Kotrola a pomoc s notasem Vyřešeno

[joseee]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows Vista (6.0.6000 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana [Práva správce]
Mód : Kontrola -- Datum : 04/10/2014 20:36:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] vntldr.exe -- C:\Users\Jana\AppData\Local\VNT\vntldr.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[DNS][PUM] HKLM\[...]\CS001\[...]\{EA4CA05D-B363-4649-A356-6CBCCDAAB69A} : NameServer (212.111.0.10,193.179.148.42 [CZECH REPUBLIC (CZ) - CZECH REPUBLIC (CZ)]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1652GSX ATA Device +++++
--- User ---
[MBR] 6323fa8f03d298ebeed10025e0fe7900
[BSP] 78cb728ba91b4803c61dd891678ff2d7 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 66571 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 139412072 | Size: 84553 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04102014_203609.txt >>

[Reklama]

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:název souboru, zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller


Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

[joseee]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows Vista (6.0.6000 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana [Práva správce]
Mód : Odebrat -- Datum : 04/11/2014 19:32:34
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost
::1 localhost
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100888290cs.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1652GSX ATA Device +++++
--- User ---
[MBR] 6323fa8f03d298ebeed10025e0fe7900
[BSP] 78cb728ba91b4803c61dd891678ff2d7 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 66571 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 139412072 | Size: 84553 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04112014_193234.txt >>
RKreport[0]_S_04102014_203609.txt;RKreport[0]_S_04112014_193135.txt

[jaro3]

Udělej znovu:

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:název souboru, zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Pak znovu RK.

[joseee]

19:37:07.0398 3204 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:37:15.0619 3204 ============================================================
19:37:15.0619 3204 Current date / time: 2014/04/11 19:37:15.0619
19:37:15.0619 3204 SystemInfo:
19:37:15.0619 3204
19:37:15.0619 3204 OS Version: 6.0.6000 ServicePack: 0.0
19:37:15.0619 3204 Product type: Workstation
19:37:15.0619 3204 ComputerName: JANA-PC
19:37:15.0619 3204 UserName: Jana
19:37:15.0619 3204 Windows directory: C:\Windows
19:37:15.0619 3204 System windows directory: C:\Windows
19:37:15.0619 3204 Processor architecture: Intel x86
19:37:15.0619 3204 Number of processors: 2
19:37:15.0619 3204 Page size: 0x1000
19:37:15.0619 3204 Boot type: Normal boot
19:37:15.0619 3204 ============================================================
19:37:17.0304 3204 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:37:17.0304 3204 ============================================================
19:37:17.0304 3204 \Device\Harddisk0\DR0:
19:37:17.0304 3204 MBR partitions:
19:37:17.0304 3204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x8205A66
19:37:17.0304 3204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x84F4268, BlocksNum 0xA524859
19:37:17.0304 3204 ============================================================
19:37:17.0335 3204 C: <-> \Device\Harddisk0\DR0\Partition1
19:37:17.0569 3204 D: <-> \Device\Harddisk0\DR0\Partition2
19:37:17.0569 3204 ============================================================
19:37:17.0569 3204 Initialize success
19:37:17.0569 3204 ============================================================
19:37:29.0176 3888 ============================================================
19:37:29.0176 3888 Scan started
19:37:29.0176 3888 Mode: Manual;
19:37:29.0176 3888 ============================================================
19:37:30.0455 3888 ================ Scan system memory ========================
19:37:30.0455 3888 System memory - ok
19:37:30.0455 3888 ================ Scan services =============================
19:37:31.0921 3888 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
19:37:31.0937 3888 ACPI - ok
19:37:32.0280 3888 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:37:32.0296 3888 AdobeARMservice - ok
19:37:32.0436 3888 [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:37:32.0436 3888 AdobeFlashPlayerUpdateSvc - ok
19:37:32.0655 3888 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:37:32.0701 3888 adp94xx - ok
19:37:32.0733 3888 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:37:32.0733 3888 adpahci - ok
19:37:32.0764 3888 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:37:32.0764 3888 adpu160m - ok
19:37:32.0842 3888 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:37:32.0857 3888 adpu320 - ok
19:37:32.0904 3888 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:37:32.0904 3888 AeLookupSvc - ok
19:37:32.0935 3888 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
19:37:32.0951 3888 AFD - ok
19:37:33.0154 3888 [ 5D97943C128ED756D1B0A08302C1B1F8 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:37:33.0169 3888 AgereSoftModem - ok
19:37:33.0216 3888 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:37:33.0216 3888 agp440 - ok
19:37:33.0232 3888 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:37:33.0232 3888 aic78xx - ok
19:37:33.0279 3888 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
19:37:33.0279 3888 ALG - ok
19:37:33.0310 3888 [ 496EDA16A127AC9A38BB285BEF17DBB5 ] aliide C:\Windows\system32\drivers\aliide.sys
19:37:33.0325 3888 aliide - ok
19:37:33.0341 3888 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:37:33.0341 3888 amdagp - ok
19:37:33.0357 3888 [ 6F65F4147C54398D7280B18CEBBED215 ] amdide C:\Windows\system32\drivers\amdide.sys
19:37:33.0357 3888 amdide - ok
19:37:33.0388 3888 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:37:33.0388 3888 AmdK7 - ok
19:37:33.0435 3888 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:37:33.0435 3888 AmdK8 - ok
19:37:33.0481 3888 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
19:37:33.0481 3888 Appinfo - ok
19:37:33.0497 3888 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
19:37:33.0497 3888 arc - ok
19:37:33.0528 3888 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:37:33.0528 3888 arcsas - ok
19:37:33.0575 3888 [ B347D2FEAE2D063943F16EC98634AB89 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:37:33.0575 3888 aswMonFlt - ok
19:37:33.0606 3888 [ 71A7C3DB37ED3F6118AC7FEB50574C35 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
19:37:33.0606 3888 aswRdr - ok
19:37:33.0637 3888 [ 84B4C00AE8CDFC52CF68F322D821F34C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:37:33.0653 3888 aswRvrt - ok
19:37:33.0700 3888 [ 3A50AD6AE8D8A0F78F03316F5B93FE45 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:37:33.0731 3888 aswSnx - ok
19:37:33.0778 3888 [ B6381B4DC603C558419641BA969930E0 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:37:33.0778 3888 aswSP - ok
19:37:33.0825 3888 [ 4A90E597A9AF787C4CEA0DE95C1F74A7 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:37:33.0825 3888 aswTdi - ok
19:37:33.0856 3888 [ 680448905E27BBC6587ADB28597640D6 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:37:33.0856 3888 aswVmm - ok
19:37:33.0887 3888 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:37:33.0887 3888 AsyncMac - ok
19:37:33.0918 3888 [ 78620BDA3EC87816E5D1FA86F920BC3A ] atapi C:\Windows\system32\drivers\atapi.sys
19:37:33.0918 3888 atapi - ok
19:37:33.0981 3888 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:37:33.0981 3888 AudioEndpointBuilder - ok
19:37:33.0996 3888 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:37:33.0996 3888 Audiosrv - ok
19:37:34.0402 3888 [ BEA8D0FA8805CC2E6BB49728166699C7 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:37:34.0402 3888 avast! Antivirus - ok
19:37:34.0417 3888 AVFSFilter - ok
19:37:34.0480 3888 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
19:37:34.0480 3888 Beep - ok
19:37:34.0589 3888 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
19:37:34.0605 3888 BFE - ok
19:37:34.0667 3888 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
19:37:34.0683 3888 BITS - ok
19:37:34.0683 3888 blbdrive - ok
19:37:34.0729 3888 [ 02303A73CEC912BC2A8AAB12D042C0E5 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
19:37:34.0745 3888 BootDefragDriver - ok
19:37:34.0761 3888 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:37:34.0776 3888 bowser - ok
19:37:34.0807 3888 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:37:34.0807 3888 BrFiltLo - ok
19:37:34.0823 3888 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:37:34.0823 3888 BrFiltUp - ok
19:37:34.0854 3888 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
19:37:34.0854 3888 Browser - ok
19:37:34.0901 3888 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:37:34.0932 3888 Brserid - ok
19:37:34.0948 3888 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:37:34.0948 3888 BrSerWdm - ok
19:37:34.0979 3888 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:37:34.0979 3888 BrUsbMdm - ok
19:37:35.0026 3888 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:37:35.0026 3888 BrUsbSer - ok
19:37:35.0057 3888 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:37:35.0073 3888 BTHMODEM - ok
19:37:35.0088 3888 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:37:35.0088 3888 cdfs - ok
19:37:35.0119 3888 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:37:35.0135 3888 cdrom - ok
19:37:35.0166 3888 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
19:37:35.0166 3888 CertPropSvc - ok
19:37:35.0197 3888 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
19:37:35.0197 3888 circlass - ok
19:37:35.0260 3888 [ 51B4B82560E49C415AE5B1337D635C3F ] CLFS C:\Windows\system32\CLFS.sys
19:37:35.0260 3888 CLFS - ok
19:37:35.0431 3888 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:37:35.0447 3888 clr_optimization_v2.0.50727_32 - ok
19:37:35.0494 3888 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:37:35.0494 3888 CmBatt - ok
19:37:35.0556 3888 [ 59172A0724F2AB769F31D61B0571D75B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:37:35.0556 3888 cmdide - ok
19:37:35.0587 3888 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:37:35.0587 3888 Compbatt - ok
19:37:35.0619 3888 COMSysApp - ok
19:37:35.0634 3888 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:37:35.0634 3888 crcdisk - ok
19:37:35.0650 3888 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:37:35.0650 3888 Crusoe - ok
19:37:35.0712 3888 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:37:35.0712 3888 CryptSvc - ok
19:37:35.0775 3888 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
19:37:35.0790 3888 DcomLaunch - ok
19:37:35.0853 3888 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:37:35.0853 3888 DfsC - ok
19:37:36.0071 3888 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
19:37:36.0180 3888 DFSR - ok
19:37:36.0258 3888 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:37:36.0258 3888 Dhcp - ok
19:37:36.0289 3888 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
19:37:36.0289 3888 disk - ok
19:37:36.0321 3888 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:37:36.0321 3888 Dnscache - ok
19:37:36.0383 3888 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
19:37:36.0383 3888 dot3svc - ok
19:37:36.0430 3888 [ 8EF243E3BAF1AB4F6202EDEB8890319B ] DPS C:\Windows\system32\dps.dll
19:37:36.0430 3888 DPS - ok
19:37:36.0445 3888 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:37:36.0445 3888 drmkaud - ok
19:37:36.0508 3888 [ A5B34136E84ACFC61CBC44F3F64E0666 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:37:36.0539 3888 DXGKrnl - ok
19:37:36.0570 3888 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:37:36.0570 3888 E1G60 - ok
19:37:36.0617 3888 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
19:37:36.0617 3888 EapHost - ok
19:37:36.0648 3888 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
19:37:36.0648 3888 Ecache - ok
19:37:36.0820 3888 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:37:36.0820 3888 ehRecvr - ok
19:37:36.0867 3888 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:37:36.0867 3888 ehSched - ok
19:37:36.0882 3888 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:37:36.0898 3888 ehstart - ok
19:37:36.0929 3888 [ 8D3087E8CB2D235E0674EF9E464D80D9 ] EL556 C:\Windows\system32\DRIVERS\EL556ND5.sys
19:37:36.0945 3888 EL556 - ok
19:37:36.0976 3888 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:37:37.0007 3888 elxstor - ok
19:37:37.0054 3888 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:37:37.0069 3888 EMDMgmt - ok
19:37:37.0179 3888 [ DFB250BAC1A9108ABD777EA181E32015 ] EventSystem C:\Windows\system32\es.dll
19:37:37.0179 3888 EventSystem - ok
19:37:37.0241 3888 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:37:37.0257 3888 fastfat - ok
19:37:37.0303 3888 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:37:37.0303 3888 fdc - ok
19:37:37.0350 3888 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
19:37:37.0350 3888 fdPHost - ok
19:37:37.0381 3888 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:37:37.0381 3888 FDResPub - ok
19:37:37.0428 3888 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:37:37.0444 3888 FileInfo - ok
19:37:37.0459 3888 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:37:37.0475 3888 Filetrace - ok
19:37:37.0491 3888 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:37:37.0491 3888 flpydisk - ok
19:37:37.0506 3888 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:37:37.0506 3888 FltMgr - ok
19:37:37.0631 3888 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:37:37.0662 3888 FontCache3.0.0.0 - ok
19:37:37.0709 3888 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:37:37.0709 3888 Fs_Rec - ok
19:37:37.0756 3888 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:37:37.0771 3888 gagp30kx - ok
19:37:37.0803 3888 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:37:37.0803 3888 GEARAspiWDM - ok
19:37:37.0865 3888 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
19:37:37.0881 3888 gpsvc - ok
19:37:38.0068 3888 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:37:38.0068 3888 gupdate - ok
19:37:38.0130 3888 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:37:38.0130 3888 gupdatem - ok
19:37:38.0177 3888 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:37:38.0193 3888 gusvc - ok
19:37:38.0239 3888 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:37:38.0239 3888 HdAudAddService - ok
19:37:38.0302 3888 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:37:38.0302 3888 HDAudBus - ok
19:37:38.0333 3888 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:37:38.0333 3888 HidBth - ok
19:37:38.0349 3888 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:37:38.0364 3888 HidIr - ok
19:37:38.0411 3888 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
19:37:38.0427 3888 hidserv - ok
19:37:38.0458 3888 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:37:38.0458 3888 HidUsb - ok
19:37:38.0520 3888 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
19:37:38.0551 3888 hkmsvc - ok
19:37:38.0567 3888 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:37:38.0583 3888 HpCISSs - ok
19:37:38.0629 3888 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:37:38.0629 3888 HTTP - ok
19:37:38.0676 3888 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:37:38.0692 3888 i2omp - ok
19:37:38.0739 3888 [ 1060F1377F395A242E27719440ECE602 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:37:38.0739 3888 i8042prt - ok
19:37:38.0785 3888 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:37:38.0785 3888 iaStorV - ok
19:37:39.0160 3888 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:37:39.0191 3888 idsvc - ok
19:37:39.0503 3888 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:37:39.0550 3888 igfx - ok
19:37:39.0612 3888 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:37:39.0612 3888 iirsp - ok
19:37:39.0643 3888 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
19:37:39.0659 3888 IKEEXT - ok
19:37:40.0533 3888 [ 0DBEF9CD5A2CD71240DD5AFCEE56D073 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:37:40.0595 3888 IntcAzAudAddService - ok
19:37:40.0642 3888 [ E5EA1C17DA5065032E346591FF64F3AF ] intelide C:\Windows\system32\drivers\intelide.sys
19:37:40.0642 3888 intelide - ok
19:37:40.0673 3888 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:37:40.0689 3888 intelppm - ok
19:37:40.0751 3888 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:37:40.0751 3888 IPBusEnum - ok
19:37:40.0782 3888 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:37:40.0813 3888 IpFilterDriver - ok
19:37:40.0891 3888 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:37:40.0891 3888 iphlpsvc - ok
19:37:40.0891 3888 IpInIp - ok
19:37:40.0923 3888 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:37:40.0938 3888 IPMIDRV - ok
19:37:40.0985 3888 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:37:41.0016 3888 IPNAT - ok
19:37:41.0063 3888 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:37:41.0063 3888 IRENUM - ok
19:37:41.0094 3888 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:37:41.0094 3888 isapnp - ok
19:37:41.0125 3888 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:37:41.0125 3888 iScsiPrt - ok
19:37:41.0141 3888 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:37:41.0172 3888 iteatapi - ok
19:37:41.0203 3888 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:37:41.0203 3888 iteraid - ok
19:37:41.0219 3888 [ 222E263CC06E47BDA386FE19B88E8583 ] JRAID C:\Windows\system32\drivers\jraid.sys
19:37:41.0219 3888 JRAID - ok
19:37:41.0281 3888 [ 1A48765F92BA1A88445FC25C9C9D94FC ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:37:41.0297 3888 kbdclass - ok
19:37:41.0344 3888 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:37:41.0359 3888 kbdhid - ok
19:37:41.0391 3888 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
19:37:41.0391 3888 KeyIso - ok
19:37:41.0437 3888 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:37:41.0437 3888 KSecDD - ok
19:37:41.0500 3888 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
19:37:41.0515 3888 KtmRm - ok
19:37:41.0547 3888 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
19:37:41.0578 3888 LanmanServer - ok
19:37:41.0609 3888 [ A6A0DFF37BC17ECD6705FBDB90EECD92 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:37:41.0640 3888 LanmanWorkstation - ok
19:37:41.0687 3888 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:37:41.0687 3888 lltdio - ok
19:37:41.0734 3888 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:37:41.0749 3888 lltdsvc - ok
19:37:41.0765 3888 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:37:41.0765 3888 lmhosts - ok
19:37:41.0812 3888 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:37:41.0812 3888 LSI_FC - ok
19:37:41.0859 3888 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:37:41.0905 3888 LSI_SAS - ok
19:37:41.0937 3888 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:37:41.0937 3888 LSI_SCSI - ok
19:37:41.0968 3888 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
19:37:41.0968 3888 luafv - ok
19:37:41.0999 3888 [ 0C6EA0109CFEDF441F06D031E9A8D1A9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:37:42.0015 3888 MBAMProtector - ok
19:37:42.0311 3888 [ 0E08BDD7326E657D59DB40BAD23D8169 ] MBAMScheduler C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
19:37:42.0327 3888 MBAMScheduler - ok
19:37:42.0561 3888 [ A8E7F3DB083EB0839DFC1C763CDD2594 ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
19:37:42.0561 3888 MBAMService - ok
19:37:42.0623 3888 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:37:42.0623 3888 Mcx2Svc - ok
19:37:42.0670 3888 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
19:37:42.0670 3888 megasas - ok
19:37:42.0717 3888 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
19:37:42.0717 3888 MMCSS - ok
19:37:42.0748 3888 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
19:37:42.0748 3888 Modem - ok
19:37:42.0779 3888 [ EC839BA91E45CCE6EADAFC418FFF8206 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:37:42.0795 3888 monitor - ok
19:37:42.0873 3888 [ 3C9469DFB3440555DAB070716D768B1E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:37:42.0873 3888 mouclass - ok
19:37:42.0966 3888 [ A3A6DFF7E9E757DB3DF51A833BC28885 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:37:42.0982 3888 mouhid - ok
19:37:43.0029 3888 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:37:43.0029 3888 MountMgr - ok
19:37:43.0060 3888 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:37:43.0075 3888 MpFilter - ok
19:37:43.0091 3888 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
19:37:43.0091 3888 mpio - ok
19:37:43.0138 3888 [ 2C3489660D4A8D514C123C3F0D67DF46 ] MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys
19:37:43.0138 3888 MpNWMon - ok
19:37:43.0169 3888 [ 8D326E8B321685D4784AFA1C55169D73 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:37:43.0169 3888 mpsdrv - ok
19:37:43.0247 3888 [ 370248683BDF5FE36BD06C6416E6CE83 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:37:43.0247 3888 MpsSvc - ok
19:37:43.0294 3888 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:37:43.0294 3888 Mraid35x - ok
19:37:43.0356 3888 [ 93224014A418B72356462B8F7DE6E8C9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:37:43.0356 3888 MRxDAV - ok
19:37:43.0419 3888 [ 529B64F9735D27FEF1B8EA1678F8C79E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:37:43.0419 3888 mrxsmb - ok
19:37:43.0434 3888 [ 58A9AB5754FA4CABEDE7401283B5A771 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:37:43.0450 3888 mrxsmb10 - ok
19:37:43.0450 3888 [ 30A67C7D8B80281028916DED6A64AEC9 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:37:43.0450 3888 mrxsmb20 - ok
19:37:43.0481 3888 [ 86068B8B54A5EB092F51657F00B2222A ] msahci C:\Windows\system32\drivers\msahci.sys
19:37:43.0481 3888 msahci - ok
19:37:43.0528 3888 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:37:43.0528 3888 msdsm - ok
19:37:43.0575 3888 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
19:37:43.0575 3888 MSDTC - ok
19:37:43.0590 3888 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:37:43.0606 3888 Msfs - ok
19:37:43.0621 3888 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:37:43.0621 3888 msisadrv - ok
19:37:43.0684 3888 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:37:43.0684 3888 MSiSCSI - ok
19:37:43.0699 3888 msiserver - ok
19:37:43.0731 3888 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:37:43.0731 3888 MSKSSRV - ok
19:37:43.0746 3888 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:37:43.0746 3888 MSPCLOCK - ok
19:37:43.0762 3888 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:37:43.0777 3888 MSPQM - ok
19:37:43.0809 3888 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:37:43.0809 3888 MsRPC - ok
19:37:43.0840 3888 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:37:43.0840 3888 mssmbios - ok
19:37:43.0871 3888 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:37:43.0871 3888 MSTEE - ok
19:37:43.0902 3888 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
19:37:43.0902 3888 Mup - ok
19:37:43.0949 3888 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
19:37:43.0965 3888 napagent - ok
19:37:43.0996 3888 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:37:43.0996 3888 NativeWifiP - ok
19:37:44.0027 3888 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:37:44.0043 3888 NDIS - ok
19:37:44.0074 3888 [ 7584F1794B23B83D63CC124A8C56D103 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:37:44.0074 3888 NdisTapi - ok
19:37:44.0105 3888 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:37:44.0105 3888 Ndisuio - ok
19:37:44.0121 3888 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:37:44.0121 3888 NdisWan - ok
19:37:44.0167 3888 [ 874C12E3AD1431CABC854697D302C563 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:37:44.0167 3888 NDProxy - ok
19:37:44.0183 3888 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:37:44.0183 3888 NetBIOS - ok
19:37:44.0214 3888 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:37:44.0214 3888 netbt - ok
19:37:44.0245 3888 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
19:37:44.0245 3888 Netlogon - ok
19:37:44.0292 3888 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
19:37:44.0308 3888 Netman - ok
19:37:44.0323 3888 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
19:37:44.0323 3888 netprofm - ok
19:37:44.0401 3888 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:37:44.0401 3888 NetTcpPortSharing - ok
19:37:44.0464 3888 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:37:44.0495 3888 nfrd960 - ok
19:37:44.0526 3888 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
19:37:44.0542 3888 NlaSvc - ok
19:37:44.0557 3888 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:37:44.0557 3888 Npfs - ok
19:37:44.0589 3888 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
19:37:44.0589 3888 nsi - ok
19:37:44.0604 3888 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:37:44.0604 3888 nsiproxy - ok
19:37:44.0682 3888 [ 2620822A21B76375F5FD6E0986407CD1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:37:44.0698 3888 Ntfs - ok
19:37:44.0745 3888 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:37:44.0745 3888 ntrigdigi - ok
19:37:44.0776 3888 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
19:37:44.0776 3888 Null - ok
19:37:44.0823 3888 [ 6F785DB62A6D8F3FAFD3E5695277E849 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:37:44.0823 3888 nvraid - ok
19:37:44.0838 3888 [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:37:44.0854 3888 nvstor - ok
19:37:44.0869 3888 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:37:44.0869 3888 nv_agp - ok
19:37:44.0869 3888 NwlnkFlt - ok
19:37:44.0885 3888 NwlnkFwd - ok
19:37:44.0901 3888 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:37:44.0916 3888 ohci1394 - ok
19:37:45.0057 3888 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:37:45.0088 3888 ose - ok
19:37:45.0135 3888 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:37:45.0150 3888 p2pimsvc - ok
19:37:45.0181 3888 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
19:37:45.0197 3888 p2psvc - ok
19:37:45.0259 3888 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:37:45.0259 3888 Parport - ok
19:37:45.0291 3888 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:37:45.0322 3888 partmgr - ok
19:37:45.0337 3888 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:37:45.0337 3888 Parvdm - ok
19:37:45.0384 3888 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:37:45.0384 3888 PcaSvc - ok
19:37:45.0415 3888 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
19:37:45.0415 3888 pci - ok
19:37:45.0447 3888 [ 304048C2565A803D091CCA1AC945F593 ] pciide C:\Windows\system32\drivers\pciide.sys
19:37:45.0447 3888 pciide - ok
19:37:45.0525 3888 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:37:45.0525 3888 pcmcia - ok
19:37:45.0587 3888 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:37:45.0587 3888 PEAUTH - ok
19:37:45.0868 3888 [ 9F2F541C52CD7A452E235E885F7D95DE ] Ph3xIB32 C:\Windows\system32\DRIVERS\Ph3xIB32.sys
19:37:45.0883 3888 Ph3xIB32 - ok
19:37:46.0086 3888 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
19:37:46.0164 3888 pla - ok
19:37:46.0242 3888 [ 99F45FF202A0C8F2C948557FA404AF4C ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:37:46.0242 3888 PlugPlay - ok
19:37:46.0289 3888 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:37:46.0305 3888 PNRPAutoReg - ok
19:37:46.0445 3888 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:37:46.0461 3888 PNRPsvc - ok
19:37:46.0523 3888 [ 05AB8CBD7056B6EA16E5FAB14326AAEE ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:37:46.0523 3888 PolicyAgent - ok
19:37:46.0570 3888 [ 6C359AC71D7B550A0D41F9DB4563CE05 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:37:46.0570 3888 PptpMiniport - ok
19:37:46.0601 3888 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
19:37:46.0601 3888 Processor - ok
19:37:46.0695 3888 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
19:37:46.0695 3888 ProfSvc - ok
19:37:46.0726 3888 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:37:46.0726 3888 ProtectedStorage - ok
19:37:46.0757 3888 [ B74EDF14453C9987E99E66535047EBEE ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:37:46.0757 3888 PSched - ok
19:37:46.0835 3888 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:37:46.0835 3888 ql2300 - ok
19:37:46.0913 3888 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:37:46.0944 3888 ql40xx - ok
19:37:46.0991 3888 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
19:37:47.0007 3888 QWAVE - ok
19:37:47.0022 3888 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:37:47.0038 3888 QWAVEdrv - ok
19:37:47.0053 3888 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:37:47.0053 3888 RasAcd - ok
19:37:47.0085 3888 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
19:37:47.0116 3888 RasAuto - ok
19:37:47.0163 3888 [ 88587DD843E2059848995B407B67F6CF ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:37:47.0163 3888 Rasl2tp - ok
19:37:47.0209 3888 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
19:37:47.0209 3888 RasMan - ok
19:37:47.0241 3888 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:37:47.0241 3888 RasPppoe - ok
19:37:47.0272 3888 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:37:47.0272 3888 rdbss - ok
19:37:47.0303 3888 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:37:47.0319 3888 RDPCDD - ok
19:37:47.0365 3888 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:37:47.0365 3888 rdpdr - ok
19:37:47.0381 3888 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:37:47.0381 3888 RDPENCDD - ok
19:37:47.0459 3888 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:37:47.0475 3888 RDPWD - ok
19:37:47.0568 3888 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:37:47.0568 3888 RealNetworks Downloader Resolver Service - ok
19:37:47.0631 3888 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
19:37:47.0631 3888 RemoteAccess - ok
19:37:47.0709 3888 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:37:47.0740 3888 RemoteRegistry - ok
19:37:47.0755 3888 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:37:47.0771 3888 RpcLocator - ok
19:37:47.0802 3888 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
19:37:47.0802 3888 RpcSs - ok
19:37:47.0833 3888 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:37:47.0833 3888 rspndr - ok
19:37:47.0927 3888 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
19:37:47.0927 3888 RTL8169 - ok
19:37:48.0083 3888 [ DAEBBDEED150469088E2A4C805AF938B ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
19:37:48.0130 3888 RTL8187B - ok
19:37:48.0145 3888 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
19:37:48.0145 3888 SamSs - ok
19:37:48.0192 3888 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:37:48.0192 3888 sbp2port - ok
19:37:48.0270 3888 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:37:48.0270 3888 SCardSvr - ok
19:37:48.0473 3888 [ 5C72614E6625D39CC1504BF078FDC4CA ] Schedule C:\Windows\system32\schedsvc.dll
19:37:48.0489 3888 Schedule - ok
19:37:48.0520 3888 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:37:48.0520 3888 SCPolicySvc - ok
19:37:48.0582 3888 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:37:48.0582 3888 SDRSVC - ok
19:37:48.0707 3888 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:37:48.0707 3888 SeaPort - ok
19:37:48.0723 3888 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:37:48.0754 3888 secdrv - ok
19:37:48.0769 3888 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
19:37:48.0785 3888 seclogon - ok
19:37:48.0832 3888 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
19:37:48.0879 3888 SENS - ok
19:37:48.0910 3888 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:37:48.0910 3888 Serenum - ok
19:37:48.0925 3888 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:37:48.0925 3888 Serial - ok
19:37:48.0988 3888 [ FD06895F55C0BEC3CBD84BDA14E1C6B7 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:37:49.0003 3888 sermouse - ok
19:37:49.0050 3888 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
19:37:49.0066 3888 SessionEnv - ok
19:37:49.0081 3888 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:37:49.0081 3888 sffdisk - ok
19:37:49.0097 3888 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:37:49.0113 3888 sffp_mmc - ok
19:37:49.0159 3888 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:37:49.0175 3888 sffp_sd - ok
19:37:49.0191 3888 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:37:49.0191 3888 sfloppy - ok
19:37:49.0222 3888 [ 11AAC56C04D26195D21C4F5229DB4726 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:37:49.0237 3888 SharedAccess - ok
19:37:49.0315 3888 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:37:49.0315 3888 ShellHWDetection - ok
19:37:49.0362 3888 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:37:49.0362 3888 sisagp - ok
19:37:49.0378 3888 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:37:49.0378 3888 SiSRaid2 - ok
19:37:49.0440 3888 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:37:49.0440 3888 SiSRaid4 - ok
19:37:50.0470 3888 [ 9F712B26EE3B0242DE997A42FD302E2C ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:37:50.0501 3888 Skype C2C Service - ok
19:37:50.0657 3888 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:37:50.0657 3888 SkypeUpdate - ok
19:37:51.0328 3888 [ 7610645679BB5994210D21A347E0C479 ] slsvc C:\Windows\system32\SLsvc.exe
19:37:51.0406 3888 slsvc - ok
19:37:51.0453 3888 [ 49670F3E42A0178A0AB425AE15D88E7C ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:37:51.0468 3888 SLUINotify - ok
19:37:51.0484 3888 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:37:51.0484 3888 Smb - ok
19:37:51.0515 3888 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:37:51.0531 3888 SNMPTRAP - ok
19:37:51.0593 3888 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
19:37:51.0593 3888 spldr - ok
19:37:51.0640 3888 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
19:37:51.0655 3888 Spooler - ok
19:37:51.0671 3888 [ 2C677528B24D64D22886ECBE5CD97F20 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:37:51.0687 3888 srv - ok
19:37:51.0733 3888 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:37:51.0733 3888 srv2 - ok
19:37:51.0749 3888 [ CD11A0767E82DD8B1A3A26D305DBEC0F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:37:51.0765 3888 srvnet - ok
19:37:51.0827 3888 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:37:51.0843 3888 SSDPSRV - ok
19:37:51.0889 3888 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
19:37:51.0905 3888 stisvc - ok
19:37:51.0936 3888 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:37:51.0936 3888 swenum - ok
19:37:51.0967 3888 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
19:37:51.0983 3888 swprv - ok
19:37:51.0999 3888 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:37:51.0999 3888 Symc8xx - ok
19:37:52.0014 3888 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:37:52.0030 3888 Sym_hi - ok
19:37:52.0030 3888 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:37:52.0030 3888 Sym_u3 - ok
19:37:52.0092 3888 [ 70534D1E4F9AC990536D5FB5B550B3DE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:37:52.0108 3888 SynTP - ok
19:37:52.0155 3888 [ C1FDFF9AFD8C6C905485981B41DCFB40 ] SysMain C:\Windows\system32\sysmain.dll
19:37:52.0170 3888 SysMain - ok
19:37:52.0186 3888 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:37:52.0186 3888 TabletInputService - ok
19:37:52.0248 3888 [ 147B9CCE0B523D4DAFD91A60C2CE2B25 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
19:37:52.0248 3888 tap0901 - ok
19:37:52.0295 3888 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:37:52.0311 3888 TapiSrv - ok
19:37:52.0342 3888 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
19:37:52.0357 3888 TBS - ok
19:37:52.0404 3888 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:37:52.0420 3888 Tcpip - ok
19:37:52.0529 3888 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:37:52.0545 3888 Tcpip6 - ok
19:37:52.0623 3888 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:37:52.0638 3888 tcpipreg - ok
19:37:52.0701 3888 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:37:52.0701 3888 TDPIPE - ok
19:37:52.0732 3888 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:37:52.0732 3888 TDTCP - ok
19:37:52.0779 3888 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:37:52.0779 3888 tdx - ok
19:37:52.0810 3888 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:37:52.0810 3888 TermDD - ok
19:37:52.0872 3888 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
19:37:52.0872 3888 TermService - ok
19:37:52.0903 3888 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
19:37:52.0903 3888 Themes - ok
19:37:52.0950 3888 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
19:37:52.0950 3888 THREADORDER - ok
19:37:53.0028 3888 [ 6D9AD3534A9CF7E4B86C6EAE8BC335F6 ] TPM C:\Windows\system32\drivers\tpm.sys
19:37:53.0028 3888 TPM - ok
19:37:53.0059 3888 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
19:37:53.0075 3888 TrkWks - ok
19:37:53.0169 3888 [ CD987375605E6F9C3230E99EDA9D9C6D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:37:53.0169 3888 TrustedInstaller - ok
19:37:53.0184 3888 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:37:53.0200 3888 tssecsrv - ok
19:37:53.0231 3888 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:37:53.0231 3888 tunmp - ok
19:37:53.0262 3888 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:37:53.0262 3888 tunnel - ok
19:37:53.0371 3888 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:37:53.0371 3888 TVALZ - ok
19:37:53.0465 3888 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:37:53.0465 3888 uagp35 - ok
19:37:53.0512 3888 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:37:53.0512 3888 udfs - ok
19:37:53.0543 3888 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:37:53.0574 3888 UI0Detect - ok
19:37:53.0590 3888 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:37:53.0590 3888 uliagpkx - ok
19:37:53.0621 3888 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:37:53.0621 3888 uliahci - ok
19:37:53.0683 3888 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:37:53.0683 3888 UlSata - ok
19:37:53.0715 3888 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:37:53.0715 3888 ulsata2 - ok
19:37:53.0746 3888 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:37:53.0746 3888 umbus - ok
19:37:53.0808 3888 [ 08EA9C0247F391AF4D4A16885A1C159D ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
19:37:53.0808 3888 UMPass - ok
19:37:53.0855 3888 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
19:37:53.0855 3888 upnphost - ok
19:37:53.0933 3888 [ B0BA9CAFFE9B0555EC0317F30CB79CD2 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:37:53.0933 3888 usbccgp - ok
19:37:53.0995 3888 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:37:54.0011 3888 usbcir - ok
19:37:54.0073 3888 [ C9FCD05B0A80EA08C2768E5A279B14DE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:37:54.0073 3888 usbehci - ok
19:37:54.0136 3888 [ 5E44F7D957F7560DA06BFE6B84B58A35 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:37:54.0136 3888 usbhub - ok
19:37:54.0229 3888 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:37:54.0229 3888 usbohci - ok
19:37:54.0261 3888 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:37:54.0292 3888 usbprint - ok
19:37:54.0339 3888 [ FDBAABF07244C60B0F4E0A6E71A107C6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:37:54.0339 3888 USBSTOR - ok
19:37:54.0370 3888 [ D864735B0BFCB65440960A0B7CC1A38D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:37:54.0385 3888 usbuhci - ok
19:37:54.0432 3888 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:37:54.0432 3888 usbvideo - ok
19:37:54.0479 3888 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
19:37:54.0495 3888 UxSms - ok
19:37:54.0541 3888 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
19:37:54.0557 3888 vds - ok
19:37:54.0619 3888 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:37:54.0619 3888 vga - ok
19:37:54.0651 3888 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:37:54.0666 3888 VgaSave - ok
19:37:54.0697 3888 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:37:54.0697 3888 viaagp - ok
19:37:54.0729 3888 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:37:54.0744 3888 ViaC7 - ok
19:37:54.0775 3888 [ 7AA7EC9A08DC2C39649C413B1A26E298 ] viaide C:\Windows\system32\drivers\viaide.sys
19:37:54.0791 3888 viaide - ok
19:37:54.0822 3888 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:37:54.0822 3888 volmgr - ok
19:37:54.0853 3888 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:37:54.0853 3888 volmgrx - ok
19:37:54.0947 3888 [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:37:54.0947 3888 volsnap - ok
19:37:55.0041 3888 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:37:55.0056 3888 vsmraid - ok
19:37:55.0368 3888 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
19:37:55.0415 3888 VSS - ok
19:37:55.0446 3888 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
19:37:55.0477 3888 W32Time - ok
19:37:55.0493 3888 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:37:55.0493 3888 WacomPen - ok
19:37:55.0524 3888 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:37:55.0524 3888 Wanarp - ok
19:37:55.0540 3888 [ 6E1A5BE9A0605F3D932FF35FBA2B22B3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:37:55.0540 3888 Wanarpv6 - ok
19:37:55.0587 3888 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:37:55.0602 3888 wcncsvc - ok
19:37:55.0633 3888 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:37:55.0649 3888 WcsPlugInService - ok
19:37:55.0680 3888 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
19:37:55.0680 3888 Wd - ok
19:37:55.0727 3888 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:37:55.0727 3888 Wdf01000 - ok
19:37:55.0789 3888 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:37:55.0836 3888 WdiServiceHost - ok
19:37:55.0852 3888 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:37:55.0852 3888 WdiSystemHost - ok
19:37:55.0883 3888 [ 5BB7DCE05889A1FE2E0DB1CDF451412B ] WebClient C:\Windows\System32\webclnt.dll
19:37:55.0883 3888 WebClient - ok
19:37:55.0961 3888 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
19:37:55.0961 3888 Wecsvc - ok
19:37:55.0992 3888 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:37:56.0008 3888 wercplsupport - ok
19:37:56.0039 3888 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
19:37:56.0055 3888 WerSvc - ok
19:37:56.0179 3888 [ EC0180032C6D201EF26FAD1A0C14E674 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:37:56.0195 3888 WinDefend - ok
19:37:56.0211 3888 WinHttpAutoProxySvc - ok
19:37:56.0351 3888 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:37:56.0367 3888 Winmgmt - ok
19:37:56.0445 3888 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
19:37:56.0460 3888 WinRM - ok
19:37:56.0585 3888 [ 424782AC6393CAFD0EE6FA887105BBAE ] Wlansvc C:\Windows\System32\wlansvc.dll
19:37:56.0616 3888 Wlansvc - ok
19:37:56.0647 3888 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:37:56.0647 3888 WmiAcpi - ok
19:37:56.0725 3888 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:37:56.0725 3888 wmiApSrv - ok
19:37:56.0772 3888 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:37:56.0772 3888 WPCSvc - ok
19:37:56.0803 3888 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:37:56.0819 3888 WPDBusEnum - ok
19:37:56.0850 3888 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:37:56.0866 3888 ws2ifsl - ok
19:37:56.0897 3888 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
19:37:56.0897 3888 wscsvc - ok
19:37:56.0928 3888 WSearch - ok
19:37:57.0022 3888 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
19:37:57.0069 3888 wuauserv - ok
19:37:57.0115 3888 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:37:57.0115 3888 WUDFRd - ok
19:37:57.0162 3888 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:37:57.0162 3888 wudfsvc - ok
19:37:57.0209 3888 ================ Scan global ===============================
19:37:57.0287 3888 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
19:37:57.0349 3888 [ D2E032FC47D59D704B1A49D159C318E5 ] C:\Windows\system32\winsrv.dll
19:37:57.0365 3888 [ D2E032FC47D59D704B1A49D159C318E5 ] C:\Windows\system32\winsrv.dll
19:37:57.0427 3888 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
19:37:57.0427 3888 [Global] - ok
19:37:57.0427 3888 ================ Scan MBR ==================================
19:37:57.0443 3888 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:37:58.0114 3888 \Device\Harddisk0\DR0 - ok
19:37:58.0114 3888 ================ Scan VBR ==================================
19:37:58.0161 3888 [ 2F6E0AF722DBBF9A63F0549405B2C547 ] \Device\Harddisk0\DR0\Partition1
19:37:58.0161 3888 \Device\Harddisk0\DR0\Partition1 - ok
19:37:58.0176 3888 [ 39F842AE3D15F59FCE82FE6CFC742FD5 ] \Device\Harddisk0\DR0\Partition2
19:37:58.0176 3888 \Device\Harddisk0\DR0\Partition2 - ok
19:37:58.0176 3888 ============================================================
19:37:58.0176 3888 Scan finished
19:37:58.0176 3888 ============================================================
19:37:58.0192 2148 Detected object count: 0
19:37:58.0192 2148 Actual detected object count: 0
19:38:14.0619 3884 Deinitialize success

[joseee]

A tady je RK znova
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows Vista (6.0.6000 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana [Práva správce]
Mód : Odebrat -- Datum : 04/11/2014 19:52:16
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] vntldr.exe -- C:\Users\Jana\AppData\Local\VNT\vntldr.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1652GSX ATA Device +++++
--- User ---
[MBR] 6323fa8f03d298ebeed10025e0fe7900
[BSP] 78cb728ba91b4803c61dd891678ff2d7 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 66571 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 139412072 | Size: 84553 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04112014_195216.txt >>
RKreport[0]_D_04112014_193234.txt;RKreport[0]_S_04102014_203609.txt;RKreport[0]_S_04112014_193135.txt
RKreport[0]_S_04112014_195111.txt

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:název souboru, zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Udělal si to??

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[joseee]

Ano udělal uz dvakrat jak jsi psal.
Nicmene co to ma teda udělat? Protoze ja na to dvakrat kliknu ale nic se neděje. Tak nevím zdali to něco provedlo.

Combofix zrovna bezi.

[jaro3]

No to nic neuvidíš , ale v RK už by se pak neměla objevit infekce hosts , a to nějak je tam pořád..

Combofix , máš mít zavřený všechny okna a prohlížeče.

[joseee]

Písu z druheho notasu.
Combo dobehlo ale notas se nechce pripojit k internetu, takze nemuzu poslat log.
Jdu teda pustit posledni znamou konfiguraci.
S tim textákem to udělam jeste jednou teda.

[joseee]

ComboFix 14-04-09.02 - Jana 12.04.2014 10:20:11.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.2037.1061 [GMT 2:00]
Spuštěný z: c:\users\Jana\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AVAST Software\Avast\setup\d7fef776-caf5-4106-837a-3147671654b3.exe . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-12 do 2014-04-12 )))))))))))))))))))))))))))))))
.
.
2014-04-10 17:51 . 2014-04-10 17:51 -------- d-----w- c:\windows\ERUNT
2014-04-10 13:48 . 2014-04-10 13:48 -------- d-----w- c:\program files\7-Zip
2014-04-10 07:22 . 2014-04-12 07:42 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-10 07:22 . 2014-04-10 07:22 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-10 07:22 . 2014-04-10 07:22 -------- d-----w- c:\programdata\Malwarebytes
2014-04-10 07:22 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-10 07:22 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-10 07:22 . 2014-04-03 07:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-10 07:17 . 2014-04-10 17:42 -------- d-----w- C:\AdwCleaner
2014-04-07 19:43 . 2014-04-07 19:43 388096 ----a-r- c:\users\Jana\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-04-07 19:43 . 2014-04-07 19:43 -------- d-----w- c:\program files\Trend Micro
2014-04-07 19:21 . 2014-04-07 19:21 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-04-07 19:21 . 2014-04-07 19:21 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-07 19:21 . 2014-04-07 19:21 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-07 19:21 . 2014-04-07 19:21 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-07 19:21 . 2014-04-07 19:21 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-07 19:21 . 2014-04-07 19:21 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-07 19:21 . 2014-04-07 19:21 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-04-07 19:21 . 2014-04-07 19:21 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-07 19:21 . 2014-04-07 19:21 43152 ----a-w- c:\windows\avastSS.scr
2014-04-07 19:17 . 2014-04-07 19:17 -------- d-----w- c:\program files\AVAST Software
2014-04-07 18:56 . 2014-04-07 18:56 -------- d-----w- c:\program files\Opera
2014-04-07 16:18 . 2013-09-12 16:15 153568 ----a-w- c:\windows\system32\PavTrc.dll
2014-04-07 16:18 . 2012-04-04 15:00 177664 ----a-w- c:\windows\system32\WPApi.dll
2014-04-04 14:35 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EA80050-90A1-4D82-8187-9B0D762202B3}\mpengine.dll
2014-04-04 05:40 . 2014-04-04 05:40 -------- d-----w- c:\users\Jana\AppData\Roaming\360SD
2014-04-04 05:40 . 2014-04-04 08:38 -------- d-----w- c:\users\Jana\AppData\Roaming\360safe
2014-04-04 05:40 . 2013-12-09 01:51 164816 ----a-w- c:\windows\system32\drivers\360SelfProtection.sys
2014-04-04 05:40 . 2014-04-04 05:40 -------- d-----r- C:\360SANDBOX
2014-04-04 05:39 . 2013-12-06 12:03 76352 ----a-w- c:\windows\system32\drivers\hookport.sys
2014-04-04 05:39 . 2013-12-06 12:03 22584 ----a-w- c:\windows\system32\drivers\efimon.sys
2014-04-04 05:37 . 2014-04-04 05:37 -------- d-----w- c:\program files\360
2014-03-27 23:06 . 2014-03-27 23:06 -------- d-----w- c:\programdata\Panda Software
2014-03-27 17:23 . 2014-04-07 18:32 -------- d-----w- c:\users\Jana\AppData\Local\Panda Security
2014-03-27 17:20 . 2014-03-27 17:20 -------- d-----w- c:\programdata\Backup
2014-03-27 16:16 . 2014-03-27 20:20 -------- d-----w- c:\users\Jana\AppData\Roaming\DropboxMaster
2014-03-27 14:03 . 2014-03-27 14:03 -------- d-----w- c:\users\Jana\AppData\Local\AskPartnerNetwork
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-17 09:26 . 2012-04-19 11:20 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-17 09:26 . 2011-11-19 14:49 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-26 05:17 . 2013-12-21 17:41 14528 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2014-01-03 07:50 . 2014-01-03 07:50 431657 ----a-w- c:\program files\f_000686
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-07 19:21 260976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"VNT"="c:\program files\VNT\vntldr.exe" [2014-03-18 196048]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-07 3854640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-10-18 11:14 138096 ----a-w- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-11 18:13 166424 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-11 19:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
2011-12-13 15:58 11487848 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2991936138-3323690184-2584990984-1000]
"EnableNotificationsRef"=dword:00000006
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 13:53 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 09:27]
.
2014-04-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2991936138-3323690184-2584990984-1000Core.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-09 11:14]
.
2014-04-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2991936138-3323690184-2584990984-1000UA.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-09 11:14]
.
2014-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-23 05:21]
.
2014-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-23 05:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.254
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{4B4D5056-3763-006A-76A7-7A786E7484D7} - c:\program files\AskPartnerNetwork\Toolbar\KMPV7c\Passport.dll
Toolbar-{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)
Toolbar-{4B4D5056-3763-006A-76A7-7A786E7484D7} - c:\program files\AskPartnerNetwork\Toolbar\KMPV7c\Passport.dll
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
WebBrowser-{4B4D5056-3763-006A-76A7-7A786E7484D7} - c:\program files\AskPartnerNetwork\Toolbar\KMPV7c\Passport.dll
SafeBoot-MsMpSvc
MSConfigStartUp-APSDaemon - c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
MSConfigStartUp-Malwarebytes' Anti-Malware - c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
MSConfigStartUp-MSC - c:\program files\Microsoft Security Client\msseces.exe
AddRemove-360 Internet Security - c:\program files\360\360 Internet Security\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-12 10:34
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG16.00.00.01PROFESSIONAL"="83B0F9ABAFD883083DA986EDCD816ED02A63CE5290E534289BCDDAB9F43E2F7CCDA61BD6CDC5FD86E6FA5ED5CF2BB51D087F50D8A6C8B456FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555FEBC9E127BECC74CC038D530D6EB345241DE036737C873F2D7A7808AA95E6D5C029ADC45476E0E5A6C24FB73692A96B396C8C57230F8EDD5DF7E299C993AE7702848AE912A4FA1EBFA3319492078EA2852161D83B981420961281DFC8E3C5BDCF5E47FF7F5D24109E3C011137A5DF689872C7678E352BBC74F6931CBC841CD3160322DFCBB624A33BCAAE8DAFC6F12F00DA5237DC1D04C5CE2B89F7B8C9CE98FA023FBFA10DEBF0362820EFD2BBBB98BFED055956B57892A18C10756A1127BADB3E1129C0E9AC9A3EE8CCD2E13C20B97BC302899FBB1AAA5AEE3E5F5D5DDF5D5DB4AF76452DBB2D448C45D704177CBEBE7FB163315218ED7AAB3234AF9AD6F671C6B1DA67F5E68689156D3A04842646E699DFE60575BB45FD4F788986223A053408B540CBA527F47B7A3AA6ABF7E5E1D6AB2A9746C0742EB39AC427667536820D32354902DD7ADEBE6C1445042FD6C875C0FBC960045FEC3A77FE3D0E649C8E728DDB5078488CE6511FA62A86D0260D17038C44140235A40B4566069BF82E7DAD21CF791F2ED5FD7EECCAC9BE4C5B3341F6AB2426228E34EB84893D057728DB82C747E2BAE0985F87769AEA9CEF2817C2312DABE1E4C506E4F1F386F167E2AD9522D8D9E70CA86166AB45722D6AA89887BD2F4AB2E7D78B6D75C7103E9FECE272543520FF59ACD0DCAC8F9ABA9802F4EEB821ED3511CD9D177B2C4194244319F4B68D86F01536A51DDF2CF40FB7D7BD4F92D57564D7C157A170A1A18140F2BD32E7F940AD7C50EEAACB5F12D831C9AB9F28F03A6E868EF8261FD40B45716BAECF822DAF9C33390F386C56015FA4D5BAC641D6B8A6F1D5151C7DC687C0A0381239D1CE73091D26C1D7D0D7FEC2174B17222FCBC1E314B475DFC2C284EAB73C545D26FD8F213D0C1A8E729157E38EA3762C388854E029783B57AA0F75FC17971B58ECE305A1FCA51ED5FEACE6887FA2568A34E3D5F381C59FA7BA9B536D41C126B12A4D4520F5404D8C258399BD8E65D86601239E63065436301E2232FF0D4DAEE5B0C919C3F756368B3ABCADDFBDF62CFDEC838D0C9F35D374FA2E479A7119F60AF5513CD13A79F2F1851D8C943105E6D451ED95B69BD67536DEE861A8C345C701A85ECCDEF5A8AD59A6B9E4C84931A9A7E702219F42B48AA2803F1E63913ACE6E6D5155B3E719B96A94FBCA79AF788A83AD1F871599808C08F50FA0E49F7551CA6326785EBC26CC0F6863671E4443CF9EB09AC1F85D7D330F7F8570D5EA1B880AFBA9F316B1A3E38"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\windows\system32\UI0Detect.exe
c:\windows\system32\wbem\WmiApSrv.exe
c:\windows\system32\conime.exe
.
**************************************************************************
.
Celkový čas: 2014-04-12 10:37:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-12 08:37
.
Před spuštěním: Volných bajtů: 35,143,872,512
Po spuštění: Volných bajtů: 34,953,064,448
.
- - End Of File - - 658379A47137EB5C4ED86A7F378D2A18
5C616939100B85E558DA92B899A0FC36

[joseee]

Tak jsem udelal znova ten textak a pustil.
A znova log z RK


RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows Vista (6.0.6000 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana [Práva správce]
Mód : Odebrat -- Datum : 04/12/2014 11:01:15
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] vntldr.exe -- C:\Users\Jana\AppData\Local\VNT\vntldr.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1652GSX ATA Device +++++
--- User ---
[MBR] 6323fa8f03d298ebeed10025e0fe7900
[BSP] 78cb728ba91b4803c61dd891678ff2d7 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 66571 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 139412072 | Size: 84553 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04122014_110115.txt >>
RKreport[0]_D_04112014_193234.txt;RKreport[0]_D_04112014_195216.txt;RKreport[0]_S_04102014_203609.txt
RKreport[0]_S_04112014_193135.txt;RKreport[0]_S_04112014_195111.txt;RKreport[0]_S_04122014_110049.txt