Kontrola logu a pomoc s načítáním stránek

[joy]

Dobrý den poprosil bych o kontrolu logu. Již delší dobu mám problém s načítáním stránek v jakémkoliv prohlížeči zadám adresu a ta se začne načítat až zhruba po 6-10 vteřinách, prohlížeč však v té době zamrzlí není. Docela mě to rozčiluje, ale formátováním se mi to řešit nechce. Předem děkuji za pomoc nebo jen za kontrolu logu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:08:39, on 19.10.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MaRcoS\Downloads\hijackthis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files\WinZipper\winzipersvc.exe

--
End of file - 6159 bytes

[Reklama]

[Žbeky]

Dělají to všechny prohlížeče?

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[joy]

Ve firefoxu a IE to dělalo také.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.20.03

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
MaRcoS :: NOTEBOOK [administrátor]

Ochrana: Povolena

20.10.2013 14:16:03
MBAM-log-2013-10-20 (14-29-39).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 226549
Uplynulý čas: 13 minut, 2 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 5
C:\Users\MaRcoS\AppData\Roaming\Omiga Plus\wallpaper_components.exe (PUP.Optional.Desk365.A) -> Nebyla provedena žádná instrukce.
C:\Users\MaRcoS\Downloads\YTDSetup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\MaRcoS\Downloads\DTLite-setup.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\MaRcoS\Downloads\setup-ziggygames.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\MaRcoS\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.

(konec)

[joy]

# AdwCleaner v3.009 - Report created 20/10/2013 at 14:36:22
# Updated 19/10/2013 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : MaRcoS - NOTEBOOK
# Running from : C:\Users\MaRcoS\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : winzipersvc

***** [ Files / Folders ] *****

File Found : C:\Users\MaRcoS\AppData\Roaming\Mozilla\Firefox\Profiles\ht4cs84k.default\user.js
File Found : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Found : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
Folder Found C:\Program Files\Omiga Plus
Folder Found C:\Program Files\WinZipper
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Found C:\Users\MaRcoS\AppData\Local\SwvUpdater
Folder Found C:\Users\MaRcoS\AppData\Roaming\337
Folder Found C:\Users\MaRcoS\AppData\Roaming\Omiga Plus
Folder Found C:\Users\MaRcoS\AppData\Roaming\WinZipper

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1375263614 )
Shortcut Found : C:\Users\MaRcoS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1375263614 )
Shortcut Found : C:\Users\MaRcoS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1375263614 )
Shortcut Found : C:\Users\MaRcoS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1375263614 )
Shortcut Found : C:\Users\MaRcoS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1375263614 )

***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\torch
Key Found : HKCU\Software\V9
Key Found : HKCU\Software\wscontb
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Desk 365 RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Omiga Plus RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Desk 365 RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Omiga Plus RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser
Key Found : HKLM\Software\omigaplusSvc
Key Found : HKLM\Software\torch

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16464


-\\ Mozilla Firefox v20.0.1 (cs)

[ File : C:\Users\MaRcoS\AppData\Roaming\Mozilla\Firefox\Profiles\ht4cs84k.default\prefs.js ]


[ File : C:\Users\ostatní\AppData\Roaming\Mozilla\Firefox\Profiles\fr2j4gnj.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\MaRcoS\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4402 octets] - [20/10/2013 14:36:22]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4462 octets] ##########

[memphisto]

V adw i mbam nech vše smazat a dodej logy

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[joy]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.20.03

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
MaRcoS :: NOTEBOOK [administrátor]

Ochrana: Povolena

20.10.2013 16:15:47
mbam-log-2013-10-20 (16-15-47).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 226685
Uplynulý čas: 12 minut, 11 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.Amonetize.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 5
C:\Users\MaRcoS\AppData\Roaming\Omiga Plus\wallpaper_components.exe (PUP.Optional.Desk365.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\MaRcoS\Downloads\YTDSetup.exe (PUP.Optional.Spigot.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\MaRcoS\Downloads\DTLite-setup.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Users\MaRcoS\Downloads\setup-ziggygames.exe (PUP.Optional.Spigot.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\MaRcoS\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.Amonetize.A) -> Přesun do karantény a smazání se zdařilo.

(konec)

[joy]

# AdwCleaner v3.009 - Report created 20/10/2013 at 16:34:42
# Updated 19/10/2013 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : MaRcoS - NOTEBOOK
# Running from : C:\Users\MaRcoS\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : winzipersvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\Omiga Plus
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Users\MaRcoS\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\MaRcoS\AppData\Roaming\337
Folder Deleted : C:\Users\MaRcoS\AppData\Roaming\Omiga Plus
Folder Deleted : C:\Users\MaRcoS\AppData\Roaming\WinZipper
File Deleted : C:\Users\MaRcoS\AppData\Roaming\Mozilla\Firefox\Profiles\ht4cs84k.default\user.js
File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\MaRcoS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\MaRcoS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\MaRcoS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\MaRcoS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94629280-D530-448D-AF89-CFD23656F990}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94629280-D530-448D-AF89-CFD23656F990}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D44CF3AA-8FAB-40A4-8150-5668AE86DD72}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D44CF3AA-8FAB-40A4-8150-5668AE86DD72}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\torch

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16464


-\\ Mozilla Firefox v20.0.1 (cs)

[ File : C:\Users\MaRcoS\AppData\Roaming\Mozilla\Firefox\Profiles\ht4cs84k.default\prefs.js ]


[ File : C:\Users\ostatní\AppData\Roaming\Mozilla\Firefox\Profiles\fr2j4gnj.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\MaRcoS\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4542 octets] - [20/10/2013 14:36:22]
AdwCleaner[R1].txt - [4478 octets] - [20/10/2013 16:33:22]
AdwCleaner[S0].txt - [3927 octets] - [20/10/2013 16:34:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3987 octets] ##########

[joy]

RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7600 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : MaRcoS [Práva správce]
Mód : Kontrola -- Datum : 10/20/2013 16:46:20
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[EXT RUN][SUSP PATH] HKCU\ostatní_ON_D:\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\ostatní\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[EXT RUN][SUSP PATH] HKCU\ostatní_ON_D:\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\ostatní\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] SSDT[70] : NtCreateKey @ 0x82E0EFEC -> HOOKED (C:\Windows\System32\drivers\aksfridge.sys @ 0x9BDB3610)
[Inline] SSDT[182] : NtOpenKey @ 0x82E0EFF1 -> HOOKED (C:\Windows\System32\drivers\aksfridge.sys @ 0x9BD89A18)
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F70CD4)

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\MaRcoS\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\ostatní\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - TOSHIBA MK3252GSX ATA Device +++++
--- User ---
[MBR] 1f09cf50234776598a2ec1819c9216a7
[BSP] 5d82cbe7953de07822b469376118a5c6 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 152463 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 315318272 | Size: 151280 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10202013_164620.txt >>

[joy]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Ultimate x86
Ran by MaRcoS on ne 20.10.2013 at 16:52:14,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstaller_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ FireFox

Emptied folder: C:\Users\MaRcoS\AppData\Roaming\mozilla\firefox\profiles\ht4cs84k.default\minidumps [6 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\MaRcoS\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 20.10.2013 at 16:55:59,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:zev souboru: zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[joy]

RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7600 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : MaRcoS [Práva správce]
Mód : Odebrat -- Datum : 10/22/2013 21:31:30
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[EXT RUN][SUSP PATH] HKCU\ostatní_ON_D:\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\ostatní\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[EXT RUN][SUSP PATH] HKCU\ostatní_ON_D:\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\ostatní\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F70CD4)

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\MaRcoS\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\ostatní\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - TOSHIBA MK3252GSX ATA Device +++++
--- User ---
[MBR] 1f09cf50234776598a2ec1819c9216a7
[BSP] 5d82cbe7953de07822b469376118a5c6 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 152463 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 315318272 | Size: 151280 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10222013_213130.txt >>
RKreport[0]_S_10202013_164620.txt;RKreport[0]_S_10222013_212010.txt;RKreport[0]_S_10222013_212945.txt

[joy]

21:56:26.0952 0216 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:56:29.0186 0216 ============================================================
21:56:29.0186 0216 Current date / time: 2013/10/22 21:56:29.0186
21:56:29.0186 0216 SystemInfo:
21:56:29.0186 0216
21:56:29.0186 0216 OS Version: 6.1.7600 ServicePack: 0.0
21:56:29.0186 0216 Product type: Workstation
21:56:29.0186 0216 ComputerName: NOTEBOOK
21:56:29.0186 0216 UserName: MaRcoS
21:56:29.0186 0216 Windows directory: C:\Windows
21:56:29.0186 0216 System windows directory: C:\Windows
21:56:29.0186 0216 Processor architecture: Intel x86
21:56:29.0186 0216 Number of processors: 2
21:56:29.0186 0216 Page size: 0x1000
21:56:29.0186 0216 Boot type: Normal boot
21:56:29.0186 0216 ============================================================
21:56:30.0247 0216 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:56:30.0263 0216 ============================================================
21:56:30.0263 0216 \Device\Harddisk0\DR0:
21:56:30.0263 0216 MBR partitions:
21:56:30.0263 0216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x129C7800
21:56:30.0263 0216 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12CB6000, BlocksNum 0x127782B0
21:56:30.0263 0216 ============================================================
21:56:30.0325 0216 C: <-> \Device\Harddisk0\DR0\Partition1
21:56:30.0372 0216 D: <-> \Device\Harddisk0\DR0\Partition2
21:56:30.0372 0216 ============================================================
21:56:30.0372 0216 Initialize success
21:56:30.0372 0216 ============================================================
21:56:38.0437 5552 ============================================================
21:56:38.0437 5552 Scan started
21:56:38.0437 5552 Mode: Manual;
21:56:38.0437 5552 ============================================================
21:56:39.0170 5552 ================ Scan system memory ========================
21:56:39.0170 5552 System memory - ok
21:56:39.0170 5552 ================ Scan services =============================
21:56:39.0342 5552 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:56:39.0342 5552 1394ohci - ok
21:56:39.0358 5552 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:56:39.0373 5552 ACPI - ok
21:56:39.0389 5552 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:56:39.0389 5552 AcpiPmi - ok
21:56:39.0436 5552 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:56:39.0451 5552 AdobeARMservice - ok
21:56:39.0482 5552 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:56:39.0482 5552 AdobeFlashPlayerUpdateSvc - ok
21:56:39.0545 5552 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:56:39.0545 5552 adp94xx - ok
21:56:39.0576 5552 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:56:39.0576 5552 adpahci - ok
21:56:39.0592 5552 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:56:39.0607 5552 adpu320 - ok
21:56:39.0638 5552 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:56:39.0638 5552 AeLookupSvc - ok
21:56:39.0670 5552 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
21:56:39.0685 5552 AFD - ok
21:56:39.0716 5552 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:56:39.0716 5552 agp440 - ok
21:56:39.0732 5552 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
21:56:39.0748 5552 aic78xx - ok
21:56:39.0779 5552 [ 45F65F2F7AE28E5E56AB64E3AC61BD52 ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
21:56:39.0779 5552 aksfridge - ok
21:56:39.0810 5552 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:56:39.0826 5552 ALG - ok
21:56:39.0841 5552 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:56:39.0841 5552 aliide - ok
21:56:39.0872 5552 [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:56:39.0872 5552 AMD External Events Utility - ok
21:56:39.0904 5552 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
21:56:39.0904 5552 amdagp - ok
21:56:39.0935 5552 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:56:39.0935 5552 amdide - ok
21:56:39.0950 5552 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:56:39.0950 5552 AmdK8 - ok
21:56:39.0966 5552 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:56:39.0966 5552 AmdPPM - ok
21:56:40.0013 5552 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:56:40.0013 5552 amdsata - ok
21:56:40.0028 5552 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:56:40.0028 5552 amdsbs - ok
21:56:40.0060 5552 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:56:40.0060 5552 amdxata - ok
21:56:40.0091 5552 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
21:56:40.0091 5552 AppID - ok
21:56:40.0122 5552 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:56:40.0122 5552 AppIDSvc - ok
21:56:40.0153 5552 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
21:56:40.0153 5552 Appinfo - ok
21:56:40.0184 5552 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:56:40.0184 5552 AppMgmt - ok
21:56:40.0216 5552 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:56:40.0216 5552 arc - ok
21:56:40.0247 5552 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:56:40.0247 5552 arcsas - ok
21:56:40.0340 5552 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:56:40.0356 5552 aspnet_state - ok
21:56:40.0372 5552 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:56:40.0372 5552 AsyncMac - ok
21:56:40.0387 5552 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:56:40.0403 5552 atapi - ok
21:56:40.0450 5552 [ AC4ADAC154563AB41CC79B0257BC685A ] athr C:\Windows\system32\DRIVERS\athr.sys
21:56:40.0465 5552 athr - ok
21:56:40.0652 5552 [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:56:40.0715 5552 atikmdag - ok
21:56:40.0746 5552 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:56:40.0762 5552 AudioEndpointBuilder - ok
21:56:40.0777 5552 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:56:40.0777 5552 Audiosrv - ok
21:56:40.0808 5552 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:56:40.0808 5552 AxInstSV - ok
21:56:40.0840 5552 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
21:56:40.0855 5552 b06bdrv - ok
21:56:40.0871 5552 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:56:40.0886 5552 b57nd60x - ok
21:56:40.0902 5552 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:56:40.0902 5552 BDESVC - ok
21:56:40.0933 5552 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:56:40.0933 5552 Beep - ok
21:56:40.0980 5552 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
21:56:40.0996 5552 BFE - ok
21:56:41.0042 5552 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
21:56:41.0058 5552 BITS - ok
21:56:41.0089 5552 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:56:41.0089 5552 blbdrive - ok
21:56:41.0120 5552 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:56:41.0120 5552 bowser - ok
21:56:41.0136 5552 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:56:41.0136 5552 BrFiltLo - ok
21:56:41.0167 5552 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:56:41.0167 5552 BrFiltUp - ok
21:56:41.0198 5552 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
21:56:41.0198 5552 Browser - ok
21:56:41.0230 5552 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:56:41.0230 5552 Brserid - ok
21:56:41.0245 5552 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:56:41.0245 5552 BrSerWdm - ok
21:56:41.0261 5552 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:56:41.0261 5552 BrUsbMdm - ok
21:56:41.0292 5552 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:56:41.0292 5552 BrUsbSer - ok
21:56:41.0323 5552 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:56:41.0323 5552 BthEnum - ok
21:56:41.0339 5552 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:56:41.0339 5552 BTHMODEM - ok
21:56:41.0370 5552 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:56:41.0386 5552 BthPan - ok
21:56:41.0417 5552 [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:56:41.0417 5552 BTHPORT - ok
21:56:41.0464 5552 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:56:41.0464 5552 bthserv - ok
21:56:41.0495 5552 [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:56:41.0495 5552 BTHUSB - ok
21:56:41.0526 5552 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:56:41.0526 5552 cdfs - ok
21:56:41.0542 5552 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:56:41.0542 5552 cdrom - ok
21:56:41.0573 5552 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
21:56:41.0573 5552 CertPropSvc - ok
21:56:41.0588 5552 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:56:41.0588 5552 circlass - ok
21:56:41.0620 5552 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:56:41.0635 5552 CLFS - ok
21:56:41.0651 5552 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:56:41.0651 5552 clr_optimization_v2.0.50727_32 - ok
21:56:41.0713 5552 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:56:41.0729 5552 clr_optimization_v4.0.30319_32 - ok
21:56:41.0760 5552 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:56:41.0760 5552 CmBatt - ok
21:56:41.0776 5552 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:56:41.0776 5552 cmdide - ok
21:56:41.0822 5552 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
21:56:41.0822 5552 CNG - ok
21:56:41.0838 5552 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:56:41.0838 5552 Compbatt - ok
21:56:41.0854 5552 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:56:41.0854 5552 CompositeBus - ok
21:56:41.0869 5552 COMSysApp - ok
21:56:41.0885 5552 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:56:41.0885 5552 crcdisk - ok
21:56:41.0932 5552 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:56:41.0932 5552 CryptSvc - ok
21:56:41.0963 5552 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
21:56:41.0963 5552 CSC - ok
21:56:42.0010 5552 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
21:56:42.0010 5552 CscService - ok
21:56:42.0072 5552 [ A5BEA0E5C297F5F3835638A87E512FBA ] CTDevice_Srv C:\Program Files\Creative\Shared Files\CTDevSrv.exe
21:56:42.0072 5552 CTDevice_Srv - ok
21:56:42.0119 5552 [ 8E26D772F53B7883A651E0E4A9598F21 ] CTUPnPSv C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
21:56:42.0119 5552 CTUPnPSv - ok
21:56:42.0150 5552 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys
21:56:42.0150 5552 CVirtA - ok
21:56:42.0197 5552 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
21:56:42.0197 5552 DcomLaunch - ok
21:56:42.0244 5552 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:56:42.0259 5552 defragsvc - ok
21:56:42.0290 5552 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:56:42.0290 5552 DfsC - ok
21:56:42.0322 5552 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:56:42.0322 5552 Dhcp - ok
21:56:42.0353 5552 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:56:42.0353 5552 discache - ok
21:56:42.0384 5552 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:56:42.0384 5552 Disk - ok
21:56:42.0400 5552 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\Windows\system32\DRIVERS\dne2000.sys
21:56:42.0415 5552 DNE - ok
21:56:42.0462 5552 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:56:42.0462 5552 Dnscache - ok
21:56:42.0509 5552 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
21:56:42.0509 5552 dot3svc - ok
21:56:42.0540 5552 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
21:56:42.0540 5552 DPS - ok
21:56:42.0571 5552 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:56:42.0571 5552 drmkaud - ok
21:56:42.0602 5552 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:56:42.0618 5552 dtsoftbus01 - ok
21:56:42.0665 5552 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:56:42.0665 5552 DXGKrnl - ok
21:56:42.0712 5552 [ 04238864710460C5682E260207D06192 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
21:56:42.0712 5552 eamonm - ok
21:56:42.0743 5552 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:56:42.0743 5552 EapHost - ok
21:56:42.0868 5552 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
21:56:42.0899 5552 ebdrv - ok
21:56:42.0946 5552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
21:56:42.0946 5552 EFS - ok
21:56:43.0008 5552 [ DEFF87F04AB5F6DD5EDF2B80853BBE10 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
21:56:43.0008 5552 ehdrv - ok
21:56:43.0242 5552 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:56:43.0336 5552 ehRecvr - ok
21:56:43.0398 5552 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:56:43.0398 5552 ehSched - ok
21:56:43.0476 5552 [ F0EEBAC2F362AA866188A1C0EF819CB9 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
21:56:43.0492 5552 ekrn - ok
21:56:43.0538 5552 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:56:43.0538 5552 elxstor - ok
21:56:43.0570 5552 [ 5BA193CA0AE31209AAA39939CE6736B2 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
21:56:43.0570 5552 epfw - ok
21:56:43.0616 5552 [ 9CEFD59C8E5EBFB48165AEF54617F539 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
21:56:43.0616 5552 EpfwLWF - ok
21:56:43.0632 5552 [ 7144A06AC105A2A7302944602E415EC1 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
21:56:43.0648 5552 epfwwfp - ok
21:56:43.0663 5552 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:56:43.0663 5552 ErrDev - ok
21:56:43.0710 5552 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:56:43.0726 5552 EventSystem - ok
21:56:43.0757 5552 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:56:43.0757 5552 exfat - ok
21:56:43.0788 5552 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:56:43.0788 5552 fastfat - ok
21:56:43.0819 5552 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
21:56:43.0835 5552 Fax - ok
21:56:43.0866 5552 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:56:43.0866 5552 fdc - ok
21:56:43.0882 5552 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:56:43.0882 5552 fdPHost - ok
21:56:43.0913 5552 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:56:43.0913 5552 FDResPub - ok
21:56:43.0928 5552 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:56:43.0928 5552 FileInfo - ok
21:56:43.0944 5552 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:56:43.0944 5552 Filetrace - ok
21:56:43.0960 5552 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:56:43.0960 5552 flpydisk - ok
21:56:43.0991 5552 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:56:44.0006 5552 FltMgr - ok
21:56:44.0053 5552 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
21:56:44.0069 5552 FontCache - ok
21:56:44.0116 5552 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:56:44.0116 5552 FontCache3.0.0.0 - ok
21:56:44.0147 5552 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:56:44.0147 5552 FsDepends - ok
21:56:44.0178 5552 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:56:44.0178 5552 Fs_Rec - ok
21:56:44.0209 5552 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:56:44.0209 5552 fvevol - ok
21:56:44.0240 5552 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:56:44.0240 5552 gagp30kx - ok
21:56:44.0287 5552 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
21:56:44.0303 5552 gpsvc - ok
21:56:44.0334 5552 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:56:44.0334 5552 gupdate - ok
21:56:44.0334 5552 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:56:44.0350 5552 gupdatem - ok
21:56:44.0396 5552 [ 995178A443B07FA9EEAEA041D7B4B5CA ] hardlock C:\Windows\system32\drivers\hardlock.sys
21:56:44.0412 5552 hardlock - ok
21:56:44.0412 5552 hasplms - ok
21:56:44.0443 5552 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:56:44.0459 5552 hcw85cir - ok
21:56:44.0490 5552 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:56:44.0490 5552 HdAudAddService - ok
21:56:44.0506 5552 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:56:44.0506 5552 HDAudBus - ok
21:56:44.0537 5552 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:56:44.0537 5552 HidBatt - ok
21:56:44.0552 5552 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:56:44.0552 5552 HidBth - ok
21:56:44.0584 5552 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:56:44.0584 5552 HidIr - ok
21:56:44.0615 5552 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:56:44.0615 5552 hidserv - ok
21:56:44.0662 5552 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:56:44.0662 5552 HidUsb - ok
21:56:44.0693 5552 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:56:44.0693 5552 hkmsvc - ok
21:56:44.0724 5552 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:56:44.0724 5552 HomeGroupListener - ok
21:56:44.0771 5552 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:56:44.0786 5552 HomeGroupProvider - ok
21:56:44.0818 5552 [ 1135AAF90CF543672C8C1A28CCD9B5D4 ] HP8107Fltr C:\Windows\system32\DRIVERS\HP8107.sys
21:56:44.0818 5552 HP8107Fltr - ok
21:56:44.0833 5552 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:56:44.0833 5552 HpSAMD - ok
21:56:44.0864 5552 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:56:44.0880 5552 HTTP - ok
21:56:44.0911 5552 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:56:44.0911 5552 hwpolicy - ok
21:56:44.0927 5552 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:56:44.0927 5552 i8042prt - ok
21:56:44.0958 5552 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:56:44.0958 5552 iaStorV - ok
21:56:45.0036 5552 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:56:45.0036 5552 IDriverT - ok
21:56:45.0098 5552 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:56:45.0114 5552 idsvc - ok
21:56:45.0161 5552 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:56:45.0161 5552 iirsp - ok
21:56:45.0223 5552 [ CE1EE31FFF730CA975A5535D8A71AF61 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
21:56:45.0239 5552 IJPLMSVC - ok
21:56:45.0286 5552 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
21:56:45.0286 5552 IKEEXT - ok
21:56:45.0317 5552 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:56:45.0317 5552 intelide - ok
21:56:45.0332 5552 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:56:45.0332 5552 intelppm - ok
21:56:45.0364 5552 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:56:45.0364 5552 IPBusEnum - ok
21:56:45.0410 5552 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:45.0410 5552 IpFilterDriver - ok
21:56:45.0426 5552 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:56:45.0442 5552 iphlpsvc - ok
21:56:45.0473 5552 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:56:45.0473 5552 IPMIDRV - ok
21:56:45.0488 5552 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:56:45.0504 5552 IPNAT - ok
21:56:45.0520 5552 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:56:45.0520 5552 IRENUM - ok
21:56:45.0535 5552 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:56:45.0535 5552 isapnp - ok
21:56:45.0551 5552 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:56:45.0551 5552 iScsiPrt - ok
21:56:45.0582 5552 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:56:45.0582 5552 kbdclass - ok
21:56:45.0613 5552 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:56:45.0613 5552 kbdhid - ok
21:56:45.0644 5552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
21:56:45.0644 5552 KeyIso - ok
21:56:45.0691 5552 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:56:45.0691 5552 KSecDD - ok
21:56:45.0707 5552 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:56:45.0707 5552 KSecPkg - ok
21:56:45.0754 5552 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:56:45.0769 5552 KtmRm - ok
21:56:45.0832 5552 [ BA93C7E59FCB14A8A004EC3448060EF1 ] kvpndev C:\Windows\system32\DRIVERS\kvpndrv.sys
21:56:45.0832 5552 kvpndev - ok
21:56:45.0878 5552 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
21:56:45.0878 5552 LanmanServer - ok
21:56:45.0910 5552 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:56:45.0910 5552 LanmanWorkstation - ok
21:56:45.0956 5552 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:56:45.0956 5552 lltdio - ok
21:56:45.0988 5552 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:56:45.0988 5552 lltdsvc - ok
21:56:46.0003 5552 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:56:46.0003 5552 lmhosts - ok
21:56:46.0034 5552 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:56:46.0034 5552 LSI_FC - ok
21:56:46.0066 5552 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:56:46.0066 5552 LSI_SAS - ok
21:56:46.0097 5552 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:56:46.0097 5552 LSI_SAS2 - ok
21:56:46.0112 5552 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:56:46.0112 5552 LSI_SCSI - ok
21:56:46.0159 5552 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:56:46.0159 5552 luafv - ok
21:56:46.0206 5552 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:56:46.0206 5552 MBAMProtector - ok
21:56:46.0268 5552 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:56:46.0284 5552 MBAMScheduler - ok
21:56:46.0331 5552 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:56:46.0331 5552 MBAMService - ok
21:56:46.0378 5552 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:56:46.0378 5552 Mcx2Svc - ok
21:56:46.0409 5552 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:56:46.0409 5552 megasas - ok
21:56:46.0440 5552 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:56:46.0440 5552 MegaSR - ok
21:56:46.0487 5552 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:56:46.0487 5552 Microsoft Office Groove Audit Service - ok
21:56:46.0518 5552 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:56:46.0518 5552 MMCSS - ok
21:56:46.0534 5552 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:56:46.0534 5552 Modem - ok
21:56:46.0549 5552 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:56:46.0549 5552 monitor - ok
21:56:46.0580 5552 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:56:46.0580 5552 mouclass - ok
21:56:46.0596 5552 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:56:46.0596 5552 mouhid - ok
21:56:46.0612 5552 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:56:46.0612 5552 mountmgr - ok
21:56:46.0705 5552 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:56:46.0705 5552 MozillaMaintenance - ok
21:56:46.0736 5552 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:56:46.0736 5552 mpio - ok
21:56:46.0768 5552 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:56:46.0768 5552 mpsdrv - ok
21:56:46.0814 5552 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
21:56:46.0830 5552 MpsSvc - ok
21:56:46.0846 5552 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:56:46.0861 5552 MRxDAV - ok
21:56:46.0892 5552 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:56:46.0892 5552 mrxsmb - ok
21:56:46.0924 5552 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:56:46.0924 5552 mrxsmb10 - ok
21:56:46.0939 5552 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:56:46.0939 5552 mrxsmb20 - ok
21:56:46.0955 5552 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:56:46.0971 5552 msahci - ok
21:56:46.0986 5552 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:56:46.0986 5552 msdsm - ok
21:56:47.0033 5552 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:56:47.0049 5552 MSDTC - ok
21:56:47.0064 5552 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:56:47.0064 5552 Msfs - ok
21:56:47.0095 5552 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:56:47.0095 5552 mshidkmdf - ok
21:56:47.0095 5552 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:56:47.0095 5552 msisadrv - ok
21:56:47.0142 5552 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:56:47.0142 5552 MSiSCSI - ok
21:56:47.0158 5552 msiserver - ok
21:56:47.0173 5552 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:56:47.0173 5552 MSKSSRV - ok
21:56:47.0205 5552 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:56:47.0205 5552 MSPCLOCK - ok
21:56:47.0220 5552 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:56:47.0220 5552 MSPQM - ok
21:56:47.0251 5552 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:56:47.0251 5552 MsRPC - ok
21:56:47.0267 5552 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:56:47.0267 5552 mssmbios - ok
21:56:47.0298 5552 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:56:47.0298 5552 MSTEE - ok
21:56:47.0314 5552 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:56:47.0314 5552 MTConfig - ok
21:56:47.0345 5552 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:56:47.0345 5552 Mup - ok
21:56:47.0392 5552 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
21:56:47.0407 5552 napagent - ok
21:56:47.0439 5552 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:56:47.0439 5552 NativeWifiP - ok
21:56:47.0485 5552 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:56:47.0485 5552 NDIS - ok
21:56:47.0517 5552 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:56:47.0517 5552 NdisCap - ok
21:56:47.0532 5552 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:56:47.0532 5552 NdisTapi - ok
21:56:47.0548 5552 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:56:47.0563 5552 Ndisuio - ok
21:56:47.0563 5552 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:47.0563 5552 NdisWan - ok
21:56:47.0579 5552 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:56:47.0595 5552 NDProxy - ok
21:56:47.0610 5552 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:56:47.0610 5552 NetBIOS - ok
21:56:47.0626 5552 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:56:47.0641 5552 NetBT - ok
21:56:47.0657 5552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
21:56:47.0657 5552 Netlogon - ok
21:56:47.0704 5552 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:56:47.0704 5552 Netman - ok