4312 i2omp - ok
09:49:20.0033 4312 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:49:20.0033 4312 i8042prt - ok
09:49:20.0080 4312 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:49:20.0080 4312 iaStorV - ok
09:49:20.0282 4312 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:49:20.0282 4312 IDriverT - ok
09:49:20.0438 4312 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:49:20.0485 4312 idsvc - ok
09:49:20.0516 4312 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:49:20.0516 4312 iirsp - ok
09:49:20.0579 4312 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
09:49:20.0594 4312 IKEEXT - ok
09:49:20.0641 4312 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
09:49:20.0641 4312 intelide - ok
09:49:20.0704 4312 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:49:20.0719 4312 intelppm - ok
09:49:20.0782 4312 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:49:20.0797 4312 IPBusEnum - ok
09:49:21.0047 4312 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:49:21.0047 4312 IpFilterDriver - ok
09:49:21.0140 4312 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:49:21.0234 4312 iphlpsvc - ok
09:49:21.0250 4312 IpInIp - ok
09:49:21.0281 4312 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:49:21.0281 4312 IPMIDRV - ok
09:49:21.0452 4312 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:49:21.0452 4312 IPNAT - ok
09:49:21.0499 4312 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:49:21.0499 4312 IRENUM - ok
09:49:21.0562 4312 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:49:21.0562 4312 isapnp - ok
09:49:21.0671 4312 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:49:21.0702 4312 iScsiPrt - ok
09:49:21.0718 4312 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:49:21.0733 4312 iteatapi - ok
09:49:21.0749 4312 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:49:21.0749 4312 iteraid - ok
09:49:21.0811 4312 [ 858C550EBBD243826A2193262C1B54A3 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
09:49:21.0811 4312 JMCR - ok
09:49:21.0842 4312 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:49:21.0842 4312 kbdclass - ok
09:49:21.0889 4312 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:49:21.0889 4312 kbdhid - ok
09:49:21.0983 4312 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
09:49:21.0983 4312 KeyIso - ok
09:49:22.0357 4312 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:49:22.0373 4312 KSecDD - ok
09:49:22.0420 4312 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:49:22.0466 4312 KtmRm - ok
09:49:22.0529 4312 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
09:49:22.0544 4312 LanmanServer - ok
09:49:22.0622 4312 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:49:22.0638 4312 LanmanWorkstation - ok
09:49:22.0716 4312 [ 984ECB68ED2A2B2E6A544E87E24FBA2D ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
09:49:22.0716 4312 LightScribeService - ok
09:49:22.0778 4312 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:49:22.0778 4312 lltdio - ok
09:49:22.0872 4312 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:49:22.0888 4312 lltdsvc - ok
09:49:22.0919 4312 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:49:22.0919 4312 lmhosts - ok
09:49:22.0966 4312 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:49:22.0966 4312 LSI_FC - ok
09:49:22.0997 4312 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:49:22.0997 4312 LSI_SAS - ok
09:49:23.0028 4312 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:49:23.0028 4312 LSI_SCSI - ok
09:49:23.0075 4312 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
09:49:23.0075 4312 luafv - ok
09:49:23.0262 4312 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:49:23.0278 4312 Mcx2Svc - ok
09:49:23.0449 4312 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
09:49:23.0449 4312 megasas - ok
09:49:23.0543 4312 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:49:23.0543 4312 MegaSR - ok
09:49:23.0699 4312 Microsoft SharePoint Workspace Audit Service - ok
09:49:23.0746 4312 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
09:49:23.0746 4312 MMCSS - ok
09:49:23.0777 4312 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
09:49:23.0777 4312 Modem - ok
09:49:24.0042 4312 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:49:24.0042 4312 monitor - ok
09:49:24.0089 4312 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:49:24.0104 4312 mouclass - ok
09:49:24.0136 4312 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:49:24.0136 4312 mouhid - ok
09:49:24.0167 4312 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:49:24.0167 4312 MountMgr - ok
09:49:24.0650 4312 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:49:24.0650 4312 MozillaMaintenance - ok
09:49:24.0853 4312 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
09:49:24.0853 4312 mpio - ok
09:49:24.0869 4312 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:49:24.0884 4312 mpsdrv - ok
09:49:25.0056 4312 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
09:49:25.0056 4312 MpsSvc - ok
09:49:25.0150 4312 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:49:25.0165 4312 Mraid35x - ok
09:49:25.0321 4312 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:49:25.0321 4312 MRxDAV - ok
09:49:25.0415 4312 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:49:25.0415 4312 mrxsmb - ok
09:49:25.0477 4312 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:49:25.0477 4312 mrxsmb10 - ok
09:49:25.0508 4312 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:49:25.0508 4312 mrxsmb20 - ok
09:49:25.0555 4312 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
09:49:25.0555 4312 msahci - ok
09:49:25.0586 4312 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:49:25.0586 4312 msdsm - ok
09:49:25.0664 4312 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
09:49:25.0664 4312 MSDTC - ok
09:49:25.0711 4312 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:49:25.0711 4312 Msfs - ok
09:49:25.0758 4312 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:49:25.0758 4312 msisadrv - ok
09:49:25.0820 4312 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:49:25.0836 4312 MSiSCSI - ok
09:49:25.0852 4312 msiserver - ok
09:49:25.0930 4312 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:49:25.0930 4312 MSKSSRV - ok
09:49:25.0961 4312 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:49:25.0961 4312 MSPCLOCK - ok
09:49:26.0023 4312 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:49:26.0023 4312 MSPQM - ok
09:49:26.0086 4312 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:49:26.0086 4312 MsRPC - ok
09:49:26.0132 4312 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:49:26.0132 4312 mssmbios - ok
09:49:26.0148 4312 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:49:26.0148 4312 MSTEE - ok
09:49:26.0179 4312 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
09:49:26.0179 4312 Mup - ok
09:49:26.0257 4312 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
09:49:26.0273 4312 napagent - ok
09:49:26.0320 4312 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:49:26.0320 4312 NativeWifiP - ok
09:49:26.0398 4312 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:49:26.0429 4312 NDIS - ok
09:49:26.0476 4312 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:49:26.0491 4312 NdisTapi - ok
09:49:26.0507 4312 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:49:26.0507 4312 Ndisuio - ok
09:49:26.0585 4312 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:49:26.0585 4312 NdisWan - ok
09:49:26.0850 4312 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:49:26.0850 4312 NDProxy - ok
09:49:26.0881 4312 Nero BackItUp Scheduler 4.0 - ok
09:49:26.0944 4312 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:49:26.0944 4312 NetBIOS - ok
09:49:27.0022 4312 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:49:27.0022 4312 netbt - ok
09:49:27.0053 4312 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
09:49:27.0068 4312 Netlogon - ok
09:49:27.0131 4312 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
09:49:27.0162 4312 Netman - ok
09:49:27.0193 4312 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
09:49:27.0209 4312 netprofm - ok
09:49:27.0271 4312 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:49:27.0271 4312 NetTcpPortSharing - ok
09:49:27.0334 4312 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:49:27.0334 4312 nfrd960 - ok
09:49:27.0396 4312 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:49:27.0427 4312 NlaSvc - ok
09:49:27.0474 4312 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\Windows\system32\drivers\npf.sys
09:49:27.0474 4312 NPF - ok
09:49:27.0692 4312 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:49:27.0692 4312 Npfs - ok
09:49:27.0786 4312 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
09:49:27.0802 4312 nsi - ok
09:49:27.0833 4312 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:49:27.0848 4312 nsiproxy - ok
09:49:27.0958 4312 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:49:27.0973 4312 Ntfs - ok
09:49:28.0145 4312 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:49:28.0145 4312 ntrigdigi - ok
09:49:28.0192 4312 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
09:49:28.0192 4312 Null - ok
09:49:28.0254 4312 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
09:49:28.0285 4312 NVENETFD - ok
09:49:28.0316 4312 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:49:28.0316 4312 nvraid - ok
09:49:28.0348 4312 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:49:28.0348 4312 nvstor - ok
09:49:28.0394 4312 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:49:28.0394 4312 nv_agp - ok
09:49:28.0394 4312 NwlnkFlt - ok
09:49:28.0410 4312 NwlnkFwd - ok
09:49:28.0472 4312 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:49:28.0488 4312 ohci1394 - ok
09:49:28.0613 4312 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:49:28.0613 4312 ose - ok
09:49:29.0003 4312 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:49:29.0970 4312 osppsvc - ok
09:49:30.0142 4312 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:49:30.0188 4312 p2pimsvc - ok
09:49:30.0282 4312 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
09:49:30.0298 4312 p2psvc - ok
09:49:30.0469 4312 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
09:49:30.0469 4312 Parport - ok
09:49:30.0578 4312 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:49:30.0578 4312 partmgr - ok
09:49:30.0641 4312 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:49:30.0641 4312 Parvdm - ok
09:49:30.0703 4312 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
09:49:30.0703 4312 PcaSvc - ok
09:49:30.0766 4312 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
09:49:30.0781 4312 pci - ok
09:49:30.0812 4312 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
09:49:30.0812 4312 pciide - ok
09:49:30.0875 4312 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:49:30.0875 4312 pcmcia - ok
09:49:30.0937 4312 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:49:30.0953 4312 PEAUTH - ok
09:49:31.0234 4312 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
09:49:31.0327 4312 pla - ok
09:49:31.0374 4312 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:49:31.0390 4312 PlugPlay - ok
09:49:31.0452 4312 [ 713E294439D982BB161317DE0136FAA0 ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
09:49:31.0468 4312 pneteth - ok
09:49:31.0530 4312 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
09:49:31.0530 4312 PnkBstrA - ok
09:49:31.0670 4312 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:49:31.0686 4312 PNRPAutoReg - ok
09:49:31.0717 4312 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:49:31.0733 4312 PNRPsvc - ok
09:49:31.0826 4312 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:49:31.0842 4312 PolicyAgent - ok
09:49:31.0920 4312 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:49:31.0920 4312 PptpMiniport - ok
09:49:31.0998 4312 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:49:31.0998 4312 Processor - ok
09:49:32.0045 4312 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
09:49:32.0060 4312 ProfSvc - ok
09:49:32.0076 4312 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:49:32.0092 4312 ProtectedStorage - ok
09:49:32.0123 4312 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:49:32.0123 4312 PSched - ok
09:49:32.0216 4312 [ 85FA12AB72025D8DC3833D0825839E1D ] QipGuard C:\Program Files\QipGuard\QipGuard.exe
09:49:32.0216 4312 QipGuard - ok
09:49:32.0357 4312 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:49:32.0404 4312 ql2300 - ok
09:49:32.0435 4312 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:49:32.0435 4312 ql40xx - ok
09:49:32.0934 4312 [ 026D1FA4033B82F18B99E44351D7E82E ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
09:49:32.0934 4312 QPCapSvc - ok
09:49:33.0106 4312 [ 7697BCA450EAE30A6CDB98898239E8B7 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
09:49:33.0106 4312 QPSched - ok
09:49:33.0168 4312 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
09:49:33.0184 4312 QWAVE - ok
09:49:33.0215 4312 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:49:33.0215 4312 QWAVEdrv - ok
09:49:33.0262 4312 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:49:33.0262 4312 RasAcd - ok
09:49:33.0308 4312 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
09:49:33.0324 4312 RasAuto - ok
09:49:33.0371 4312 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:49:33.0371 4312 Rasl2tp - ok
09:49:33.0418 4312 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
09:49:33.0480 4312 RasMan - ok
09:49:33.0511 4312 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:49:33.0511 4312 RasPppoe - ok
09:49:33.0542 4312 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:49:33.0542 4312 RasSstp - ok
09:49:33.0620 4312 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:49:33.0636 4312 rdbss - ok
09:49:33.0808 4312 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:49:33.0823 4312 RDPCDD - ok
09:49:33.0854 4312 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:49:33.0870 4312 rdpdr - ok
09:49:33.0886 4312 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:49:33.0886 4312 RDPENCDD - ok
09:49:33.0979 4312 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:49:33.0995 4312 RDPWD - ok
09:49:34.0104 4312 [ B9570481A1BABCC4A9E941C553596077 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
09:49:34.0104 4312 Recovery Service for Windows - ok
09:49:34.0166 4312 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:49:34.0198 4312 RemoteAccess - ok
09:49:34.0229 4312 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:49:34.0244 4312 RemoteRegistry - ok
09:49:34.0307 4312 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:49:34.0307 4312 RFCOMM - ok
09:49:34.0432 4312 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
09:49:34.0432 4312 RichVideo - ok
09:49:34.0510 4312 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
09:49:34.0510 4312 rpcapd - ok
09:49:34.0572 4312 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
09:49:34.0572 4312 RpcLocator - ok
09:49:34.0666 4312 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
09:49:34.0681 4312 RpcSs - ok
09:49:34.0712 4312 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:49:34.0728 4312 rspndr - ok
09:49:34.0806 4312 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
09:49:34.0822 4312 RTL8169 - ok
09:49:34.0900 4312 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
09:49:34.0900 4312 s0016bus - ok
09:49:34.0931 4312 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
09:49:34.0946 4312 s0016mdfl - ok
09:49:34.0978 4312 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
09:49:34.0978 4312 s0016mdm - ok
09:49:35.0024 4312 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
09:49:35.0024 4312 s0016mgmt - ok
09:49:35.0056 4312 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
09:49:35.0056 4312 s0016nd5 - ok
09:49:35.0087 4312 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
09:49:35.0087 4312 s0016obex - ok
09:49:35.0118 4312 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
09:49:35.0118 4312 s0016unic - ok
09:49:35.0196 4312 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
09:49:35.0196 4312 s0017bus - ok
09:49:35.0227 4312 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
09:49:35.0243 4312 s0017mdfl - ok
09:49:35.0274 4312 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
09:49:35.0274 4312 s0017mdm - ok
09:49:35.0305 4312 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
09:49:35.0305 4312 s0017mgmt - ok
09:49:35.0352 4312 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
09:49:35.0352 4312 s0017nd5 - ok
09:49:35.0430 4312 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
09:49:35.0446 4312 s0017obex - ok
09:49:35.0492 4312 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
09:49:35.0492 4312 s0017unic - ok
09:49:35.0570 4312 [ 815445F4676CC96BC9AEEC303C727E19 ] s116bus C:\Windows\system32\DRIVERS\s116bus.sys
09:49:35.0570 4312 s116bus - ok
09:49:35.0836 4312 [ 333D1E0743E6DE1779C3C418AC601C3A ] s116mdfl C:\Windows\system32\DRIVERS\s116mdfl.sys
09:49:35.0836 4312 s116mdfl - ok
09:49:35.0898 4312 [ 50D6E5B021E9EC7553AB8A3553CC1B6B ] s116mdm C:\Windows\system32\DRIVERS\s116mdm.sys
09:49:35.0898 4312 s116mdm - ok
09:49:35.0992 4312 [ 1589AA53E43F8D193A7D4D580D3FFA95 ] s116mgmt C:\Windows\system32\DRIVERS\s116mgmt.sys
09:49:35.0992 4312 s116mgmt - ok
09:49:36.0070 4312 [ 306F85733671FE507470F0273025E768 ] s116nd5 C:\Windows\system32\DRIVERS\s116nd5.sys
09:49:36.0070 4312 s116nd5 - ok
09:49:36.0101 4312 [ EC32601F04A5A5DE89315D0F55E73D66 ] s116obex C:\Windows\system32\DRIVERS\s116obex.sys
09:49:36.0116 4312 s116obex - ok
09:49:36.0163 4312 [ 32E3ECB4B2B5887426EAF241A8149CDE ] s116unic C:\Windows\system32\DRIVERS\s116unic.sys
09:49:36.0163 4312 s116unic - ok
09:49:36.0210 4312 [ AA786AD3A2684D39630744787B00E6F4 ] s3017bus C:\Windows\system32\DRIVERS\s3017bus.sys
09:49:36.0210 4312 s3017bus - ok
09:49:36.0226 4312 [ CBA4CA5BCE44084E98CE420FD6692D3A ] s3017mdfl C:\Windows\system32\DRIVERS\s3017mdfl.sys
09:49:36.0226 4312 s3017mdfl - ok
09:49:36.0241 4312 [ 68036EFF647970D6C0399789C8707CAD ] s3017mdm C:\Windows\system32\DRIVERS\s3017mdm.sys
09:49:36.0241 4312 s3017mdm - ok
09:49:36.0304 4312 [ 3672E7F9349BD98FD3F5AC33E7B2B1A6 ] s3017mgmt C:\Windows\system32\DRIVERS\s3017mgmt.sys
09:49:36.0304 4312 s3017mgmt - ok
09:49:36.0366 4312 [ B1133B37EB184AEF81D56B4302DBAE9C ] s3017nd5 C:\Windows\system32\DRIVERS\s3017nd5.sys
09:49:36.0366 4312 s3017nd5 - ok
09:49:36.0382 4312 [ D81B1D504AA1426622E7EC09F25130A9 ] s3017obex C:\Windows\system32\DRIVERS\s3017obex.sys
09:49:36.0382 4312 s3017obex - ok
09:49:36.0444 4312 [ 7B95C53EA8BB585013767EEF2875C0A0 ] s3017unic C:\Windows\system32\DRIVERS\s3017unic.sys
09:49:36.0444 4312 s3017unic - ok
09:49:36.0475 4312 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
09:49:36.0475 4312 SamSs - ok
09:49:36.0538 4312 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:49:36.0538 4312 sbp2port - ok
09:49:36.0600 4312 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:49:36.0616 4312 SCardSvr - ok
09:49:36.0709 4312 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
09:49:36.0772 4312 Schedule - ok
09:49:36.0834 4312 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:49:36.0834 4312 SCPolicySvc - ok
09:49:36.0865 4312 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:49:36.0865 4312 sdbus - ok
09:49:36.0912 4312 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:49:36.0912 4312 SDRSVC - ok
09:49:36.0959 4312 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:49:36.0959 4312 secdrv - ok
09:49:36.0990 4312 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
09:49:36.0990 4312 seclogon - ok
09:49:37.0099 4312 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
09:49:37.0099 4312 seehcri - ok
09:49:37.0130 4312 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
09:49:37.0130 4312 SENS - ok
09:49:37.0177 4312 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:49:37.0177 4312 Serenum - ok
09:49:37.0193 4312 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
09:49:37.0208 4312 Serial - ok
09:49:37.0255 4312 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:49:37.0255 4312 sermouse - ok
09:49:37.0318 4312 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
09:49:37.0333 4312 SessionEnv - ok
09:49:37.0333 4312 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:49:37.0333 4312 sffdisk - ok
09:49:37.0349 4312 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:49:37.0349 4312 sffp_mmc - ok
09:49:37.0364 4312 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:49:37.0364 4312 sffp_sd - ok
09:49:37.0380 4312 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:49:37.0396 4312 sfloppy - ok
09:49:37.0442 4312 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:49:37.0458 4312 SharedAccess - ok
09:49:37.0536 4312 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:49:37.0567 4312 ShellHWDetection - ok
09:49:37.0598 4312 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:49:37.0598 4312 sisagp - ok
09:49:37.0630 4312 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:49:37.0630 4312 SiSRaid2 - ok
09:49:37.0692 4312 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:49:37.0692 4312 SiSRaid4 - ok
09:49:37.0864 4312 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:49:37.0879 4312 SkypeUpdate - ok
09:49:38.0082 4312 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
09:49:38.0144 4312 slsvc - ok
09:49:38.0191 4312 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:49:38.0191 4312 SLUINotify - ok
09:49:38.0222 4312 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:49:38.0222 4312 Smb - ok
09:49:38.0285 4312 [ BD3863C139F3380A9F44FB188FEEFC6E ] snapman C:\Windows\system32\DRIVERS\snapman.sys
09:49:38.0300 4312 snapman - ok
09:49:38.0332 4312 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:49:38.0347 4312 SNMPTRAP - ok
09:49:38.0519 4312 [ 3A4F2C0BB87A0895ABEBA341AA1E341B ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
09:49:38.0550 4312 Sony PC Companion - ok
09:49:38.0612 4312 [ 9F70CD5EDCC4EFC48AE21E04FB03BE9D ] speedfan C:\Windows\system32\speedfan.sys
09:49:38.0612 4312 speedfan - ok
09:49:38.0644 4312 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
09:49:38.0644 4312 spldr - ok
09:49:38.0706 4312 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
09:49:38.0706 4312 Spooler - ok
09:49:38.0706 4312 ================ Scan global ===============================
09:49:38.0800 4312 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:49:39.0158 4312 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
09:49:39.0205 4312 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
09:49:39.0283 4312 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:49:39.0299 4312 [Global] - ok
09:49:39.0299 4312 ================ Scan MBR ==================================
09:49:39.0330 4312 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:49:39.0860 4312 \Device\Harddisk0\DR0 - ok
09:49:39.0860 4312 ================ Scan VBR ==================================
09:49:39.0876 4312 [ C374B88A0AC615D9114707BE682B56DF ] \Device\Harddisk0\DR0\Partition1
09:49:39.0876 4312 \Device\Harddisk0\DR0\Partition1 - ok
09:49:39.0907 4312 [ 38831AD5BB221EB6AB76C2DE65B9BF2D ] \Device\Harddisk0\DR0\Partition2
09:49:39.0938 4312 \Device\Harddisk0\DR0\Partition2 - ok
09:49:39.0938 4312 ============================================================
09:49:39.0938 4312 Scan finished
09:49:39.0938 4312 ============================================================
09:49:39.0985 2928 Detected object count: 0
09:49:39.0985 2928 Actual detected object count: 0
09:49:48.0830 2900 Deinitialize success


RogueKiller V8.6.11 [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : PETR [Práva správce]
Mód : Odebrat -- Datum : 09/13/2013 22:25:23
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HID SVC][Skrytý od API] HKLM\[...]\CCSet\[...]\Services : S () -> [0x3] Systém nemůže nalézt uvedenou cestu.
[HID SVC][Skrytý od API] HKLM\[...]\CS001\[...]\Services : S () -> [0x3] Systém nemůže nalézt uvedenou cestu.
[HID SVC][Skrytý od API] HKLM\[...]\CS002\[...]\Services : S () -> [0x3] Systém nemůže nalézt uvedenou cestu.
[HID SVC][Skrytý od API] HKLM\[...]\CS003\[...]\Services : S () -> [0x3] Systém nemůže nalézt uvedenou cestu.

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\system32\drivers\iastorv.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x83AC6140)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\system32\drivers\iastorv.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x83AC6140)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\system32\drivers\iastorv.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x83AB4A5A)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\system32\drivers\iastorv.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x83AB4A2C)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\system32\drivers\iastorv.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x83AB4A88)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\system32\drivers\iastorv.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x83AC1B70)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\system32\drivers\iastorv.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x83AC1B3C)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHZ2250BH G2 SCSI Disk Device +++++
--- User ---
[MBR] cae09f8b85bf1a31b9def1f531af0c3e
[BSP] c6a877e95040b834a349abac878a115b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2055 | Size: 227474 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 472158208 | Size: 7926 Mo
2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 465872896 | Size: 3069 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_09132013_222523.txt >>
RKreport[0]_S_09132013_200736.txt

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Peťa]

ComboFix 13-09-13.03 - PETR 14.09.2013 13:16:09.7.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3069.1879 [GMT 2:00]
Spuštěný z: c:\users\PETR\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\PETR\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\PETR\AppData\Roaming\Microsoft\Internet Explorer\qsTAtsrv.dll
c:\windows\system32\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-14 do 2013-09-14 )))))))))))))))))))))))))))))))
.
.
2013-09-14 11:25 . 2013-09-14 11:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-13 18:11 . 2013-09-13 18:11 -------- d-----w- c:\windows\ERUNT
2013-09-13 16:34 . 2013-09-13 16:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-13 16:34 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-13 16:02 . 2013-09-13 16:02 -------- d-----w- c:\users\PETR\AppData\Local\Comodo
2013-09-13 15:54 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BB6ED1E7-FEA1-40D5-AF62-9AD97415119C}\mpengine.dll
2013-09-13 15:44 . 2013-09-13 17:46 -------- d-----w- C:\AdwCleaner
2013-09-13 15:43 . 2013-08-08 01:45 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-09-13 15:42 . 2013-07-16 04:35 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-13 15:39 . 2013-09-13 15:39 -------- d-----w- c:\users\PETR\AppData\Local\ATI
2013-08-28 08:22 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 15:29 . 2012-04-22 13:09 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 15:29 . 2011-07-05 22:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-02 08:03 . 2013-07-30 08:32 48392 ----a-w- c:\windows\system32\certsentry.dll
2013-07-17 19:41 . 2013-08-14 07:28 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-14 07:28 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-14 07:28 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-14 07:28 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:55 . 2013-08-14 07:28 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:20 . 2013-08-14 07:26 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-14 07:26 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-14 07:26 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-14 07:26 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 04:53 . 2013-08-14 07:28 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2013-04-04 12:50 532040 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2009-03-01 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 12:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 09:44 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 15:29]
.
2013-05-04 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2013-03-28 12:38]
.
2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 14:21]
.
2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 14:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.0.250
TCP: Interfaces\{4AB29756-B6E5-46BF-BC56-F3E930C6C40B}: NameServer = 8.8.4.4,8.8.8.8
FF - ProfilePath - c:\users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\q4q7mgby.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-14 13:29
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\TEMP\_avast_\unp144936799.tmp 435027 bytes
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3712)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\vfsFPService.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Comodo\Dragon\dragon_updater.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2013-09-14 13:35:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-14 11:35
.
Před spuštěním: Volných bajtů: 136 066 211 840
Po spuštění: Volných bajtů: 135 801 925 632
.
- - End Of File - - DF90249B63C3D6139ED4A16C5190335D
A36C5E4F47E84449FF07ED3517B43A31

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Peťa]

ComboFix 13-09-13.03 - PETR 14.09.2013 19:07:08.8.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3069.1841 [GMT 2:00]
Spuštěný z: c:\users\PETR\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PETR\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-14 do 2013-09-14 )))))))))))))))))))))))))))))))
.
.
2013-09-14 17:15 . 2013-09-14 17:19 -------- d-----w- c:\users\PETR\AppData\Local\temp
2013-09-14 17:15 . 2013-09-14 17:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-09-14 17:15 . 2013-09-14 17:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-13 18:11 . 2013-09-13 18:11 -------- d-----w- c:\windows\ERUNT
2013-09-13 16:34 . 2013-09-13 16:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-13 16:34 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-13 16:02 . 2013-09-13 16:02 -------- d-----w- c:\users\PETR\AppData\Local\Comodo
2013-09-13 15:54 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BB6ED1E7-FEA1-40D5-AF62-9AD97415119C}\mpengine.dll
2013-09-13 15:44 . 2013-09-13 17:46 -------- d-----w- C:\AdwCleaner
2013-09-13 15:43 . 2013-08-08 01:45 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-09-13 15:42 . 2013-07-16 04:35 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-13 15:39 . 2013-09-13 15:39 -------- d-----w- c:\users\PETR\AppData\Local\ATI
2013-08-28 08:22 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 15:29 . 2012-04-22 13:09 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 15:29 . 2011-07-05 22:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-02 08:03 . 2013-07-30 08:32 48392 ----a-w- c:\windows\system32\certsentry.dll
2013-07-17 19:41 . 2013-08-14 07:28 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-14 07:28 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-14 07:28 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-14 07:28 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:55 . 2013-08-14 07:28 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:20 . 2013-08-14 07:26 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-14 07:26 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-14 07:26 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-14 07:26 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 04:53 . 2013-08-14 07:28 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2013-04-04 12:50 532040 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2009-03-01 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 12:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 09:44 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 15:29]
.
2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 14:21]
.
2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 14:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.0.250
TCP: Interfaces\{4AB29756-B6E5-46BF-BC56-F3E930C6C40B}: NameServer = 8.8.4.4,8.8.8.8
FF - ProfilePath - c:\users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\q4q7mgby.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
Binary file temp00 matches
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2100)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\vfsFPService.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Comodo\Dragon\dragon_updater.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2013-09-14 19:24:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-14 17:24
ComboFix2.txt 2013-09-14 11:35
.
Před spuštěním: Volných bajtů: 135 796 576 256
Po spuštění: Volných bajtů: 135 652 761 600
.
- - End Of File - - D28D388EE6448984EB0CCD4E15542C2B
A36C5E4F47E84449FF07ED3517B43A31

[memphisto]

Nic se neprovedlo. Zkus to znovu v nouzovém režimu

[Peťa]

ComboFix 13-09-13.03 - PETR 14.09.2013 21:04:31.9.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3069.2541 [GMT 2:00]
Spuštěný z: c:\users\PETR\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PETR\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-14 do 2013-09-14 )))))))))))))))))))))))))))))))
.
.
2013-09-14 19:12 . 2013-09-14 19:16 -------- d-----w- c:\users\PETR\AppData\Local\temp
2013-09-14 19:12 . 2013-09-14 19:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-09-14 19:12 . 2013-09-14 19:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-13 18:11 . 2013-09-13 18:11 -------- d-----w- c:\windows\ERUNT
2013-09-13 16:34 . 2013-09-13 16:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-13 16:34 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-13 16:02 . 2013-09-13 16:02 -------- d-----w- c:\users\PETR\AppData\Local\Comodo
2013-09-13 15:54 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BB6ED1E7-FEA1-40D5-AF62-9AD97415119C}\mpengine.dll
2013-09-13 15:44 . 2013-09-13 17:46 -------- d-----w- C:\AdwCleaner
2013-09-13 15:43 . 2013-08-08 01:45 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-09-13 15:42 . 2013-07-16 04:35 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-13 15:39 . 2013-09-13 15:39 -------- d-----w- c:\users\PETR\AppData\Local\ATI
2013-08-28 08:22 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 15:29 . 2012-04-22 13:09 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 15:29 . 2011-07-05 22:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-02 08:03 . 2013-07-30 08:32 48392 ----a-w- c:\windows\system32\certsentry.dll
2013-07-17 19:41 . 2013-08-14 07:28 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-14 07:28 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-14 07:28 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-14 07:28 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:55 . 2013-08-14 07:28 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:20 . 2013-08-14 07:26 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-14 07:26 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-14 07:26 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-14 07:26 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 04:53 . 2013-08-14 07:28 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2013-04-04 12:50 532040 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2009-03-01 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 12:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 09:44 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 15:29]
.
2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 14:21]
.
2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-25 14:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.0.250
TCP: Interfaces\{4AB29756-B6E5-46BF-BC56-F3E930C6C40B}: NameServer = 8.8.4.4,8.8.8.8
FF - ProfilePath - c:\users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\q4q7mgby.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-14 21:15
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
Binary file temp00 matches
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2744)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\vfsFPService.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Comodo\Dragon\dragon_updater.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2013-09-14 21:21:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-14 19:21
ComboFix2.txt 2013-09-14 17:24
ComboFix3.txt 2013-09-14 11:35
.
Před spuštěním: Volných bajtů: 138 778 161 152
Po spuštění: Volných bajtů: 135 447 388 160
.
- - End Of File - - 2DB30AC75E930D0E90DE574EA26122AB
A36C5E4F47E84449FF07ED3517B43A31

[memphisto]

Moc se mu nechce, ale nevadí. Nic hrozného to není... Jen zbytečnosti

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ Nový log z HJT

Jak se chová PC?

[Peťa]

Zdá se, že to chodí líp ještě to budu chvíli pozorovat. HJT dodám zítra. Někdy v průběhu čištění mi zmizel doplněk Stylish pro Chrome, pomocí kterého blokuji reklamy, které zobrazuje Facebook na pravé straně. Je Stylish závadný, nebo si ho můžu zase přidat?

[memphisto]

Žádný program ten doplněk nemazal. Dej si ho tam zpátky

[Peťa]

Nový HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:58:19, on 9.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\PETR\Downloads\RSIT.exe
C:\Program Files\trend micro\PETR.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BatteryCare] C:\Program Files\BatteryCare\BatteryCare.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AB29756-B6E5-46BF-BC56-F3E930C6C40B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 8793 bytes