Kontrola logu - reklamy Vyřešeno

[DsD]

Zdravím, chtěl bych Vás poprosit o kontrolu logu, mám problém s reklamami v prohlížeči, často se kvůli nim sekne, nebo se prohlížená stránka automaticky přesměruje na reklamu.
Díky

Projel jsem dneska pc skrz, aviru-nic. Rovněž jsem spustil CCleaner, ATF-cleaner a TFC.
Níže logy z hjt, adw-cleaneru a mbam.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:34:56, on 29.5.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\PC\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP ... l&tsp=5008
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.homesearch-hub.info/?p ... Z&unqvl=20
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AlllCheapPRaIace - {17684227-2B67-09CF-7A19-FB64651D791B} - C:\ProgramData\AlllCheapPRaIace\u_OA.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: FunDEals - {5F5DB45D-E6B4-BCD3-30AD-EEC204555C45} - C:\ProgramData\FunDEals\n5fopvz.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SAveNeWaaAppiz - {7AA81982-A4EE-54DA-D823-F1EC1DC92E1C} - C:\ProgramData\SAveNeWaaAppiz\0gOq.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - Startup: FIFA 11 Registration.lnk = D:\FIFA 2011\Support\EAregister.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\assist~1\assist~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8408 bytes

ADW-Cleaner

Kód: Vybrat vše

# AdwCleaner v3.211 - Report created 29/05/2014 at 13:45:31
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional  (64 bits)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www2.delta-search.com_0.localstorage-journal
File Found : C:\Windows\System32\Tasks\Express FilesUpdate
Folder Found : C:\Program Files (x86)\HDvidCodec.com
Folder Found : C:\Program Files (x86)\ICQ6Toolbar
Folder Found : C:\Program Files (x86)\SafeSaver
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\Program Files (x86)\WebSearch
Folder Found : C:\ProgramData\AlllCheapPRaIace
Folder Found : C:\ProgramData\Assistant
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BetterSoft
Folder Found : C:\ProgramData\DSearchLink
Folder Found : C:\ProgramData\FunDEals
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sAAffe  siave
Folder Found : C:\ProgramData\sAAffe  siave
Folder Found : C:\ProgramData\SearchNewTab
Folder Found : C:\ProgramData\StarApp
Folder Found : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Users\PC\AppData\LocalLow\sAAffe  siave
Folder Found : C:\Users\PC\AppData\LocalLow\SearchNewTab
Folder Found : C:\Users\PC\AppData\Roaming\Babylon
Folder Found : C:\Users\PC\AppData\Roaming\ExpressFiles
Folder Found : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Found : C:\Users\PC\AppData\Roaming\pdfforge

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\assist~1\assist~1.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\ExpressFiles
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{17684227-2B67-09CF-7A19-FB64651D791B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17684227-2B67-09CF-7A19-FB64651D791B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}
Key Found : HKCU\Software\Surf Canyon
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\ExpressFiles
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : [x64] HKCU\Software\Surf Canyon
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Classes\AlLeCheaepPorice.AlLeCheaepPorice
Key Found : HKLM\SOFTWARE\Classes\AlLeCheaepPorice.AlLeCheaepPorice.5.2
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{17684227-2B67-09CF-7A19-FB64651D791B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}
Key Found : HKLM\SOFTWARE\Classes\CoUPEExtenasioNa.CoUPEExtenasioNa
Key Found : HKLM\SOFTWARE\Classes\CoUPEExtenasioNa.CoUPEExtenasioNa.1.3
Key Found : HKLM\SOFTWARE\Classes\FunDEals.FunDEals
Key Found : HKLM\SOFTWARE\Classes\FunDEals.FunDEals.2.2
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\SaveNewaApPz.SaveNewaApPz
Key Found : HKLM\SOFTWARE\Classes\SaveNewaApPz.SaveNewaApPz.5.5
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\Software\ExpressFiles
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17684227-2B67-09CF-7A19-FB64651D791B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17684227-2B67-09CF-7A19-FB64651D791B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{699fd52f}
Key Found : HKLM\Software\Software
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{17684227-2B67-09CF-7A19-FB64651D791B}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17684227-2B67-09CF-7A19-FB64651D791B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16457

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=540200160A270711&affID=119776&tl=4-8873-8580-150000001242051948-3165597599-1378391902-1380983902&tt=150913_ctrl&tsp=5008
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.homesearch-hub.info/?pid=512&r=2013/06/13&hid=657783018&lg=EN&cc=CZ&unqvl=20

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w3cblgqb.default\prefs.js ]

Line Found : user_pref("aol_toolbar.default.homepage.check", false);
Line Found : user_pref("aol_toolbar.default.search.check", false);
Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Found : user_pref("extensions.FxCS_5Oqba2.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<[...]
Line Found : user_pref("extensions.PVJCIC4it.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)[...]
Line Found : user_pref("extensions.VmGhB35H6XI.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
Line Found : user_pref("extensions.g7iTHG.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.inde[...]
Line Found : user_pref("extensions.zMbYGU0k65t.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://websearch.homesearch-hub.info/?l=1&q={searchTerms}&pid=512&r=2013/06/13&hid=657783018&lg=EN&cc=CZ&unqvl=20
Found [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=540200160A270711&affID=119776&tl=4-8873-8580-150000001242051948-3165597599-1378391902-1380983902&tt=150913_ctrl&tsp=5008
Found [Homepage] : hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=540200160A270711&affID=119776&tl=4-8873-8580-150000001242051948-3165597599-1378391902-1380983902&tt=150913_ctrl&tsp=5008
Found [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Found [Extension] : ppdjnkblmcjfnlogjjhpigpdgpcgdpll

*************************

AdwCleaner[R0].txt - [15155 octets] - [29/05/2014 13:45:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15216 octets] ##########


MbAM

Kód: Vybrat vše

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29.5.2014
Scan Time: 14:05:00
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.29.06
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: PC

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 261962
Time Elapsed: 10 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe, 1684, , [8f9baea9710aa4923b97334512f0a45c]

Modules: 0
(No malicious items detected)

Registry Keys: 46
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{17684227-2B67-09CF-7A19-FB64651D791B}, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{17684227-2B67-09CF-7A19-FB64651D791B}, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{17684227-2B67-09CF-7A19-FB64651D791B}, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\AlLeCheaepPorice.AlLeCheaepPorice, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\AlLeCheaepPorice.AlLeCheaepPorice.5.2, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AlLeCheaepPorice.AlLeCheaepPorice, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AlLeCheaepPorice.AlLeCheaepPorice.5.2, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{17684227-2B67-09CF-7A19-FB64651D791B}, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{17684227-2B67-09CF-7A19-FB64651D791B}, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{17684227-2B67-09CF-7A19-FB64651D791B}, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{17684227-2B67-09CF-7A19-FB64651D791B}, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{17684227-2B67-09CF-7A19-FB64651D791B}, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{17684227-2B67-09CF-7A19-FB64651D791B}\INPROCSERVER32, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\FunDEals.FunDEals, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\FunDEals.FunDEals.2.2, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FunDEals.FunDEals, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FunDEals.FunDEals.2.2, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}\INPROCSERVER32, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , [ed3d1c3ba6d5ae88fe19ec479a689070],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , [ed3d1c3ba6d5ae88fe19ec479a689070],
PUP.Optional.SilentInstall.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{924C3DC2-8E4E-432E-F973-9A2174A39774}, , [d7533621d2a93bfb4771d78eab576a96],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5A1D3F9E-73B5-95EC-1233-6646E1358965}, , [58d20453ea91fb3bb87f7dcef40dbe42],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{478472F9-9E09-492A-BDAB-42EE595EF1AD}, , [8e9c8dca9be00c2a74c3113af50ccb35],
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8D36E1E0-418E-02C5-C153-21F3987C38A1}, , [ee3c5ff86a11a294e6fdba8b659bf40c],
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{324B5039-EBA4-96A0-3E4D-F20951BD743F}, , [66c4c196bfbcc76f23c01a2bf10ff60a],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}, , [c4664017077445f1971415f2659cc739],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}, , [c4664017077445f1971415f2659cc739],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}, , [c4664017077445f1971415f2659cc739],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, , [b97173e43348f541c04baafa2cd660a0],
PUP.Optional.SurfCanyon.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bcjagnifjocnddgeknajocbkkhlgibem, , [200a65f2a4d7a59162c6fb934fb3d42c],
PUP.Optional.HDVidCodec.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dnllcmllkjofnojidnaknldfehfhehoo, , [71b96aedccafcc6a737e6858996a0cf4],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, , [be6c5dfaf586bf775b9beed232d1fd03],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [55d5cb8cfc7fb482acb5dbe627dc4fb1],
PUP.Optional.SProtector.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SProtector, , [63c75afd007bb185cfbe5d65f11202fe],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [e446520584f701354d36e2f28f74c63a],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [959588cf7ffcdc5a65f6834bdd26629e],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, , [6bbf282f0c6f39fdcb2a06bab251dc24],
PUP.Optional.OptimizerPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OptimizerPro, , [191120372c4f56e011d01f59c04229d7],

Registry Values: 2
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, {BCE31210-5A9F-11E2-934F-001D927CCF59}, , [be6c5dfaf586bf775b9beed232d1fd03]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {BCE31210-5A9F-11E2-934F-001D927CCF59}, , [6bbf282f0c6f39fdcb2a06bab251dc24]

Registry Data: 3
Trojan.SProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~3\assist~1\assist~1.dll, Good: (), Bad: (c:\progra~3\assist~1\assist~1.dll),,[36f4490e0d6e47ef355af467ec15f40c]
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.homesearch-hub.info/?pid=512&r=2013/06/13&hid=657783018&lg=EN&cc=CZ&unqvl=20, Good: (http://www.google.com), Bad: (http://websearch.homesearch-hub.info/?pid=512&r=2013/06/13&hid=657783018&lg=EN&cc=CZ&unqvl=20),,[2a0099be3d3e2e08e1cee56df90b56aa]
PUP.Optional.StartPage, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www2.delta-search.com/?babsrc=HP_ss&mntrId=540200160A270711&affID=119776&tl=4-8873-8580-150000001242051948-3165597599-1378391902-1380983902&tt=150913_ctrl&tsp=5008, Good: (http://www.google.com), Bad: (http://www2.delta-search.com/?babsrc=HP_ss&mntrId=540200160A270711&affID=119776&tl=4-8873-8580-150000001242051948-3165597599-1378391902-1380983902&tt=150913_ctrl&tsp=5008),,[e8428acd03781c1a03d8d8830ef6c43c]

Folders: 10
PUP.Optional.HDVidCodec.A, C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com, , [98927fd8681394a2648b3789df245ea2],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab, , [a48653048fecf83e9232e98fec16dd23],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab\data, , [a48653048fecf83e9232e98fec16dd23],
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro, , [8f9baea9710aa4923b97334512f0a45c],
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro\3036567561, , [8f9baea9710aa4923b97334512f0a45c],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro, , [191120372c4f56e011d01f59c04229d7],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars, , [a5853c1b87f447effe5b48315ea4db25],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer, , [a5853c1b87f447effe5b48315ea4db25],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT, , [a5853c1b87f447effe5b48315ea4db25],
PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com, , [ec3e68efa5d6f44283cc027889799868],

Files: 33
Trojan.SProtector, C:\ProgramData\Assistant\Assistant.dll, , [36f4490e0d6e47ef355af467ec15f40c],
Trojan.SProtector, C:\ProgramData\Assistant\AssistantSvc.dll, , [09211d3a403b2412e7a96bf07b86c33d],
PUP.Optional.MultiPlug.A, C:\ProgramData\AlllCheapPRaIace\u_OA.x64.dll, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, C:\ProgramData\AlllCheapPRaIace\u_OA.dll, , [a4864d0a522978be3403b09b50b140c0],
PUP.Optional.MultiPlug.A, C:\ProgramData\FunDEals\n5fopvz.x64.dll, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, C:\ProgramData\FunDEals\n5fopvz.dll, , [b476de79b1ca65d13ef9341718e9758b],
PUP.Optional.MultiPlug.A, C:\ProgramData\AlllCheapPRaIace\u_OA.exe, , [58d20453ea91fb3bb87f7dcef40dbe42],
PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, , [9c8ebb9c1d5ec076c01a55cc16ee718f],
PUP.Optional.MultiPlug.A, C:\ProgramData\FunDEals\n5fopvz.exe, , [8e9c8dca9be00c2a74c3113af50ccb35],
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{CD8DBD4B-9F28-486C-AA87-D70A166E9FBD}\Setup.exe, , [ee3c5ff86a11a294e6fdba8b659bf40c],
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{E54FCCEF-BD44-4E29-ACC2-F5663EACEE19}\Setup.exe, , [66c4c196bfbcc76f23c01a2bf10ff60a],
PUP.Optional.MultiPlug.A, C:\ProgramData\sAAffe  siave\51ba0a4df1170.dll, , [c4664017077445f1971415f2659cc739],
PUP.Optional.SilentInstall.A, C:\ProgramData\sAAffe  siave\uninstall.exe, , [f13971e693e8013525ac69a0c04111ef],
PUP.Optional.MultiPlug.A, C:\ProgramData\SearchNewTab\51ba0a6f00cd5.dll, , [28026fe8a8d3d066f9b211f6b24fd729],
PUP.Optional.CodecPerformer.A, C:\Users\PC\Downloads\CodecPerformerSetup.exe, , [47e3aea9f289f442fe1b511d2cd5817f],
PUP.Optional.HDVidCodec.A, C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com\HDVidCodec.lnk, , [98927fd8681394a2648b3789df245ea2],
PUP.Optional.HDVidCodec.A, C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com\Uninstall.lnk, , [98927fd8681394a2648b3789df245ea2],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab\51ba0a6f00cd5.tlb, , [a48653048fecf83e9232e98fec16dd23],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab\settings.ini, , [a48653048fecf83e9232e98fec16dd23],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab\data\SearchNewTab.dat, , [a48653048fecf83e9232e98fec16dd23],
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini, , [8f9baea9710aa4923b97334512f0a45c],
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe, , [8f9baea9710aa4923b97334512f0a45c],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Custom.dll, , [191120372c4f56e011d01f59c04229d7],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Readme.txt, , [191120372c4f56e011d01f59c04229d7],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Setup.dat, , [191120372c4f56e011d01f59c04229d7],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Setup.exe, , [191120372c4f56e011d01f59c04229d7],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Setup.ico, , [191120372c4f56e011d01f59c04229d7],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll, , [191120372c4f56e011d01f59c04229d7],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll, , [191120372c4f56e011d01f59c04229d7],
PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\HDVidCodec.exe, , [ec3e68efa5d6f44283cc027889799868],
PUP.Optional.Delta.A, C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://www2.delta-search.com/?babsrc=HP_ss&mntrId=540200160A270711&affID=119776&tl=4-8873-8580-150000001242051948-3165597599-1378391902-1380983902&tt=150913_ctrl&tsp=5008",), ,[9f8b5502abd068ceb3112663b64e28d8]
PUP.Optional.Babylon.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w3cblgqb.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prtkDS", 0);), ,[e743b89f661555e1df622069d52f49b7]
PUP.Optional.Babylon.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w3cblgqb.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prtkHmpg", 0);), ,[f1399fb8eb90d95d68d9d4b5be46d52b]

Physical Sectors: 0
(No malicious items detected)


(end)

[Reklama]

[Orcus]

Logy nedávej do pole CODE prosím, blbě se to luští.

===================================================

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

====================================================

- Znovu spusť MbAM a dej Skenovat nyní
- Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
- Zkopíruj sem celý obsah toho logu.

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[DsD]

MbAM
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29.5.2014
Scan Time: 16:47:21
Logfile: mbam1.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.29.06
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: PC

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 261994
Time Elapsed: 10 min, 35 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe, 1584, Delete-on-Reboot, [87a378dfccafe74fe3ef56223bc718e8]

Modules: 0
(No malicious items detected)

Registry Keys: 46
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{17684227-2B67-09CF-7A19-FB64651D791B}, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{17684227-2B67-09CF-7A19-FB64651D791B}, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{17684227-2B67-09CF-7A19-FB64651D791B}, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\AlLeCheaepPorice.AlLeCheaepPorice, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\AlLeCheaepPorice.AlLeCheaepPorice.5.2, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AlLeCheaepPorice.AlLeCheaepPorice, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AlLeCheaepPorice.AlLeCheaepPorice.5.2, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{17684227-2B67-09CF-7A19-FB64651D791B}, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{17684227-2B67-09CF-7A19-FB64651D791B}, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{17684227-2B67-09CF-7A19-FB64651D791B}, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{17684227-2B67-09CF-7A19-FB64651D791B}, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{17684227-2B67-09CF-7A19-FB64651D791B}, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{17684227-2B67-09CF-7A19-FB64651D791B}\INPROCSERVER32, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\FunDEals.FunDEals, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\FunDEals.FunDEals.2.2, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FunDEals.FunDEals, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FunDEals.FunDEals.2.2, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{5F5DB45D-E6B4-BCD3-30AD-EEC204555C45}\INPROCSERVER32, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Quarantined, [48e2adaaf58671c561b655dea55dbc44],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Quarantined, [48e2adaaf58671c561b655dea55dbc44],
PUP.Optional.SilentInstall.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{924C3DC2-8E4E-432E-F973-9A2174A39774}, Quarantined, [c268e671e09be650595f9bca45bdae52],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5A1D3F9E-73B5-95EC-1233-6646E1358965}, Quarantined, [c367f2653d3ed2648daad477b74ac63a],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{478472F9-9E09-492A-BDAB-42EE595EF1AD}, Quarantined, [0426d582324968ceb285fe4df70a19e7],
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8D36E1E0-418E-02C5-C153-21F3987C38A1}, Quarantined, [8e9c4314b1ca181e539085c0b14f42be],
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{324B5039-EBA4-96A0-3E4D-F20951BD743F}, Quarantined, [d357c790e6958bab4c97a2a367994db3],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}, Quarantined, [d05afe59b6c561d5c3e89374e51c30d0],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}, Quarantined, [d05afe59b6c561d5c3e89374e51c30d0],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BBE217D8-5ADE-615E-4EC6-E217B635F8DF}, Quarantined, [d05afe59b6c561d5c3e89374e51c30d0],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, Quarantined, [d05aef68483359dd5facc1e30df5926e],
PUP.Optional.SurfCanyon.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bcjagnifjocnddgeknajocbkkhlgibem, Quarantined, [1911c5928dee00363aeeb5d95ea41ae6],
PUP.Optional.HDVidCodec.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dnllcmllkjofnojidnaknldfehfhehoo, Quarantined, [a4865cfb47346dc98c65c6fa33d055ab],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, Quarantined, [fc2edd7a1c5f0333e4122e9221e2f10f],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [5ccee077ccafed493a270ab7788b926e],
PUP.Optional.SProtector.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SProtector, Quarantined, [59d186d132496acc7e0fead81ee5bb45],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [61c9a4b398e30036641f3d975ea5ce32],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, Quarantined, [41e957004b3053e3d8839539de25629e],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, Quarantined, [66c4c493f883023446af665a847fae52],
PUP.Optional.OptimizerPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OptimizerPro, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],

Registry Values: 2
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, {BCE31210-5A9F-11E2-934F-001D927CCF59}, Quarantined, [fc2edd7a1c5f0333e4122e9221e2f10f]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {BCE31210-5A9F-11E2-934F-001D927CCF59}, Quarantined, [66c4c493f883023446af665a847fae52]

Registry Data: 3
Trojan.SProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~3\assist~1\assist~1.dll, Good: (), Bad: (c:\progra~3\assist~1\assist~1.dll),Replaced,[1713acab770464d2157abaa123debe42]
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.homesearch-hub.info/?p ... Z&unqvl=20, Good: (http://www.google.com), Bad: (http://websearch.homesearch-hub.info/?p ... Z&unqvl=20),Replaced,[11198dcabac1ea4c0fa0aaa87c88966a]
PUP.Optional.StartPage, HKU\S-1-5-21-2545673548-303586688-689430311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www2.delta-search.com/?babsrc=HP ... l&tsp=5008, Good: (http://www.google.com), Bad: (http://www2.delta-search.com/?babsrc=HP ... l&tsp=5008),Replaced,[bf6b63f457247eb84a913a21ca3a13ed]

Folders: 10
PUP.Optional.HDVidCodec.A, C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com, Quarantined, [1b0f30274e2ddb5b2bc4912f5da645bb],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab, Quarantined, [e7435afddc9f48ee7252a5d354ae9967],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab\data, Quarantined, [e7435afddc9f48ee7252a5d354ae9967],
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro, Delete-on-Reboot, [87a378dfccafe74fe3ef56223bc718e8],
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro\3036567561, Quarantined, [87a378dfccafe74fe3ef56223bc718e8],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars, Quarantined, [1b0f094ee596fe384316d8a131d13fc1],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer, Quarantined, [1b0f094ee596fe384316d8a131d13fc1],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT, Quarantined, [1b0f094ee596fe384316d8a131d13fc1],
PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com, Quarantined, [61c9a8afc0bb7fb736191e5c33cf9868],

Files: 34
Trojan.SProtector, C:\ProgramData\Assistant\Assistant.dll, Delete-on-Reboot, [1713acab770464d2157abaa123debe42],
Trojan.SProtector, C:\ProgramData\Assistant\AssistantSvc.dll, Delete-on-Reboot, [3bef79de017a45f1ade3e87344bd7888],
PUP.Optional.MultiPlug.A, C:\ProgramData\AlllCheapPRaIace\u_OA.x64.dll, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, C:\ProgramData\AlllCheapPRaIace\u_OA.dll, Quarantined, [2dfd60f7e794d264f44307448e73b050],
PUP.Optional.MultiPlug.A, C:\ProgramData\FunDEals\n5fopvz.x64.dll, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, C:\ProgramData\FunDEals\n5fopvz.dll, Quarantined, [6bbf88cfc9b2a1951126d67501000ef2],
PUP.Optional.MultiPlug.A, C:\ProgramData\AlllCheapPRaIace\u_OA.exe, Quarantined, [c367f2653d3ed2648daad477b74ac63a],
PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, Quarantined, [ce5ca1b642395cdae5f548d90ff57b85],
PUP.Optional.MultiPlug.A, C:\ProgramData\FunDEals\n5fopvz.exe, Quarantined, [0426d582324968ceb285fe4df70a19e7],
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{CD8DBD4B-9F28-486C-AA87-D70A166E9FBD}\Setup.exe, Quarantined, [8e9c4314b1ca181e539085c0b14f42be],
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{E54FCCEF-BD44-4E29-ACC2-F5663EACEE19}\Setup.exe, Quarantined, [d357c790e6958bab4c97a2a367994db3],
PUP.Optional.MultiPlug.A, C:\ProgramData\sAAffe siave\51ba0a4df1170.dll, Quarantined, [d05afe59b6c561d5c3e89374e51c30d0],
PUP.Optional.SilentInstall.A, C:\ProgramData\sAAffe siave\uninstall.exe, Quarantined, [fd2dd0875823fc3afbd66f9ab05111ef],
PUP.Optional.MultiPlug.A, C:\ProgramData\SearchNewTab\51ba0a6f00cd5.dll, Quarantined, [52d8da7d700b989ec3e8f710cc35e818],
PUP.Optional.InstalleRex, C:\Users\PC\Desktop\Junkware Removal Tool.exe, Quarantined, [b37705526c0f83b3df7d671aa75aa957],
PUP.Optional.CodecPerformer.A, C:\Users\PC\Downloads\CodecPerformerSetup.exe, Quarantined, [a783d7808cef59dda3760b6316eba65a],
PUP.Optional.HDVidCodec.A, C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com\HDVidCodec.lnk, Quarantined, [1b0f30274e2ddb5b2bc4912f5da645bb],
PUP.Optional.HDVidCodec.A, C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com\Uninstall.lnk, Quarantined, [1b0f30274e2ddb5b2bc4912f5da645bb],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab\51ba0a6f00cd5.tlb, Quarantined, [e7435afddc9f48ee7252a5d354ae9967],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab\settings.ini, Quarantined, [e7435afddc9f48ee7252a5d354ae9967],
PUP.Optional.SearchNewTab, C:\ProgramData\SearchNewTab\data\SearchNewTab.dat, Quarantined, [e7435afddc9f48ee7252a5d354ae9967],
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini, Quarantined, [87a378dfccafe74fe3ef56223bc718e8],
PUP.Optional.OptimizerPro.A, C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe, Delete-on-Reboot, [87a378dfccafe74fe3ef56223bc718e8],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Custom.dll, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Readme.txt, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Setup.dat, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Setup.exe, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\Setup.ico, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],
PUP.Optional.OptimizerPro.A, C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll, Quarantined, [af7b3522f982b97d6a77f28649b90ef2],
PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\HDVidCodec.exe, Quarantined, [61c9a8afc0bb7fb736191e5c33cf9868],
PUP.Optional.Delta.A, C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://www2.delta-search.com/?babsrc=HP_ss&mntrId=540200160A270711&affID=119776&tl=4-8873-8580-150000001242051948-3165597599-1378391902-1380983902&tt=150913_ctrl&tsp=5008",), Replaced,[7eac3c1b8eed2e0820a4d4b5857f44bc]
PUP.Optional.Babylon.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w3cblgqb.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prtkDS", 0);), Replaced,[48e27add3447a19542ff8efbea1a946c]
PUP.Optional.Babylon.A, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w3cblgqb.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prtkHmpg", 0);), Replaced,[969467f02b5086b0e160ddac689c38c8]

Physical Sectors: 0
(No malicious items detected)


(end)
AdwCleaner
# AdwCleaner v3.211 - Report created 29/05/2014 at 17:18:28
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional (64 bits)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Assistant
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\AlllCheapPRaIace
Folder Deleted : C:\ProgramData\FunDEals
Folder Deleted : C:\ProgramData\sAAffe siave
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sAAffe siave
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\SafeSaver
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Users\PC\AppData\LocalLow\sAAffe siave
Folder Deleted : C:\Users\PC\AppData\Roaming\Babylon
Folder Deleted : C:\Users\PC\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\PC\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www2.delta-search.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Express FilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CoUPEExtenasioNa.CoUPEExtenasioNa
Key Deleted : HKLM\SOFTWARE\Classes\CoUPEExtenasioNa.CoUPEExtenasioNa.1.3
Key Deleted : HKLM\SOFTWARE\Classes\SaveNewaApPz.SaveNewaApPz
Key Deleted : HKLM\SOFTWARE\Classes\SaveNewaApPz.SaveNewaApPz.5.5
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{699fd52f}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FB3119D-D9BA-A7F1-CAF6-CBC14BBDAB5D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AA81982-A4EE-54DA-D823-F1EC1DC92E1C}
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\Surf Canyon
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\Software
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16457

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w3cblgqb.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("extensions.FxCS_5Oqba2.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<[...]
Line Deleted : user_pref("extensions.PVJCIC4it.scode", "(function(){try{if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};}catch(e){};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)[...]
Line Deleted : user_pref("extensions.VmGhB35H6XI.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
Line Deleted : user_pref("extensions.g7iTHG.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.inde[...]
Line Deleted : user_pref("extensions.zMbYGU0k65t.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.homesearch-hub.info/?l=1&q={searchTerms}&pid=512&r=2013/06/13&hid=657783018&lg=EN&cc=CZ&unqvl=20
Deleted [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=540200160A270711&affID=119776&tl=4-8873-8580-150000001242051948-3165597599-1378391902-1380983902&tt=150913_ctrl&tsp=5008
Deleted [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Deleted [Extension] : ppdjnkblmcjfnlogjjhpigpdgpcgdpll

*************************

AdwCleaner[R0].txt - [15389 octets] - [29/05/2014 13:45:31]
AdwCleaner[R1].txt - [11444 octets] - [29/05/2014 17:17:22]
AdwCleaner[S0].txt - [11098 octets] - [29/05/2014 17:18:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11159 octets] ##########
JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by PC on źt 29.05.2014 at 17:22:19,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2545673548-303586688-689430311-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\hdvid codec v1-codedownloader_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\hdvid codec v1-codedownloader_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FF2AA2CB-9C79-44F8-A87D-0AB9A330060E}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\surfcanyon"



~~~ FireFox

Emptied folder: C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\w3cblgqb.default\minidumps [111 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 29.05.2014 at 17:30:37,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RK - jsem se uklikl a něco omylem dal smazat, snad to nebylo nic důležitého
RogueKiller V9.0.0.0 (x64) [May 29 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : PC [Práva správce]
Mód : Odebrat -- Datum : 05/29/2014 17:38:04

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NEVYBRÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NEVYBRÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NEVYBRÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NEVYBRÁNO
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NEVYBRÁNO
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NEVYBRÁNO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[BL PATH] schedule!3036567561.job -- C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (/schedule /profile "c:\programdata\bettersoft\optimizerpro\3036567561.ini") -> VYMAZÁNO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721616PLA380 ATA Device +++++
--- User ---
[MBR] 5f7d153670d8ca2da5bae5c84db6a8e6
[BSP] 18878f1e46936735740a6f695d560368 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81922048 | Size: 117064 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_SCN_05292014_173732.log

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Především si doinstaluj SP1!

[DsD]

RogueKiller V9.0.0.0 (x64) [May 29 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : PC [Práva správce]
Mód : Odebrat -- Datum : 05/29/2014 20:36:49

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NEVYBRÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NEVYBRÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NEVYBRÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NEVYBRÁNO
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NEVYBRÁNO
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NEVYBRÁNO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721616PLA380 ATA Device +++++
--- User ---
[MBR] 5f7d153670d8ca2da5bae5c84db6a8e6
[BSP] 18878f1e46936735740a6f695d560368 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81922048 | Size: 117064 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_DEL_05292014_173804.log - RKreport_SCN_05292014_173732.log - RKreport_SCN_05292014_203628.log


TDSS
20:39:05.0960 0x0858 TDSS rootkit removing tool 3.0.0.35 May 23 2014 07:32:03
20:39:36.0078 0x0858 ============================================================
20:39:36.0079 0x0858 Current date / time: 2014/05/29 20:39:36.0078
20:39:36.0079 0x0858 SystemInfo:
20:39:36.0079 0x0858
20:39:36.0079 0x0858 OS Version: 6.1.7601 ServicePack: 1.0
20:39:36.0079 0x0858 Product type: Workstation
20:39:36.0079 0x0858 ComputerName: PC-PC
20:39:36.0081 0x0858 UserName: PC
20:39:36.0081 0x0858 Windows directory: C:\Windows
20:39:36.0081 0x0858 System windows directory: C:\Windows
20:39:36.0081 0x0858 Running under WOW64
20:39:36.0081 0x0858 Processor architecture: Intel x64
20:39:36.0081 0x0858 Number of processors: 2
20:39:36.0081 0x0858 Page size: 0x1000
20:39:36.0081 0x0858 Boot type: Normal boot
20:39:36.0081 0x0858 ============================================================
20:39:37.0429 0x0858 KLMD registered as C:\Windows\system32\drivers\51361293.sys
20:39:37.0488 0x0858 System UUID: {713A2666-9EF4-C775-706B-205D44646E07}
20:39:37.0951 0x0858 Drive \Device\Harddisk0\DR0 - Size: 0x2658AE0000 (153.39 Gb), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:39:38.0035 0x0858 ============================================================
20:39:38.0035 0x0858 \Device\Harddisk0\DR0:
20:39:38.0035 0x0858 MBR partitions:
20:39:38.0035 0x0858 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:39:38.0035 0x0858 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4DEE000
20:39:38.0035 0x0858 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x4E20800, BlocksNum 0xE4A4000
20:39:38.0036 0x0858 ============================================================
20:39:38.0075 0x0858 C: <-> \Device\Harddisk0\DR0\Partition2
20:39:38.0146 0x0858 D: <-> \Device\Harddisk0\DR0\Partition3
20:39:38.0210 0x0858 ============================================================
20:39:38.0210 0x0858 Initialize success
20:39:38.0210 0x0858 ============================================================
20:39:59.0045 0x0d8c ============================================================
20:39:59.0045 0x0d8c Scan started
20:39:59.0045 0x0d8c Mode: Manual;
20:39:59.0045 0x0d8c ============================================================
20:39:59.0045 0x0d8c KSN ping started
20:40:01.0863 0x0d8c KSN ping finished: true
20:40:02.0823 0x0d8c ================ Scan system memory ========================
20:40:02.0823 0x0d8c System memory - ok
20:40:02.0830 0x0d8c ================ Scan services =============================
20:40:02.0980 0x0d8c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:40:02.0987 0x0d8c 1394ohci - ok
20:40:03.0052 0x0d8c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] 699fd52f C:\Windows\system32\rundll32.exe
20:40:03.0056 0x0d8c 699fd52f - ok
20:40:03.0102 0x0d8c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:40:03.0110 0x0d8c ACPI - ok
20:40:03.0138 0x0d8c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:40:03.0139 0x0d8c AcpiPmi - ok
20:40:03.0229 0x0d8c [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:40:03.0232 0x0d8c AdobeARMservice - ok
20:40:03.0331 0x0d8c [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:40:03.0337 0x0d8c AdobeFlashPlayerUpdateSvc - ok
20:40:03.0392 0x0d8c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:40:03.0404 0x0d8c adp94xx - ok
20:40:03.0461 0x0d8c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:40:03.0469 0x0d8c adpahci - ok
20:40:03.0495 0x0d8c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:40:03.0500 0x0d8c adpu320 - ok
20:40:03.0537 0x0d8c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:40:03.0551 0x0d8c AeLookupSvc - ok
20:40:03.0607 0x0d8c [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
20:40:03.0620 0x0d8c AFD - ok
20:40:03.0654 0x0d8c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:40:03.0657 0x0d8c agp440 - ok
20:40:03.0684 0x0d8c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:40:03.0687 0x0d8c ALG - ok
20:40:03.0703 0x0d8c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:40:03.0704 0x0d8c aliide - ok
20:40:03.0717 0x0d8c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:40:03.0719 0x0d8c amdide - ok
20:40:03.0756 0x0d8c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:40:03.0760 0x0d8c AmdK8 - ok
20:40:03.0774 0x0d8c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:40:03.0777 0x0d8c AmdPPM - ok
20:40:03.0806 0x0d8c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:40:03.0809 0x0d8c amdsata - ok
20:40:03.0842 0x0d8c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:40:03.0847 0x0d8c amdsbs - ok
20:40:03.0871 0x0d8c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:40:03.0873 0x0d8c amdxata - ok
20:40:03.0933 0x0d8c [ 7C98F7A5BDE8A775B7DB9A1E808266D9, 885851BB333A751EA9F6ED9EF27ACE37A9EA7645F5E508235E98872CD32BE571 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:40:03.0937 0x0d8c AntiVirSchedulerService - ok
20:40:03.0960 0x0d8c [ 81E58F368D62EC818F49D1C5CF3854C3, 2A45DE780713FBDCAC73F4AA7F99B97203A8B5A79882BCFE2156B8613CCD4599 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:40:03.0967 0x0d8c AntiVirService - ok
20:40:04.0009 0x0d8c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:40:04.0011 0x0d8c AppID - ok
20:40:04.0044 0x0d8c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:40:04.0045 0x0d8c AppIDSvc - ok
20:40:04.0077 0x0d8c [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
20:40:04.0081 0x0d8c Appinfo - ok
20:40:04.0123 0x0d8c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:40:04.0130 0x0d8c AppMgmt - ok
20:40:04.0167 0x0d8c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:40:04.0170 0x0d8c arc - ok
20:40:04.0192 0x0d8c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:40:04.0196 0x0d8c arcsas - ok
20:40:04.0301 0x0d8c [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:40:04.0318 0x0d8c aspnet_state - ok
20:40:04.0347 0x0d8c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:40:04.0348 0x0d8c AsyncMac - ok
20:40:04.0369 0x0d8c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:40:04.0370 0x0d8c atapi - ok
20:40:04.0422 0x0d8c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:40:04.0443 0x0d8c AudioEndpointBuilder - ok
20:40:04.0471 0x0d8c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:40:04.0488 0x0d8c AudioSrv - ok
20:40:04.0542 0x0d8c [ 85AD80624EACF11517983CCB696856A9, 8ED4B07B0281449C0537C4B2477C0C0BAE5261956A644D630D161370F26E496E ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:40:04.0547 0x0d8c avgntflt - ok
20:40:04.0588 0x0d8c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:40:04.0592 0x0d8c AxInstSV - ok
20:40:04.0641 0x0d8c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:40:04.0654 0x0d8c b06bdrv - ok
20:40:04.0689 0x0d8c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:40:04.0696 0x0d8c b57nd60a - ok
20:40:04.0741 0x0d8c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:40:04.0745 0x0d8c BDESVC - ok
20:40:04.0764 0x0d8c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:40:04.0765 0x0d8c Beep - ok
20:40:04.0851 0x0d8c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:40:04.0872 0x0d8c BFE - ok
20:40:04.0930 0x0d8c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:40:04.0963 0x0d8c BITS - ok
20:40:05.0001 0x0d8c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:40:05.0003 0x0d8c blbdrive - ok
20:40:05.0033 0x0d8c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:40:05.0036 0x0d8c bowser - ok
20:40:05.0062 0x0d8c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:40:05.0065 0x0d8c BrFiltLo - ok
20:40:05.0086 0x0d8c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:40:05.0086 0x0d8c BrFiltUp - ok
20:40:05.0123 0x0d8c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:40:05.0128 0x0d8c Browser - ok
20:40:05.0160 0x0d8c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:40:05.0168 0x0d8c Brserid - ok
20:40:05.0184 0x0d8c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:40:05.0186 0x0d8c BrSerWdm - ok
20:40:05.0197 0x0d8c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:40:05.0198 0x0d8c BrUsbMdm - ok
20:40:05.0210 0x0d8c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:40:05.0212 0x0d8c BrUsbSer - ok
20:40:05.0227 0x0d8c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:40:05.0230 0x0d8c BTHMODEM - ok
20:40:05.0282 0x0d8c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:40:05.0285 0x0d8c bthserv - ok
20:40:05.0306 0x0d8c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:40:05.0309 0x0d8c cdfs - ok
20:40:05.0365 0x0d8c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:40:05.0369 0x0d8c cdrom - ok
20:40:05.0396 0x0d8c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:40:05.0400 0x0d8c CertPropSvc - ok
20:40:05.0422 0x0d8c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:40:05.0423 0x0d8c circlass - ok
20:40:05.0463 0x0d8c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:40:05.0473 0x0d8c CLFS - ok
20:40:05.0530 0x0d8c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:40:05.0534 0x0d8c clr_optimization_v2.0.50727_32 - ok
20:40:05.0577 0x0d8c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:40:05.0582 0x0d8c clr_optimization_v2.0.50727_64 - ok
20:40:05.0656 0x0d8c [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:40:05.0660 0x0d8c clr_optimization_v4.0.30319_32 - ok
20:40:05.0680 0x0d8c [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:40:05.0714 0x0d8c clr_optimization_v4.0.30319_64 - ok
20:40:05.0740 0x0d8c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:40:05.0741 0x0d8c CmBatt - ok
20:40:05.0760 0x0d8c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:40:05.0762 0x0d8c cmdide - ok
20:40:05.0813 0x0d8c [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
20:40:05.0825 0x0d8c CNG - ok
20:40:05.0852 0x0d8c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:40:05.0853 0x0d8c Compbatt - ok
20:40:05.0902 0x0d8c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:40:05.0904 0x0d8c CompositeBus - ok
20:40:05.0916 0x0d8c COMSysApp - ok
20:40:05.0948 0x0d8c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:40:05.0949 0x0d8c crcdisk - ok
20:40:05.0984 0x0d8c [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:40:05.0992 0x0d8c CryptSvc - ok
20:40:06.0068 0x0d8c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
20:40:06.0083 0x0d8c CSC - ok
20:40:06.0141 0x0d8c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
20:40:06.0161 0x0d8c CscService - ok
20:40:06.0222 0x0d8c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:40:06.0237 0x0d8c DcomLaunch - ok
20:40:06.0293 0x0d8c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:40:06.0302 0x0d8c defragsvc - ok
20:40:06.0335 0x0d8c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:40:06.0339 0x0d8c DfsC - ok
20:40:06.0379 0x0d8c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:40:06.0390 0x0d8c Dhcp - ok
20:40:06.0416 0x0d8c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:40:06.0417 0x0d8c discache - ok
20:40:06.0447 0x0d8c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:40:06.0450 0x0d8c Disk - ok
20:40:06.0488 0x0d8c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:40:06.0495 0x0d8c Dnscache - ok
20:40:06.0539 0x0d8c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:40:06.0547 0x0d8c dot3svc - ok
20:40:06.0587 0x0d8c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:40:06.0593 0x0d8c DPS - ok
20:40:06.0627 0x0d8c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:40:06.0628 0x0d8c drmkaud - ok
20:40:06.0691 0x0d8c [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:40:06.0714 0x0d8c DXGKrnl - ok
20:40:06.0759 0x0d8c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:40:06.0763 0x0d8c EapHost - ok
20:40:06.0946 0x0d8c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:40:07.0034 0x0d8c ebdrv - ok
20:40:07.0077 0x0d8c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
20:40:07.0081 0x0d8c EFS - ok
20:40:07.0148 0x0d8c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:40:07.0169 0x0d8c ehRecvr - ok
20:40:07.0201 0x0d8c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:40:07.0214 0x0d8c ehSched - ok
20:40:07.0266 0x0d8c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:40:07.0280 0x0d8c elxstor - ok
20:40:07.0315 0x0d8c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:40:07.0316 0x0d8c ErrDev - ok
20:40:07.0380 0x0d8c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:40:07.0396 0x0d8c EventSystem - ok
20:40:07.0416 0x0d8c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:40:07.0421 0x0d8c exfat - ok
20:40:07.0449 0x0d8c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:40:07.0454 0x0d8c fastfat - ok
20:40:07.0518 0x0d8c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:40:07.0538 0x0d8c Fax - ok
20:40:07.0560 0x0d8c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:40:07.0562 0x0d8c fdc - ok
20:40:07.0597 0x0d8c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:40:07.0599 0x0d8c fdPHost - ok
20:40:07.0618 0x0d8c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:40:07.0620 0x0d8c FDResPub - ok
20:40:07.0656 0x0d8c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:40:07.0659 0x0d8c FileInfo - ok
20:40:07.0679 0x0d8c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:40:07.0680 0x0d8c Filetrace - ok
20:40:07.0697 0x0d8c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:40:07.0698 0x0d8c flpydisk - ok
20:40:07.0737 0x0d8c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:40:07.0744 0x0d8c FltMgr - ok
20:40:07.0817 0x0d8c [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache C:\Windows\system32\FntCache.dll
20:40:07.0854 0x0d8c FontCache - ok
20:40:07.0906 0x0d8c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:40:07.0909 0x0d8c FontCache3.0.0.0 - ok
20:40:07.0936 0x0d8c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:40:07.0938 0x0d8c FsDepends - ok
20:40:07.0970 0x0d8c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:40:07.0978 0x0d8c Fs_Rec - ok
20:40:08.0027 0x0d8c [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:40:08.0033 0x0d8c fvevol - ok
20:40:08.0063 0x0d8c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:40:08.0065 0x0d8c gagp30kx - ok
20:40:08.0125 0x0d8c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:40:08.0147 0x0d8c gpsvc - ok
20:40:08.0225 0x0d8c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:08.0229 0x0d8c gupdate - ok
20:40:08.0259 0x0d8c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:08.0263 0x0d8c gupdatem - ok
20:40:08.0294 0x0d8c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:40:08.0295 0x0d8c hcw85cir - ok
20:40:08.0362 0x0d8c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:40:08.0371 0x0d8c HdAudAddService - ok
20:40:08.0404 0x0d8c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:40:08.0408 0x0d8c HDAudBus - ok
20:40:08.0425 0x0d8c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:40:08.0426 0x0d8c HidBatt - ok
20:40:08.0461 0x0d8c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:40:08.0464 0x0d8c HidBth - ok
20:40:08.0496 0x0d8c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:40:08.0497 0x0d8c HidIr - ok
20:40:08.0518 0x0d8c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:40:08.0521 0x0d8c hidserv - ok
20:40:08.0561 0x0d8c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:40:08.0562 0x0d8c HidUsb - ok
20:40:08.0592 0x0d8c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:40:08.0596 0x0d8c hkmsvc - ok
20:40:08.0651 0x0d8c [ F402112F31A64946435124A4CAB9BFE8, 007116F458C572FFAF59CE5E5FBEAC0A4B5A85C33781911981504C3A30F32DC0 ] hola_net C:\Windows\system32\DRIVERS\hola_net.sys
20:40:08.0653 0x0d8c hola_net - ok
20:40:08.0694 0x0d8c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:40:08.0703 0x0d8c HomeGroupListener - ok
20:40:08.0745 0x0d8c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:40:08.0753 0x0d8c HomeGroupProvider - ok
20:40:08.0797 0x0d8c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:40:08.0799 0x0d8c HpSAMD - ok
20:40:08.0850 0x0d8c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:40:08.0866 0x0d8c HTTP - ok
20:40:08.0899 0x0d8c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:40:08.0900 0x0d8c hwpolicy - ok
20:40:08.0919 0x0d8c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:40:08.0922 0x0d8c i8042prt - ok
20:40:08.0960 0x0d8c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:40:08.0970 0x0d8c iaStorV - ok
20:40:09.0030 0x0d8c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:40:09.0056 0x0d8c idsvc - ok
20:40:09.0108 0x0d8c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:40:09.0110 0x0d8c iirsp - ok
20:40:09.0175 0x0d8c [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
20:40:09.0200 0x0d8c IKEEXT - ok
20:40:09.0408 0x0d8c [ D8BCE8176CB1084C6F5830C019D47166, FF8CBD68FE796216C2BD6CC11D05F0BEFF84B636D86C0132C99672A1BE151B7F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:40:09.0449 0x0d8c IntcAzAudAddService - ok
20:40:09.0482 0x0d8c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:40:09.0484 0x0d8c intelide - ok
20:40:09.0509 0x0d8c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:40:09.0510 0x0d8c intelppm - ok
20:40:09.0536 0x0d8c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:40:09.0540 0x0d8c IPBusEnum - ok
20:40:09.0578 0x0d8c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:40:09.0581 0x0d8c IpFilterDriver - ok
20:40:09.0625 0x0d8c [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:40:09.0642 0x0d8c iphlpsvc - ok
20:40:09.0674 0x0d8c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:40:09.0676 0x0d8c IPMIDRV - ok
20:40:09.0706 0x0d8c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:40:09.0709 0x0d8c IPNAT - ok
20:40:09.0734 0x0d8c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:40:09.0735 0x0d8c IRENUM - ok
20:40:09.0762 0x0d8c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:40:09.0763 0x0d8c isapnp - ok
20:40:09.0789 0x0d8c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:40:09.0795 0x0d8c iScsiPrt - ok
20:40:09.0820 0x0d8c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:40:09.0821 0x0d8c kbdclass - ok
20:40:09.0838 0x0d8c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:40:09.0839 0x0d8c kbdhid - ok
20:40:09.0860 0x0d8c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
20:40:09.0863 0x0d8c KeyIso - ok
20:40:09.0893 0x0d8c [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:40:09.0895 0x0d8c KSecDD - ok
20:40:09.0912 0x0d8c [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:40:09.0915 0x0d8c KSecPkg - ok
20:40:09.0942 0x0d8c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:40:09.0944 0x0d8c ksthunk - ok
20:40:09.0990 0x0d8c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:40:10.0001 0x0d8c KtmRm - ok
20:40:10.0046 0x0d8c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:40:10.0055 0x0d8c LanmanServer - ok
20:40:10.0094 0x0d8c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:40:10.0100 0x0d8c LanmanWorkstation - ok
20:40:10.0143 0x0d8c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:40:10.0145 0x0d8c lltdio - ok
20:40:10.0182 0x0d8c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:40:10.0192 0x0d8c lltdsvc - ok
20:40:10.0209 0x0d8c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:40:10.0211 0x0d8c lmhosts - ok
20:40:10.0247 0x0d8c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:40:10.0250 0x0d8c LSI_FC - ok
20:40:10.0273 0x0d8c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:40:10.0276 0x0d8c LSI_SAS - ok
20:40:10.0293 0x0d8c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:40:10.0294 0x0d8c LSI_SAS2 - ok
20:40:10.0316 0x0d8c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:40:10.0320 0x0d8c LSI_SCSI - ok
20:40:10.0348 0x0d8c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:40:10.0350 0x0d8c luafv - ok
20:40:10.0386 0x0d8c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:40:10.0390 0x0d8c Mcx2Svc - ok
20:40:10.0419 0x0d8c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:40:10.0421 0x0d8c megasas - ok
20:40:10.0467 0x0d8c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:40:10.0473 0x0d8c MegaSR - ok
20:40:10.0533 0x0d8c [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:40:10.0546 0x0d8c Microsoft Office Groove Audit Service - ok
20:40:10.0576 0x0d8c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:40:10.0578 0x0d8c MMCSS - ok
20:40:10.0600 0x0d8c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:40:10.0601 0x0d8c Modem - ok
20:40:10.0638 0x0d8c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:40:10.0639 0x0d8c monitor - ok
20:40:10.0662 0x0d8c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:40:10.0664 0x0d8c mouclass - ok
20:40:10.0686 0x0d8c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:40:10.0687 0x0d8c mouhid - ok
20:40:10.0724 0x0d8c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:40:10.0726 0x0d8c mountmgr - ok
20:40:10.0781 0x0d8c [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:40:10.0785 0x0d8c MozillaMaintenance - ok
20:40:10.0805 0x0d8c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:40:10.0809 0x0d8c mpio - ok
20:40:10.0844 0x0d8c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:40:10.0846 0x0d8c mpsdrv - ok
20:40:10.0903 0x0d8c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:40:10.0926 0x0d8c MpsSvc - ok
20:40:10.0946 0x0d8c [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:40:10.0950 0x0d8c MRxDAV - ok
20:40:10.0985 0x0d8c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:40:10.0989 0x0d8c mrxsmb - ok
20:40:11.0027 0x0d8c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:40:11.0033 0x0d8c mrxsmb10 - ok
20:40:11.0058 0x0d8c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:40:11.0061 0x0d8c mrxsmb20 - ok
20:40:11.0086 0x0d8c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:40:11.0087 0x0d8c msahci - ok
20:40:11.0115 0x0d8c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:40:11.0118 0x0d8c msdsm - ok
20:40:11.0137 0x0d8c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:40:11.0142 0x0d8c MSDTC - ok
20:40:11.0191 0x0d8c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:40:11.0192 0x0d8c Msfs - ok
20:40:11.0269 0x0d8c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:40:11.0270 0x0d8c mshidkmdf - ok
20:40:11.0307 0x0d8c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:40:11.0308 0x0d8c msisadrv - ok
20:40:11.0332 0x0d8c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:40:11.0337 0x0d8c MSiSCSI - ok
20:40:11.0345 0x0d8c msiserver - ok
20:40:11.0372 0x0d8c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:40:11.0374 0x0d8c MSKSSRV - ok
20:40:11.0384 0x0d8c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:40:11.0385 0x0d8c MSPCLOCK - ok
20:40:11.0397 0x0d8c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:40:11.0398 0x0d8c MSPQM - ok
20:40:11.0435 0x0d8c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:40:11.0443 0x0d8c MsRPC - ok
20:40:11.0468 0x0d8c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:40:11.0469 0x0d8c mssmbios - ok
20:40:11.0491 0x0d8c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:40:11.0492 0x0d8c MSTEE - ok
20:40:11.0500 0x0d8c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:40:11.0502 0x0d8c MTConfig - ok
20:40:11.0526 0x0d8c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:40:11.0527 0x0d8c Mup - ok
20:40:11.0574 0x0d8c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:40:11.0588 0x0d8c napagent - ok
20:40:11.0636 0x0d8c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:40:11.0643 0x0d8c NativeWifiP - ok
20:40:11.0726 0x0d8c [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:40:11.0748 0x0d8c NDIS - ok
20:40:11.0769 0x0d8c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:40:11.0770 0x0d8c NdisCap - ok
20:40:11.0793 0x0d8c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:40:11.0794 0x0d8c NdisTapi - ok
20:40:11.0812 0x0d8c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:40:11.0813 0x0d8c Ndisuio - ok
20:40:11.0840 0x0d8c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:11.0844 0x0d8c NdisWan - ok
20:40:11.0873 0x0d8c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:40:11.0875 0x0d8c NDProxy - ok
20:40:11.0912 0x0d8c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:40:11.0913 0x0d8c NetBIOS - ok
20:40:11.0951 0x0d8c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:40:11.0956 0x0d8c NetBT - ok
20:40:11.0977 0x0d8c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
20:40:11.0980 0x0d8c Netlogon - ok
20:40:12.0011 0x0d8c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:40:12.0021 0x0d8c Netman - ok
20:40:12.0055 0x0d8c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:12.0070 0x0d8c NetMsmqActivator - ok
20:40:12.0080 0x0d8c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:12.0084 0x0d8c NetPipeActivator - ok
20:40:12.0113 0x0d8c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:40:12.0126 0x0d8c netprofm - ok
20:40:12.0139 0x0d8c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:12.0142 0x0d8c NetTcpActivator - ok
20:40:12.0154 0x0d8c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:12.0158 0x0d8c NetTcpPortSharing - ok
20:40:12.0193 0x0d8c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:40:12.0195 0x0d8c nfrd960 - ok
20:40:12.0234 0x0d8c [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:40:12.0244 0x0d8c NlaSvc - ok
20:40:12.0265 0x0d8c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:40:12.0266 0x0d8c Npfs - ok
20:40:12.0291 0x0d8c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:40:12.0293 0x0d8c nsi - ok
20:40:12.0305 0x0d8c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:40:12.0306 0x0d8c nsiproxy - ok
20:40:12.0414 0x0d8c [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:40:12.0452 0x0d8c Ntfs - ok
20:40:12.0489 0x0d8c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:40:12.0489 0x0d8c Null - ok
20:40:12.0531 0x0d8c [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:40:12.0540 0x0d8c NVENETFD - ok
20:40:13.0231 0x0d8c [ E55CAB397F77D5208DB18A78B1B7C0D5, 515C0FAEFF78A2EE8B4780E66ABFBBF3AED2871E06D27888CAC3F26AAE126A2B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:40:13.0548 0x0d8c nvlddmkm - ok
20:40:13.0658 0x0d8c [ 909EEDCBD365BB81027D8E742E6B3416, 6C346C7B0E26A12BB0F56918E5324BC8C1024FEEE5952BFEB02DB2BC47182B61 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
20:40:13.0666 0x0d8c NVNET - ok
20:40:13.0701 0x0d8c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:40:13.0704 0x0d8c nvraid - ok
20:40:13.0722 0x0d8c [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
20:40:13.0724 0x0d8c nvsmu - ok
20:40:13.0776 0x0d8c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:40:13.0780 0x0d8c nvstor - ok
20:40:13.0799 0x0d8c [ 43BC8151893AE6AFE42E149D663C2221, A0029FD9A5FFC9410009AF7FAF4F81AB91F6CB81FE76FB9A27D5C40409360EF6 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:40:13.0805 0x0d8c nvsvc - ok
20:40:13.0838 0x0d8c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:40:13.0841 0x0d8c nv_agp - ok
20:40:13.0929 0x0d8c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:40:13.0942 0x0d8c odserv - ok
20:40:13.0979 0x0d8c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:40:13.0981 0x0d8c ohci1394 - ok
20:40:14.0014 0x0d8c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:40:14.0020 0x0d8c ose - ok
20:40:14.0064 0x0d8c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:40:14.0075 0x0d8c p2pimsvc - ok
20:40:14.0117 0x0d8c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:40:14.0131 0x0d8c p2psvc - ok
20:40:14.0163 0x0d8c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:40:14.0166 0x0d8c Parport - ok
20:40:14.0202 0x0d8c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:40:14.0204 0x0d8c partmgr - ok
20:40:14.0233 0x0d8c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
20:40:14.0240 0x0d8c PcaSvc - ok
20:40:14.0278 0x0d8c [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:40:14.0279 0x0d8c pccsmcfd - ok
20:40:14.0319 0x0d8c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys

[DsD]

20:40:14.0324 0x0d8c pci - ok
20:40:14.0344 0x0d8c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:40:14.0345 0x0d8c pciide - ok
20:40:14.0380 0x0d8c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:40:14.0386 0x0d8c pcmcia - ok
20:40:14.0406 0x0d8c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:40:14.0408 0x0d8c pcw - ok
20:40:14.0533 0x0d8c [ 20C9518D18927FA01F42309CC6BF433E, 112CB468C682E179CE16275E9748A035BCBF5E5970A095E3C83C9C14865D6548 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
20:40:14.0564 0x0d8c PDF Architect Helper Service - ok
20:40:14.0650 0x0d8c [ EB69C64D06CB162602F7C3E389255334, 091D14BDD2585A40EF316547F1E0EDA007833A00ECDC062827E40FC2CCBF9DFF ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
20:40:14.0673 0x0d8c PDF Architect Service - ok
20:40:14.0749 0x0d8c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:40:14.0764 0x0d8c PEAUTH - ok
20:40:14.0841 0x0d8c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:40:14.0880 0x0d8c PeerDistSvc - ok
20:40:14.0962 0x0d8c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:40:14.0965 0x0d8c PerfHost - ok
20:40:15.0070 0x0d8c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:40:15.0112 0x0d8c pla - ok
20:40:15.0162 0x0d8c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:40:15.0176 0x0d8c PlugPlay - ok
20:40:15.0210 0x0d8c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:40:15.0213 0x0d8c PNRPAutoReg - ok
20:40:15.0249 0x0d8c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:40:15.0260 0x0d8c PNRPsvc - ok
20:40:15.0308 0x0d8c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:40:15.0324 0x0d8c PolicyAgent - ok
20:40:15.0375 0x0d8c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:40:15.0381 0x0d8c Power - ok
20:40:15.0420 0x0d8c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:40:15.0423 0x0d8c PptpMiniport - ok
20:40:15.0455 0x0d8c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:40:15.0457 0x0d8c Processor - ok
20:40:15.0487 0x0d8c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
20:40:15.0495 0x0d8c ProfSvc - ok
20:40:15.0518 0x0d8c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
20:40:15.0521 0x0d8c ProtectedStorage - ok
20:40:15.0550 0x0d8c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:40:15.0553 0x0d8c Psched - ok
20:40:15.0629 0x0d8c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:40:15.0667 0x0d8c ql2300 - ok
20:40:15.0722 0x0d8c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:40:15.0726 0x0d8c ql40xx - ok
20:40:15.0790 0x0d8c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:40:15.0798 0x0d8c QWAVE - ok
20:40:15.0820 0x0d8c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:40:15.0821 0x0d8c QWAVEdrv - ok
20:40:15.0847 0x0d8c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:40:15.0848 0x0d8c RasAcd - ok
20:40:15.0873 0x0d8c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:40:15.0875 0x0d8c RasAgileVpn - ok
20:40:15.0894 0x0d8c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:40:15.0900 0x0d8c RasAuto - ok
20:40:15.0941 0x0d8c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:40:15.0945 0x0d8c Rasl2tp - ok
20:40:16.0001 0x0d8c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:40:16.0015 0x0d8c RasMan - ok
20:40:16.0057 0x0d8c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:40:16.0060 0x0d8c RasPppoe - ok
20:40:16.0078 0x0d8c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:40:16.0081 0x0d8c RasSstp - ok
20:40:16.0119 0x0d8c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:40:16.0127 0x0d8c rdbss - ok
20:40:16.0147 0x0d8c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:40:16.0148 0x0d8c rdpbus - ok
20:40:16.0161 0x0d8c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:40:16.0163 0x0d8c RDPCDD - ok
20:40:16.0203 0x0d8c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:40:16.0207 0x0d8c RDPDR - ok
20:40:16.0230 0x0d8c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:40:16.0232 0x0d8c RDPENCDD - ok
20:40:16.0248 0x0d8c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:40:16.0249 0x0d8c RDPREFMP - ok
20:40:16.0284 0x0d8c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:40:16.0289 0x0d8c RDPWD - ok
20:40:16.0347 0x0d8c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:40:16.0353 0x0d8c rdyboost - ok
20:40:16.0382 0x0d8c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:40:16.0386 0x0d8c RemoteAccess - ok
20:40:16.0420 0x0d8c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:40:16.0427 0x0d8c RemoteRegistry - ok
20:40:16.0452 0x0d8c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:40:16.0456 0x0d8c RpcEptMapper - ok
20:40:16.0473 0x0d8c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:40:16.0475 0x0d8c RpcLocator - ok
20:40:16.0530 0x0d8c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:40:16.0546 0x0d8c RpcSs - ok
20:40:16.0589 0x0d8c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:40:16.0591 0x0d8c rspndr - ok
20:40:16.0627 0x0d8c [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
20:40:16.0630 0x0d8c RTL8023x64 - ok
20:40:16.0656 0x0d8c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:40:16.0657 0x0d8c s3cap - ok
20:40:16.0676 0x0d8c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
20:40:16.0679 0x0d8c SamSs - ok
20:40:16.0698 0x0d8c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:40:16.0702 0x0d8c sbp2port - ok
20:40:16.0729 0x0d8c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:40:16.0737 0x0d8c SCardSvr - ok
20:40:16.0766 0x0d8c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:40:16.0768 0x0d8c scfilter - ok
20:40:16.0860 0x0d8c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:40:16.0895 0x0d8c Schedule - ok
20:40:16.0937 0x0d8c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:40:16.0940 0x0d8c SCPolicySvc - ok
20:40:17.0038 0x0d8c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:40:17.0045 0x0d8c SDRSVC - ok
20:40:17.0073 0x0d8c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:40:17.0075 0x0d8c secdrv - ok
20:40:17.0096 0x0d8c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:40:17.0114 0x0d8c seclogon - ok
20:40:17.0144 0x0d8c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:40:17.0149 0x0d8c SENS - ok
20:40:17.0166 0x0d8c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:40:17.0170 0x0d8c SensrSvc - ok
20:40:17.0200 0x0d8c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:40:17.0202 0x0d8c Serenum - ok
20:40:17.0217 0x0d8c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:40:17.0220 0x0d8c Serial - ok
20:40:17.0239 0x0d8c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:40:17.0241 0x0d8c sermouse - ok
20:40:17.0337 0x0d8c [ 289E853881E688286AD24299FCC485D8, 14B2359D7301591EF4ECC3DCC75947935AB3C25D240BD26D45DFF8A0F81A4D45 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:40:17.0359 0x0d8c ServiceLayer - ok
20:40:17.0412 0x0d8c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:40:17.0418 0x0d8c SessionEnv - ok
20:40:17.0448 0x0d8c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:40:17.0450 0x0d8c sffdisk - ok
20:40:17.0467 0x0d8c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:40:17.0469 0x0d8c sffp_mmc - ok
20:40:17.0488 0x0d8c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:40:17.0489 0x0d8c sffp_sd - ok
20:40:17.0516 0x0d8c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:40:17.0518 0x0d8c sfloppy - ok
20:40:17.0569 0x0d8c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:40:17.0580 0x0d8c SharedAccess - ok
20:40:17.0626 0x0d8c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:40:17.0639 0x0d8c ShellHWDetection - ok
20:40:17.0675 0x0d8c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:40:17.0677 0x0d8c SiSRaid2 - ok
20:40:17.0703 0x0d8c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:40:17.0705 0x0d8c SiSRaid4 - ok
20:40:17.0738 0x0d8c [ A4FAB5F7818A69DA6E740943CB8F7CA9, 6FA24FD46AD6642B21EF3BE4212FF22F3645EC7B0056859FCA184177F5C85AA2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:40:17.0744 0x0d8c SkypeUpdate - ok
20:40:17.0774 0x0d8c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:40:17.0777 0x0d8c Smb - ok
20:40:17.0838 0x0d8c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:40:17.0842 0x0d8c SNMPTRAP - ok
20:40:17.0869 0x0d8c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:40:17.0870 0x0d8c spldr - ok
20:40:17.0918 0x0d8c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:40:17.0936 0x0d8c Spooler - ok
20:40:18.0170 0x0d8c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:40:18.0273 0x0d8c sppsvc - ok
20:40:18.0322 0x0d8c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:40:18.0327 0x0d8c sppuinotify - ok
20:40:18.0374 0x0d8c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:40:18.0386 0x0d8c srv - ok
20:40:18.0420 0x0d8c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:40:18.0430 0x0d8c srv2 - ok
20:40:18.0458 0x0d8c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:40:18.0463 0x0d8c srvnet - ok
20:40:18.0492 0x0d8c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:40:18.0500 0x0d8c SSDPSRV - ok
20:40:18.0521 0x0d8c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:40:18.0525 0x0d8c SstpSvc - ok
20:40:18.0558 0x0d8c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:40:18.0560 0x0d8c stexstor - ok
20:40:18.0606 0x0d8c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:40:18.0624 0x0d8c stisvc - ok
20:40:18.0662 0x0d8c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:40:18.0664 0x0d8c storflt - ok
20:40:18.0690 0x0d8c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
20:40:18.0693 0x0d8c StorSvc - ok
20:40:18.0713 0x0d8c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:40:18.0715 0x0d8c storvsc - ok
20:40:18.0741 0x0d8c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:40:18.0742 0x0d8c swenum - ok
20:40:18.0785 0x0d8c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:40:18.0802 0x0d8c swprv - ok
20:40:18.0901 0x0d8c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:40:18.0953 0x0d8c SysMain - ok
20:40:18.0988 0x0d8c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:40:18.0994 0x0d8c TabletInputService - ok
20:40:19.0039 0x0d8c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:40:19.0050 0x0d8c TapiSrv - ok
20:40:19.0082 0x0d8c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:40:19.0086 0x0d8c TBS - ok
20:40:19.0206 0x0d8c [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:40:19.0251 0x0d8c Tcpip - ok
20:40:19.0333 0x0d8c [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:40:19.0382 0x0d8c TCPIP6 - ok
20:40:19.0426 0x0d8c [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:40:19.0428 0x0d8c tcpipreg - ok
20:40:19.0459 0x0d8c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:40:19.0461 0x0d8c TDPIPE - ok
20:40:19.0485 0x0d8c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:40:19.0486 0x0d8c TDTCP - ok
20:40:19.0517 0x0d8c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:40:19.0520 0x0d8c tdx - ok
20:40:19.0554 0x0d8c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:40:19.0556 0x0d8c TermDD - ok
20:40:19.0611 0x0d8c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
20:40:19.0632 0x0d8c TermService - ok
20:40:19.0672 0x0d8c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:40:19.0676 0x0d8c Themes - ok
20:40:19.0700 0x0d8c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:40:19.0704 0x0d8c THREADORDER - ok
20:40:19.0740 0x0d8c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:40:19.0746 0x0d8c TrkWks - ok
20:40:19.0819 0x0d8c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:40:19.0825 0x0d8c TrustedInstaller - ok
20:40:19.0869 0x0d8c [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:40:19.0870 0x0d8c tssecsrv - ok
20:40:19.0900 0x0d8c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:40:19.0902 0x0d8c TsUsbFlt - ok
20:40:19.0925 0x0d8c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:40:19.0929 0x0d8c tunnel - ok
20:40:19.0955 0x0d8c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:40:19.0957 0x0d8c uagp35 - ok
20:40:20.0009 0x0d8c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:40:20.0020 0x0d8c udfs - ok
20:40:20.0054 0x0d8c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:40:20.0058 0x0d8c UI0Detect - ok
20:40:20.0088 0x0d8c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:40:20.0091 0x0d8c uliagpkx - ok
20:40:20.0116 0x0d8c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
20:40:20.0117 0x0d8c umbus - ok
20:40:20.0149 0x0d8c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:40:20.0150 0x0d8c UmPass - ok
20:40:20.0190 0x0d8c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
20:40:20.0198 0x0d8c UmRdpService - ok
20:40:20.0237 0x0d8c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:40:20.0250 0x0d8c upnphost - ok
20:40:20.0274 0x0d8c [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
20:40:20.0277 0x0d8c usbccgp - ok
20:40:20.0308 0x0d8c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:40:20.0311 0x0d8c usbcir - ok
20:40:20.0331 0x0d8c [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:40:20.0333 0x0d8c usbehci - ok
20:40:20.0371 0x0d8c [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:40:20.0382 0x0d8c usbhub - ok
20:40:20.0407 0x0d8c [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:40:20.0408 0x0d8c usbohci - ok
20:40:20.0435 0x0d8c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:40:20.0437 0x0d8c usbprint - ok
20:40:20.0479 0x0d8c [ 0F0C72A657C622286013788B886968AD, A1492B07BD76E60E5228FBCFB73F96CA5B7AA0E2110EB27C72803A618C88C51E ] usbser C:\Windows\system32\drivers\usbser.sys
20:40:20.0481 0x0d8c usbser - ok
20:40:20.0502 0x0d8c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
20:40:20.0505 0x0d8c USBSTOR - ok
20:40:20.0525 0x0d8c [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:40:20.0526 0x0d8c usbuhci - ok
20:40:20.0567 0x0d8c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:40:20.0571 0x0d8c UxSms - ok
20:40:20.0593 0x0d8c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
20:40:20.0596 0x0d8c VaultSvc - ok
20:40:20.0626 0x0d8c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:40:20.0628 0x0d8c vdrvroot - ok
20:40:20.0700 0x0d8c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:40:20.0717 0x0d8c vds - ok
20:40:20.0756 0x0d8c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:40:20.0757 0x0d8c vga - ok
20:40:20.0780 0x0d8c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:40:20.0782 0x0d8c VgaSave - ok
20:40:20.0811 0x0d8c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:40:20.0816 0x0d8c vhdmp - ok
20:40:20.0846 0x0d8c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:40:20.0847 0x0d8c viaide - ok
20:40:20.0895 0x0d8c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:40:20.0900 0x0d8c vmbus - ok
20:40:20.0918 0x0d8c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:40:20.0920 0x0d8c VMBusHID - ok
20:40:20.0943 0x0d8c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:40:20.0945 0x0d8c volmgr - ok
20:40:20.0991 0x0d8c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:40:21.0002 0x0d8c volmgrx - ok
20:40:21.0036 0x0d8c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:40:21.0044 0x0d8c volsnap - ok
20:40:21.0078 0x0d8c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:40:21.0082 0x0d8c vsmraid - ok
20:40:21.0168 0x0d8c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:40:21.0213 0x0d8c VSS - ok
20:40:21.0236 0x0d8c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:40:21.0238 0x0d8c vwifibus - ok
20:40:21.0276 0x0d8c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:40:21.0290 0x0d8c W32Time - ok
20:40:21.0331 0x0d8c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:40:21.0333 0x0d8c WacomPen - ok
20:40:21.0371 0x0d8c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:40:21.0374 0x0d8c WANARP - ok
20:40:21.0393 0x0d8c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:40:21.0396 0x0d8c Wanarpv6 - ok
20:40:21.0480 0x0d8c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:40:21.0517 0x0d8c WatAdminSvc - ok
20:40:21.0600 0x0d8c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:40:21.0645 0x0d8c wbengine - ok
20:40:21.0686 0x0d8c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:40:21.0694 0x0d8c WbioSrvc - ok
20:40:21.0738 0x0d8c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:40:21.0751 0x0d8c wcncsvc - ok
20:40:21.0769 0x0d8c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:40:21.0775 0x0d8c WcsPlugInService - ok
20:40:21.0802 0x0d8c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:40:21.0804 0x0d8c Wd - ok
20:40:21.0860 0x0d8c [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:40:21.0880 0x0d8c Wdf01000 - ok
20:40:21.0907 0x0d8c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:40:21.0911 0x0d8c WdiServiceHost - ok
20:40:21.0924 0x0d8c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:40:21.0929 0x0d8c WdiSystemHost - ok
20:40:21.0966 0x0d8c [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
20:40:21.0977 0x0d8c WebClient - ok
20:40:22.0011 0x0d8c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:40:22.0020 0x0d8c Wecsvc - ok
20:40:22.0038 0x0d8c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:40:22.0043 0x0d8c wercplsupport - ok
20:40:22.0068 0x0d8c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:40:22.0073 0x0d8c WerSvc - ok
20:40:22.0098 0x0d8c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:40:22.0099 0x0d8c WfpLwf - ok
20:40:22.0129 0x0d8c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:40:22.0130 0x0d8c WIMMount - ok
20:40:22.0150 0x0d8c WinDefend - ok
20:40:22.0171 0x0d8c WinHttpAutoProxySvc - ok
20:40:22.0245 0x0d8c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:40:22.0254 0x0d8c Winmgmt - ok
20:40:22.0355 0x0d8c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
20:40:22.0415 0x0d8c WinRM - ok
20:40:22.0464 0x0d8c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:40:22.0466 0x0d8c WinUsb - ok
20:40:22.0520 0x0d8c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:40:22.0546 0x0d8c Wlansvc - ok
20:40:22.0574 0x0d8c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:40:22.0576 0x0d8c WmiAcpi - ok
20:40:22.0609 0x0d8c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:40:22.0615 0x0d8c wmiApSrv - ok
20:40:22.0639 0x0d8c WMPNetworkSvc - ok
20:40:22.0656 0x0d8c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:40:22.0660 0x0d8c WPCSvc - ok
20:40:22.0695 0x0d8c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:40:22.0701 0x0d8c WPDBusEnum - ok
20:40:22.0732 0x0d8c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:40:22.0733 0x0d8c ws2ifsl - ok
20:40:22.0770 0x0d8c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:40:22.0776 0x0d8c wscsvc - ok
20:40:22.0786 0x0d8c WSearch - ok
20:40:22.0917 0x0d8c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
20:40:22.0998 0x0d8c wuauserv - ok
20:40:23.0042 0x0d8c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:40:23.0045 0x0d8c WudfPf - ok
20:40:23.0084 0x0d8c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:40:23.0089 0x0d8c WUDFRd - ok
20:40:23.0123 0x0d8c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:40:23.0128 0x0d8c wudfsvc - ok
20:40:23.0162 0x0d8c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:40:23.0171 0x0d8c WwanSvc - ok
20:40:23.0202 0x0d8c ================ Scan global ===============================
20:40:23.0225 0x0d8c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:40:23.0261 0x0d8c [ 72CC564BBC70DE268784BCE91EB8A28F, 73C7734DB8264C0A6051553D7B5CF404EB14FB409F30CF58EB3837AD70807A6F ] C:\Windows\system32\winsrv.dll
20:40:23.0280 0x0d8c [ 72CC564BBC70DE268784BCE91EB8A28F, 73C7734DB8264C0A6051553D7B5CF404EB14FB409F30CF58EB3837AD70807A6F ] C:\Windows\system32\winsrv.dll
20:40:23.0318 0x0d8c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:40:23.0351 0x0d8c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:40:23.0361 0x0d8c [ Global ] - ok
20:40:23.0362 0x0d8c ================ Scan MBR ==================================
20:40:23.0380 0x0d8c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:40:23.0860 0x0d8c \Device\Harddisk0\DR0 - ok
20:40:23.0860 0x0d8c ================ Scan VBR ==================================
20:40:23.0866 0x0d8c [ DC6C39401F177AD18A30757D9B20D474 ] \Device\Harddisk0\DR0\Partition1
20:40:23.0869 0x0d8c \Device\Harddisk0\DR0\Partition1 - ok
20:40:23.0880 0x0d8c [ 852DA74276524B79819E4CA20AF8DCB9 ] \Device\Harddisk0\DR0\Partition2
20:40:23.0894 0x0d8c \Device\Harddisk0\DR0\Partition2 - ok
20:40:23.0901 0x0d8c [ 929182119E0466A05DABA350C8472323 ] \Device\Harddisk0\DR0\Partition3
20:40:23.0917 0x0d8c \Device\Harddisk0\DR0\Partition3 - ok
20:40:23.0918 0x0d8c Waiting for KSN requests completion. In queue: 39
20:40:24.0918 0x0d8c Waiting for KSN requests completion. In queue: 39
20:40:25.0918 0x0d8c Waiting for KSN requests completion. In queue: 39
20:40:27.0069 0x0d8c AV detected via SS2: AntiVir Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 9.0.2.0 ), 0x42010 ( disabled : outofdate )
20:40:27.0132 0x0d8c Win FW state via NFP2: enabled
20:40:29.0778 0x0d8c ============================================================
20:40:29.0778 0x0d8c Scan finished
20:40:29.0778 0x0d8c ============================================================
20:40:29.0806 0x0f48 Detected object count: 0
20:40:29.0806 0x0f48 Actual detected object count: 0

[Orcus]

V Rogue Killeru označ a odstraň ještě toto:

[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NEVYBRÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NEVYBRÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NEVYBRÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NEVYBRÁNO
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NEVYBRÁNO
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NEVYBRÁNO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO

[DsD]

RogueKiller V9.0.0.0 (x64) [May 29 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : PC [Práva správce]
Mód : Odebrat -- Datum : 05/30/2014 08:32:39

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NAHRAZENO (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2545673548-303586688-689430311-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> NAHRAZENO (1)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[CHROME:Addon] Default : UiTuBeNuoAds [iifeeoiogklcdkmhhneplngikemfedab] -> ERROR [1]
[CHROME:Addon] Default : APP_NAME [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [1]

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721616PLA380 ATA Device +++++
--- User ---
[MBR] 5f7d153670d8ca2da5bae5c84db6a8e6
[BSP] 18878f1e46936735740a6f695d560368 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81922048 | Size: 117064 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
--- LL1 ---
[MBR] NOT VALID
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_DEL_05292014_173804.log - RKreport_DEL_05292014_203648.log - RKreport_SCN_05292014_173732.log - RKreport_SCN_05292014_203628.log
RKreport_SCN_05302014_082829.log

[Orcus]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

[DsD]

ComboFix 14-05-29.01 - PC 30.05.2014 10:13:27.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2815.1681 [GMT 2:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\background.html
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\content.js
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\lsdb.js
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\manifest.json
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\WFRzvgwpWp.js
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifeeoiogklcdkmhhneplngikemfedab_0.localstorage-journal
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifeeoiogklcdkmhhneplngikemfedab_0.localstorage
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hola_net
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-28 do 2014-05-30 )))))))))))))))))))))))))))))))
.
.
2014-05-29 18:11 . 2014-05-29 18:11 -------- d-----w- c:\windows\system32\SPReview
2014-05-29 17:45 . 2010-11-20 03:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-05-29 17:45 . 2010-11-20 03:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-05-29 17:45 . 2010-11-20 03:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-05-29 17:45 . 2010-11-20 03:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-05-29 17:41 . 2010-11-20 03:27 446976 ----a-w- c:\windows\system32\sqlcese30.dll
2014-05-29 17:24 . 2014-05-29 17:24 -------- d-----w- c:\windows\system32\EventProviders
2014-05-29 15:31 . 2014-05-29 15:31 -------- d-----w- c:\programdata\RogueKiller
2014-05-29 15:22 . 2014-05-29 15:22 -------- d-----w- c:\windows\ERUNT
2014-05-29 12:03 . 2014-05-29 15:15 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-29 12:03 . 2014-05-29 12:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-29 12:03 . 2014-05-29 12:03 -------- d-----w- c:\programdata\Malwarebytes
2014-05-29 12:03 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-29 12:03 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-29 12:03 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-29 11:45 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-29 11:45 . 2014-05-29 15:18 -------- d-----w- C:\AdwCleaner
2014-05-22 15:09 . 2014-05-22 15:09 -------- d-----w- c:\program files (x86)\PDF Architect
2014-05-22 15:09 . 2013-04-09 12:13 110264 ----a-w- c:\windows\system32\pdfcmon.dll
2014-05-22 15:09 . 2012-05-05 08:54 662288 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2014-05-22 15:09 . 2012-05-05 08:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2014-05-22 15:09 . 2014-05-22 15:10 -------- d-----w- c:\program files (x86)\PDFCreator
2014-05-22 15:09 . 2012-05-05 08:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-29 18:04 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-05-29 18:04 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-05-14 04:49 . 2012-12-20 10:48 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 04:49 . 2012-12-20 10:48 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-14 18:13 . 2014-04-21 06:44 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-08-03 1086376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 699fd52f;Assistant;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-14 14:41 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-20 04:49]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14 14:41]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14 14:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-06 7940128]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-06 1833504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w3cblgqb.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11 Registration.lnk - d:\fifa 2011\Support\EAregister.exe /remind /language=ENB /PRID="DR:185015500" /WHPR="FIFA 11" /PRNM="Electronic Arts Product"
BHO-{7ADB3F13-9B05-C980-EB80-B6C45DED32ED} - c:\programdata\UiTuBeNuoAds\UWsKrdLl.x64.dll
AddRemove-Call of Duty Modern Warfare 2_is1 - d:\modern warfare 2\Modern Warfare 2\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Celkový čas: 2014-05-30 10:37:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-30 08:37
.
Před spuštěním: 2 043 367 424
Po spuštění: 1 740 627 968
.
- - End Of File - - 95AC8E8DC3A0F6E9A7339D150EEE9383
A36C5E4F47E84449FF07ED3517B43A31

[Orcus]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::
KillAll::

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update\
c:\program files\Skype\Updater\

Driver::
SkypeUpdate

RegLock::
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[DsD]

Ty reklamy se mi pořád zobrazují.

ComboFix 14-05-29.01 - PC 31.05.2014 9:03.2.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2815.1898 [GMT 2:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.165\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.165\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.165\psuser.dll
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\31.0.1650.63\31.0.1650.63_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{4B163220-8551-4BB4-8D05-3EAC8DDD6CE2}\31.0.1650.63_chrome_installer.exe
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\background.html
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\content.js
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\lsdb.js
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\manifest.json
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifeeoiogklcdkmhhneplngikemfedab\1.8_0\WFRzvgwpWp.js
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifeeoiogklcdkmhhneplngikemfedab_0.localstorage-journal
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifeeoiogklcdkmhhneplngikemfedab_0.localstorage
c:\users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-28 do 2014-05-31 )))))))))))))))))))))))))))))))
.
.
2014-05-31 07:18 . 2014-05-31 07:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-30 09:27 . 2014-05-30 09:27 -------- d-----w- c:\users\PC\AppData\Local\Adobe
2014-05-29 18:11 . 2014-05-29 18:11 -------- d-----w- c:\windows\system32\SPReview
2014-05-29 17:45 . 2010-11-20 03:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-05-29 17:45 . 2010-11-20 03:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-05-29 17:45 . 2010-11-20 03:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-05-29 17:45 . 2010-11-20 03:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-05-29 17:41 . 2010-11-20 03:27 446976 ----a-w- c:\windows\system32\sqlcese30.dll
2014-05-29 17:24 . 2014-05-29 17:24 -------- d-----w- c:\windows\system32\EventProviders
2014-05-29 15:31 . 2014-05-29 15:31 -------- d-----w- c:\programdata\RogueKiller
2014-05-29 15:22 . 2014-05-29 15:22 -------- d-----w- c:\windows\ERUNT
2014-05-29 12:03 . 2014-05-29 15:15 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-29 12:03 . 2014-05-29 12:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-29 12:03 . 2014-05-29 12:03 -------- d-----w- c:\programdata\Malwarebytes
2014-05-29 12:03 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-29 12:03 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-29 12:03 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-29 11:45 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-29 11:45 . 2014-05-29 15:18 -------- d-----w- C:\AdwCleaner
2014-05-22 15:09 . 2014-05-22 15:09 -------- d-----w- c:\program files (x86)\PDF Architect
2014-05-22 15:09 . 2013-04-09 12:13 110264 ----a-w- c:\windows\system32\pdfcmon.dll
2014-05-22 15:09 . 2012-05-05 08:54 662288 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2014-05-22 15:09 . 2012-05-05 08:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2014-05-22 15:09 . 2014-05-22 15:10 -------- d-----w- c:\program files (x86)\PDFCreator
2014-05-22 15:09 . 2012-05-05 08:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-29 18:04 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-05-29 18:04 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-05-14 04:49 . 2012-12-20 10:48 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 04:49 . 2012-12-20 10:48 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-14 18:13 . 2014-04-21 06:44 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-08-03 1086376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 699fd52f;Assistant;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-14 14:41 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7ADB3F13-9B05-C980-EB80-B6C45DED32ED}]
c:\programdata\UiTuBeNuoAds\UWsKrdLl.x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-06 7940128]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-06 1833504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w3cblgqb.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Call of Duty Modern Warfare 2_is1 - d:\modern warfare 2\Modern Warfare 2\unins000.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Celkový čas: 2014-05-31 09:35:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-31 07:35
ComboFix2.txt 2014-05-30 08:38
.
Před spuštěním: 2 317 479 936
Po spuštění: 2 255 589 376
.
- - End Of File - - E713ACAE325721C903D74230940C126A
A36C5E4F47E84449FF07ED3517B43A31



aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-31 09:36:36
-----------------------------
09:36:36.190 OS Version: Windows x64 6.1.7601 Service Pack 1
09:36:36.190 Number of processors: 2 586 0xF0D
09:36:36.190 ComputerName: PC-PC UserName: PC
09:36:36.721 Initialize success
09:36:43.164 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
09:36:43.164 Disk 0 Vendor: Hitachi_HDS721616PLA380 P22OAB3A Size: 157066MB BusType: 3
09:36:43.258 Disk 0 MBR read successfully
09:36:43.258 Disk 0 MBR scan
09:36:43.273 Disk 0 Windows 7 default MBR code
09:36:43.273 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:36:43.289 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 39900 MB offset 206848
09:36:43.304 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 117064 MB offset 81922048
09:36:43.336 Disk 0 scanning C:\Windows\system32\drivers
09:36:49.685 Service scanning
09:37:04.052 Modules scanning
09:37:04.052 Disk 0 trace - called modules:
09:37:04.084 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
09:37:04.084 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003098060]
09:37:04.099 3 CLASSPNP.SYS[fffff8800195943f] -> nt!IofCallDriver -> [0xfffffa8002f6b520]
09:37:04.115 5 ACPI.sys[fffff88000d777a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa8002f70060]
09:37:04.115 Scan finished successfully
09:37:20.994 Disk 0 MBR has been saved successfully to "C:\Users\PC\Desktop\MBR.dat"
09:37:21.010 The log file has been saved successfully to "C:\Users\PC\Desktop\aswMBR.txt"