Prosim o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Prosim o kontrolu logu

Příspěvekod OTAS » 01 kvě 2014 18:44

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:42:44, on 1.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)

FIREFOX: 29.0 (cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
C:\Users\Zofkovi\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{52F4ACEC-DA2F-43DE-A212-4C688E720E6A}: NameServer = 160.218.167.5 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAD4A683-81B5-464C-8EA3-B82BB7E0F089}: NameServer = 160.218.167.5 160.218.161.60
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - ASUSTeK Computer Inc. - C:\Windows\system32\FBAgent.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 9709 bytes
Nahoru
Reklama
Top
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jaro3 » 01 kvě 2014 19:12

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

http://www.bleepingcomputer.com/forums/ ... i-malware/

máš ho už v paměti , stačí klik do příspěvku , klik pravým a vybrat "vložit".
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod OTAS » 02 kvě 2014 18:21

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 2.5.2014
Čas skenování: 18:14:31
Protokol: MALWARE.txt
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.05.02.09
Databáze rootkitů: v2014.03.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Chameleon: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Zofkovi

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 264441
Uplynulý čas: 13 min, 10 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)
Nahoru
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod OTAS » 02 kvě 2014 18:24

# AdwCleaner v3.205 - Report created 02/05/2014 at 17:10:32
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Service Pack 1 (32 bits)
# Username : Zofkovi - ZOFKOVI-PC
# Running from : C:\Users\Zofkovi\Desktop\AdwCleaner(1).exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP
Service Found : Application Updater
Service Found : Updater Service for AMZN

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\Askcom.xml
File Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\ask-search.xml
File Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\icqplugin.xml
File Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\user.js
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\Program Files\Amazon Browser Bar
Folder Found : C:\Program Files\Application Updater
Folder Found : C:\Program Files\AskPartnerNetwork
Folder Found : C:\Program Files\AskTBar
Folder Found : C:\Program Files\Common Files\Spigot
Folder Found : C:\Program Files\Music Toolbar
Folder Found : C:\Program Files\RegClean Pro
Folder Found : C:\Program Files\Systweak Support Dock
Folder Found : C:\Users\Zofkovi\AppData\Local\PackageAware
Folder Found : C:\Users\Zofkovi\AppData\LocalLow\Conduit
Folder Found : C:\Users\Zofkovi\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\Conduit
Folder Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\CT2481032
Folder Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\Extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
Folder Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\ICQToolbarData
Folder Found : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\Smartbar
Folder Found : C:\Users\Zofkovi\AppData\Roaming\Systweak
Folder Found : C:\Windows\system32\AI_RecycleBin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\ICQ\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\systweak
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\Software\AskTBar
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\Software\systweak
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?ch_id=em&q={searchTerms}

-\\ Mozilla Firefox v29.0 (cs)

[ File : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\prefs.js ]

Line Found : user_pref("CT1750559..clientLogIsEnabled", true);
Line Found : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT1750559.CTID", "CT1750559");
Line Found : user_pref("CT1750559.CurrentServerDate", "25-12-2010");
Line Found : user_pref("CT1750559.DialogsAlignMode", "LTR");
Line Found : user_pref("CT1750559.DownloadReferralCookieData", "");
Line Found : user_pref("CT1750559.FF19Solved", "true");
Line Found : user_pref("CT1750559.FirstServerDate", "25-12-2010");
Line Found : user_pref("CT1750559.FirstTime", true);
Line Found : user_pref("CT1750559.FirstTimeFF3", true);
Line Found : user_pref("CT1750559.FixPageNotFoundErrors", true);
Line Found : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT1750559.HasUserGlobalKeys", true);
Line Found : user_pref("CT1750559.Initialize", true);
Line Found : user_pref("CT1750559.InitializeCommonPrefs", true);
Line Found : user_pref("CT1750559.InstallationAndCookieDataSentCount", 2);
Line Found : user_pref("CT1750559.InstallationType", "UnknownIntegration");
Line Found : user_pref("CT1750559.InstalledDate", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Found : user_pref("CT1750559.InvalidateCache", false);
Line Found : user_pref("CT1750559.IsGrouping", false);
Line Found : user_pref("CT1750559.IsMulticommunity", false);
Line Found : user_pref("CT1750559.IsOpenThankYouPage", true);
Line Found : user_pref("CT1750559.IsOpenUninstallPage", true);
Line Found : user_pref("CT1750559.LanguagePackLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Found : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT1750559.LastLogin_3.2.5.2", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Found : user_pref("CT1750559.LatestVersion", "3.2.5.2");
Line Found : user_pref("CT1750559.Locale", "en-us");
Line Found : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT1750559.RadioIsPodcast", false);
Line Found : user_pref("CT1750559.RadioLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Found : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Line Found : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Line Found : user_pref("CT1750559.RadioMediaID", "11237206");
Line Found : user_pref("CT1750559.RadioMediaType", "Media Player");
Line Found : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Line Found : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Line Found : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Line Found : user_pref("CT1750559.SavedHomepage", "hxxp://www.seznam.cz/");
Line Found : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q=");
Line Found : user_pref("CT1750559.SearchInNewTabEnabled", true);
Line Found : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Found : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT1750559.ServiceMapLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Found : user_pref("CT1750559.SettingsLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Found : user_pref("CT1750559.SettingsLastUpdate", "1292947354");
Line Found : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Found : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1246790578");
Line Found : user_pref("CT1750559.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Found : user_pref("CT1750559.UserID", "UN05022220317809056");
Line Found : user_pref("CT1750559.WeatherNetwork", "");
Line Found : user_pref("CT1750559.WeatherPollDate", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Found : user_pref("CT1750559.WeatherUnit", "C");
Line Found : user_pref("CT1750559.alertChannelId", "31130");
Line Found : user_pref("CT1750559.dum", "2");
Line Found : user_pref("CT1750559.fullUserID", "UN05022220317809056.UP.20140428151217");
Line Found : user_pref("CT1750559.installDate", "28/04/2014 15:12:16");
Line Found : user_pref("CT1750559.installSessionId", "b8226b47-ccf9-4245-ab9f-ad6140ae57e1");
Line Found : user_pref("CT1750559.installSp", "FALSE");
Line Found : user_pref("CT1750559.installerVersion", "1.10.0.6");
Line Found : user_pref("CT1750559.myStuffEnabled", true);
Line Found : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT1750559.searchRevert", "false");
Line Found : user_pref("CT1750559.searchUninstallUserMode", "1");
Line Found : user_pref("CT1750559.searchUserMode", "1");
Line Found : user_pref("CT1750559.testingCtid", "");
Line Found : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Found : user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Found : user_pref("CT1750559.toolbarInstallDate", "28-04-2014 15:12:09");
Line Found : user_pref("CT1750559.versionFromInstaller", "10.29.0.20");
Line Found : user_pref("CT1750559.xpeMode", "1");
Line Found : user_pref("CT2481032.1000082.isDisplayHidden", "true");
Line Found : user_pref("CT2481032.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT2481032.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
Line Found : user_pref("CT2481032.CBOpenMAMSettings.enc", "MA==");
Line Found : user_pref("CT2481032.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2481032.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2481032.FirstTime", "true");
Line Found : user_pref("CT2481032.FirstTimeFF3", "true");
Line Found : user_pref("CT2481032.LoginRevertSettingsEnabled", true);
Line Found : user_pref("CT2481032.PG_ENABLE", "dHJ1ZQ==");
Line Found : user_pref("CT2481032.PG_ENABLE.enc", "dHJ1ZQ==");
Line Found : user_pref("CT2481032.RestartDialogFirstTime", "false");
Line Found : user_pref("CT2481032.RestartDialogShouldDisplay", "false");
Line Found : user_pref("CT2481032.RevertSettingsEnabled", true);
Line Found : user_pref("CT2481032.SearchAppState.enc", "MQ==");
Line Found : user_pref("CT2481032.SearchAppTracking.enc", "MQ==");
Line Found : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=");
Line Found : user_pref("CT2481032.UserID", "UN13945455566793837");
Line Found : user_pref("CT2481032.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT2481032.autoDisableScopes", -1);
Line Found : user_pref("CT2481032.browser.search.defaultthis.engineName", true);
Line Found : user_pref("CT2481032.cbcountry_001.enc", "Q1o=");
Line Found : user_pref("CT2481032.cbfirsttime.enc", "U3VuIERlYyAxNiAyMDEyIDE4OjIxOjI2IEdNVCswMTAw");
Line Found : user_pref("CT2481032.countryCode", "CZ");
Line Found : user_pref("CT2481032.defaultSearch", "true");
Line Found : user_pref("CT2481032.embeddedsData", "[{\"appId\":\"129058858240125318\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Found : user_pref("CT2481032.enableAlerts", "false");
Line Found : user_pref("CT2481032.enableFix404ByUser", "FALSE");
Line Found : user_pref("CT2481032.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT2481032.firstTimeDialogOpened", "true");
Line Found : user_pref("CT2481032.fixPageNotFoundError", "true");
Line Found : user_pref("CT2481032.fixPageNotFoundErrorByUser", "true");
Line Found : user_pref("CT2481032.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT2481032.fixUrls", true);
Line Found : user_pref("CT2481032.fullUserID", "UN13945455566793837.UP.20130707205209");
Line Found : user_pref("CT2481032.homepageuserchanged", true);
Line Found : user_pref("CT2481032.installId", "conduitnsisintegration");
Line Found : user_pref("CT2481032.installType", "conduitnsisintegration");
Line Found : user_pref("CT2481032.isCheckedStartAsHidden", true);
Line Found : user_pref("CT2481032.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2481032.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT2481032.isNewTabEnabled", true);
Line Found : user_pref("CT2481032.isPerformedSmartBarTransition", "true");
Line Found : user_pref("CT2481032.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT2481032.keyword", true);
Line Found : user_pref("CT2481032.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT2481032&octid=CT2481032&ISID=ISID_ID&SearchSource=15&CUI=UN13945455566793837&Lay=1&[...]
Line Found : user_pref("CT2481032.lastVersion", "10.29.0.520");
Line Found : user_pref("CT2481032.mam_gk_appStateReportTime.enc", "MTM2NjczNTU4NzIzNQ==");
Line Found : user_pref("CT2481032.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Found : user_pref("CT2481032.mam_gk_appState_Easytobook.enc", "b24=");
Line Found : user_pref("CT2481032.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Found : user_pref("CT2481032.mam_gk_appState_PriceGong.enc", "b24=");
Line Found : user_pref("CT2481032.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
Line Found : user_pref("CT2481032.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Found : user_pref("CT2481032.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5IiwiY3JpdGVyaWFzIjpbeyJjcml0ZXJpYUlkIjoiYzY4NmY4ZTAtMzBkMy00YjhjLWFlNGQtNjgwODAxY2U0YjEzIiwiZG9tYWlucyI[...]
Line Found : user_pref("CT2481032.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Line Found : user_pref("CT2481032.mam_gk_first_time.enc", "MQ==");
Line Found : user_pref("CT2481032.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Found : user_pref("CT2481032.mam_gk_lastLoginTime.enc", "MTM2NjczNTU4NjU0Nw==");
Line Found : user_pref("CT2481032.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Found : user_pref("CT2481032.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Found : user_pref("CT2481032.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
Line Found : user_pref("CT2481032.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Found : user_pref("CT2481032.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Found : user_pref("CT2481032.mam_gk_userId.enc", "Y2M0MTFmYjctZTAzZS00Y2QxLTg1N2YtZTY4MjkxN2YyMzEy");
Line Found : user_pref("CT2481032.migrateAppsAndComponents", true);
Line Found : user_pref("CT2481032.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://AshampooUS.OurToolbar.com/\",\"EB_TOOL[...]
Line Found : user_pref("CT2481032.openThankYouPage", "false");
Line Found : user_pref("CT2481032.openUninstallPage", "false");
Line Found : user_pref("CT2481032.originalHomepage", "hxxp://www.seznam.cz/");
Line Found : user_pref("CT2481032.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CUI=UN13945455566793837&UM=&q=");
Line Found : user_pref("CT2481032.originalSearchEngine", "Google");
Line Found : user_pref("CT2481032.originalSearchEngineName", "Google");
Line Found : user_pref("CT2481032.performedDomainChangesMigration", "true");
Line Found : user_pref("CT2481032.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"12\\\\/16\\\\/2012 20\\\"}\"}");
Line Found : user_pref("CT2481032.revertSettingsEnabled", "false");
Line Found : user_pref("CT2481032.search.searchAppId", "129058858240125318");
Line Found : user_pref("CT2481032.search.searchCount", "0");
Line Found : user_pref("CT2481032.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT2481032.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT2481032.searchSuggestEnabledByUser", "true");
Line Found : user_pref("CT2481032.searchUserMode", "false");
Line Found : user_pref("CT2481032.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2481032.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT2481032.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2481032\"}");
Line Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://AshampooUS.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Ashampoo US \"}");
Line Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2481032.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT2481032.serviceLayer_services_Configuration_lastUpdate", "1398677312080");
Line Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1398691088586");
Line Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1398691088622");
Line Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "1398691088634");
Line Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1398691088661");
Line Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-google_lastUpdate", "1398691088610");
Line Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1398691088599");
Line Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-thesun_news_lastUpdate", "1398691088648");
Line Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1398691088675");
Line Found : user_pref("CT2481032.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1398691076907");
Line Found : user_pref("CT2481032.serviceLayer_services_appsMetadata_lastUpdate", "1398691076415");
Line Found : user_pref("CT2481032.serviceLayer_services_getTwitterExtraInfo_lastUpdate", "1398691089291");
Line Found : user_pref("CT2481032.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1398691076617");
Line Found : user_pref("CT2481032.serviceLayer_services_location_lastUpdate", "1372876050768");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.13.40.15_lastUpdate", "1359455393492");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360780150227");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364465854960");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366388782299");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.15.2.523_lastUpdate", "1372876050599");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374776200579");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.16.70.505_lastUpdate", "1381060007628");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.20.1.508_lastUpdate", "1383498051747");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384529473810");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385226550829");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.22.5.510_lastUpdate", "1387292307775");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.23.0.822_lastUpdate", "1397588898439");
Line Found : user_pref("CT2481032.serviceLayer_services_login_10.29.0.520_lastUpdate", "1398691088432");
Line Found : user_pref("CT2481032.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1398691076469");
Line Found : user_pref("CT2481032.serviceLayer_services_searchAPI_lastUpdate", "1398677311672");
Line Found : user_pref("CT2481032.serviceLayer_services_serviceMap_lastUpdate", "1398677310898");
Line Found : user_pref("CT2481032.serviceLayer_services_toolbarContextMenu_lastUpdate", "1398691076549");
Line Found : user_pref("CT2481032.serviceLayer_services_toolbarSettings_lastUpdate", "1398689961342");
Line Found : user_pref("CT2481032.serviceLayer_services_translation_lastUpdate", "1398677309839");
Line Found : user_pref("CT2481032.serviceLayer_services_userApps_lastUpdate", "1366388672623");
Line Found : user_pref("CT2481032.settingsINI", true);
Line Found : user_pref("CT2481032.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT2481032.showToolbarPermission", "false");
Line Found : user_pref("CT2481032.smartbar.CTID", "CT2481032");
Line Found : user_pref("CT2481032.smartbar.Uninstall", "0");
Line Found : user_pref("CT2481032.smartbar.homepage", true);
Line Found : user_pref("CT2481032.smartbar.isHidden", true);
Line Found : user_pref("CT2481032.smartbar.toolbarName", "Ashampoo US ");
Line Found : user_pref("CT2481032.startPage", "userChanged");
Line Found : user_pref("CT2481032.toolbarBornServerTime", "16-12-2012");
Line Found : user_pref("CT2481032.toolbarCurrentServerTime", "28-4-2014");
Line Found : user_pref("CT2481032.toolbarLoginClientTime", "Sun Mar 31 2013 15:50:26 GMT+0200");
Line Found : user_pref("CT2481032.url_history0001.enc", "aHR0cDovL3d3dy5hbHphLmN6L2RvbWFjaS1lbGVrdHJvL2YxODg1MDM1Mi5odG06OjpjbGlja2hhbmRsZXI6OjoxMzY1NjA5NDc0OTQ1LCwsaHR0cDovL3d3dy5hbHphLmN6L2RvbWFjaS1lbGVrdHJvL2Yx[...]
Line Found : user_pref("CT2481032_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1398696909055,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1750559", "\"1284547766\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "ZF/VZo7UyQBp8ghNNzhnSQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "q6quHA6+Jio7VU9PnyyrZw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "A4BF15en2mpzA5wEihSZog==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634285431132430000\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1750559", "\"1292947354\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... =EB_LOCALE", "\"634287110467970000\"");
Line Found : user_pref("CommunityToolbar.EngineOwner", "CT1750559");
Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bs_player");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1750559");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bs_player");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT1750559");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.locale", "en");
Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.alert.userId", "9cd800da-0489-4526-b88c-2df798b2bc3b");
Line Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1750559");
Line Found : user_pref("Smartbar.ConduitHomepagesList", "");
Line Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");
Line Found : user_pref("Smartbar.TBHomepagesList", "");
Line Found : user_pref("Smartbar.TBSearchEngineList", "");
Line Found : user_pref("Smartbar.TBSearchUrlList", "");
Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Line Found : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}");
Line Found : user_pref("extensions.APN_TB.first-previous-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CUI=UN13945455566793837&UM=false&q=");
Line Found : user_pref("extensions.ORJ-V7C.previous-keyword-url", "\"hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CUI=UN13945455566793837&UM=false&q=\"");
Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.engineVerified", false);
Line Found : user_pref("icqtoolbar.geolastmodified", 1302776198);
Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Found : user_pref("icqtoolbar.history", "sbr||Spodn%C3%AD%20pr%C3%A1dlo||Mikiny||Oble%C4%8Den%C3%AD||faq||Seat||100%20lidske||tacho%20ke%20sta%C5%BEen%C3%AD||fa||grepolis||D%C3%A1msk%C3%A1%20bunda%20Zimn%C3%A[...]
Line Found : user_pref("icqtoolbar.icqgeo", 42);
Line Found : user_pref("icqtoolbar.installTime", "1300999920");
Line Found : user_pref("icqtoolbar.installsource", "1");
Line Found : user_pref("icqtoolbar.newtab_state", "1");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "3.6.16");
Line Found : user_pref("icqtoolbar.skip_default_search", "yes");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uniqueID", "129283534912928356181292842988514");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1302862601);
Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&octid=CT2481032&CUI=UN13945455566793837&UM=false&SearchSource=2&q=");
Line Found : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Found : user_pref("smartBar.searchInNewTabOwner", "CT2481032");
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT2481032");
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=13&CUI=SB_CUI");
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CU[...]
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT2481032");
Line Found : user_pref("smartbar.homePageOwnerCTID", "CT2481032");
Line Found : user_pref("smartbar.homepageList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=13&CUI=SB_CUI");
Line Found : user_pref("smartbar.machineId", "4UGUWXE3FVPROFAXYXIFFXM5O01VB5ASF7YSZNZRGI4HWV40UMNKDW9L2QRCAY8IIGOGYD7TFNKOGJ2Z5BEXJQ");
Line Found : user_pref("smartbar.originalHomepage", "hxxp://www.seznam.cz/");
Line Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");
Line Found : user_pref("smartbar.originalSearchEngine", "Yahoo");
Line Found : user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CUI=SB_CU[...]
Line Found : user_pref("valueApps.CT2481032.mam_gk_currentVersion", "312E31332E302E3137");
Line Found : user_pref("valueApps.CT2481032.mam_gk_currentVersion.storedInFile", false);
Line Found : user_pref("valueApps.CT2481032.mam_gk_globalKeysMigratedToLocalStorage", "31");
Line Found : user_pref("valueApps.CT2481032.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
Line Found : user_pref("valueApps.CT2481032.mam_gk_migrated_from_ls", "31");
Line Found : user_pref("valueApps.CT2481032.mam_gk_migrated_from_ls.storedInFile", false);
Line Found : user_pref("valueApps.CT2481032.mam_gk_userBornDate", "4E2F41");
Line Found : user_pref("valueApps.CT2481032.mam_gk_userBornDate.storedInFile", false);

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Zofkovi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}

*************************

AdwCleaner[R0].txt - [34788 octets] - [02/05/2014 17:06:40]
AdwCleaner[R1].txt - [34710 octets] - [02/05/2014 17:10:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [34771 octets] ##########
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod Orcus » 02 kvě 2014 18:47

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod OTAS » 02 kvě 2014 20:30

# AdwCleaner v3.205 - Report created 02/05/2014 at 20:24:54
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Service Pack 1 (32 bits)
# Username : Zofkovi - ZOFKOVI-PC
# Running from : C:\Users\Zofkovi\Desktop\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP
[#] Service Deleted : Application Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\AskTBar
Folder Deleted : C:\Program Files\Music Toolbar
Folder Deleted : C:\Program Files\RegClean Pro
Folder Deleted : C:\Program Files\Systweak Support Dock
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Windows\system32\AI_RecycleBin
Folder Deleted : C:\Users\Zofkovi\AppData\Local\PackageAware
Folder Deleted : C:\Users\Zofkovi\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Zofkovi\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Zofkovi\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\Conduit
Folder Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\ICQToolbarData
Folder Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\Smartbar
Folder Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\CT2481032
Folder Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\Extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
File Deleted : C:\END
File Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskTBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v29.0 (cs)

[ File : C:\Users\Zofkovi\AppData\Roaming\Mozilla\Firefox\Profiles\ev85sdnj.default\prefs.js ]

Line Deleted : user_pref("CT1750559..clientLogIsEnabled", true);
Line Deleted : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT1750559.CTID", "CT1750559");
Line Deleted : user_pref("CT1750559.CurrentServerDate", "25-12-2010");
Line Deleted : user_pref("CT1750559.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1750559.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT1750559.FF19Solved", "true");
Line Deleted : user_pref("CT1750559.FirstServerDate", "25-12-2010");
Line Deleted : user_pref("CT1750559.FirstTime", true);
Line Deleted : user_pref("CT1750559.FirstTimeFF3", true);
Line Deleted : user_pref("CT1750559.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT1750559.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT1750559.Initialize", true);
Line Deleted : user_pref("CT1750559.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT1750559.InstallationAndCookieDataSentCount", 2);
Line Deleted : user_pref("CT1750559.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT1750559.InstalledDate", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Deleted : user_pref("CT1750559.InvalidateCache", false);
Line Deleted : user_pref("CT1750559.IsGrouping", false);
Line Deleted : user_pref("CT1750559.IsMulticommunity", false);
Line Deleted : user_pref("CT1750559.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT1750559.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT1750559.LanguagePackLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Deleted : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT1750559.LastLogin_3.2.5.2", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Deleted : user_pref("CT1750559.LatestVersion", "3.2.5.2");
Line Deleted : user_pref("CT1750559.Locale", "en-us");
Line Deleted : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT1750559.RadioIsPodcast", false);
Line Deleted : user_pref("CT1750559.RadioLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Deleted : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT1750559.RadioMediaID", "11237206");
Line Deleted : user_pref("CT1750559.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Line Deleted : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Line Deleted : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Line Deleted : user_pref("CT1750559.SavedHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT1750559.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Deleted : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1750559.ServiceMapLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Deleted : user_pref("CT1750559.SettingsLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Deleted : user_pref("CT1750559.SettingsLastUpdate", "1292947354");
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT1750559.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Deleted : user_pref("CT1750559.UserID", "UN05022220317809056");
Line Deleted : user_pref("CT1750559.WeatherNetwork", "");
Line Deleted : user_pref("CT1750559.WeatherPollDate", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Deleted : user_pref("CT1750559.WeatherUnit", "C");
Line Deleted : user_pref("CT1750559.alertChannelId", "31130");
Line Deleted : user_pref("CT1750559.dum", "2");
Line Deleted : user_pref("CT1750559.fullUserID", "UN05022220317809056.UP.20140428151217");
Line Deleted : user_pref("CT1750559.installDate", "28/04/2014 15:12:16");
Line Deleted : user_pref("CT1750559.installSessionId", "b8226b47-ccf9-4245-ab9f-ad6140ae57e1");
Line Deleted : user_pref("CT1750559.installSp", "FALSE");
Line Deleted : user_pref("CT1750559.installerVersion", "1.10.0.6");
Line Deleted : user_pref("CT1750559.myStuffEnabled", true);
Line Deleted : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT1750559.searchRevert", "false");
Line Deleted : user_pref("CT1750559.searchUninstallUserMode", "1");
Line Deleted : user_pref("CT1750559.searchUserMode", "1");
Line Deleted : user_pref("CT1750559.testingCtid", "");
Line Deleted : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Deleted : user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Fri Dec 24 2010 22:55:22 GMT+0100");
Line Deleted : user_pref("CT1750559.toolbarInstallDate", "28-04-2014 15:12:09");
Line Deleted : user_pref("CT1750559.versionFromInstaller", "10.29.0.20");
Line Deleted : user_pref("CT1750559.xpeMode", "1");
Line Deleted : user_pref("CT2481032.1000082.isDisplayHidden", "true");
Line Deleted : user_pref("CT2481032.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT2481032.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT2481032.CBOpenMAMSettings.enc", "MA==");
Line Deleted : user_pref("CT2481032.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2481032.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2481032.FirstTime", "true");
Line Deleted : user_pref("CT2481032.FirstTimeFF3", "true");
Line Deleted : user_pref("CT2481032.LoginRevertSettingsEnabled", true);
Line Deleted : user_pref("CT2481032.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT2481032.PG_ENABLE.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2481032.RestartDialogFirstTime", "false");
Line Deleted : user_pref("CT2481032.RestartDialogShouldDisplay", "false");
Line Deleted : user_pref("CT2481032.RevertSettingsEnabled", true);
Line Deleted : user_pref("CT2481032.SearchAppState.enc", "MQ==");
Line Deleted : user_pref("CT2481032.SearchAppTracking.enc", "MQ==");
Line Deleted : user_pref("CT2481032.UserID", "UN13945455566793837");
Line Deleted : user_pref("CT2481032.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2481032.autoDisableScopes", -1);
Line Deleted : user_pref("CT2481032.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT2481032.cbcountry_001.enc", "Q1o=");
Line Deleted : user_pref("CT2481032.cbfirsttime.enc", "U3VuIERlYyAxNiAyMDEyIDE4OjIxOjI2IEdNVCswMTAw");
Line Deleted : user_pref("CT2481032.countryCode", "CZ");
Line Deleted : user_pref("CT2481032.defaultSearch", "true");
Line Deleted : user_pref("CT2481032.embeddedsData", "[{\"appId\":\"129058858240125318\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT2481032.enableAlerts", "false");
Line Deleted : user_pref("CT2481032.enableFix404ByUser", "FALSE");
Line Deleted : user_pref("CT2481032.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT2481032.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT2481032.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT2481032.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT2481032.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2481032.fixUrls", true);
Line Deleted : user_pref("CT2481032.fullUserID", "UN13945455566793837.UP.20130707205209");
Line Deleted : user_pref("CT2481032.homepageuserchanged", true);
Line Deleted : user_pref("CT2481032.installId", "conduitnsisintegration");
Line Deleted : user_pref("CT2481032.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT2481032.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2481032.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2481032.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2481032.isNewTabEnabled", true);
Line Deleted : user_pref("CT2481032.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT2481032.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2481032.keyword", true);
Line Deleted : user_pref("CT2481032.lastVersion", "10.29.0.520");
Line Deleted : user_pref("CT2481032.mam_gk_appStateReportTime.enc", "MTM2NjczNTU4NzIzNQ==");
Line Deleted : user_pref("CT2481032.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT2481032.mam_gk_appState_Easytobook.enc", "b24=");
Line Deleted : user_pref("CT2481032.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Deleted : user_pref("CT2481032.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT2481032.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
Line Deleted : user_pref("CT2481032.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT2481032.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5IiwiY3JpdGVyaWFzIjpbeyJjcml0ZXJpYUlkIjoiYzY4NmY4ZTAtMzBkMy00YjhjLWFlNGQtNjgwODAxY2U0YjEzIiwiZG9tYWlucyI[...]
Line Deleted : user_pref("CT2481032.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Line Deleted : user_pref("CT2481032.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT2481032.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2481032.mam_gk_lastLoginTime.enc", "MTM2NjczNTU4NjU0Nw==");
Line Deleted : user_pref("CT2481032.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT2481032.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2481032.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
Line Deleted : user_pref("CT2481032.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2481032.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2481032.mam_gk_userId.enc", "Y2M0MTFmYjctZTAzZS00Y2QxLTg1N2YtZTY4MjkxN2YyMzEy");
Line Deleted : user_pref("CT2481032.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT2481032.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://AshampooUS.OurToolbar.com/\",\"EB_TOOL[...]
Line Deleted : user_pref("CT2481032.openThankYouPage", "false");
Line Deleted : user_pref("CT2481032.openUninstallPage", "false");
Line Deleted : user_pref("CT2481032.originalHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CT2481032.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CUI=UN13945455566793837&UM=&q=");
Line Deleted : user_pref("CT2481032.originalSearchEngine", "Google");
Line Deleted : user_pref("CT2481032.originalSearchEngineName", "Google");
Line Deleted : user_pref("CT2481032.performedDomainChangesMigration", "true");
Line Deleted : user_pref("CT2481032.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"12\\\\/16\\\\/2012 20\\\"}\"}");
Line Deleted : user_pref("CT2481032.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT2481032.search.searchAppId", "129058858240125318");
Line Deleted : user_pref("CT2481032.search.searchCount", "0");
Line Deleted : user_pref("CT2481032.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT2481032.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2481032.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT2481032.searchUserMode", "false");
Line Deleted : user_pref("CT2481032.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2481032.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2481032.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2481032\"}");
Line Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://AshampooUS.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Ashampoo US \"}");
Line Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2481032.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2481032.serviceLayer_services_Configuration_lastUpdate", "1398677312080");
Line Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1398691088586");
Line Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1398691088622");
Line Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "1398691088634");
Line Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1398691088661");
Line Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-google_lastUpdate", "1398691088610");
Line Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1398691088599");
Line Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-thesun_news_lastUpdate", "1398691088648");
Line Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1398691088675");
Line Deleted : user_pref("CT2481032.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1398691076907");
Line Deleted : user_pref("CT2481032.serviceLayer_services_appsMetadata_lastUpdate", "1398691076415");
Line Deleted : user_pref("CT2481032.serviceLayer_services_getTwitterExtraInfo_lastUpdate", "1398691089291");
Line Deleted : user_pref("CT2481032.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1398691076617");
Line Deleted : user_pref("CT2481032.serviceLayer_services_location_lastUpdate", "1372876050768");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.13.40.15_lastUpdate", "1359455393492");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360780150227");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364465854960");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366388782299");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.15.2.523_lastUpdate", "1372876050599");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374776200579");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.16.70.505_lastUpdate", "1381060007628");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.20.1.508_lastUpdate", "1383498051747");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384529473810");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385226550829");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.22.5.510_lastUpdate", "1387292307775");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.23.0.822_lastUpdate", "1397588898439");
Line Deleted : user_pref("CT2481032.serviceLayer_services_login_10.29.0.520_lastUpdate", "1398691088432");
Line Deleted : user_pref("CT2481032.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1398691076469");
Line Deleted : user_pref("CT2481032.serviceLayer_services_searchAPI_lastUpdate", "1398677311672");
Line Deleted : user_pref("CT2481032.serviceLayer_services_serviceMap_lastUpdate", "1398677310898");
Line Deleted : user_pref("CT2481032.serviceLayer_services_toolbarContextMenu_lastUpdate", "1398691076549");
Line Deleted : user_pref("CT2481032.serviceLayer_services_toolbarSettings_lastUpdate", "1398689961342");
Line Deleted : user_pref("CT2481032.serviceLayer_services_translation_lastUpdate", "1398677309839");
Line Deleted : user_pref("CT2481032.serviceLayer_services_userApps_lastUpdate", "1366388672623");
Line Deleted : user_pref("CT2481032.settingsINI", true);
Line Deleted : user_pref("CT2481032.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT2481032.showToolbarPermission", "false");
Line Deleted : user_pref("CT2481032.smartbar.CTID", "CT2481032");
Line Deleted : user_pref("CT2481032.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2481032.smartbar.homepage", true);
Line Deleted : user_pref("CT2481032.smartbar.isHidden", true);
Line Deleted : user_pref("CT2481032.smartbar.toolbarName", "Ashampoo US ");
Line Deleted : user_pref("CT2481032.startPage", "userChanged");
Line Deleted : user_pref("CT2481032.toolbarBornServerTime", "16-12-2012");
Line Deleted : user_pref("CT2481032.toolbarCurrentServerTime", "28-4-2014");
Line Deleted : user_pref("CT2481032.toolbarLoginClientTime", "Sun Mar 31 2013 15:50:26 GMT+0200");
Line Deleted : user_pref("CT2481032.url_history0001.enc", "aHR0cDovL3d3dy5hbHphLmN6L2RvbWFjaS1lbGVrdHJvL2YxODg1MDM1Mi5odG06OjpjbGlja2hhbmRsZXI6OjoxMzY1NjA5NDc0OTQ1LCwsaHR0cDovL3d3dy5hbHphLmN6L2RvbWFjaS1lbGVrdHJvL2Yx[...]
Line Deleted : user_pref("CT2481032_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1398696909055,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1750559", "\"1284547766\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "ZF/VZo7UyQBp8ghNNzhnSQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "q6quHA6+Jio7VU9PnyyrZw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =EB_LOCALE", "A4BF15en2mpzA5wEihSZog==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634285431132430000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1750559", "\"1292947354\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... =EB_LOCALE", "\"634287110467970000\"");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "CT1750559");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bs_player");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1750559");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bs_player");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1750559");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "9cd800da-0489-4526-b88c-2df798b2bc3b");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Dec 24 2010 22:55:21 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1750559");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");
Line Deleted : user_pref("Smartbar.TBHomepagesList", "");
Line Deleted : user_pref("Smartbar.TBSearchEngineList", "");
Line Deleted : user_pref("Smartbar.TBSearchUrlList", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Line Deleted : user_pref("extensions.APN_TB.first-previous-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CUI=UN13945455566793837&UM=false&q=");
Line Deleted : user_pref("extensions.ORJ-V7C.previous-keyword-url", "\"hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CUI=UN13945455566793837&UM=false&q=\"");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1302776198);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "sbr||Spodn%C3%AD%20pr%C3%A1dlo||Mikiny||Oble%C4%8Den%C3%AD||faq||Seat||100%20lidske||tacho%20ke%20sta%C5%BEen%C3%AD||fa||grepolis||D%C3%A1msk%C3%A1%20bunda%20Zimn%C3%A[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1300999920");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.16");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "129283534912928356181292842988514");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1302862601);
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartBar.searchInNewTabOwner", "CT2481032");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT2481032");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=13&CUI=SB_CUI");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT2481032");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT2481032");
Line Deleted : user_pref("smartbar.homepageList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=13&CUI=SB_CUI");
Line Deleted : user_pref("smartbar.machineId", "4UGUWXE3FVPROFAXYXIFFXM5O01VB5ASF7YSZNZRGI4HWV40UMNKDW9L2QRCAY8IIGOGYD7TFNKOGJ2Z5BEXJQ");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");
Line Deleted : user_pref("smartbar.originalSearchEngine", "Yahoo");
Line Deleted : user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&CUI=SB_CU[...]
Line Deleted : user_pref("valueApps.CT2481032.mam_gk_currentVersion", "312E31332E302E3137");
Line Deleted : user_pref("valueApps.CT2481032.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2481032.mam_gk_globalKeysMigratedToLocalStorage", "31");
Line Deleted : user_pref("valueApps.CT2481032.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2481032.mam_gk_migrated_from_ls", "31");
Line Deleted : user_pref("valueApps.CT2481032.mam_gk_migrated_from_ls.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2481032.mam_gk_userBornDate", "4E2F41");
Line Deleted : user_pref("valueApps.CT2481032.mam_gk_userBornDate.storedInFile", false);

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Zofkovi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}

*************************

AdwCleaner[R2].txt - [33855 octets] - [02/05/2014 20:23:20]
AdwCleaner[S0].txt - [34460 octets] - [02/05/2014 20:24:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [34521 octets] ##########
Nahoru
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod OTAS » 02 kvě 2014 22:03

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Zofkovi [Práva správce]
Mód : Kontrola -- Datum : 05/02/2014 22:02:53
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{52F4ACEC-DA2F-43DE-A212-4C688E720E6A} : NameServer (160.218.167.5 160.218.161.60 [EUROPEAN UNION (EU) - EUROPEAN UNION (EU)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CCSet\[...]\{CAD4A683-81B5-464C-8EA3-B82BB7E0F089} : NameServer (160.218.167.5 160.218.161.60 [EUROPEAN UNION (EU) - EUROPEAN UNION (EU)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{52F4ACEC-DA2F-43DE-A212-4C688E720E6A} : NameServer (160.218.167.5 160.218.161.60 [EUROPEAN UNION (EU) - EUROPEAN UNION (EU)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{CAD4A683-81B5-464C-8EA3-B82BB7E0F089} : NameServer (160.218.167.5 160.218.161.60 [EUROPEAN UNION (EU) - EUROPEAN UNION (EU)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{52F4ACEC-DA2F-43DE-A212-4C688E720E6A} : NameServer (160.218.167.5 160.218.161.60 [EUROPEAN UNION (EU) - EUROPEAN UNION (EU)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{CAD4A683-81B5-464C-8EA3-B82BB7E0F089} : NameServer (160.218.167.5 160.218.161.60 [EUROPEAN UNION (EU) - EUROPEAN UNION (EU)]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] IHUninstallTrackingTASK : CMD - /C DEL C:\Windows\TEMP\IHU52C0.tmp.exe [x][x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742909AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742849A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74286395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742908ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7429E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7429D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742894AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74286A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74283982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7429D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742A3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742853E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742851BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74284EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742863E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428FCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74283F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74283F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74284BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742904BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74290473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742905DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74290FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7429165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428BF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74287C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428FF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742886E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742906E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742A3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74293611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742939D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742A3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74282D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74291081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74293CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428F869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74282E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742860AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742885B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742873D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742A3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B3296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74290134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7429CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7428B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x742B068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73E1D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox
Nahoru
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod OTAS » 02 kvě 2014 22:05

Sken Junkware Removal Tool přidám zítra
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod Orcus » 03 kvě 2014 11:26

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Pokud se log nevejde do jedné zprávy, rozděl jej na více částí.

====================================================

+ log z JRT
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod OTAS » 03 kvě 2014 16:37

Ten prpogramek Junkware Removal Tool jsem měl puštěn 2 hod a y žádny naznak že by něco hledal.


RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Zofkovi [Práva správce]
Mód : Odebrat -- Datum : 05/03/2014 16:35:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] IHUninstallTrackingTASK : CMD - /C DEL C:\Windows\TEMP\IHU52C0.tmp.exe [x][x] -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747509AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747449A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74770731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74746395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747508ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747494AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74746A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74743982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74763B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747735E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747453E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747451BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74744EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747463E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474FCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74743F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74743F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747706CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74744BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747504BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74750473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747505DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74750FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474BF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74747C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474FF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747723B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747486E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747506E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74763FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74753611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747539D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747722E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74773172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74763274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7477301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747729C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7477320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74742D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74751081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74753CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474F869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74742E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747460AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7477312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747485B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747473D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74763D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74773296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74750134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7477068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxXcÂ*�?—cø"V) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7421DD99)
[Address] EAT @firefox.exe (BeginBufferedAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747509AE)
[Address] EAT @firefox.exe (BeginBufferedPaint) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747449A1)
[Address] EAT @firefox.exe (BeginPanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74770731)
[Address] EAT @firefox.exe (BufferedPaintClear) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74746395)
[Address] EAT @firefox.exe (BufferedPaintInit) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474940E)
[Address] EAT @firefox.exe (BufferedPaintRenderAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747508ED)
[Address] EAT @firefox.exe (BufferedPaintSetAlpha) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475E6B3)
[Address] EAT @firefox.exe (BufferedPaintStopAllAnimations) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475D395)
[Address] EAT @firefox.exe (BufferedPaintUnInit) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747494AB)
[Address] EAT @firefox.exe (CloseThemeData) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74746A18)
[Address] EAT @firefox.exe (DrawThemeBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74743982)
[Address] EAT @firefox.exe (DrawThemeBackgroundEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475D9DA)
[Address] EAT @firefox.exe (DrawThemeEdge) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74763B52)
[Address] EAT @firefox.exe (DrawThemeIcon) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747735E7)
[Address] EAT @firefox.exe (DrawThemeParentBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747453E5)
[Address] EAT @firefox.exe (DrawThemeParentBackgroundEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747451BF)
[Address] EAT @firefox.exe (DrawThemeText) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74744EA1)
[Address] EAT @firefox.exe (DrawThemeTextEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747463E6)
[Address] EAT @firefox.exe (EnableThemeDialogTexture) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474FCAF)
[Address] EAT @firefox.exe (EnableTheming) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772FEB)
[Address] EAT @firefox.exe (EndBufferedAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74743F9A)
[Address] EAT @firefox.exe (EndBufferedPaint) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74743F9A)
[Address] EAT @firefox.exe (EndPanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747706CC)
[Address] EAT @firefox.exe (GetBufferedPaintBits) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74744BAF)
[Address] EAT @firefox.exe (GetBufferedPaintDC) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747504BC)
[Address] EAT @firefox.exe (GetBufferedPaintTargetDC) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74750473)
[Address] EAT @firefox.exe (GetBufferedPaintTargetRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772E7F)
[Address] EAT @firefox.exe (GetCurrentThemeName) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747505DD)
[Address] EAT @firefox.exe (GetThemeAppProperties) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74750FB1)
[Address] EAT @firefox.exe (GetThemeBackgroundContentRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474CD2E)
[Address] EAT @firefox.exe (GetThemeBackgroundExtent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474F8BF)
[Address] EAT @firefox.exe (GetThemeBackgroundRegion) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475165D)
[Address] EAT @firefox.exe (GetThemeBitmap) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474BF93)
[Address] EAT @firefox.exe (GetThemeBool) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74747C1F)
[Address] EAT @firefox.exe (GetThemeColor) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474616C)
[Address] EAT @firefox.exe (GetThemeDocumentationProperty) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772932)
[Address] EAT @firefox.exe (GetThemeEnumValue) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474616C)
[Address] EAT @firefox.exe (GetThemeFilename) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772412)
[Address] EAT @firefox.exe (GetThemeFont) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474FF21)
[Address] EAT @firefox.exe (GetThemeInt) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474616C)
[Address] EAT @firefox.exe (GetThemeIntList) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747723B1)
[Address] EAT @firefox.exe (GetThemeMargins) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747486E9)
[Address] EAT @firefox.exe (GetThemeMetric) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747506E2)
[Address] EAT @firefox.exe (GetThemePartSize) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474CDB1)
[Address] EAT @firefox.exe (GetThemePosition) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772350)
[Address] EAT @firefox.exe (GetThemePropertyOrigin) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74763FBB)
[Address] EAT @firefox.exe (GetThemeRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74753611)
[Address] EAT @firefox.exe (GetThemeStream) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747539D9)
[Address] EAT @firefox.exe (GetThemeString) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747722E4)
[Address] EAT @firefox.exe (GetThemeSysBool) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74773172)
[Address] EAT @firefox.exe (GetThemeSysColor) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74763274)
[Address] EAT @firefox.exe (GetThemeSysColorBrush) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7477301E)
[Address] EAT @firefox.exe (GetThemeSysFont) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747729C4)
[Address] EAT @firefox.exe (GetThemeSysInt) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772BD3)
[Address] EAT @firefox.exe (GetThemeSysSize) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7477320B)
[Address] EAT @firefox.exe (GetThemeSysString) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74772B3F)
[Address] EAT @firefox.exe (GetThemeTextExtent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74742D57)
[Address] EAT @firefox.exe (GetThemeTextMetrics) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474F992)
[Address] EAT @firefox.exe (GetThemeTransitionDuration) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74751081)
[Address] EAT @firefox.exe (GetWindowTheme) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474DF46)
[Address] EAT @firefox.exe (HitTestThemeBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74753CE3)
[Address] EAT @firefox.exe (IsAppThemed) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474F869)
[Address] EAT @firefox.exe (IsCompositionActive) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74742E9A)
[Address] EAT @firefox.exe (IsThemeActive) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474F785)
[Address] EAT @firefox.exe (IsThemeBackgroundPartiallyTransparent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747460AB)
[Address] EAT @firefox.exe (IsThemeDialogTextureEnabled) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7477312B)
[Address] EAT @firefox.exe (IsThemePartDefined) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747485B4)
[Address] EAT @firefox.exe (OpenThemeData) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747473D2)
[Address] EAT @firefox.exe (OpenThemeDataEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74763D43)
[Address] EAT @firefox.exe (SetThemeAppProperties) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74773296)
[Address] EAT @firefox.exe (SetWindowTheme) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74750134)
[Address] EAT @firefox.exe (SetWindowThemeAttribute) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7475CFE6)
[Address] EAT @firefox.exe (ThemeInitApiHook) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7474B176)
[Address] EAT @firefox.exe (UpdatePanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7477068D)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST950042 0AS SCSI Disk Device +++++
--- User ---
[MBR] a9549551af79dd8e558405c99bcf1c02
[BSP] 92cd5321ae758eef4deeae1a7a93e8af : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Nesprávná funkce. )

Dokončeno : << RKreport[0]_D_05032014_163509.txt >>
RKreport[0]_S_05032014_163455.txt
Nahoru
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod OTAS » 03 kvě 2014 16:52

16:42:00.0350 4784 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:42:10.0429 4784 ============================================================
16:42:10.0429 4784 Current date / time: 2014/05/03 16:42:10.0429
16:42:10.0429 4784 SystemInfo:
16:42:10.0429 4784
16:42:10.0429 4784 OS Version: 6.1.7601 ServicePack: 1.0
16:42:10.0429 4784 Product type: Workstation
16:42:10.0430 4784 ComputerName: ZOFKOVI-PC
16:42:10.0430 4784 UserName: Zofkovi
16:42:10.0431 4784 Windows directory: C:\Windows
16:42:10.0431 4784 System windows directory: C:\Windows
16:42:10.0431 4784 Processor architecture: Intel x86
16:42:10.0431 4784 Number of processors: 2
16:42:10.0431 4784 Page size: 0x1000
16:42:10.0431 4784 Boot type: Normal boot
16:42:10.0431 4784 ============================================================
16:42:17.0103 4784 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:42:17.0108 4784 ============================================================
16:42:17.0108 4784 \Device\Harddisk0\DR0:
16:42:17.0109 4784 MBR partitions:
16:42:17.0109 4784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:42:17.0109 4784 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:42:17.0109 4784 ============================================================
16:42:17.0167 4784 C: <-> \Device\Harddisk0\DR0\Partition2
16:42:17.0168 4784 ============================================================
16:42:17.0168 4784 Initialize success
16:42:17.0168 4784 ============================================================
16:42:46.0781 1276 ============================================================
16:42:46.0781 1276 Scan started
16:42:46.0781 1276 Mode: Manual;
16:42:46.0781 1276 ============================================================
16:42:47.0208 1276 ================ Scan system memory ========================
16:42:47.0208 1276 System memory - ok
16:42:47.0209 1276 ================ Scan services =============================
16:42:47.0392 1276 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:42:47.0396 1276 1394ohci - ok
16:42:47.0431 1276 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:42:47.0435 1276 ACPI - ok
16:42:47.0464 1276 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:42:47.0465 1276 AcpiPmi - ok
16:42:47.0536 1276 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:42:47.0540 1276 AdobeARMservice - ok
16:42:47.0627 1276 [ 7C7E868E1D8096ED08D80FF7712BB9D8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:42:47.0632 1276 AdobeFlashPlayerUpdateSvc - ok
16:42:47.0673 1276 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:42:47.0678 1276 adp94xx - ok
16:42:47.0700 1276 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:42:47.0705 1276 adpahci - ok
16:42:47.0728 1276 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:42:47.0732 1276 adpu320 - ok
16:42:47.0758 1276 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:42:47.0760 1276 AeLookupSvc - ok
16:42:47.0800 1276 [ 640C921EC74B53462969EF597FCC9129 ] AFBAgent C:\Windows\system32\FBAgent.exe
16:42:47.0817 1276 AFBAgent - ok
16:42:47.0857 1276 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
16:42:47.0862 1276 AFD - ok
16:42:47.0886 1276 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
16:42:47.0888 1276 agp440 - ok
16:42:47.0909 1276 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
16:42:47.0911 1276 aic78xx - ok
16:42:47.0938 1276 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:42:47.0942 1276 ALG - ok
16:42:47.0964 1276 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
16:42:47.0966 1276 aliide - ok
16:42:47.0986 1276 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:42:47.0988 1276 amdagp - ok
16:42:48.0009 1276 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
16:42:48.0011 1276 amdide - ok
16:42:48.0025 1276 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:42:48.0027 1276 AmdK8 - ok
16:42:48.0043 1276 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:42:48.0045 1276 AmdPPM - ok
16:42:48.0078 1276 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:42:48.0081 1276 amdsata - ok
16:42:48.0099 1276 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:42:48.0102 1276 amdsbs - ok
16:42:48.0118 1276 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:42:48.0120 1276 amdxata - ok
16:42:48.0150 1276 [ D2BF422C2611632AFB9CE8F7B2A8C306 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
16:42:48.0152 1276 AmUStor - ok
16:42:48.0176 1276 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
16:42:48.0178 1276 AppID - ok
16:42:48.0202 1276 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:42:48.0204 1276 AppIDSvc - ok
16:42:48.0231 1276 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
16:42:48.0234 1276 Appinfo - ok
16:42:48.0257 1276 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
16:42:48.0260 1276 AppMgmt - ok
16:42:48.0283 1276 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:42:48.0285 1276 arc - ok
16:42:48.0301 1276 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:42:48.0303 1276 arcsas - ok
16:42:48.0355 1276 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:42:48.0360 1276 ASLDRService - ok
16:42:48.0373 1276 [ B9FDFA552EBA5B4BF377F7CCEC9B8BC7 ] ASMMAP C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys
16:42:48.0375 1276 ASMMAP - ok
16:42:48.0515 1276 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:42:48.0517 1276 aspnet_state - ok
16:42:48.0536 1276 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:48.0537 1276 AsyncMac - ok
16:42:48.0564 1276 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
16:42:48.0565 1276 atapi - ok
16:42:48.0627 1276 [ B01751CC563AECAC09BBE36AAA21FBEF ] athr C:\Windows\system32\DRIVERS\athr.sys
16:42:48.0643 1276 athr - ok
16:42:48.0683 1276 [ 63F1212FFE13E62CA1E8D8EE19ABD9A7 ] ATKGFNEXSrv C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:42:48.0687 1276 ATKGFNEXSrv - ok
16:42:48.0721 1276 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:42:48.0740 1276 AudioEndpointBuilder - ok
16:42:48.0755 1276 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:42:48.0762 1276 Audiosrv - ok
16:42:48.0816 1276 [ 6FDDD18A650764A59302A018765E5521 ] AVP C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
16:42:48.0822 1276 AVP - ok
16:42:48.0850 1276 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:42:48.0852 1276 AxInstSV - ok
16:42:48.0877 1276 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
16:42:48.0883 1276 b06bdrv - ok
16:42:48.0912 1276 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:42:48.0916 1276 b57nd60x - ok
16:42:48.0953 1276 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:42:48.0955 1276 BDESVC - ok
16:42:48.0966 1276 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:42:48.0967 1276 Beep - ok
16:42:49.0009 1276 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
16:42:49.0026 1276 BFE - ok
16:42:49.0083 1276 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
16:42:49.0110 1276 BITS - ok
16:42:49.0126 1276 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:42:49.0128 1276 blbdrive - ok
16:42:49.0157 1276 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:42:49.0159 1276 bowser - ok
16:42:49.0180 1276 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:42:49.0182 1276 BrFiltLo - ok
16:42:49.0195 1276 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:42:49.0196 1276 BrFiltUp - ok
16:42:49.0216 1276 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
16:42:49.0221 1276 Browser - ok
16:42:49.0247 1276 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:42:49.0252 1276 Brserid - ok
16:42:49.0273 1276 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:49.0275 1276 BrSerWdm - ok
16:42:49.0291 1276 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:49.0293 1276 BrUsbMdm - ok
16:42:49.0303 1276 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:49.0305 1276 BrUsbSer - ok
16:42:49.0381 1276 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:42:49.0382 1276 BthEnum - ok
16:42:49.0403 1276 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:42:49.0404 1276 BTHMODEM - ok
16:42:49.0433 1276 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:42:49.0436 1276 BthPan - ok
16:42:49.0489 1276 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:42:49.0495 1276 BTHPORT - ok
16:42:49.0521 1276 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:42:49.0523 1276 bthserv - ok
16:42:49.0547 1276 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:42:49.0549 1276 BTHUSB - ok
16:42:49.0577 1276 [ 92C5B845803F3662637EB691AC0B250F ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
16:42:49.0580 1276 btusbflt - ok
16:42:49.0678 1276 [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:42:49.0680 1276 btwaudio - ok
16:42:49.0737 1276 [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
16:42:49.0740 1276 btwavdt - ok
16:42:49.0853 1276 [ F7434401AE320BB97903A3C1865242FB ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:42:49.0866 1276 btwdins - ok
16:42:49.0924 1276 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:42:49.0926 1276 btwl2cap - ok
16:42:49.0940 1276 [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:42:49.0941 1276 btwrchid - ok
16:42:49.0956 1276 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:42:49.0958 1276 cdfs - ok
16:42:49.0994 1276 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:42:49.0998 1276 cdrom - ok
16:42:50.0026 1276 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
16:42:50.0028 1276 CertPropSvc - ok
16:42:50.0049 1276 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:42:50.0051 1276 circlass - ok
16:42:50.0075 1276 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:42:50.0079 1276 CLFS - ok
16:42:50.0137 1276 [ DB26C2BA2AC0AB6BE1CFA59F61CE22DA ] CLHNServiceForPowerDVD C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
16:42:50.0140 1276 CLHNServiceForPowerDVD - ok
16:42:50.0181 1276 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:50.0186 1276 clr_optimization_v2.0.50727_32 - ok
16:42:50.0211 1276 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:42:50.0215 1276 clr_optimization_v4.0.30319_32 - ok
16:42:50.0234 1276 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:42:50.0236 1276 CmBatt - ok
16:42:50.0263 1276 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:42:50.0265 1276 cmdide - ok
16:42:50.0300 1276 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
16:42:50.0305 1276 CNG - ok
16:42:50.0320 1276 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:42:50.0321 1276 Compbatt - ok
16:42:50.0347 1276 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:42:50.0349 1276 CompositeBus - ok
16:42:50.0359 1276 COMSysApp - ok
16:42:50.0389 1276 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:42:50.0390 1276 crcdisk - ok
16:42:50.0423 1276 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:42:50.0428 1276 CryptSvc - ok
16:42:50.0458 1276 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
16:42:50.0463 1276 CSC - ok
16:42:50.0505 1276 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
16:42:50.0517 1276 CscService - ok
16:42:50.0646 1276 [ E27D60E5A51EEDF9A57F5B69A9A6457D ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
16:42:50.0650 1276 CyberLink PowerDVD 11.0 Monitor Service - ok
16:42:50.0696 1276 [ 857943A77B06AC056771A3B12CD318DD ] CyberLink PowerDVD 11.0 Service C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
16:42:50.0700 1276 CyberLink PowerDVD 11.0 Service - ok
16:42:50.0731 1276 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:42:50.0743 1276 DcomLaunch - ok
16:42:51.0115 1276 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:42:51.0121 1276 defragsvc - ok
16:42:51.0150 1276 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:42:51.0153 1276 DfsC - ok
16:42:51.0181 1276 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:42:51.0189 1276 Dhcp - ok
16:42:51.0214 1276 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:42:51.0216 1276 discache - ok
16:42:51.0234 1276 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:42:51.0236 1276 Disk - ok
16:42:51.0266 1276 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:42:51.0272 1276 Dnscache - ok
16:42:51.0302 1276 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
16:42:51.0306 1276 dot3svc - ok
16:42:51.0336 1276 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
16:42:51.0342 1276 DPS - ok
16:42:51.0389 1276 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:42:51.0391 1276 drmkaud - ok
16:42:51.0432 1276 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:42:51.0444 1276 DXGKrnl - ok
16:42:51.0479 1276 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:42:51.0485 1276 EapHost - ok
16:42:51.0586 1276 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
16:42:51.0628 1276 ebdrv - ok
16:42:51.0660 1276 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
16:42:51.0666 1276 EFS - ok
16:42:51.0717 1276 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:42:51.0724 1276 ehRecvr - ok
16:42:51.0749 1276 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:42:51.0751 1276 ehSched - ok
16:42:51.0786 1276 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:42:51.0791 1276 elxstor - ok
16:42:51.0819 1276 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:42:51.0820 1276 ErrDev - ok
16:42:51.0855 1276 [ C49C486405F131EEFC2556EDE9B9CE8E ] ETD C:\Windows\system32\DRIVERS\ETD.sys
16:42:51.0857 1276 ETD - ok
16:42:51.0895 1276 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:42:51.0904 1276 EventSystem - ok
16:42:51.0924 1276 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:42:51.0927 1276 exfat - ok
16:42:51.0947 1276 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:42:51.0950 1276 fastfat - ok
16:42:51.0975 1276 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
16:42:51.0983 1276 Fax - ok
16:42:52.0011 1276 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:42:52.0014 1276 fdc - ok
16:42:52.0035 1276 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:42:52.0038 1276 fdPHost - ok
16:42:52.0050 1276 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:42:52.0053 1276 FDResPub - ok
16:42:52.0071 1276 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:42:52.0073 1276 FileInfo - ok
16:42:52.0092 1276 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:42:52.0093 1276 Filetrace - ok
16:42:52.0126 1276 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:42:52.0127 1276 flpydisk - ok
16:42:52.0153 1276 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:42:52.0156 1276 FltMgr - ok
16:42:52.0225 1276 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
16:42:52.0260 1276 FontCache - ok
16:42:52.0329 1276 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:42:52.0331 1276 FontCache3.0.0.0 - ok
16:42:52.0348 1276 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:42:52.0350 1276 FsDepends - ok
16:42:52.0372 1276 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:42:52.0374 1276 Fs_Rec - ok
16:42:52.0404 1276 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:42:52.0407 1276 fvevol - ok
16:42:52.0426 1276 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:42:52.0428 1276 gagp30kx - ok
16:42:52.0534 1276 [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
16:42:52.0540 1276 Garmin Core Update Service - ok
16:42:52.0566 1276 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
16:42:52.0567 1276 ggflt - ok
16:42:52.0584 1276 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
16:42:52.0586 1276 ggsemc - ok
16:42:52.0633 1276 [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
16:42:52.0635 1276 ghaio - ok
16:42:52.0670 1276 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
16:42:52.0689 1276 gpsvc - ok
16:42:52.0720 1276 [ 6003BC70F1A8307262BD3C941BDA0B7E ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
16:42:52.0721 1276 grmnusb - ok
16:42:52.0750 1276 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:42:52.0753 1276 gupdate - ok
16:42:52.0767 1276 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:42:52.0769 1276 gupdatem - ok
16:42:52.0794 1276 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:42:52.0795 1276 hcw85cir - ok
16:42:52.0830 1276 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:42:52.0835 1276 HdAudAddService - ok
16:42:52.0854 1276 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:42:52.0856 1276 HDAudBus - ok
16:42:52.0877 1276 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:42:52.0878 1276 HidBatt - ok
16:42:52.0901 1276 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:42:52.0903 1276 HidBth - ok
16:42:52.0923 1276 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:42:52.0925 1276 HidIr - ok
16:42:52.0953 1276 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:42:52.0958 1276 hidserv - ok
16:42:52.0992 1276 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:42:52.0993 1276 HidUsb - ok
16:42:53.0016 1276 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:42:53.0020 1276 hkmsvc - ok
16:42:53.0051 1276 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:53.0056 1276 HomeGroupListener - ok
16:42:53.0089 1276 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:53.0098 1276 HomeGroupProvider - ok
16:42:53.0125 1276 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:42:53.0127 1276 HpSAMD - ok
16:42:53.0160 1276 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:42:53.0168 1276 HTTP - ok
16:42:53.0192 1276 [ C1258ADCBE6E51A3C06C234D2BDB81B5 ] Huawei C:\Windows\system32\DRIVERS\ewdcsc.sys
16:42:53.0193 1276 Huawei - ok
16:42:53.0230 1276 [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:42:53.0232 1276 hwdatacard - ok
16:42:53.0260 1276 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:42:53.0263 1276 hwpolicy - ok
16:42:53.0297 1276 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
16:42:53.0299 1276 hwusbdev - ok
16:42:53.0327 1276 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:42:53.0330 1276 i8042prt - ok
16:42:53.0367 1276 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:42:53.0372 1276 iaStorV - ok
16:42:53.0417 1276 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:42:53.0429 1276 idsvc - ok
16:42:53.0491 1276 IEEtwCollectorService - ok
16:42:53.0525 1276 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:42:53.0526 1276 iirsp - ok
16:42:53.0579 1276 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
16:42:53.0584 1276 IJPLMSVC - ok
16:42:53.0637 1276 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
16:42:53.0665 1276 IKEEXT - ok
16:42:53.0771 1276 [ F540BD2DB864551684E548233F0F297E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:42:53.0807 1276 IntcAzAudAddService - ok
16:42:53.0843 1276 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
16:42:53.0845 1276 intelide - ok
16:42:53.0861 1276 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:42:53.0864 1276 intelppm - ok
16:42:53.0892 1276 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:42:53.0897 1276 IPBusEnum - ok
16:42:53.0914 1276 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:53.0916 1276 IpFilterDriver - ok
16:42:53.0955 1276 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:42:53.0974 1276 iphlpsvc - ok
16:42:54.0001 1276 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:42:54.0004 1276 IPMIDRV - ok
16:42:54.0030 1276 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:42:54.0033 1276 IPNAT - ok
16:42:54.0041 1276 ipswuio - ok
16:42:54.0063 1276 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:42:54.0065 1276 IRENUM - ok
16:42:54.0081 1276 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:42:54.0083 1276 isapnp - ok
16:42:54.0119 1276 [ EB34CE31FABD4DC4343FD2AD16D2CAF9 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:42:54.0123 1276 iScsiPrt - ok
16:42:54.0140 1276 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:42:54.0143 1276 kbdclass - ok
16:42:54.0164 1276 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:42:54.0165 1276 kbdhid - ok
16:42:54.0196 1276 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
16:42:54.0198 1276 kbfiltr - ok
16:42:54.0210 1276 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
16:42:54.0214 1276 KeyIso - ok
16:42:54.0273 1276 [ 0C78F66259B312DA2A2B565659FD5EBF ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
16:42:54.0276 1276 KL1 - ok
16:42:54.0348 1276 [ 7F1EC06AE3A9E263E5588667DC16DBA7 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
16:42:54.0355 1276 KLIF - ok
16:42:54.0391 1276 [ EA32C661DB397A4F8FCB3FC5C6AE1C8F ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
16:42:54.0393 1276 KLIM6 - ok
16:42:54.0414 1276 [ 5447813494C727E80119520ABBAA9224 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
16:42:54.0415 1276 klkbdflt - ok
16:42:54.0434 1276 [ 7B6774A2D4C6B9CF818D858D623BB9C1 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
16:42:54.0435 1276 klmouflt - ok
16:42:54.0455 1276 [ 378FD5C977D56D08AF4316F815B35FD6 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
16:42:54.0457 1276 kltdi - ok
16:42:54.0499 1276 [ 1C488D4B7808D20C382A0D54F72DF01C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
16:42:54.0502 1276 kneps - ok
16:42:54.0546 1276 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:42:54.0549 1276 KSecDD - ok
16:42:54.0585 1276 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:42:54.0588 1276 KSecPkg - ok
16:42:54.0619 1276 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:42:54.0625 1276 KtmRm - ok
16:42:54.0666 1276 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
16:42:54.0682 1276 LanmanServer - ok
16:42:54.0701 1276 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:54.0709 1276 LanmanWorkstation - ok
16:42:54.0752 1276 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:42:54.0754 1276 lltdio - ok
16:42:54.0810 1276 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:42:54.0816 1276 lltdsvc - ok
16:42:54.0836 1276 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:42:54.0841 1276 lmhosts - ok
16:42:54.0880 1276 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:42:54.0883 1276 LSI_FC - ok
16:42:54.0903 1276 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:42:54.0905 1276 LSI_SAS - ok
16:42:54.0930 1276 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:42:54.0932 1276 LSI_SAS2 - ok
16:42:54.0956 1276 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:42:54.0958 1276 LSI_SCSI - ok
16:42:54.0980 1276 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:42:54.0982 1276 luafv - ok
16:42:55.0148 1276 [ 0C6EA0109CFEDF441F06D031E9A8D1A9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:42:55.0149 1276 MBAMProtector - ok
16:42:55.0420 1276 [ 0E08BDD7326E657D59DB40BAD23D8169 ] MBAMScheduler C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
16:42:55.0472 1276 MBAMScheduler - ok
16:42:55.0529 1276 [ A8E7F3DB083EB0839DFC1C763CDD2594 ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
16:42:55.0555 1276 MBAMService - ok
16:42:55.0621 1276 [ 661B911FA04E73FB073FF9B1C9BD2E05 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:42:55.0623 1276 MBAMSwissArmy - ok
16:42:55.0696 1276 [ 18898A87CBA96DEA2074C19E140938A8 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:42:55.0700 1276 MBAMWebAccessControl - ok
16:42:55.0734 1276 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
16:42:55.0742 1276 McciCMService - ok
16:42:55.0772 1276 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:42:55.0777 1276 Mcx2Svc - ok
16:42:55.0809 1276 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:42:55.0811 1276 megasas - ok
16:42:55.0832 1276 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:42:55.0836 1276 MegaSR - ok
16:42:55.0890 1276 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:42:55.0892 1276 Microsoft Office Groove Audit Service - ok
16:42:55.0919 1276 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:42:55.0924 1276 MMCSS - ok
16:42:55.0941 1276 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:42:55.0943 1276 Modem - ok
16:42:55.0963 1276 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:42:55.0965 1276 monitor - ok
16:42:55.0993 1276 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:42:55.0995 1276 mouclass - ok
16:42:56.0038 1276 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:42:56.0041 1276 mouhid - ok
16:42:56.0074 1276 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:42:56.0077 1276 mountmgr - ok
16:42:56.0108 1276 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
16:42:56.0111 1276 mpio - ok
16:42:56.0133 1276 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:42:56.0135 1276 mpsdrv - ok
16:42:56.0209 1276 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:42:56.0246 1276 MpsSvc - ok
16:42:56.0473 1276 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
16:42:56.0474 1276 MREMP50 - ok
16:42:56.0483 1276 MREMP50a64 - ok
16:42:56.0498 1276 MREMPR5 - ok
16:42:56.0510 1276 MRENDIS5 - ok
16:42:56.0540 1276 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
16:42:56.0541 1276 MRESP50 - ok
16:42:56.0550 1276 MRESP50a64 - ok
16:42:56.0588 1276 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:42:56.0590 1276 MRxDAV - ok
16:42:56.0624 1276 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:42:56.0627 1276 mrxsmb - ok
16:42:56.0660 1276 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:42:56.0665 1276 mrxsmb10 - ok
16:42:56.0685 1276 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:42:56.0688 1276 mrxsmb20 - ok
16:42:56.0721 1276 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
16:42:56.0723 1276 msahci - ok
16:42:56.0742 1276 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:42:56.0746 1276 msdsm - ok
16:42:56.0764 1276 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:42:56.0770 1276 MSDTC - ok
16:42:56.0817 1276 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:42:56.0819 1276 Msfs - ok
16:42:56.0843 1276 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:42:56.0846 1276 mshidkmdf - ok
16:42:56.0874 1276 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:42:56.0875 1276 msisadrv - ok
16:42:56.0910 1276 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:42:56.0915 1276 MSiSCSI - ok
16:42:56.0926 1276 msiserver - ok
16:42:56.0983 1276 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:42:56.0984 1276 MSKSSRV - ok
16:42:57.0005 1276 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:42:57.0007 1276 MSPCLOCK - ok
16:42:57.0025 1276 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:42:57.0027 1276 MSPQM - ok
16:42:57.0056 1276 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:42:57.0060 1276 MsRPC - ok
16:42:57.0096 1276 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:42:57.0097 1276 mssmbios - ok
16:42:57.0110 1276 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:42:57.0113 1276 MSTEE - ok
16:42:57.0126 1276 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:42:57.0128 1276 MTConfig - ok
16:42:57.0156 1276 [ 2E71504A74BE4E3D4EA94568EFF7556E ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
16:42:57.0157 1276 MTsensor - ok
16:42:57.0171 1276 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:42:57.0173 1276 Mup - ok
16:42:57.0230 1276 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
16:42:57.0238 1276 napagent - ok
16:42:57.0260 1276 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:42:57.0265 1276 NativeWifiP - ok
16:42:57.0309 1276 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:42:57.0320 1276 NDIS - ok
16:42:57.0344 1276 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:42:57.0347 1276 NdisCap - ok
16:42:57.0363 1276 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:42:57.0365 1276 NdisTapi - ok
16:42:57.0390 1276 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:42:57.0392 1276 Ndisuio - ok
16:42:57.0424 1276 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:42:57.0427 1276 NdisWan - ok
16:42:57.0452 1276 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:42:57.0454 1276 NDProxy - ok
16:42:57.0472 1276 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:42:57.0473 1276 NetBIOS - ok
16:42:57.0504 1276 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:42:57.0507 1276 NetBT - ok
16:42:57.0527 1276 [ 803B370865D907EA21DC0C2B6A8936B5 ] Netlogon C:\Windows\system32\lsass.exe
16:42:57.0531 1276 Netlogon - ok
16:42:57.0570 1276 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:42:57.0587 1276 Netman - ok
16:42:57.0652 1276 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:42:57.0665 1276 NetMsmqActivator - ok
16:42:57.0692 1276 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:42:57.0696 1276 NetPipeActivator - ok
16:42:57.0727 1276 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:42:57.0747 1276 netprofm - ok
16:42:57.0775 1276 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:42:57.0778 1276 NetTcpActivator - ok
16:42:57.0791 1276 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:42:57.0794 1276 NetTcpPortSharing - ok
16:42:57.0823 1276 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:42:57.0825 1276 nfrd960 - ok
16:42:57.0863 1276 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:42:57.0878 1276 NlaSvc - ok
16:42:57.0902 1276 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:42:57.0904 1276 Npfs - ok
16:42:57.0920 1276 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:42:57.0926 1276 nsi - ok
16:42:57.0944 1276 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:42:57.0947 1276 nsiproxy - ok
16:42:58.0008 1276 [ C8DFF8D07755A66C7A4A738930F0FEAC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:42:58.0024 1276 Ntfs - ok
16:42:58.0079 1276 [ 170EE229D4DEF31DBE95348C9A88FE74 ] ntk_PowerDVD C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys
16:42:58.0081 1276 ntk_PowerDVD - ok
16:42:58.0104 1276 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:42:58.0105 1276 Null - ok
16:42:58.0135 1276 [ FBEC0FD36ED61EFEE1E3063281EAB984 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
16:42:58.0139 1276 NVHDA - ok
16:42:58.0404 1276 [ 054559C7155EAE6F4D8063174D3066B7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:42:58.0528 1276 nvlddmkm - ok
16:42:58.0563 1276 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:42:58.0565 1276 nvraid - ok
16:42:58.0597 1276 [ 02A9F366BCB94B286E34825B2094CB38 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
16:42:58.0599 1276 nvsmu - ok
16:42:58.0632 1276 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:42:58.0635 1276 nvstor - ok
16:42:58.0670 1276 [ 3EBA5767211C34923584AAB02E7C1A20 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys
16:42:58.0673 1276 nvstor32 - ok
16:42:58.0709 1276 [ A57002E448D6BFCE2111FAA7F47FC584 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:42:58.0736 1276 nvsvc - ok
16:42:58.0768 1276 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:42:58.0771 1276 nv_agp - ok
16:42:58.0833 1276 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:42:58.0839 1276 odserv - ok
16:42:58.0865 1276 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:42:58.0868 1276 ohci1394 - ok
16:42:58.0896 1276 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:42:58.0899 1276 ose - ok
16:42:58.0940 1276 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:42:58.0948 1276 p2pimsvc - ok
16:42:58.0986 1276 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:42:58.0993 1276 p2psvc - ok
16:42:59.0034 1276 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:42:59.0036 1276 Parport - ok
16:42:59.0070 1276 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:42:59.0071 1276 partmgr - ok
16:42:59.0089 1276 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:42:59.0091 1276 Parvdm - ok
16:42:59.0114 1276 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:42:59.0122 1276 PcaSvc - ok
16:42:59.0136 1276 pccsmcfd - ok
16:42:59.0165 1276 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
16:42:59.0168 1276 pci - ok
16:42:59.0191 1276 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
16:42:59.0193 1276 pciide - ok
16:42:59.0219 1276 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:42:59.0222 1276 pcmcia - ok
16:42:59.0241 1276 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:42:59.0243 1276 pcw - ok
16:42:59.0278 1276 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:42:59.0286 1276 PEAUTH - ok
16:42:59.0339 1276 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:42:59.0354 1276 PeerDistSvc - ok
16:42:59.0445 1276 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
16:42:59.0465 1276 pla - ok
16:42:59.0531 1276 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:42:59.0550 1276 PlugPlay - ok
16:42:59.0569 1276 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:42:59.0574 1276 PNRPAutoReg - ok
16:42:59.0591 1276 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:42:59.0600 1276 PNRPsvc - ok
16:42:59.0631 1276 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:42:59.0641 1276 PolicyAgent - ok
16:42:59.0687 1276 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
16:42:59.0696 1276 Power - ok
16:42:59.0722 1276 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
Nahoru
OTAS
Level 3
Level 3
Příspěvky: 484
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod OTAS » 03 kvě 2014 16:53

16:42:59.0724 1276 PptpMiniport - ok
16:42:59.0748 1276 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:42:59.0750 1276 Processor - ok
16:42:59.0785 1276 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
16:42:59.0793 1276 ProfSvc - ok
16:42:59.0812 1276 [ 803B370865D907EA21DC0C2B6A8936B5 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:42:59.0816 1276 ProtectedStorage - ok
16:42:59.0841 1276 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:42:59.0844 1276 Psched - ok
16:42:59.0895 1276 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:42:59.0910 1276 ql2300 - ok
16:42:59.0936 1276 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:42:59.0939 1276 ql40xx - ok
16:42:59.0969 1276 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:42:59.0976 1276 QWAVE - ok
16:43:00.0001 1276 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:43:00.0004 1276 QWAVEdrv - ok
16:43:00.0028 1276 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:43:00.0030 1276 RasAcd - ok
16:43:00.0062 1276 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:43:00.0063 1276 RasAgileVpn - ok
16:43:00.0080 1276 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:43:00.0086 1276 RasAuto - ok
16:43:00.0111 1276 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:43:00.0114 1276 Rasl2tp - ok
16:43:00.0184 1276 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
16:43:00.0200 1276 RasMan - ok
16:43:00.0224 1276 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:43:00.0228 1276 RasPppoe - ok
16:43:00.0253 1276 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:43:00.0255 1276 RasSstp - ok
16:43:00.0280 1276 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:43:00.0283 1276 rdbss - ok
16:43:00.0307 1276 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:43:00.0309 1276 rdpbus - ok
16:43:00.0336 1276 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:43:00.0338 1276 RDPCDD - ok
16:43:00.0371 1276 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:43:00.0373 1276 RDPDR - ok
16:43:00.0398 1276 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:43:00.0400 1276 RDPENCDD - ok
16:43:00.0422 1276 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:43:00.0424 1276 RDPREFMP - ok
16:43:00.0516 1276 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:43:00.0518 1276 RdpVideoMiniport - ok
16:43:00.0562 1276 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:43:00.0565 1276 RDPWD - ok
16:43:00.0605 1276 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:43:00.0608 1276 rdyboost - ok
16:43:00.0657 1276 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:43:00.0662 1276 RemoteAccess - ok
16:43:00.0695 1276 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:43:00.0701 1276 RemoteRegistry - ok
16:43:00.0733 1276 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:43:00.0736 1276 RFCOMM - ok
16:43:00.0768 1276 [ 906DCFC5EBF4EC0433F8D4FFFB0BA334 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
16:43:00.0771 1276 RMCAST - ok
16:43:00.0792 1276 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:43:00.0800 1276 RpcEptMapper - ok
16:43:00.0831 1276 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:43:00.0835 1276 RpcLocator - ok
16:43:00.0862 1276 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
16:43:00.0871 1276 RpcSs - ok
16:43:00.0900 1276 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
16:43:00.0902 1276 RRNetCap - ok
16:43:00.0925 1276 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
16:43:00.0927 1276 RRNetCapMP - ok
16:43:00.0958 1276 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:43:00.0961 1276 rspndr - ok
16:43:01.0033 1276 [ FA25836EE747B6057FB137373F8AAB02 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
16:43:01.0040 1276 RtkAudioService - ok
16:43:01.0083 1276 [ 9960143FF7DFE7C3A4A100EF05E5545E ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
16:43:01.0093 1276 RTL8167 - ok
16:43:01.0123 1276 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:43:01.0125 1276 s3cap - ok
16:43:01.0149 1276 [ 803B370865D907EA21DC0C2B6A8936B5 ] SamSs C:\Windows\system32\lsass.exe
16:43:01.0153 1276 SamSs - ok
16:43:01.0175 1276 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:43:01.0178 1276 sbp2port - ok
16:43:01.0213 1276 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:43:01.0219 1276 SCardSvr - ok
16:43:01.0240 1276 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:43:01.0242 1276 scfilter - ok
16:43:01.0286 1276 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
16:43:01.0316 1276 Schedule - ok
16:43:01.0346 1276 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:43:01.0350 1276 SCPolicySvc - ok
16:43:01.0373 1276 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:43:01.0381 1276 SDRSVC - ok
16:43:01.0406 1276 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:43:01.0408 1276 secdrv - ok
16:43:01.0433 1276 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:43:01.0439 1276 seclogon - ok
16:43:01.0461 1276 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:43:01.0469 1276 SENS - ok
16:43:01.0494 1276 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:43:01.0500 1276 SensrSvc - ok
16:43:01.0537 1276 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:43:01.0539 1276 Serenum - ok
16:43:01.0565 1276 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:43:01.0567 1276 Serial - ok
16:43:01.0590 1276 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:43:01.0592 1276 sermouse - ok
16:43:01.0662 1276 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
16:43:01.0668 1276 SessionEnv - ok
16:43:01.0691 1276 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:43:01.0693 1276 sffdisk - ok
16:43:01.0717 1276 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:43:01.0719 1276 sffp_mmc - ok
16:43:01.0744 1276 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:43:01.0746 1276 sffp_sd - ok
16:43:01.0765 1276 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:43:01.0766 1276 sfloppy - ok
16:43:01.0832 1276 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:43:01.0841 1276 SharedAccess - ok
16:43:01.0891 1276 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:43:01.0912 1276 ShellHWDetection - ok
16:43:01.0935 1276 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:43:01.0937 1276 sisagp - ok
16:43:01.0962 1276 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:43:01.0964 1276 SiSRaid2 - ok
16:43:01.0991 1276 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:43:01.0995 1276 SiSRaid4 - ok
16:43:02.0039 1276 [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:43:02.0042 1276 SkypeUpdate - ok
16:43:02.0068 1276 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:43:02.0070 1276 Smb - ok
16:43:02.0119 1276 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:43:02.0124 1276 SNMPTRAP - ok
16:43:02.0145 1276 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:43:02.0147 1276 spldr - ok
16:43:02.0172 1276 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
16:43:02.0176 1276 spmgr - ok
16:43:02.0211 1276 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
16:43:02.0230 1276 Spooler - ok
16:43:02.0343 1276 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
16:43:02.0384 1276 sppsvc - ok
16:43:02.0425 1276 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:43:02.0432 1276 sppuinotify - ok
16:43:02.0475 1276 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
16:43:02.0476 1276 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
16:43:02.0487 1276 sptd ( LockedFile.Multi.Generic ) - warning
16:43:02.0488 1276 sptd - detected LockedFile.Multi.Generic (1)
16:43:02.0580 1276 [ EDA1C8CA4C40B6917CD68C957A8AB885 ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv.sys
16:43:02.0605 1276 SPUVCbv - ok
16:43:02.0658 1276 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:43:02.0663 1276 srv - ok
16:43:02.0729 1276 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:43:02.0733 1276 srv2 - ok
16:43:02.0757 1276 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:43:02.0760 1276 srvnet - ok
16:43:02.0796 1276 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:43:02.0813 1276 SSDPSRV - ok
16:43:02.0842 1276 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:43:02.0850 1276 SstpSvc - ok
16:43:02.0882 1276 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:43:02.0884 1276 stexstor - ok
16:43:02.0923 1276 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
16:43:02.0955 1276 StiSvc - ok
16:43:02.0978 1276 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:43:02.0981 1276 storflt - ok
16:43:03.0005 1276 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:43:03.0007 1276 storvsc - ok
16:43:03.0040 1276 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
16:43:03.0042 1276 swenum - ok
16:43:03.0072 1276 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:43:03.0082 1276 swprv - ok
16:43:03.0096 1276 Synth3dVsc - ok
16:43:03.0148 1276 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
16:43:03.0190 1276 SysMain - ok
16:43:03.0219 1276 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:43:03.0225 1276 TabletInputService - ok
16:43:03.0261 1276 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
16:43:03.0277 1276 TapiSrv - ok
16:43:03.0312 1276 [ D7F411C5AF992BB44E86083A6AA7B045 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
16:43:03.0315 1276 tbhsd - ok
16:43:03.0342 1276 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:43:03.0349 1276 TBS - ok
16:43:03.0407 1276 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:43:03.0422 1276 Tcpip - ok
16:43:03.0473 1276 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:43:03.0489 1276 TCPIP6 - ok
16:43:03.0535 1276 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:43:03.0537 1276 tcpipreg - ok
16:43:03.0583 1276 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:43:03.0585 1276 TDPIPE - ok
16:43:03.0614 1276 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:43:03.0616 1276 TDTCP - ok
16:43:03.0693 1276 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:43:03.0695 1276 tdx - ok
16:43:03.0735 1276 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:43:03.0737 1276 TermDD - ok
16:43:03.0818 1276 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
16:43:03.0829 1276 TermService - ok
16:43:03.0874 1276 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:43:03.0882 1276 Themes - ok
16:43:03.0914 1276 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:43:03.0918 1276 THREADORDER - ok
16:43:03.0990 1276 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:43:03.0998 1276 TrkWks - ok
16:43:04.0089 1276 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:43:04.0092 1276 TrustedInstaller - ok
16:43:04.0132 1276 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:43:04.0134 1276 tssecsrv - ok
16:43:04.0192 1276 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:43:04.0195 1276 TsUsbFlt - ok
16:43:04.0209 1276 tsusbhub - ok
16:43:04.0254 1276 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:43:04.0256 1276 tunnel - ok
16:43:04.0298 1276 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:43:04.0300 1276 uagp35 - ok
16:43:04.0344 1276 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:43:04.0348 1276 udfs - ok
16:43:04.0414 1276 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:43:04.0420 1276 UI0Detect - ok
16:43:04.0468 1276 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:43:04.0470 1276 uliagpkx - ok
16:43:04.0519 1276 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
16:43:04.0522 1276 umbus - ok
16:43:04.0544 1276 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:43:04.0546 1276 UmPass - ok
16:43:04.0605 1276 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
16:43:04.0615 1276 UmRdpService - ok
16:43:04.0642 1276 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:43:04.0661 1276 upnphost - ok
16:43:04.0691 1276 [ 0803FBA9FE829D61AE26EC0BCC910C46 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:43:04.0694 1276 usbccgp - ok
16:43:04.0731 1276 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:43:04.0734 1276 usbcir - ok
16:43:04.0757 1276 [ D40855F89B69305140BBD7E9A3BA2DA6 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:43:04.0759 1276 usbehci - ok
16:43:04.0798 1276 [ EDF2DF71C4F1E13A6AC75F5224DE655A ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:43:04.0802 1276 usbhub - ok
16:43:04.0831 1276 [ 9828C8D14CC2676421778F0DE638CF97 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:43:04.0833 1276 usbohci - ok
16:43:04.0861 1276 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:43:04.0863 1276 usbprint - ok
16:43:04.0913 1276 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\Windows\system32\drivers\usbscan.sys
16:43:04.0915 1276 usbscan - ok
16:43:04.0937 1276 [ 007C0C8D5B01D82ACEB70431D15083F6 ] usbser C:\Windows\system32\drivers\usbser.sys
16:43:04.0939 1276 usbser - ok
16:43:04.0968 1276 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:43:04.0970 1276 USBSTOR - ok
16:43:05.0008 1276 [ 800AABFD625EEFF899F7E5496BDE37AB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:43:05.0010 1276 usbuhci - ok
16:43:05.0059 1276 [ DE014425522610BEDCA3821BB8C0F1D5 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:43:05.0064 1276 usbvideo - ok
16:43:05.0115 1276 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:43:05.0125 1276 UxSms - ok
16:43:05.0159 1276 [ 803B370865D907EA21DC0C2B6A8936B5 ] VaultSvc C:\Windows\system32\lsass.exe
16:43:05.0164 1276 VaultSvc - ok
16:43:05.0187 1276 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:43:05.0189 1276 vdrvroot - ok
16:43:05.0238 1276 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
16:43:05.0249 1276 vds - ok
16:43:05.0277 1276 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:43:05.0279 1276 vga - ok
16:43:05.0357 1276 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:43:05.0359 1276 VgaSave - ok
16:43:05.0373 1276 VGPU - ok
16:43:05.0454 1276 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:43:05.0457 1276 vhdmp - ok
16:43:05.0490 1276 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:43:05.0493 1276 viaagp - ok
16:43:05.0532 1276 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
16:43:05.0534 1276 ViaC7 - ok
16:43:05.0575 1276 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
16:43:05.0577 1276 viaide - ok
16:43:05.0608 1276 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:43:05.0612 1276 vmbus - ok
16:43:05.0638 1276 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:43:05.0640 1276 VMBusHID - ok
16:43:05.0670 1276 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:43:05.0672 1276 volmgr - ok
16:43:05.0723 1276 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:43:05.0727 1276 volmgrx - ok
16:43:05.0776 1276 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:43:05.0780 1276 volsnap - ok
16:43:05.0811 1276 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:43:05.0814 1276 vsmraid - ok
16:43:05.0906 1276 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
16:43:05.0921 1276 VSS - ok
16:43:05.0942 1276 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:43:05.0944 1276 vwifibus - ok
16:43:05.0972 1276 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:43:05.0974 1276 vwififlt - ok
16:43:05.0999 1276 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:43:06.0001 1276 vwifimp - ok
16:43:06.0080 1276 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:43:06.0126 1276 W32Time - ok
16:43:06.0167 1276 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:43:06.0169 1276 WacomPen - ok
16:43:06.0203 1276 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:43:06.0205 1276 WANARP - ok
16:43:06.0229 1276 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:43:06.0231 1276 Wanarpv6 - ok
16:43:06.0350 1276 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:43:06.0365 1276 WatAdminSvc - ok
16:43:06.0498 1276 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
16:43:06.0516 1276 wbengine - ok
16:43:06.0583 1276 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:43:06.0590 1276 WbioSrvc - ok
16:43:06.0642 1276 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:43:06.0651 1276 wcncsvc - ok
16:43:06.0684 1276 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:43:06.0690 1276 WcsPlugInService - ok
16:43:06.0731 1276 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:43:06.0733 1276 Wd - ok
16:43:06.0775 1276 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:43:06.0782 1276 Wdf01000 - ok
16:43:06.0853 1276 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:43:06.0861 1276 WdiServiceHost - ok
16:43:06.0877 1276 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:43:06.0883 1276 WdiSystemHost - ok
16:43:06.0923 1276 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\Windows\System32\webclnt.dll
16:43:06.0932 1276 WebClient - ok
16:43:06.0959 1276 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:43:06.0967 1276 Wecsvc - ok
16:43:06.0996 1276 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:43:07.0006 1276 wercplsupport - ok
16:43:07.0030 1276 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:43:07.0036 1276 WerSvc - ok
16:43:07.0063 1276 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:43:07.0065 1276 WfpLwf - ok
16:43:07.0099 1276 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:43:07.0101 1276 WimFltr - ok
16:43:07.0119 1276 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:43:07.0121 1276 WIMMount - ok
16:43:07.0184 1276 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:43:07.0212 1276 WinDefend - ok
16:43:07.0277 1276 WinHttpAutoProxySvc - ok
16:43:07.0345 1276 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:43:07.0351 1276 Winmgmt - ok
16:43:07.0411 1276 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
16:43:07.0432 1276 WinRM - ok
16:43:07.0491 1276 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:43:07.0495 1276 WinUsb - ok
16:43:07.0548 1276 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:43:07.0585 1276 Wlansvc - ok
16:43:07.0626 1276 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:43:07.0628 1276 WmiAcpi - ok
16:43:07.0677 1276 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:43:07.0680 1276 wmiApSrv - ok
16:43:07.0749 1276 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:43:07.0783 1276 WMPNetworkSvc - ok
16:43:07.0810 1276 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:43:07.0816 1276 WPCSvc - ok
16:43:07.0854 1276 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:43:07.0862 1276 WPDBusEnum - ok
16:43:07.0897 1276 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:43:07.0899 1276 ws2ifsl - ok
16:43:07.0929 1276 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
16:43:07.0937 1276 wscsvc - ok
16:43:07.0954 1276 WSearch - ok
16:43:08.0054 1276 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:43:08.0130 1276 wuauserv - ok
16:43:08.0179 1276 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:43:08.0181 1276 WudfPf - ok
16:43:08.0222 1276 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:43:08.0226 1276 WUDFRd - ok
16:43:08.0288 1276 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:43:08.0295 1276 wudfsvc - ok
16:43:08.0335 1276 [ 7CC38741B8F68F1E0D5D79DA6123666A ] WwanSvc C:\Windows\System32\wwansvc.dll
16:43:08.0343 1276 WwanSvc - ok
16:43:08.0432 1276 [ 3CB263CF60B253BEAD6E0205E1FA5669 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
16:43:08.0434 1276 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
16:43:08.0493 1276 ================ Scan global ===============================
16:43:08.0550 1276 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
16:43:08.0574 1276 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
16:43:08.0601 1276 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
16:43:08.0636 1276 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:43:08.0666 1276 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:43:08.0681 1276 [Global] - ok
16:43:08.0682 1276 ================ Scan MBR ==================================
16:43:08.0698 1276 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:43:09.0422 1276 \Device\Harddisk0\DR0 - ok
16:43:09.0423 1276 ================ Scan VBR ==================================
16:43:09.0429 1276 [ A82A6B242355A226426BDA8D9AB6514B ] \Device\Harddisk0\DR0\Partition1
16:43:09.0432 1276 \Device\Harddisk0\DR0\Partition1 - ok
16:43:09.0446 1276 [ 51BF978EF913055792CDAEA0D19C59BA ] \Device\Harddisk0\DR0\Partition2
16:43:09.0450 1276 \Device\Harddisk0\DR0\Partition2 - ok
16:43:09.0451 1276 ============================================================
16:43:09.0451 1276 Scan finished
16:43:09.0451 1276 ============================================================
16:43:09.0476 3060 Detected object count: 1
16:43:09.0476 3060 Actual detected object count: 1
16:43:47.0038 3060 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:43:47.0038 3060 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 122 hostů