Prosím o kontrolu logu z HJT Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu logu z HJT  Vyřešeno

Příspěvekod standacich » 26 dub 2014 10:17

Prosím o kontrolu logu z hjt mám ntb Acer TravelMate 4070 starší ale zdá se mi že pomalu načíta win a taktéž pomale surf. na netu.Dík

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:12:29, on 26.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe
C:\Program Files\AVG\AVG PC TuneUp\TUDefragBackend32.exe
C:\Windows\system32\C2MP\UpdateChecker.exe
C:\Users\Pepa\AppData\Roaming\Slick Savings\CouponsHelper.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Users\Pepa\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Slick Savings - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Pepa\AppData\Roaming\Slick Savings\Coupons.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKCU\..\Run: [Slick Savings] "C:\Users\Pepa\AppData\Roaming\Slick Savings\CouponsHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\System32\C2MP\UpdateChecker.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\Windows\system32\BtwRSupportService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe

--
End of file - 4715 bytes
Nahoru
Reklama
Top
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod Orcus » 26 dub 2014 11:17

Odinstaluj - AVG PC TuneUp - s tímhle "čističem" si koleduješ o problémy.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod standacich » 26 dub 2014 12:15

# AdwCleaner v3.202 - Report created 26/04/2014 at 12:09:19
# Updated 23/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Pepa - PEPA-PC
# Running from : C:\Users\Pepa\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater18.0.5

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\user.js
File Found : C:\Windows\System32\Tasks\Driver Booster Update
Folder Found : C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Found : C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found C:\Program Files\AVG SafeGuard toolbar
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\Common Files\Spigot
Folder Found C:\Program Files\driver-soft
Folder Found C:\Program Files\eSupport.com
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\Users\Pepa\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\Pepa\AppData\Local\eSupport.com
Folder Found C:\Users\Pepa\AppData\Local\Slick Savings
Folder Found C:\Users\Pepa\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\Pepa\AppData\Roaming\OpenCandy
Folder Found C:\Users\Pepa\AppData\Roaming\Slick Savings

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\8e3bc91142bd8d798a10a1667ae4d2be
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Driver Booster Update
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DA3AAEC-1FC5-4BEA-8EE8-FFCAA1BE1DCE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Slick Savings]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Found [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Found [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [5842 octets] - [26/04/2014 12:09:19]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5902 octets] ##########
Nahoru
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod standacich » 26 dub 2014 12:39

log z Matware

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26.4.2014
Scan Time: 12:37:25
Logfile: malware.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.26.01
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Pepa

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 221586
Time Elapsed: 20 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [01e8cb634b30b97d71e927f642c057a9],
PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, , [01e8cb634b30b97d71e927f642c057a9],
PUP.Optional.Spigot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [01e8cb634b30b97d71e927f642c057a9],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}, , [3baec965f289cf674ae7851f937055ab],

Registry Values: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-1544967253-3399396783-1261552328-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Slick Savings, "C:\Users\Pepa\AppData\Roaming\Slick Savings\CouponsHelper.exe", , [3baec965f289cf674ae7851f937055ab]

Registry Data: 0
(No malicious items detected)

Folders: 21
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Slick Savings, , [3baec965f289cf674ae7851f937055ab],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Local\Slick Savings, , [05e42707b1cac373d55fa202ef14f40c],
PUP.Optional.OpenCandy, C:\Users\Pepa\AppData\Roaming\OpenCandy, , [3eabeb4390eb1b1bf1fb2b37a260ba46],
PUP.Optional.OpenCandy, C:\Users\Pepa\AppData\Roaming\OpenCandy\F3CC17BA02CC46408747693AAE509222, , [3eabeb4390eb1b1bf1fb2b37a260ba46],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\bitstreams, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\bitstreams, , [8564da54bbc081b55ef278ed3ec429d7],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp, , [eaffbe70700b2d091fb4a3c424dee61a],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0, , [eaffbe70700b2d091fb4a3c424dee61a],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content, , [8c5dad81b9c290a6ae6ca9c532d0c13f],

Files: 91
PUP.Optional.Spigot, C:\Users\Pepa\AppData\Roaming\Slick Savings\Coupons.dll, , [01e8cb634b30b97d71e927f642c057a9],
PUP.Optional.Bitcoin, C:\Windows\System32\acumncgomsos.exe, , [f8f1ca64c9b2ec4a93b77cf6748dda26],
PUP.Optional.Bitcoin, C:\Windows\System32\acumncocghvy.exe, , [77726ac46e0d64d22e1c056d7a87d22e],
PUP.Optional.Bitcoin, C:\Windows\System32\acumnctacaxc.exe, , [effae44aeb9034029dad8ce6ab56a65a],
PUP.Optional.Bitcoin, C:\Windows\System32\acumncufqcm.exe, , [df0a7db18af153e3c288b2c04bb609f7],
Trojan.BitMiner, C:\Windows\System32\dcgmncgomsos.exe, , [27c2240ab4c786b0ba8fd7acc83917e9],
Trojan.BitMiner, C:\Windows\System32\dcgmncocghvy.exe, , [16d359d5cab195a131181f64f30e3ac6],
Trojan.BitMiner, C:\Windows\System32\dcgmnctacaxc.exe, , [2dbcec42ff7caf87fc4da7dc5ba6629e],
Trojan.BitMiner, C:\Windows\System32\dcgmncufqcm.exe, , [9a4f0d218fec280e7ecbbbc8b94812ee],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncgomsos.exe, , [4b9e63cbbebd46f0389fc643a45d51af],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncocghvy.exe, , [ffea85a9aecdb77f41960ffa778ae61a],
PUP.BitCoinMiner, C:\Windows\System32\lcpmnctacaxc.exe, , [d6139d917ffc55e1419656b3de23dd23],
PUP.BitCoinMiner, C:\Windows\System32\lcpmncufqcm.exe, , [05e434faf883c86ec611f11827da946c],
Trojan.Agent.SCR, C:\Windows\inf\msstp.vbe, , [e405131b0675af87adb68fe2cc36b44c],
Malware.Trace, C:\Windows\inf\ntvdm.vbe, , [0edb969827543ef85144e6b66d968977],
Malware.Trace, C:\Windows\inf\ntvdm.inf, , [915882ac82f912245541237948bb51af],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Slick Savings\coupons_2.4.crx, , [3baec965f289cf674ae7851f937055ab],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Slick Savings\Coupons64.dll, , [3baec965f289cf674ae7851f937055ab],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Slick Savings\CouponsHelper.exe, , [3baec965f289cf674ae7851f937055ab],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Slick Savings\coupons_2.9.xpi, , [3baec965f289cf674ae7851f937055ab],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Slick Savings\Uninstall.exe, , [3baec965f289cf674ae7851f937055ab],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Local\Slick Savings\coupons.crx, , [05e42707b1cac373d55fa202ef14f40c],
PUP.Optional.OpenCandy, C:\Users\Pepa\AppData\Roaming\OpenCandy\F3CC17BA02CC46408747693AAE509222\avg_tuht_stf_cs_2014_206_CZ.exe, , [3eabeb4390eb1b1bf1fb2b37a260ba46],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\diablo130302.cl, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\diakgcn121016.cl, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\libcurl-4.dll, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\libeay32.dll, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\libidn-11.dll, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\librtmp.dll, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\libssh2.dll, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\mnceqybbw.exe, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\phatk121016.cl, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\poclbm130302.cl, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\scrypt130511.cl, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\ssleay32.dll, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\zlib1.dll, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mnceqybbw\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [05e4d15d7308a4922030c2a360a2c937],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\diablo130302.cl, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\diakgcn121016.cl, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\libcurl-4.dll, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\libeay32.dll, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\libidn-11.dll, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\librtmp.dll, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\libssh2.dll, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\mncvegkve.exe, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\phatk121016.cl, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\poclbm130302.cl, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\scrypt130511.cl, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\ssleay32.dll, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\zlib1.dll, , [8564da54bbc081b55ef278ed3ec429d7],
Trojan.Agent.BCM, C:\Windows\inf\mncvegkve\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [8564da54bbc081b55ef278ed3ec429d7],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.html, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.js, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\config.json, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-128.png, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-48.png, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\empty-favicon.ico, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\jquery.js, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\manifest.json, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.html, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.js, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.html, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.js, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\util.js, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css\newtab.css, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\no_thumb.png, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\search-icon.png, , [a84142eca1da9e98b81981e654aed52b],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\background.html, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\config.json, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\manifest.json, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-128.png, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-48.png, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\background.js, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\loader_1036.js, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\utils.js, , [23c65bd3f08b3bfb557d0b5c897932ce],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-128.png, , [eaffbe70700b2d091fb4a3c424dee61a],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-19.png, , [eaffbe70700b2d091fb4a3c424dee61a],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-48.png, , [eaffbe70700b2d091fb4a3c424dee61a],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\background.js, , [eaffbe70700b2d091fb4a3c424dee61a],
PUP.Optional.SlickSavings.A, C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\manifest.json, , [eaffbe70700b2d091fb4a3c424dee61a],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome.manifest, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\icon.png, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\install.rdf, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\config.json, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\main.js, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\main.xul, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\newtab.xul, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\prefs.txt, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\redirects.js, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\spigot.js, , [8c5dad81b9c290a6ae6ca9c532d0c13f],
PUP.Optional.Spigot.A, C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\startpage.js, , [8c5dad81b9c290a6ae6ca9c532d0c13f],

Physical Sectors: 0
(No malicious items detected)


(end)
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod memphisto » 26 dub 2014 15:18

V Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod standacich » 26 dub 2014 16:19

# AdwCleaner v3.202 - Report created 26/04/2014 at 16:11:20
# Updated 23/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Pepa - PEPA-PC
# Running from : C:\Users\Pepa\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.0.5

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\driver-soft
Folder Deleted : C:\Program Files\eSupport.com
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\Spigot
[!] Folder Deleted : C:\Users\Pepa\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Pepa\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Pepa\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\user.js
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7DA3AAEC-1FC5-4BEA-8EE8-FFCAA1BE1DCE}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DA3AAEC-1FC5-4BEA-8EE8-FFCAA1BE1DCE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKCU\Software\8e3bc91142bd8d798a10a1667ae4d2be
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\pcp3uuqq.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [5982 octets] - [26/04/2014 12:09:19]
AdwCleaner[R1].txt - [5112 octets] - [26/04/2014 16:06:31]
AdwCleaner[S0].txt - [4846 octets] - [26/04/2014 16:11:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4906 octets] ##########
Nahoru
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod standacich » 26 dub 2014 16:46

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.4.2014
Čas skenování: 16:38:50
Protokol: malware1.txt
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.04.26.02
Databáze rootkitů: v2014.03.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Chameleon: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Pepa

Typ skenu: Hyper sken
Výsledek: Dokončeno
Prohledaných objektů: 192726
Uplynulý čas: 12 min, 3 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Vypnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)
Nahoru
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod standacich » 26 dub 2014 16:54

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Pepa [Práva správce]
Mód : Kontrola -- Datum : 04/26/2014 16:52:20
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739509AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739449A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73970731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73946395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739508ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739494AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73946A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73943982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73963B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739735E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739453E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739451BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73944EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739463E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394FCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73943F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73943F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739706CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73944BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739504BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73950473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739505DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73950FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394BF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73947C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394FF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739723B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739486E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739506E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73963FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73953611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739539D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739722E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73973172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73963274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7397301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739729C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7397320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73942D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73951081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73953CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394F869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73942E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739460AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7397312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739485B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739473D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73963D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73973296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73950134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7397068D)
[Address] EAT @firefox.exe (BeginBufferedAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739509AE)
[Address] EAT @firefox.exe (BeginBufferedPaint) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739449A1)
[Address] EAT @firefox.exe (BeginPanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73970731)
[Address] EAT @firefox.exe (BufferedPaintClear) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73946395)
[Address] EAT @firefox.exe (BufferedPaintInit) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394940E)
[Address] EAT @firefox.exe (BufferedPaintRenderAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739508ED)
[Address] EAT @firefox.exe (BufferedPaintSetAlpha) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395E6B3)
[Address] EAT @firefox.exe (BufferedPaintStopAllAnimations) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395D395)
[Address] EAT @firefox.exe (BufferedPaintUnInit) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739494AB)
[Address] EAT @firefox.exe (CloseThemeData) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73946A18)
[Address] EAT @firefox.exe (DrawThemeBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73943982)
[Address] EAT @firefox.exe (DrawThemeBackgroundEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395D9DA)
[Address] EAT @firefox.exe (DrawThemeEdge) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73963B52)
[Address] EAT @firefox.exe (DrawThemeIcon) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739735E7)
[Address] EAT @firefox.exe (DrawThemeParentBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739453E5)
[Address] EAT @firefox.exe (DrawThemeParentBackgroundEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739451BF)
[Address] EAT @firefox.exe (DrawThemeText) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73944EA1)
[Address] EAT @firefox.exe (DrawThemeTextEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739463E6)
[Address] EAT @firefox.exe (EnableThemeDialogTexture) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394FCAF)
[Address] EAT @firefox.exe (EnableTheming) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972FEB)
[Address] EAT @firefox.exe (EndBufferedAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73943F9A)
[Address] EAT @firefox.exe (EndBufferedPaint) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73943F9A)
[Address] EAT @firefox.exe (EndPanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739706CC)
[Address] EAT @firefox.exe (GetBufferedPaintBits) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73944BAF)
[Address] EAT @firefox.exe (GetBufferedPaintDC) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739504BC)
[Address] EAT @firefox.exe (GetBufferedPaintTargetDC) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73950473)
[Address] EAT @firefox.exe (GetBufferedPaintTargetRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972E7F)
[Address] EAT @firefox.exe (GetCurrentThemeName) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739505DD)
[Address] EAT @firefox.exe (GetThemeAppProperties) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73950FB1)
[Address] EAT @firefox.exe (GetThemeBackgroundContentRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394CD2E)
[Address] EAT @firefox.exe (GetThemeBackgroundExtent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394F8BF)
[Address] EAT @firefox.exe (GetThemeBackgroundRegion) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395165D)
[Address] EAT @firefox.exe (GetThemeBitmap) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394BF93)
[Address] EAT @firefox.exe (GetThemeBool) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73947C1F)
[Address] EAT @firefox.exe (GetThemeColor) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394616C)
[Address] EAT @firefox.exe (GetThemeDocumentationProperty) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972932)
[Address] EAT @firefox.exe (GetThemeEnumValue) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394616C)
[Address] EAT @firefox.exe (GetThemeFilename) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972412)
[Address] EAT @firefox.exe (GetThemeFont) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394FF21)
[Address] EAT @firefox.exe (GetThemeInt) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394616C)
[Address] EAT @firefox.exe (GetThemeIntList) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739723B1)
[Address] EAT @firefox.exe (GetThemeMargins) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739486E9)
[Address] EAT @firefox.exe (GetThemeMetric) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739506E2)
[Address] EAT @firefox.exe (GetThemePartSize) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394CDB1)
[Address] EAT @firefox.exe (GetThemePosition) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972350)
[Address] EAT @firefox.exe (GetThemePropertyOrigin) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73963FBB)
[Address] EAT @firefox.exe (GetThemeRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73953611)
[Address] EAT @firefox.exe (GetThemeStream) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739539D9)
[Address] EAT @firefox.exe (GetThemeString) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739722E4)
[Address] EAT @firefox.exe (GetThemeSysBool) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73973172)
[Address] EAT @firefox.exe (GetThemeSysColor) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73963274)
[Address] EAT @firefox.exe (GetThemeSysColorBrush) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7397301E)
[Address] EAT @firefox.exe (GetThemeSysFont) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739729C4)
[Address] EAT @firefox.exe (GetThemeSysInt) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972BD3)
[Address] EAT @firefox.exe (GetThemeSysSize) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7397320B)
[Address] EAT @firefox.exe (GetThemeSysString) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73972B3F)
[Address] EAT @firefox.exe (GetThemeTextExtent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73942D57)
[Address] EAT @firefox.exe (GetThemeTextMetrics) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394F992)
[Address] EAT @firefox.exe (GetThemeTransitionDuration) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73951081)
[Address] EAT @firefox.exe (GetWindowTheme) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394DF46)
[Address] EAT @firefox.exe (HitTestThemeBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73953CE3)
[Address] EAT @firefox.exe (IsAppThemed) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394F869)
[Address] EAT @firefox.exe (IsCompositionActive) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73942E9A)
[Address] EAT @firefox.exe (IsThemeActive) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394F785)
[Address] EAT @firefox.exe (IsThemeBackgroundPartiallyTransparent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739460AB)
[Address] EAT @firefox.exe (IsThemeDialogTextureEnabled) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7397312B)
[Address] EAT @firefox.exe (IsThemePartDefined) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739485B4)
[Address] EAT @firefox.exe (OpenThemeData) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x739473D2)
[Address] EAT @firefox.exe (OpenThemeDataEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73963D43)
[Address] EAT @firefox.exe (SetThemeAppProperties) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73973296)
[Address] EAT @firefox.exe (SetWindowTheme) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73950134)
[Address] EAT @firefox.exe (SetWindowThemeAttribute) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7395CFE6)
[Address] EAT @firefox.exe (ThemeInitApiHook) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7394B176)
[Address] EAT @firefox.exe (UpdatePanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7397068D)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD800UE-22HCT0 ATA Device +++++
--- User ---
[MBR] 475598a2d6a7134b12b752afabca8c27
[BSP] 072c04e6487a7ec24447f3b667944215 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8177085 | Size: 35910 MB
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 81722655 | Size: 36412 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04262014_165220.txt >>
Nahoru
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod standacich » 26 dub 2014 17:10

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by Pepa on so 26.04.2014 at 17:02:55,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\drivergenius"



~~~ FireFox

Emptied folder: C:\Users\Pepa\AppData\Roaming\mozilla\firefox\profiles\pcp3uuqq.default\minidumps [29 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Pepa\appdata\local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 26.04.2014 at 17:09:34,97
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod jaro3 » 27 dub 2014 09:24

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller


Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod standacich » 27 dub 2014 09:39

tady dávám ten log po smazání

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Pepa [Práva správce]
Mód : Odebrat -- Datum : 04/27/2014 09:37:23
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73200731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731EE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731ED395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731ED9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731F3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732035E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73202FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732006CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73202E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73202932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73202412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732023B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73202350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731F3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732022E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73203172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731F3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7320301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732029C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73202BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7320320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73202B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7320312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731D73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731F3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73203296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731E0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731ECFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x731DB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7320068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6CFAD)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E059)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E082)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E0A2)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DDA6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EAD0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EAF3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EB16)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D855)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EA2C)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EA55)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EAA7)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EA7E)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D832)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EA03)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DCA1)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D9FB)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D89B)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D878)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DCF0)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D855)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DC81)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DC03)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DBDA)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D9FB)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DBAE)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DC58)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DC2F)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DDA6)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D8C1)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D878)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D8EA)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DA1E)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DACA)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E010)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DB82)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DA70)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DA3E)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DB59)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DAED)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D80C)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D92D)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DD7A)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DCA1)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DCC4)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D92D)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D80C)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D950)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E9DA)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DCF0)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DD13)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D976)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D7BA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D7E3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E9B1)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D92D)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EA03)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D8C1)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E9DA)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D90D)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D92D)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DD43)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D567)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D590)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D6CA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D6F6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D666)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D63D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D53E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D69B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D4E9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D4B1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D476)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D43E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D5E2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D71C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxMJg”àø"8) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D742)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D515)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DB59)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D791)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D768)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D5B9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D92D)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D80C)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E010)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DCA1)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E0A2)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D80C)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D878)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E033)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D9C5)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D8C1)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D832)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D9FB)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D976)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D99C)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DCA1)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D950)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DACA)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EB39)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EB5C)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EB39)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DDCC)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DE11)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DFE6)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DEE5)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6EB88)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D03B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E676)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D0FC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D2F0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6D227)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E0CB)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6E20D)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72D6DDF2)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD800UE-22HCT0 ATA Device +++++
--- User ---
[MBR] 475598a2d6a7134b12b752afabca8c27
[BSP] 072c04e6487a7ec24447f3b667944215 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8177085 | Size: 35910 MB
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 81722655 | Size: 36412 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04272014_093723.txt >>
RKreport[0]_S_04272014_093710.txt
Nahoru
standacich
Level 3
Level 3
Příspěvky: 526
Registrován: říjen 12
Bydliště: Hustopeče
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu z HJT

Příspěvekod standacich » 27 dub 2014 09:44

09:40:25.0137 2004 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:40:35.0699 2004 ============================================================
09:40:35.0699 2004 Current date / time: 2014/04/27 09:40:35.0699
09:40:35.0699 2004 SystemInfo:
09:40:35.0699 2004
09:40:35.0699 2004 OS Version: 6.1.7601 ServicePack: 1.0
09:40:35.0699 2004 Product type: Workstation
09:40:35.0699 2004 ComputerName: PEPA-PC
09:40:35.0699 2004 UserName: Pepa
09:40:35.0699 2004 Windows directory: C:\Windows
09:40:35.0699 2004 System windows directory: C:\Windows
09:40:35.0699 2004 Processor architecture: Intel x86
09:40:35.0699 2004 Number of processors: 1
09:40:35.0699 2004 Page size: 0x1000
09:40:35.0699 2004 Boot type: Normal boot
09:40:35.0699 2004 ============================================================
09:40:38.0319 2004 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:40:38.0335 2004 ============================================================
09:40:38.0335 2004 \Device\Harddisk0\DR0:
09:40:38.0335 2004 MBR partitions:
09:40:38.0335 2004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x7CC5BD, BlocksNum 0x4623762
09:40:38.0335 2004 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x4DEFD1F, BlocksNum 0x471E7A2
09:40:38.0335 2004 ============================================================
09:40:38.0397 2004 C: <-> \Device\Harddisk0\DR0\Partition1
09:40:38.0460 2004 D: <-> \Device\Harddisk0\DR0\Partition2
09:40:38.0460 2004 ============================================================
09:40:38.0460 2004 Initialize success
09:40:38.0460 2004 ============================================================
09:40:42.0469 3816 ============================================================
09:40:42.0469 3816 Scan started
09:40:42.0469 3816 Mode: Manual;
09:40:42.0469 3816 ============================================================
09:40:43.0530 3816 ================ Scan system memory ========================
09:40:43.0530 3816 System memory - ok
09:40:43.0545 3816 ================ Scan services =============================
09:40:43.0748 3816 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:40:43.0748 3816 1394ohci - ok
09:40:43.0842 3816 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:40:43.0842 3816 ACPI - ok
09:40:43.0904 3816 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:40:43.0904 3816 AcpiPmi - ok
09:40:44.0029 3816 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:40:44.0029 3816 AdobeARMservice - ok
09:40:44.0154 3816 [ C2CE3311D2477B1B24CFB67020AD49B6 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:40:44.0154 3816 AdobeFlashPlayerUpdateSvc - ok
09:40:44.0185 3816 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:40:44.0201 3816 adp94xx - ok
09:40:44.0216 3816 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:40:44.0232 3816 adpahci - ok
09:40:44.0263 3816 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:40:44.0263 3816 adpu320 - ok
09:40:44.0325 3816 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:40:44.0325 3816 AeLookupSvc - ok
09:40:44.0403 3816 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
09:40:44.0403 3816 AFD - ok
09:40:44.0450 3816 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:40:44.0450 3816 agp440 - ok
09:40:44.0513 3816 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
09:40:44.0513 3816 aic78xx - ok
09:40:44.0575 3816 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
09:40:44.0575 3816 ALG - ok
09:40:44.0622 3816 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
09:40:44.0622 3816 aliide - ok
09:40:44.0684 3816 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:40:44.0684 3816 amdagp - ok
09:40:44.0700 3816 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
09:40:44.0700 3816 amdide - ok
09:40:44.0731 3816 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:40:44.0747 3816 AmdK8 - ok
09:40:44.0762 3816 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:40:44.0778 3816 AmdPPM - ok
09:40:44.0809 3816 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:40:44.0825 3816 amdsata - ok
09:40:44.0856 3816 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:40:44.0856 3816 amdsbs - ok
09:40:44.0871 3816 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:40:44.0871 3816 amdxata - ok
09:40:44.0918 3816 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
09:40:44.0918 3816 AppID - ok
09:40:44.0965 3816 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:40:44.0965 3816 AppIDSvc - ok
09:40:45.0027 3816 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
09:40:45.0027 3816 Appinfo - ok
09:40:45.0074 3816 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
09:40:45.0183 3816 AppMgmt - ok
09:40:45.0339 3816 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:40:45.0339 3816 arc - ok
09:40:45.0480 3816 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:40:45.0480 3816 arcsas - ok
09:40:45.0745 3816 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:40:45.0745 3816 AsyncMac - ok
09:40:45.0870 3816 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
09:40:45.0870 3816 atapi - ok
09:40:45.0948 3816 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:40:45.0979 3816 AudioEndpointBuilder - ok
09:40:45.0995 3816 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:40:45.0995 3816 Audiosrv - ok
09:40:46.0057 3816 [ 4F5490453284A641F159FF7AE6E0D736 ] Avgdiskx C:\Windows\system32\DRIVERS\avgdiskx.sys
09:40:46.0057 3816 Avgdiskx - ok
09:40:46.0104 3816 [ 7F9B01CE297EF4D54C5C4D736D22CF96 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
09:40:46.0104 3816 Avgfwfd - ok
09:40:46.0244 3816 [ FD57CC9F627CCED94B5E59F2FCE6A78A ] avgfws C:\Program Files\AVG\AVG2014\avgfws.exe
09:40:46.0260 3816 avgfws - ok
09:40:46.0447 3816 [ 7645B56EE79C68DFE19298BD531A66A3 ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
09:40:46.0478 3816 AVGIDSAgent - ok
09:40:46.0572 3816 [ FCA016A74EDAA915F903F2E802CCDDF7 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:40:46.0572 3816 AVGIDSDriver - ok
09:40:46.0634 3816 [ FF4297EC210BC9A6BCFEF929694EA88D ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
09:40:46.0634 3816 AVGIDSHX - ok
09:40:46.0681 3816 [ F3643535D7598B950BC774D8E3D4626D ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:40:46.0681 3816 AVGIDSShim - ok
09:40:46.0743 3816 [ D0F06211AE2BDD5F2F82279550EED31B ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
09:40:46.0743 3816 Avgldx86 - ok
09:40:46.0790 3816 [ 9D663E6EBFAF4E74A61B492A79AAB5A1 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
09:40:46.0790 3816 Avglogx - ok
09:40:46.0821 3816 [ 5E26854C4FF7368A79C48F01D4388E28 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
09:40:46.0821 3816 Avgmfx86 - ok
09:40:46.0899 3816 [ DAC682B3F40824E1E1011A899ED2AF36 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
09:40:46.0899 3816 Avgrkx86 - ok
09:40:46.0946 3816 [ CFA067ADD4D1A8D081FF816E817CAF39 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
09:40:46.0946 3816 Avgtdix - ok
09:40:47.0009 3816 [ 06AEB065AC25A2CFF80E1DF0303EC55B ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
09:40:47.0009 3816 avgtp - ok
09:40:47.0055 3816 [ DBAEB3D23C653018629A76E53260E122 ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
09:40:47.0055 3816 avgwd - ok
09:40:47.0118 3816 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:40:47.0118 3816 AxInstSV - ok
09:40:47.0165 3816 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
09:40:47.0180 3816 b06bdrv - ok
09:40:47.0211 3816 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:40:47.0211 3816 b57nd60x - ok
09:40:47.0289 3816 [ 8777206E69B0557608BDFCAEB91337BC ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
09:40:47.0289 3816 bcbtums - ok
09:40:47.0399 3816 [ 2308C3B2FE30B11AF58C33B056810F5D ] BcmBtRSupport C:\Windows\system32\BtwRSupportService.exe
09:40:47.0414 3816 BcmBtRSupport - ok
09:40:47.0461 3816 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
09:40:47.0461 3816 BDESVC - ok
09:40:47.0508 3816 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
09:40:47.0508 3816 Beep - ok
09:40:47.0570 3816 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
09:40:47.0601 3816 BFE - ok
09:40:47.0695 3816 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
09:40:47.0726 3816 BITS - ok
09:40:47.0773 3816 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:40:47.0773 3816 blbdrive - ok
09:40:47.0835 3816 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:40:47.0851 3816 bowser - ok
09:40:47.0867 3816 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:40:47.0867 3816 BrFiltLo - ok
09:40:47.0898 3816 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:40:47.0913 3816 BrFiltUp - ok
09:40:47.0960 3816 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
09:40:47.0960 3816 Browser - ok
09:40:47.0991 3816 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:40:48.0007 3816 Brserid - ok
09:40:48.0023 3816 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:40:48.0023 3816 BrSerWdm - ok
09:40:48.0054 3816 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:40:48.0054 3816 BrUsbMdm - ok
09:40:48.0069 3816 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:40:48.0069 3816 BrUsbSer - ok
09:40:48.0132 3816 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:40:48.0132 3816 BthEnum - ok
09:40:48.0163 3816 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:40:48.0163 3816 BTHMODEM - ok
09:40:48.0241 3816 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:40:48.0257 3816 BthPan - ok
09:40:48.0319 3816 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:40:48.0319 3816 BTHPORT - ok
09:40:48.0366 3816 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
09:40:48.0366 3816 bthserv - ok
09:40:48.0428 3816 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:40:48.0428 3816 BTHUSB - ok
09:40:48.0459 3816 [ 40CC43B70F7B9D386BFA13A3E231A567 ] btwampfl C:\Windows\system32\DRIVERS\btwampfl.sys
09:40:48.0459 3816 btwampfl - ok
09:40:48.0506 3816 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:40:48.0506 3816 cdfs - ok
09:40:48.0584 3816 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:40:48.0584 3816 cdrom - ok
09:40:48.0631 3816 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
09:40:48.0631 3816 CertPropSvc - ok
09:40:48.0678 3816 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:40:48.0678 3816 circlass - ok
09:40:48.0756 3816 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
09:40:48.0756 3816 CLFS - ok
09:40:48.0849 3816 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:40:48.0865 3816 clr_optimization_v2.0.50727_32 - ok
09:40:48.0896 3816 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:40:48.0896 3816 CmBatt - ok
09:40:48.0927 3816 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:40:48.0927 3816 cmdide - ok
09:40:49.0005 3816 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
09:40:49.0005 3816 CNG - ok
09:40:49.0037 3816 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:40:49.0037 3816 Compbatt - ok
09:40:49.0083 3816 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:40:49.0083 3816 CompositeBus - ok
09:40:49.0099 3816 COMSysApp - ok
09:40:49.0146 3816 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:40:49.0146 3816 crcdisk - ok
09:40:49.0208 3816 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:40:49.0208 3816 CryptSvc - ok
09:40:49.0271 3816 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
09:40:49.0271 3816 CSC - ok
09:40:49.0349 3816 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
09:40:49.0380 3816 CscService - ok
09:40:49.0427 3816 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:40:49.0427 3816 DcomLaunch - ok
09:40:49.0458 3816 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
09:40:49.0473 3816 defragsvc - ok
09:40:49.0536 3816 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:40:49.0536 3816 DfsC - ok
09:40:49.0598 3816 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:40:49.0614 3816 Dhcp - ok
09:40:49.0661 3816 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
09:40:49.0661 3816 discache - ok
09:40:49.0692 3816 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:40:49.0692 3816 Disk - ok
09:40:49.0754 3816 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:40:49.0754 3816 Dnscache - ok
09:40:49.0817 3816 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
09:40:49.0832 3816 dot3svc - ok
09:40:49.0910 3816 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
09:40:49.0910 3816 DPS - ok
09:40:49.0957 3816 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:40:49.0957 3816 drmkaud - ok
09:40:50.0051 3816 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\Windows\system32\Drivers\DrvAgent32.sys
09:40:50.0051 3816 DrvAgent32 - ok
09:40:50.0113 3816 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:40:50.0113 3816 DXGKrnl - ok
09:40:50.0160 3816 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
09:40:50.0160 3816 EapHost - ok
09:40:50.0331 3816 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
09:40:50.0347 3816 ebdrv - ok
09:40:50.0409 3816 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
09:40:50.0409 3816 EFS - ok
09:40:50.0503 3816 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:40:50.0519 3816 ehRecvr - ok
09:40:50.0612 3816 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
09:40:50.0612 3816 ehSched - ok
09:40:50.0675 3816 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:40:50.0675 3816 elxstor - ok
09:40:50.0706 3816 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:40:50.0706 3816 ErrDev - ok
09:40:50.0815 3816 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
09:40:50.0815 3816 EventSystem - ok
09:40:50.0862 3816 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
09:40:50.0862 3816 exfat - ok
09:40:50.0987 3816 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:40:50.0987 3816 fastfat - ok
09:40:51.0065 3816 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
09:40:51.0065 3816 Fax - ok
09:40:51.0111 3816 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:40:51.0111 3816 fdc - ok
09:40:51.0158 3816 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
09:40:51.0158 3816 fdPHost - ok
09:40:51.0189 3816 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
09:40:51.0189 3816 FDResPub - ok
09:40:51.0236 3816 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:40:51.0236 3816 FileInfo - ok
09:40:51.0252 3816 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:40:51.0252 3816 Filetrace - ok
09:40:51.0299 3816 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:40:51.0299 3816 flpydisk - ok
09:40:51.0345 3816 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:40:51.0345 3816 FltMgr - ok
09:40:51.0423 3816 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
09:40:51.0470 3816 FontCache - ok
09:40:51.0533 3816 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:40:51.0533 3816 FontCache3.0.0.0 - ok
09:40:51.0564 3816 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:40:51.0579 3816 FsDepends - ok
09:40:51.0611 3816 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:40:51.0626 3816 Fs_Rec - ok
09:40:51.0689 3816 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:40:51.0689 3816 fvevol - ok
09:40:51.0720 3816 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:40:51.0720 3816 gagp30kx - ok
09:40:51.0798 3816 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
09:40:51.0829 3816 gpsvc - ok
09:40:51.0876 3816 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:40:51.0876 3816 hcw85cir - ok
09:40:51.0923 3816 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:40:51.0938 3816 HdAudAddService - ok
09:40:51.0969 3816 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:40:51.0969 3816 HDAudBus - ok
09:40:52.0001 3816 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:40:52.0001 3816 HidBatt - ok
09:40:52.0032 3816 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:40:52.0032 3816 HidBth - ok
09:40:52.0063 3816 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:40:52.0079 3816 HidIr - ok
09:40:52.0125 3816 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
09:40:52.0125 3816 hidserv - ok
09:40:52.0172 3816 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:40:52.0172 3816 HidUsb - ok
09:40:52.0235 3816 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:40:52.0235 3816 hkmsvc - ok
09:40:52.0281 3816 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:40:52.0297 3816 HomeGroupListener - ok
09:40:52.0359 3816 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:40:52.0359 3816 HomeGroupProvider - ok
09:40:52.0391 3816 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:40:52.0391 3816 HpSAMD - ok
09:40:52.0453 3816 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:40:52.0453 3816 HTTP - ok
09:40:52.0515 3816 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:40:52.0515 3816 hwpolicy - ok
09:40:52.0578 3816 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:40:52.0578 3816 i8042prt - ok
09:40:52.0625 3816 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:40:52.0640 3816 iaStorV - ok
09:40:52.0734 3816 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:40:52.0749 3816 idsvc - ok
09:40:52.0812 3816 IEEtwCollectorService - ok
09:40:52.0843 3816 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:40:52.0843 3816 iirsp - ok
09:40:52.0905 3816 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
09:40:52.0952 3816 IKEEXT - ok
09:40:53.0139 3816 [ 8434A1BFF7BE3A29EA24FFA2FB2BB37B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:40:53.0171 3816 IntcAzAudAddService - ok
09:40:53.0264 3816 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
09:40:53.0264 3816 intelide - ok
09:40:53.0311 3816 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:40:53.0311 3816 intelppm - ok
09:40:53.0358 3816 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:40:53.0358 3816 IPBusEnum - ok
09:40:53.0389 3816 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:40:53.0389 3816 IpFilterDriver - ok
09:40:53.0451 3816 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:40:53.0483 3816 iphlpsvc - ok
09:40:53.0529 3816 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:40:53.0545 3816 IPMIDRV - ok
09:40:53.0576 3816 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:40:53.0576 3816 IPNAT - ok
09:40:53.0607 3816 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:40:53.0607 3816 IRENUM - ok
09:40:53.0639 3816 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:40:53.0639 3816 isapnp - ok
09:40:53.0701 3816 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:40:53.0701 3816 iScsiPrt - ok
09:40:53.0732 3816 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:40:53.0732 3816 kbdclass - ok
09:40:53.0795 3816 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:40:53.0795 3816 kbdhid - ok
09:40:53.0810 3816 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
09:40:53.0810 3816 KeyIso - ok
09:40:53.0857 3816 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:40:53.0857 3816 KSecDD - ok
09:40:53.0888 3816 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:40:53.0888 3816 KSecPkg - ok
09:40:53.0951 3816 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
09:40:53.0966 3816 KtmRm - ok
09:40:54.0029 3816 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
09:40:54.0044 3816 LanmanServer - ok
09:40:54.0075 3816 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:40:54.0075 3816 LanmanWorkstation - ok
09:40:54.0138 3816 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:40:54.0153 3816 lltdio - ok
09:40:54.0185 3816 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:40:54.0200 3816 lltdsvc - ok
09:40:54.0231 3816 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
09:40:54.0231 3816 lmhosts - ok
09:40:54.0263 3816 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:40:54.0263 3816 LSI_FC - ok
09:40:54.0309 3816 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:40:54.0309 3816 LSI_SAS - ok
09:40:54.0341 3816 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:40:54.0341 3816 LSI_SAS2 - ok
09:40:54.0356 3816 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:40:54.0356 3816 LSI_SCSI - ok
09:40:54.0387 3816 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
09:40:54.0387 3816 luafv - ok
09:40:54.0434 3816 [ 0C6EA0109CFEDF441F06D031E9A8D1A9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:40:54.0434 3816 MBAMProtector - ok
09:40:54.0606 3816 [ 0E08BDD7326E657D59DB40BAD23D8169 ] MBAMScheduler C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
09:40:54.0621 3816 MBAMScheduler - ok
09:40:54.0684 3816 [ A8E7F3DB083EB0839DFC1C763CDD2594 ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
09:40:54.0684 3816 MBAMService - ok
09:40:54.0762 3816 [ 661B911FA04E73FB073FF9B1C9BD2E05 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:40:54.0762 3816 MBAMSwissArmy - ok
09:40:54.0824 3816 [ 18898A87CBA96DEA2074C19E140938A8 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:40:54.0824 3816 MBAMWebAccessControl - ok
09:40:54.0871 3816 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:40:54.0871 3816 Mcx2Svc - ok
09:40:54.0918 3816 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:40:54.0918 3816 megasas - ok
09:40:54.0949 3816 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:40:54.0949 3816 MegaSR - ok
09:40:54.0980 3816 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
09:40:54.0980 3816 MMCSS - ok
09:40:55.0012 3816 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
09:40:55.0012 3816 Modem - ok
09:40:55.0043 3816 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:40:55.0043 3816 monitor - ok
09:40:55.0058 3816 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
09:40:55.0058 3816 mouclass - ok
09:40:55.0090 3816 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:40:55.0090 3816 mouhid - ok
09:40:55.0152 3816 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:40:55.0152 3816 mountmgr - ok
09:40:55.0214 3816 [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:40:55.0214 3816 MozillaMaintenance - ok
09:40:55.0246 3816 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
09:40:55.0246 3816 mpio - ok
09:40:55.0277 3816 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:40:55.0277 3816 mpsdrv - ok
09:40:55.0355 3816 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:40:55.0386 3816 MpsSvc - ok
09:40:55.0433 3816 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:40:55.0433 3816 MRxDAV - ok
09:40:55.0495 3816 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:40:55.0495 3816 mrxsmb - ok
09:40:55.0542 3816 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:40:55.0558 3816 mrxsmb10 - ok
09:40:55.0573 3816 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:40:55.0573 3816 mrxsmb20 - ok
09:40:55.0636 3816 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
09:40:55.0636 3816 msahci - ok
09:40:55.0682 3816 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:40:55.0682 3816 msdsm - ok
09:40:55.0714 3816 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
09:40:55.0714 3816 MSDTC - ok
09:40:55.0760 3816 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:40:55.0760 3816 Msfs - ok
09:40:55.0792 3816 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:40:55.0792 3816 mshidkmdf - ok
09:40:55.0838 3816 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:40:55.0838 3816 msisadrv - ok
09:40:55.0901 3816 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:40:55.0901 3816 MSiSCSI - ok
09:40:55.0916 3816 msiserver - ok
09:40:55.0963 3816 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:40:55.0963 3816 MSKSSRV - ok
09:40:55.0994 3816 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 126 hostů