PC-HELP.CZ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:44:42, on 19.10.2013
Platform: Windows 7 SP3 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
CHROME: 30.0.1599.101

Boot mode: Normal

Running processes:
C:\Windows\MHotKey.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Mumble\mumble.exe
C:\Games\World_of_Tanks\WorldOfTanks.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Uzivatel\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... 2&st=bs&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... 2&st=bs&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... 2&st=bs&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... e&tid=3192
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... 2&st=bs&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... 2&st=bs&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... 2&st=bs&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... 2&st=bs&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... 2&st=bs&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Uzivatel\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BitAccelerator - {CAC42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll (file missing)
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7D12EEA-3715-49ED-B9DE-C00C397FFCDA}: NameServer = 82.144.128.1,82.144.129.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: c:\progra~2\gadgetbox\sprotector.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iWinTrusted - Unknown owner - E:\Program Files\iWin Games\iWinTrusted.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12086 bytes





Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.19.04

Windows 7 Service Pack 3 x64 NTFS
Internet Explorer 10.0.9200.16721
Uzivatel :: JARIN [administrátor]

19.10.2013 21:15:13
MBAM-log-2013-10-19 (21-47-00).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 215356
Uplynulý čas: 13 minut, 51 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 13
HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6} (PUP.Optional.EasyLife.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6} (PUP.Optional.EasyLife.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{CAC42510-9B41-42c1-9DCD-7282A2D07C61} (Trojan.BHO) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{3AC7D000-0444-4011-A43C-D7796E97E0D1} (Trojan.BHO) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{334C6DE3-3FE2-4ED4-9D51-538C3A55E706} (Trojan.BHO) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 11111111 -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 11111111 -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 9
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://search.certified-toolbar.com?si= ... e&tid=3192) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com/) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com/) -> Nebyla provedena žádná instrukce.

Nalezené složky: 6
C:\ProgramData\DOWNLOADNSAVE (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\ProgramData\DOWNLOADNSAVE\data (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\BITACCELERATOR (Trojan.BHO) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TARMA INSTALLER (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9} (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Cache (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 36
C:\ProgramData\DownloadnSave\bhoclass.dll (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\optimizer.exe (PUP.Optional.OptimizePro.A) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderDDLR.exe (Trojan.DirectDownloader) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderOFFER0.exe (Trojan.DirectDownloader) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderOFFER1.exe (Trojan.DirectDownloader) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderOFFER2.exe (Trojan.DirectDownloader) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderSTUB.exe (Trojan.DirectDownloader) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\optimizer.exe (PUP.Optional.OptimizePro.A) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\stub.exe (Adware.DirectDownloader) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\updater.exe (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\0x0008-gta4cr.rar (Packer.ModifiedUPX) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\4shared_desktop_3.3.5.exe (PUP.Optional.4Shared) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\4shared_Desktop_3.3.5M.exe (PUP.Optional.4Shared) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\GotClip_Setup (1).exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\GotClip_Setup.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\GTA.IV.Crack.Securom.Bypass.Launcher.UBER-PROPER-FeD0R.rar (Packer.ModifiedUPX) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\jdk_6u35_windows_i586_exe.exe (Adware.DirectDownloader) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\keygen-rig-n-roll.rar (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\Downloads\rcpsetup_dcomnewupdr728_dcomnewupdr728.exe (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\Uzivatel\AppData\Roaming\MSNSVCONFIG.TXT (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\winrtsnr.txt (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\winrtsnr.txt (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\t4.exe (Spyware.OnlineGames) -> Nebyla provedena žádná instrukce.
C:\ProgramData\DOWNLOADNSAVE\content.js (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\ProgramData\DOWNLOADNSAVE\background.html (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\ProgramData\DOWNLOADNSAVE\namehpjphchkdhandfijckhfbooibkgg.crx (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\ProgramData\DOWNLOADNSAVE\settings.ini (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\ProgramData\DOWNLOADNSAVE\data\content.js (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\ProgramData\DOWNLOADNSAVE\data\jsondb.js (PUP.DownloadnSave) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\BITACCELERATOR\BitAccelerator.dll (Trojan.BHO) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.dat (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.ico (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.

(konec)

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.19.04

Windows 7 Service Pack 3 x64 NTFS
Internet Explorer 10.0.9200.16721
Uzivatel :: JARIN [administrátor]

20.10.2013 14:00:33
mbam-log-2013-10-20 (14-00-33).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 215175
Uplynulý čas: 12 minut, 49 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 13
HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6} (PUP.Optional.EasyLife.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6} (PUP.Optional.EasyLife.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{CAC42510-9B41-42c1-9DCD-7282A2D07C61} (Trojan.BHO) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{3AC7D000-0444-4011-A43C-D7796E97E0D1} (Trojan.BHO) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{334C6DE3-3FE2-4ED4-9D51-538C3A55E706} (Trojan.BHO) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 11111111 -> Přesun do karantény a smazání se zdařilo.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 11111111 -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 9
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://search.certified-toolbar.com?si= ... e&tid=3192) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com/) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... 2&st=bs&q=) Dobrý: (http://www.google.com/) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 6
C:\ProgramData\DOWNLOADNSAVE (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\DOWNLOADNSAVE\data (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\BITACCELERATOR (Trojan.BHO) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TARMA INSTALLER (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9} (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Cache (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 36
C:\ProgramData\DownloadnSave\bhoclass.dll (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\optimizer.exe (PUP.Optional.OptimizePro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderDDLR.exe (Trojan.DirectDownloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderOFFER0.exe (Trojan.DirectDownloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderOFFER1.exe (Trojan.DirectDownloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderOFFER2.exe (Trojan.DirectDownloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\downloaderSTUB.exe (Trojan.DirectDownloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\optimizer.exe (PUP.Optional.OptimizePro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\stub.exe (Adware.DirectDownloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Local\Temp\449666b2277ebd987e114123b2c94812\updater.exe (Trojan.BitMiner) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\0x0008-gta4cr.rar (Packer.ModifiedUPX) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\4shared_desktop_3.3.5.exe (PUP.Optional.4Shared) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\4shared_Desktop_3.3.5M.exe (PUP.Optional.4Shared) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\GotClip_Setup (1).exe (PUP.Adware.Gotclip.ScamLotto) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\GotClip_Setup.exe (PUP.Adware.Gotclip.ScamLotto) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\GTA.IV.Crack.Securom.Bypass.Launcher.UBER-PROPER-FeD0R.rar (Packer.ModifiedUPX) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\jdk_6u35_windows_i586_exe.exe (Adware.DirectDownloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\keygen-rig-n-roll.rar (RiskWare.Tool.CK) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\Downloads\rcpsetup_dcomnewupdr728_dcomnewupdr728.exe (PUP.Optional.RegCleanerPro) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Uzivatel\AppData\Roaming\MSNSVCONFIG.TXT (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\winrtsnr.txt (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\SysWOW64\winrtsnr.txt (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\t4.exe (Spyware.OnlineGames) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\DOWNLOADNSAVE\content.js (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\DOWNLOADNSAVE\background.html (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\DOWNLOADNSAVE\namehpjphchkdhandfijckhfbooibkgg.crx (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\DOWNLOADNSAVE\settings.ini (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\DOWNLOADNSAVE\data\content.js (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\DOWNLOADNSAVE\data\jsondb.js (PUP.DownloadnSave) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\BITACCELERATOR\BitAccelerator.dll (Trojan.BHO) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.dat (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.ico (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\TARMA INSTALLER\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.

(konec)

# AdwCleaner v3.003 - Report created 20/10/2013 at 14:52:49
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 3 (64 bits)
# Username : Uzivatel - JARIN
# Running from : C:\Users\Uzivatel\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml
File Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\bdxbmfzi.default\searchplugins\Web Search.xml
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\bdxbmfzi.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Found : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\bdxbmfzi.default\Extensions\toolbar@ask.com
Folder Found C:\Program Files (x86)\Ask.com
Folder Found C:\Program Files (x86)\Complitly
Folder Found C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found C:\Program Files (x86)\Red Sky
Folder Found C:\Program Files\Windows Sidebar\Shared Gadgets\gadgetbox.gadget
Folder Found C:\ProgramData\Alawar Stargaze
Folder Found C:\ProgramData\AlawarWrapper
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\ClickIT
Folder Found C:\ProgramData\GadgetBox
Folder Found C:\ProgramData\Premium
Folder Found C:\ProgramData\Trymedia
Folder Found C:\Users\Uzivatel\AppData\Local\apn
Folder Found C:\Users\Uzivatel\AppData\Local\AskToolbar
Folder Found C:\Users\Uzivatel\AppData\Local\DownTango
Folder Found C:\Users\Uzivatel\AppData\Local\PackageAware
Folder Found C:\Users\Uzivatel\AppData\LocalLow\AskToolbar
Folder Found C:\Users\Uzivatel\AppData\LocalLow\SimplyTech
Folder Found C:\Users\Uzivatel\AppData\Roaming\Complitly
Folder Found C:\Users\Uzivatel\AppData\Roaming\iWin
Folder Found C:\Users\Uzivatel\AppData\Roaming\SendSpace
Folder Found C:\Users\Uzivatel\AppData\Roaming\Systweak

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\simplytech
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Complitly
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\Complitly
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_57da8c42
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\TENCENT
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... e&tid=3192
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... e&tid=3192
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si= ... e&tid=3192
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... e&tid=3192
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si= ... 2&st=bs&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si= ... 2&st=bs&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si= ... e&tid=3192
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... e&tid=3192
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si= ... 2&st=bs&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si= ... 2&st=bs&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si= ... id=3192&q=%s
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si= ... id=3192&q=%s

-\\ Mozilla Firefox v

[ File : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\bdxbmfzi.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Web Search");
Line Found : user_pref("browser.search.defaultengine", "Web Search");
Line Found : user_pref("browser.search.selectedEngine", "Web Search");
Line Found : user_pref("browser.search.order.1", "Web Search");
Line Found : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&st=home&tid=3192");
Line Found : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=3192&st=bs&q=");

-\\ Google Chrome v

[ File : C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage

*************************

AdwCleaner[R0].txt - [12394 octets] - [20/10/2013 14:52:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12455 octets] ##########

tak jsem to spletl a neuložil jsem ten AdwCleaner na plochu,je to chyba?Protože mi něco psal a ja dal vyčistit.Omlouvám se.

v adw nech vše smazat a dodej log

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

# AdwCleaner v3.009 - Report created 20/10/2013 at 17:01:00
# Updated 19/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 3 (64 bits)
# Username : Uzivatel - JARIN
# Running from : C:\Users\Uzivatel\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v

[ File : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\bdxbmfzi.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12584 octets] - [20/10/2013 14:52:49]
AdwCleaner[R1].txt - [2688 octets] - [20/10/2013 15:25:51]
AdwCleaner[R2].txt - [1183 octets] - [20/10/2013 17:00:06]
AdwCleaner[S0].txt - [11687 octets] - [20/10/2013 15:12:35]
AdwCleaner[S1].txt - [2791 octets] - [20/10/2013 15:30:40]
AdwCleaner[S2].txt - [1107 octets] - [20/10/2013 17:01:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1167 octets] ##########

RogueKiller V8.7.4 _x64_ [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 3) 64 bits version
Spuštěno v : Normální režim
Uživatel : Uzivatel [Práva správce]
Mód : Kontrola -- Datum : 10/20/2013 17:10:27
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{E7D12EEA-3715-49ED-B9DE-C00C397FFCDA} : NameServer (82.144.128.1,82.144.129.1) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{E7D12EEA-3715-49ED-B9DE-C00C397FFCDA} : NameServer (82.144.128.1,82.144.129.1) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{E7D12EEA-3715-49ED-B9DE-C00C397FFCDA} : NameServer (82.144.128.1,82.144.129.1) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] MHotkey : %SystemRoot%\MHotKey.exe [x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD15EADS-65P8B0 ATA Device +++++
--- User ---
[MBR] 5cb87347a4c64d7ec47861883030e373
[BSP] f7b9c95a29f70b0031077d2504e75604 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1430697 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10202013_171027.txt >>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Uzivatel on ne 20.10.2013 at 17:16:40,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Uzivatel\appdata\local\directdownloader"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Uzivatel\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 20.10.2013 at 17:22:51,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

RogueKiller V8.7.4 _x64_ [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 3) 64 bits version
Spuštěno v : Normální režim
Uživatel : Uzivatel [Práva správce]
Mód : Odebrat -- Datum : 10/21/2013 22:42:30
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] mHotkey.exe -- C:\Windows\mHotkey.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] ChiFuncExt.exe -- C:\Windows\ChiFuncExt.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD15EADS-65P8B0 ATA Device +++++
--- User ---
[MBR] 5cb87347a4c64d7ec47861883030e373
[BSP] f7b9c95a29f70b0031077d2504e75604 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1430697 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10212013_224230.txt >>
RKreport[0]_D_10202013_171404.txt;RKreport[0]_S_10202013_171027.txt;RKreport[0]_S_10212013_224140.txt

22:53:05.0010 0852 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:53:06.0399 0852 ============================================================
22:53:06.0399 0852 Current date / time: 2013/10/21 22:53:06.0399
22:53:06.0414 0852 SystemInfo:
22:53:06.0414 0852
22:53:06.0414 0852 OS Version: 6.1.7601 ServicePack: 3.0
22:53:06.0414 0852 Product type: Workstation
22:53:06.0414 0852 ComputerName: JARIN
22:53:06.0414 0852 UserName: Uzivatel
22:53:06.0414 0852 Windows directory: C:\Windows
22:53:06.0414 0852 System windows directory: C:\Windows
22:53:06.0414 0852 Running under WOW64
22:53:06.0414 0852 Processor architecture: Intel x64
22:53:06.0414 0852 Number of processors: 4
22:53:06.0414 0852 Page size: 0x1000
22:53:06.0414 0852 Boot type: Normal boot
22:53:06.0414 0852 ============================================================
22:53:07.0709 0852 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:53:07.0725 0852 ============================================================
22:53:07.0725 0852 \Device\Harddisk0\DR0:
22:53:07.0725 0852 MBR partitions:
22:53:07.0725 0852 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:53:07.0725 0852 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAEA54800
22:53:07.0725 0852 ============================================================
22:53:07.0740 0852 C: <-> \Device\Harddisk0\DR0\Partition2
22:53:07.0740 0852 ============================================================
22:53:07.0740 0852 Initialize success
22:53:07.0740 0852 ============================================================
22:53:15.0556 2220 ============================================================
22:53:15.0556 2220 Scan started
22:53:15.0556 2220 Mode: Manual;
22:53:15.0556 2220 ============================================================
22:53:16.0320 2220 ================ Scan system memory ========================
22:53:16.0320 2220 System memory - ok
22:53:16.0320 2220 ================ Scan services =============================
22:53:16.0430 2220 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:53:16.0445 2220 1394ohci - ok
22:53:16.0492 2220 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:53:16.0492 2220 ACPI - ok
22:53:16.0523 2220 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:53:16.0523 2220 AcpiPmi - ok
22:53:16.0617 2220 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:53:16.0632 2220 AdobeARMservice - ok
22:53:16.0773 2220 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:53:16.0788 2220 AdobeFlashPlayerUpdateSvc - ok
22:53:16.0820 2220 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:53:16.0820 2220 adp94xx - ok
22:53:16.0851 2220 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:53:16.0851 2220 adpahci - ok
22:53:16.0882 2220 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:53:16.0882 2220 adpu320 - ok
22:53:16.0929 2220 [ 1FE2BA15E16FA1B9A33618B4FA105151 ] adusbser C:\Windows\system32\DRIVERS\adusbser.sys
22:53:16.0929 2220 adusbser - ok
22:53:16.0960 2220 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:53:16.0960 2220 AeLookupSvc - ok
22:53:17.0022 2220 [ 314C17917AC8523EC77A710215012A65 ] AFD C:\Windows\system32\drivers\afd.sys
22:53:17.0022 2220 AFD - ok
22:53:17.0069 2220 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:53:17.0069 2220 agp440 - ok
22:53:17.0085 2220 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:53:17.0085 2220 ALG - ok
22:53:17.0132 2220 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:53:17.0132 2220 aliide - ok
22:53:17.0178 2220 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:53:17.0178 2220 AMD External Events Utility - ok
22:53:17.0210 2220 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:53:17.0210 2220 amdide - ok
22:53:17.0241 2220 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:53:17.0241 2220 AmdK8 - ok
22:53:17.0459 2220 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:53:17.0646 2220 amdkmdag - ok
22:53:17.0678 2220 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:53:17.0678 2220 amdkmdap - ok
22:53:17.0693 2220 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:53:17.0693 2220 AmdPPM - ok
22:53:17.0724 2220 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:53:17.0724 2220 amdsata - ok
22:53:17.0756 2220 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:53:17.0756 2220 amdsbs - ok
22:53:17.0771 2220 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:53:17.0771 2220 amdxata - ok
22:53:17.0818 2220 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:53:17.0818 2220 AppID - ok
22:53:17.0834 2220 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:53:17.0834 2220 AppIDSvc - ok
22:53:17.0865 2220 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
22:53:17.0865 2220 Appinfo - ok
22:53:17.0896 2220 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:53:17.0896 2220 arc - ok
22:53:17.0912 2220 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:53:17.0912 2220 arcsas - ok
22:53:17.0943 2220 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:53:17.0943 2220 AsyncMac - ok
22:53:17.0974 2220 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:53:17.0974 2220 atapi - ok
22:53:18.0005 2220 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:53:18.0005 2220 AtiHDAudioService - ok
22:53:18.0068 2220 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:53:18.0068 2220 atksgt - ok
22:53:18.0114 2220 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:53:18.0130 2220 AudioEndpointBuilder - ok
22:53:18.0130 2220 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:53:18.0146 2220 AudioSrv - ok
22:53:18.0177 2220 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:53:18.0192 2220 AxInstSV - ok
22:53:18.0208 2220 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:53:18.0208 2220 b06bdrv - ok
22:53:18.0239 2220 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:53:18.0255 2220 b57nd60a - ok
22:53:18.0270 2220 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:53:18.0270 2220 BDESVC - ok
22:53:18.0286 2220 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:53:18.0286 2220 Beep - ok
22:53:18.0364 2220 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:53:18.0364 2220 BFE - ok
22:53:18.0458 2220 BITCOMET_HELPER_SERVICE - ok
22:53:18.0504 2220 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:53:18.0520 2220 BITS - ok
22:53:18.0536 2220 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:53:18.0536 2220 blbdrive - ok
22:53:18.0582 2220 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:53:18.0582 2220 bowser - ok
22:53:18.0598 2220 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:53:18.0598 2220 BrFiltLo - ok
22:53:18.0614 2220 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:53:18.0614 2220 BrFiltUp - ok
22:53:18.0645 2220 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:53:18.0645 2220 Browser - ok
22:53:18.0676 2220 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:53:18.0676 2220 Brserid - ok
22:53:18.0692 2220 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:53:18.0692 2220 BrSerWdm - ok
22:53:18.0692 2220 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:53:18.0692 2220 BrUsbMdm - ok
22:53:18.0707 2220 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:53:18.0707 2220 BrUsbSer - ok
22:53:18.0770 2220 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:53:18.0785 2220 BthEnum - ok
22:53:18.0785 2220 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:53:18.0785 2220 BTHMODEM - ok
22:53:18.0832 2220 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:53:18.0832 2220 BthPan - ok
22:53:18.0879 2220 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:53:18.0879 2220 BTHPORT - ok
22:53:18.0894 2220 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:53:18.0894 2220 bthserv - ok
22:53:18.0926 2220 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:53:18.0926 2220 BTHUSB - ok
22:53:18.0957 2220 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:53:18.0957 2220 cdfs - ok
22:53:19.0004 2220 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:53:19.0004 2220 cdrom - ok
22:53:19.0050 2220 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:53:19.0050 2220 CertPropSvc - ok
22:53:19.0066 2220 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:53:19.0066 2220 circlass - ok
22:53:19.0082 2220 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:53:19.0082 2220 CLFS - ok
22:53:19.0144 2220 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:53:19.0144 2220 clr_optimization_v2.0.50727_32 - ok
22:53:19.0191 2220 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:53:19.0191 2220 clr_optimization_v2.0.50727_64 - ok
22:53:19.0284 2220 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:53:19.0284 2220 clr_optimization_v4.0.30319_32 - ok
22:53:19.0331 2220 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:53:19.0331 2220 clr_optimization_v4.0.30319_64 - ok
22:53:19.0362 2220 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:53:19.0362 2220 CmBatt - ok
22:53:19.0394 2220 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:53:19.0394 2220 cmdide - ok
22:53:19.0440 2220 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
22:53:19.0440 2220 CNG - ok
22:53:19.0456 2220 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:53:19.0456 2220 Compbatt - ok
22:53:19.0503 2220 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:53:19.0503 2220 CompositeBus - ok
22:53:19.0503 2220 COMSysApp - ok
22:53:19.0518 2220 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:53:19.0518 2220 crcdisk - ok
22:53:19.0581 2220 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:53:19.0581 2220 CryptSvc - ok
22:53:19.0628 2220 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:53:19.0628 2220 DcomLaunch - ok
22:53:19.0643 2220 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:53:19.0659 2220 defragsvc - ok
22:53:19.0690 2220 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:53:19.0690 2220 DfsC - ok
22:53:19.0752 2220 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:53:19.0752 2220 Dhcp - ok
22:53:19.0752 2220 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:53:19.0768 2220 discache - ok
22:53:19.0768 2220 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:53:19.0784 2220 Disk - ok
22:53:19.0815 2220 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:53:19.0815 2220 Dnscache - ok
22:53:19.0862 2220 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:53:19.0862 2220 dot3svc - ok
22:53:19.0893 2220 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:53:19.0893 2220 DPS - ok
22:53:19.0940 2220 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:53:19.0940 2220 drmkaud - ok
22:53:19.0986 2220 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:53:19.0986 2220 DXGKrnl - ok
22:53:20.0018 2220 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:53:20.0018 2220 EapHost - ok
22:53:20.0096 2220 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:53:20.0158 2220 ebdrv - ok
22:53:20.0205 2220 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:53:20.0205 2220 EFS - ok
22:53:20.0267 2220 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:53:20.0283 2220 ehRecvr - ok
22:53:20.0314 2220 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:53:20.0314 2220 ehSched - ok
22:53:20.0330 2220 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:53:20.0330 2220 elxstor - ok
22:53:20.0361 2220 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:53:20.0361 2220 ErrDev - ok
22:53:20.0392 2220 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:53:20.0408 2220 EventSystem - ok
22:53:20.0423 2220 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:53:20.0423 2220 exfat - ok
22:53:20.0439 2220 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:53:20.0439 2220 fastfat - ok
22:53:20.0486 2220 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:53:20.0501 2220 Fax - ok
22:53:20.0517 2220 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:53:20.0517 2220 fdc - ok
22:53:20.0532 2220 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:53:20.0532 2220 fdPHost - ok
22:53:20.0532 2220 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:53:20.0532 2220 FDResPub - ok
22:53:20.0548 2220 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:53:20.0548 2220 FileInfo - ok
22:53:20.0564 2220 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:53:20.0564 2220 Filetrace - ok
22:53:20.0579 2220 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:53:20.0579 2220 flpydisk - ok
22:53:20.0642 2220 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:53:20.0642 2220 FltMgr - ok
22:53:20.0704 2220 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
22:53:20.0704 2220 FontCache - ok
22:53:20.0766 2220 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:53:20.0766 2220 FontCache3.0.0.0 - ok
22:53:20.0782 2220 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:53:20.0782 2220 FsDepends - ok
22:53:20.0813 2220 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:53:20.0813 2220 Fs_Rec - ok
22:53:20.0876 2220 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:53:20.0891 2220 fvevol - ok
22:53:20.0907 2220 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:53:20.0922 2220 gagp30kx - ok
22:53:20.0969 2220 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:53:20.0969 2220 gpsvc - ok
22:53:21.0063 2220 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:53:21.0063 2220 gupdate - ok
22:53:21.0078 2220 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:53:21.0078 2220 gupdatem - ok
22:53:21.0094 2220 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:53:21.0110 2220 hcw85cir - ok
22:53:21.0141 2220 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:53:21.0156 2220 HdAudAddService - ok
22:53:21.0172 2220 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:53:21.0172 2220 HDAudBus - ok
22:53:21.0188 2220 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:53:21.0203 2220 HidBatt - ok
22:53:21.0219 2220 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:53:21.0219 2220 HidBth - ok
22:53:21.0234 2220 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:53:21.0234 2220 HidIr - ok
22:53:21.0266 2220 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:53:21.0266 2220 hidserv - ok
22:53:21.0297 2220 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:53:21.0297 2220 HidUsb - ok
22:53:21.0344 2220 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:53:21.0344 2220 hkmsvc - ok
22:53:21.0390 2220 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:53:21.0390 2220 HomeGroupListener - ok
22:53:21.0437 2220 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:53:21.0437 2220 HomeGroupProvider - ok
22:53:21.0484 2220 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:53:21.0484 2220 HpSAMD - ok
22:53:21.0546 2220 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:53:21.0562 2220 HTTP - ok
22:53:21.0593 2220 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:53:21.0593 2220 hwpolicy - ok
22:53:21.0624 2220 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:53:21.0624 2220 i8042prt - ok
22:53:21.0640 2220 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:53:21.0640 2220 iaStorV - ok
22:53:21.0734 2220 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:53:21.0734 2220 IDriverT - ok
22:53:21.0780 2220 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:53:21.0780 2220 idsvc - ok
22:53:21.0812 2220 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:53:21.0812 2220 iirsp - ok
22:53:21.0843 2220 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:53:21.0843 2220 IKEEXT - ok
22:53:21.0936 2220 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:53:21.0952 2220 IntcAzAudAddService - ok
22:53:21.0999 2220 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:53:21.0999 2220 intelide - ok
22:53:22.0030 2220 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:53:22.0030 2220 intelppm - ok
22:53:22.0046 2220 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:53:22.0061 2220 IPBusEnum - ok
22:53:22.0077 2220 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:53:22.0077 2220 IpFilterDriver - ok
22:53:22.0108 2220 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:53:22.0124 2220 iphlpsvc - ok
22:53:22.0155 2220 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:53:22.0155 2220 IPMIDRV - ok
22:53:22.0170 2220 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:53:22.0170 2220 IPNAT - ok
22:53:22.0202 2220 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:53:22.0202 2220 IRENUM - ok
22:53:22.0217 2220 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:53:22.0217 2220 isapnp - ok
22:53:22.0264 2220 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:53:22.0264 2220 iScsiPrt - ok
22:53:22.0295 2220 iWinTrusted - ok
22:53:22.0326 2220 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:53:22.0326 2220 kbdclass - ok
22:53:22.0342 2220 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:53:22.0342 2220 kbdhid - ok
22:53:22.0342 2220 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:53:22.0342 2220 KeyIso - ok
22:53:22.0389 2220 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:53:22.0389 2220 KSecDD - ok
22:53:22.0420 2220 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:53:22.0436 2220 KSecPkg - ok
22:53:22.0436 2220 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:53:22.0436 2220 ksthunk - ok
22:53:22.0467 2220 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:53:22.0467 2220 KtmRm - ok
22:53:22.0482 2220 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:53:22.0498 2220 LanmanServer - ok
22:53:22.0529 2220 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:53:22.0545 2220 LanmanWorkstation - ok
22:53:22.0607 2220 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:53:22.0607 2220 lirsgt - ok
22:53:22.0607 2220 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:53:22.0607 2220 lltdio - ok
22:53:22.0638 2220 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:53:22.0638 2220 lltdsvc - ok
22:53:22.0670 2220 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:53:22.0670 2220 lmhosts - ok
22:53:22.0685 2220 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:53:22.0685 2220 LSI_FC - ok
22:53:22.0701 2220 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:53:22.0701 2220 LSI_SAS - ok
22:53:22.0716 2220 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:53:22.0716 2220 LSI_SAS2 - ok
22:53:22.0732 2220 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:53:22.0732 2220 LSI_SCSI - ok
22:53:22.0763 2220 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:53:22.0763 2220 luafv - ok
22:53:22.0810 2220 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
22:53:22.0810 2220 LVPr2M64 - ok
22:53:22.0826 2220 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
22:53:22.0826 2220 LVPr2Mon - ok
22:53:22.0904 2220 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
22:53:22.0904 2220 LVPrcS64 - ok
22:53:22.0950 2220 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:53:22.0950 2220 Mcx2Svc - ok
22:53:22.0966 2220 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:53:22.0966 2220 megasas - ok
22:53:22.0982 2220 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:53:22.0982 2220 MegaSR - ok
22:53:22.0997 2220 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:53:22.0997 2220 MMCSS - ok
22:53:22.0997 2220 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:53:22.0997 2220 Modem - ok
22:53:23.0013 2220 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:53:23.0013 2220 monitor - ok
22:53:23.0060 2220 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:53:23.0060 2220 mouclass - ok
22:53:23.0091 2220 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:53:23.0091 2220 mouhid - ok
22:53:23.0122 2220 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:53:23.0122 2220 mountmgr - ok
22:53:23.0200 2220 [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
22:53:23.0200 2220 MpFilter - ok
22:53:23.0216 2220 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:53:23.0216 2220 mpio - ok
22:53:23.0231 2220 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:53:23.0231 2220 mpsdrv - ok
22:53:23.0278 2220 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:53:23.0294 2220 MpsSvc - ok
22:53:23.0325 2220 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:53:23.0325 2220 MRxDAV - ok
22:53:23.0372 2220 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:53:23.0372 2220 mrxsmb - ok
22:53:23.0403 2220 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:53:23.0403 2220 mrxsmb10 - ok
22:53:23.0418 2220 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:53:23.0418 2220 mrxsmb20 - ok
22:53:23.0450 2220 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:53:23.0450 2220 msahci - ok
22:53:23.0481 2220 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:53:23.0481 2220 msdsm - ok
22:53:23.0496 2220 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:53:23.0512 2220 MSDTC - ok
22:53:23.0528 2220 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:53:23.0528 2220 Msfs - ok
22:53:23.0543 2220 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:53:23.0543 2220 mshidkmdf - ok
22:53:23.0574 2220 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:53:23.0574 2220 msisadrv - ok
22:53:23.0621 2220 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:53:23.0621 2220 MSiSCSI - ok
22:53:23.0621 2220 msiserver - ok
22:53:23.0652 2220 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:53:23.0652 2220 MSKSSRV - ok
22:53:23.0715 2220 [ 52D60E642263719B37F1E4A785E676EB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:53:23.0715 2220 MsMpSvc - ok
22:53:23.0730 2220 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:53:23.0730 2220 MSPCLOCK - ok
22:53:23.0746 2220 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:53:23.0746 2220 MSPQM - ok
22:53:23.0777 2220 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:53:23.0793 2220 MsRPC - ok
22:53:23.0808 2220 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:53:23.0808 2220 mssmbios - ok
22:53:23.0808 2220 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:53:23.0808 2220 MSTEE - ok
22:53:23.0824 2220 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:53:23.0824 2220 MTConfig - ok
22:53:23.0855 2220 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:53:23.0855 2220 Mup - ok
22:53:23.0902 2220 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:53:23.0902 2220 napagent - ok
22:53:23.0949 2220 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:53:23.0949 2220 NativeWifiP - ok
22:53:23.0996 2220 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:53:24.0011 2220 NDIS - ok
22:53:24.0027 2220 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:53:24.0042 2220 NdisCap - ok
22:53:24.0058 2220 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:53:24.0058 2220 NdisTapi - ok
22:53:24.0105 2220 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:53:24.0105 2220 Ndisuio - ok
22:53:24.0136 2220 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:53:24.0152 2220 NdisWan - ok
22:53:24.0183 2220 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:53:24.0183 2220 NDProxy - ok
22:53:24.0183 2220 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:53:24.0183 2220 NetBIOS - ok
22:53:24.0230 2220 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:53:24.0230 2220 NetBT - ok
22:53:24.0245 2220 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:53:24.0245 2220 Netlogon - ok
22:53:24.0276 2220 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:53:24.0276 2220 Netman - ok
22:53:24.0308 2220 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:53:24.0308 2220 netprofm - ok
22:53:24.0386 2220 [ 8CE69B2C4934A1C0321F4C8E9C6C4A41 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
22:53:24.0432 2220 netr28x - ok
22:53:24.0448 2220 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:53:24.0448 2220 NetTcpPortSharing - ok
22:53:24.0479 2220 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:53:24.0479 2220 nfrd960 - ok
22:53:24.0542 2220 [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:53:24.0557 2220 NisDrv - ok
22:53:24.0604 2220 [ 506BAA292F60C2AB637B9AEA3325D7D0 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
22:53:24.0604 2220 NisSrv - ok
22:53:24.0651 2220 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:53:24.0651 2220 NlaSvc - ok
22:53:24.0651 2220 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:53:24.0651 2220 Npfs - ok
22:53:24.0682 2220 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:53:24.0682 2220 nsi - ok
22:53:24.0698 2220 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:53:24.0698 2220 nsiproxy - ok
22:53:24.0760 2220 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:53:24.0791 2220 Ntfs - ok
22:53:24.0807 2220 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:53:24.0807 2220 Null - ok
22:53:24.0822 2220 NVHDA - ok
22:53:24.0869 2220 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:53:24.0869 2220 nvraid - ok
22:53:24.0885 2220 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:53:24.0885 2220 nvstor - ok
22:53:24.0900 2220 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:53:24.0900 2220 nv_agp - ok
22:53:24.0994 2220 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:53:25.0010 2220 odserv - ok
22:53:25.0056 2220 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:53:25.0056 2220 ohci1394 - ok
22:53:25.0119 2220 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:53:25.0119 2220 ose - ok
22:53:25.0150 2220 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:53:25.0150 2220 p2pimsvc - ok
22:53:25.0166 2220 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:53:25.0181 2220 p2psvc - ok
22:53:25.0197 2220 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:53:25.0197 2220 Parport - ok
22:53:25.0244 2220 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:53:25.0244 2220 partmgr - ok
22:53:25.0244 2220 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:53:25.0244 2220 PcaSvc - ok
22:53:25.0259 2220 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:53:25.0275 2220 pci - ok
22:53:25.0306 2220 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:53:25.0306 2220 pciide - ok
22:53:25.0322 2220 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:53:25.0322 2220 pcmcia - ok
22:53:25.0337 2220 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:53:25.0337 2220 pcw - ok
22:53:25.0368 2220 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:53:25.0368 2220 PEAUTH - ok
22:53:25.0431 2220 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:53:25.0431 2220 PerfHost - ok
22:53:25.0478 2220 [ B47DEE29B5E6E1939567A926C7A3E6A4 ] PID_0928 C:\Windows\system32\DRIVERS\LV561V64.SYS
22:53:25.0493 2220 PID_0928 - ok
22:53:25.0556 2220 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:53:25.0571 2220 pla - ok
22:53:25.0618 2220 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:53:25.0618 2220 PlugPlay - ok
22:53:25.0634 2220 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:53:25.0634 2220 PNRPAutoReg - ok
22:53:25.0649 2220 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:53:25.0649 2220 PNRPsvc - ok
22:53:25.0696 2220 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:53:25.0696 2220 PolicyAgent - ok
22:53:25.0727 2220 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:53:25.0727 2220 Power - ok
22:53:25.0774 2220 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:53:25.0774 2220 PptpMiniport - ok
22:53:25.0790 2220 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:53:25.0790 2220 Processor - ok
22:53:25.0836 2220 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:53:25.0852 2220 ProfSvc - ok
22:53:25.0868 2220 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:53:25.0868 2220 ProtectedStorage - ok
22:53:25.0914 2220 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:53:25.0914 2220 Psched - ok
22:53:25.0961 2220 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:53:25.0992 2220 ql2300 - ok
22:53:25.0992 2220 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:53:25.0992 2220 ql40xx - ok
22:53:26.0024 2220 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:53:26.0024 2220 QWAVE - ok
22:53:26.0039 2220 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:53:26.0039 2220 QWAVEdrv - ok
22:53:26.0055 2220 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:53:26.0055 2220 RasAcd - ok
22:53:26.0102 2220 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:53:26.0102 2220 RasAgileVpn - ok
22:53:26.0117 2220 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:53:26.0117 2220 RasAuto - ok
22:53:26.0148 2220 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:53:26.0148 2220 Rasl2tp - ok
22:53:26.0195 2220 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:53:26.0195 2220 RasMan - ok
22:53:26.0211 2220 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:53:26.0211 2220 RasPppoe - ok
22:53:26.0226 2220 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:53:26.0226 2220 RasSstp - ok
22:53:26.0258 2220 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:53:26.0258 2220 rdbss - ok
22:53:26.0258 2220 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:53:26.0258 2220 rdpbus - ok
22:53:26.0273 2220 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:53:26.0273 2220 RDPCDD - ok
22:53:26.0304 2220 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:53:26.0304 2220 RDPENCDD - ok
22:53:26.0320 2220 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:53:26.0320 2220 RDPREFMP - ok
22:53:26.0382 2220 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:53:26.0382 2220 RdpVideoMiniport - ok
22:53:26.0414 2220 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:53:26.0414 2220 RDPWD - ok
22:53:26.0445 2220 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:53:26.0460 2220 rdyboost - ok
22:53:26.0476 2220 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:53:26.0476 2220 RemoteAccess - ok
22:53:26.0492 2220 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:53:26.0492 2220 RemoteRegistry - ok
22:53:26.0538 2220 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:53:26.0538 2220 RFCOMM - ok
22:53:26.0570 2220 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:53:26.0570 2220 RpcEptMapper - ok
22:53:26.0601 2220 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:53:26.0601 2220 RpcLocator - ok
22:53:26.0632 2220 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:53:26.0632 2220 RpcSs - ok
22:53:26.0648 2220 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:53:26.0648 2220 rspndr - ok
22:53:26.0694 2220 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:53:26.0694 2220 RTL8167 - ok
22:53:26.0710 2220 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:53:26.0710 2220 SamSs - ok
22:53:26.0757 2220 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:53:26.0757 2220 sbp2port - ok
22:53:26.0772 2220 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:53:26.0772 2220 SCardSvr - ok
22:53:26.0804 2220 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:53:26.0819 2220 scfilter - ok
22:53:26.0866 2220 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:53:26.0882 2220 Schedule - ok
22:53:26.0913 2220 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:53:26.0913 2220 SCPolicySvc - ok
22:53:26.0944 2220 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:53:26.0960 2220 SDRSVC - ok
22:53:26.0975 2220 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:53:26.0975 2220 secdrv - ok
22:53:27.0006 2220 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:53:27.0006 2220 seclogon - ok
22:53:27.0022 2220 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:53:27.0022 2220 SENS - ok
22:53:27.0022 2220 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:53:27.0022 2220 SensrSvc - ok
22:53:27.0038 2220 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:53:27.0038 2220 Serenum - ok
22:53:27.0069 2220 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:53:27.0069 2220 Serial - ok
22:53:27.0100 2220 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:53:27.0100 2220 sermouse - ok
22:53:27.0131 2220 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:53:27.0131 2220 SessionEnv - ok
22:53:27.0178 2220 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:53:27.0178 2220 sffdisk - ok
22:53:27.0194 2220 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:53:27.0194 2220 sffp_mmc - ok
22:53:27.0209 2220 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:53:27.0209 2220 sffp_sd - ok
22:53:27.0209 2220 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:53:27.0209 2220 sfloppy - ok
22:53:27.0256 2220 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:53:27.0256 2220 SharedAccess - ok
22:53:27.0303 2220 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:53:27.0303 2220 ShellHWDetection - ok
22:53:27.0318 2220 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:53:27.0334 2220 SiSRaid2 - ok
22:53:27.0350 2220 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:53:27.0350 2220 SiSRaid4 - ok
22:53:27.0443 2220 [ 9CD1BB2DB803B6AC642BD643DDB773BC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:53:27.0443 2220 SkypeUpdate - ok
22:53:27.0474 2220 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:53:27.0474 2220 Smb - ok
22:53:27.0521 2220 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:53:27.0521 2220 SNMPTRAP - ok
22:53:27.0537 2220 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:53:27.0537 2220 spldr - ok
22:53:27.0584 2220 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:53:27.0599 2220 Spooler - ok
22:53:27.0677 2220 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:53:27.0740 2220 sppsvc - ok
22:53:27.0771 2220 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:53:27.0771 2220 sppuinotify - ok
22:53:27.0849 2220 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
22:53:27.0849 2220 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
22:53:27.0849 2220 sptd ( LockedFile.Multi.Generic ) - warning
22:53:27.0849 2220 sptd - detected LockedFile.Multi.Generic (1)
22:53:27.0896 2220 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:53:27.0896 2220 srv - ok
22:53:27.0927 2220 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:53:27.0927 2220 srv2 - ok
22:53:27.0942 2220 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:53:27.0942 2220 srvnet - ok
22:53:27.0974 2220 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:53:27.0974 2220 SSDPSRV - ok
22:53:27.0989 2220 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:53:27.0989 2220 SstpSvc - ok
22:53:28.0005 2220 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:53:28.0005 2220 stexstor - ok
22:53:28.0052 2220 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:53:28.0067 2220 stisvc - ok
22:53:28.0098 2220 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:53:28.0098 2220 swenum - ok
22:53:28.0114 2220 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:53:28.0130 2220 swprv - ok
22:53:28.0192 2220 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:53:28.0223 2220 SysMain - ok
22:53:28.0254 2220 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:53:28.0270 2220 TabletInputService - ok
22:53:28.0301 2220 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:53:28.0301 2220 TapiSrv - ok
22:53:28.0317 2220 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:53:28.0317 2220 TBS - ok
22:53:28.0395 2220 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:53:28.0426 2220 Tcpip - ok
22:53:28.0473 2220 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:53:28.0473 2220 TCPIP6 - ok
22:53:28.0520 2220 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:53:28.0520 2220 tcpipreg - ok
22:53:28.0520 2220 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:53:28.0535 2220 TDPIPE - ok
22:53:28.0566 2220 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:53:28.0566 2220 TDTCP - ok
22:53:28.0613 2220 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:53:28.0613 2220 tdx - ok
22:53:28.0629 2220 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:53:28.0629 2220 TermDD - ok
22:53:28.0660 2220 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:53:28.0676 2220 TermService - ok
22:53:28.0691 2220 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:53:28.0691 2220 Themes - ok
22:53:28.0707 2220 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:53:28.0722 2220 THREADORDER - ok
22:53:28.0738 2220 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:53:28.0738 2220 TrkWks - ok
22:53:28.0800 2220 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:53:28.0800 2220 TrustedInstaller - ok
22:53:28.0847 2220 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:53:28.0863 2220 tssecsrv - ok
22:53:28.0894 2220 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:53:28.0894 2220 TsUsbFlt - ok
22:53:28.0956 2220 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:53:28.0956 2220 tunnel - ok
22:53:28.0972 2220 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:53:28.0972 2220 uagp35 - ok
22:53:29.0019 2220 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:53:29.0019 2220 udfs - ok
22:53:29.0050 2220 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:53:29.0050 2220 UI0Detect - ok
22:53:29.0066 2220 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:53:29.0066 2220 uliagpkx - ok
22:53:29.0112 2220 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:53:29.0112 2220 umbus - ok
22:53:29.0128 2220 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:53:29.0128 2220 UmPass - ok
22:53:29.0144 2220 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:53:29.0144 2220 upnphost - ok
22:53:29.0222 2220 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:53:29.0222 2220 usbaudio - ok
22:53:29.0253 2220 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:53:29.0253 2220 usbccgp - ok
22:53:29.0315 2220 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:53:29.0315 2220 usbcir - ok
22:53:29.0346 2220 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:53:29.0346 2220 usbehci - ok
22:53:29.0393 2220 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:53:29.0393 2220 usbhub - ok
22:53:29.0424 2220 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:53:29.0424 2220 usbohci - ok
22:53:29.0440 2220 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:53:29.0440 2220 usbprint - ok
22:53:29.0456 2220 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:53:29.0456 2220 USBSTOR - ok
22:53:29.0487 2220 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:53:29.0487 2220 usbuhci - ok
22:53:29.0518 2220 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:53:29.0534 2220 usbvideo - ok
22:53:29.0549 2220 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:53:29.0549 2220 UxSms - ok
22:53:29.0565 2220 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:53:29.0565 2220 VaultSvc - ok
22:53:29.0565 2220 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:53:29.0565 2220 vdrvroot - ok
22:53:29.0612 2220 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:53:29.0612 2220 vds - ok
22:53:29.0627 2220 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:53:29.0627 2220 vga - ok
22:53:29.0658 2220 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:53:29.0658 2220 VgaSave - ok
22:53:29.0690 2220 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:53:29.0690 2220 vhdmp - ok
22:53:29.0721 2220 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:53:29.0721 2220 viaide - ok
22:53:29.0736 2220 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:53:29.0736 2220 volmgr - ok
22:53:29.0783 2220 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:53:29.0799 2220 volmgrx - ok
22:53:29.0814 2220 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:53:29.0830 2220 volsnap - ok
22:53:29.0861 2220 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:53:29.0861 2220 vsmraid - ok
22:53:29.0908 2220 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:53:29.0955 2220 VSS - ok
22:53:29.0986 2220 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:53:29.0986 2220 vwifibus - ok
22:53:30.0017 2220 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:53:30.0017 2220 vwififlt - ok
22:53:30.0033 2220 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:53:30.0033 2220 vwifimp - ok
22:53:30.0064 2220 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:53:30.0064 2220 W32Time - ok
22:53:30.0080 2220 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:53:30.0080 2220 WacomPen - ok
22:53:30.0111 2220 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:53:30.0111 2220 WANARP - ok
22:53:30.0126 2220 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:53:30.0126 2220 Wanarpv6 - ok
22:53:30.0189 2220 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:53:30.0204 2220 WatAdminSvc - ok
22:53:30.0267 2220 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:53:30.0298 2220 wbengine - ok
22:53:30.0314 2220 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:53:30.0314 2220 WbioSrvc - ok
22:53:30.0360 2220 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:53:30.0376 2220 wcncsvc - ok
22:53:30.0392 2220 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:53:30.0392 2220 WcsPlugInService - ok
22:53:30.0407 2220 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:53:30.0407 2220 Wd - ok
22:53:30.0438 2220 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:53:30.0454 2220 Wdf01000 - ok
22:53:30.0470 2220 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:53:30.0470 2220 WdiServiceHost - ok
22:53:30.0470 2220 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:53:30.0470 2220 WdiSystemHost - ok
22:53:30.0516 2220 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll
22:53:30.0516 2220 WebClient - ok
22:53:30.0548 2220 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:53:30.0548 2220 Wecsvc - ok
22:53:30.0579 2220 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:53:30.0579 2220 wercplsupport - ok
22:53:30.0610 2220 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:53:30.0610 2220 WerSvc - ok
22:53:30.0626 2220 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:53:30.0626 2220 WfpLwf - ok
22:53:30.0626 2220 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:53:30.0626 2220 WIMMount - ok
22:53:30.0657 2220 WinDefend - ok
22:53:30.0672 2220 WinHttpAutoProxySvc - ok
22:53:30.0719 2220 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:53:30.0719 2220 Winmgmt - ok
22:53:30.0797 2220 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:53:30.0828 2220 WinRM - ok
22:53:30.0875 2220 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:53:30.0875 2220 WinUsb - ok
22:53:30.0906 2220 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:53:30.0922 2220 Wlansvc - ok
22:53:31.0078 2220 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:53:31.0125 2220 wlidsvc - ok
22:53:31.0156 2220 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:53:31.0156 2220 WmiAcpi - ok
22:53:31.0187 2220 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:53:31.0203 2220 wmiApSrv - ok
22:53:31.0203 2220 WMPNetworkSvc - ok
22:53:31.0218 2220 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:53:31.0218 2220 WPCSvc - ok