Ahoj, sestry PC. Pry to ma pomale, toolbary a kdovi co jeste. Predem dekuji za pomoc.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:33:54, on 20.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Users\Katka\Desktop\Nová složka (2)\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?l=dis&o=APN1 ... apn_ptnrs=^AM3&apn_dtid=^YYYYYY^YY^CZ&p2=^AM3^YYYYYY^YY^CZ&tpid=SGT-V6&apn_dbr=ff_19.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2308658125-278399326-2170045589-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2308658125-278399326-2170045589-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13175 bytes
prosim o kontrolu logu
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: prosim o kontrolu logu
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.07.20.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Katka :: KATKA-PC [administrátor]
20.7.2013 19:22:01
MBAM-log-2013-07-20 (19-43-20).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 262205
Uplynulý čas: 9 minut, 35 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
www.malwarebytes.org
Verze: v2013.07.20.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Katka :: KATKA-PC [administrátor]
20.7.2013 19:22:01
MBAM-log-2013-07-20 (19-43-20).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 262205
Uplynulý čas: 9 minut, 35 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: prosim o kontrolu logu
# AdwCleaner v2.306 - Log vytvooen 20/07/2013 v 19:48:25
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Katka - KATKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Katka\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : APNMCP
Nalezeno : IBUpdaterService
Nalezeno : PCSUService
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\Ask.com
Složka Nalezeno : C:\Program Files (x86)\AskPartnerNetwork
Složka Nalezeno : C:\Program Files (x86)\SweetIM
Složka Nalezeno : C:\Program Files (x86)\sweetpacks bundle uninstaller
Složka Nalezeno : C:\ProgramData\APN
Složka Nalezeno : C:\ProgramData\AskPartnerNetwork
Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\ProgramData\SweetIM
Složka Nalezeno : C:\Users\Katka\AppData\Roaming\iWin
Složka Nalezeno : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Složka Nalezeno : C:\Windows\SysWOW64\ARFC
Složka Nalezeno : C:\Windows\SysWOW64\jmdp
Složka Nalezeno : C:\Windows\SysWOW64\WNLT
Soubor Nalezeno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Nalezeno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\ask-search.xml
Soubor Nalezeno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\SweetIM Search.xml
Soubor Nalezeno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\SweetIm.xml
***** [Registry] *****
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AskPartnerNetwork
Klíe Nalezeno : HKCU\Software\IM
Klíe Nalezeno : HKCU\Software\ImInstaller
Klíe Nalezeno : HKCU\Software\WNLT
Klíe Nalezeno : HKLM\Software\AskPartnerNetwork
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sim-packages
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EEE6C374-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.search.ask.com/?l=dis&o=APN1 ... apn_ptnrs=^AM3&apn_dtid=^YYYYYY^YY^CZ&p2=^AM3^YYYYYY^YY^CZ&tpid=SGT-V6&apn_dbr=ff_19.0
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\prefs.js
Nalezeno : user_pref("browser.search.defaultenginename", "SweetIM Search");
Nalezeno : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&barid={[...]
Nalezeno : user_pref("extensions.SGT-V6.hpr", "\"hxxp://www.search.ask.com/?l=dis&o=APN10026&gct=hp&apn_ptnrs=^[...]
Nalezeno : user_pref("extensions.SGT-V6.pref_tab_close", "[{\"title\":\"tn.cz%20-%20Seznam\",\"url\":\"hxxp://s[...]
Nalezeno : user_pref("extensions.enabledAddons", "%7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15,toolbar_SGT[...]
Nalezeno : user_pref("extensions.foxcub.prev.HP", "hxxp://www.search.ask.com/?l=dis&o=APN10026&gct=hp&apn_ptnrs[...]
Nalezeno : user_pref("extensions.foxcub.prev.KWD", "hxxp://asksearch.ask.com/redirect?client=ff&src=kw&tb=SGT-V[...]
Nalezeno : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=6&barid={026C3BCE-9368-4530-8D53-[...]
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Seznam");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/?clid=14875");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.seznam.cz/?sourceid=undefined&q=");
Nalezeno : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&ba[...]
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nalezeno [l.24] : icon_url = "hxxp://www.ask.com/favicon.ico",
Nalezeno [l.31] : search_url = "hxxp://asksearch.ask.com/redirect?client=cr&src=kw&tb=SGT-V6&o=APN10026&itbv=11.8.1.291&doi=2013-04-05&locale=en_EU&apn_uid=C0DFDF09-C0EB-4532-B687-A4080E9D9467&apn_ptnrs=^AM3&apn_dtid=^YYYYYY^YY^CZ&apn_dbr=ff_19.0&&q={searchTerms}",
Nalezeno [l.32] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}"
*************************
AdwCleaner[R1].txt - [6691 octets] - [20/07/2013 19:45:02]
AdwCleaner[R2].txt - [6751 octets] - [20/07/2013 19:45:52]
AdwCleaner[R3].txt - [6682 octets] - [20/07/2013 19:48:25]
########## EOF - C:\AdwCleaner[R3].txt - [6742 octets] ##########
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Katka - KATKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Katka\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : APNMCP
Nalezeno : IBUpdaterService
Nalezeno : PCSUService
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\Ask.com
Složka Nalezeno : C:\Program Files (x86)\AskPartnerNetwork
Složka Nalezeno : C:\Program Files (x86)\SweetIM
Složka Nalezeno : C:\Program Files (x86)\sweetpacks bundle uninstaller
Složka Nalezeno : C:\ProgramData\APN
Složka Nalezeno : C:\ProgramData\AskPartnerNetwork
Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\ProgramData\SweetIM
Složka Nalezeno : C:\Users\Katka\AppData\Roaming\iWin
Složka Nalezeno : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Složka Nalezeno : C:\Windows\SysWOW64\ARFC
Složka Nalezeno : C:\Windows\SysWOW64\jmdp
Složka Nalezeno : C:\Windows\SysWOW64\WNLT
Soubor Nalezeno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Nalezeno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\ask-search.xml
Soubor Nalezeno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\SweetIM Search.xml
Soubor Nalezeno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\SweetIm.xml
***** [Registry] *****
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AskPartnerNetwork
Klíe Nalezeno : HKCU\Software\IM
Klíe Nalezeno : HKCU\Software\ImInstaller
Klíe Nalezeno : HKCU\Software\WNLT
Klíe Nalezeno : HKLM\Software\AskPartnerNetwork
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sim-packages
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EEE6C374-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.search.ask.com/?l=dis&o=APN1 ... apn_ptnrs=^AM3&apn_dtid=^YYYYYY^YY^CZ&p2=^AM3^YYYYYY^YY^CZ&tpid=SGT-V6&apn_dbr=ff_19.0
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\prefs.js
Nalezeno : user_pref("browser.search.defaultenginename", "SweetIM Search");
Nalezeno : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&barid={[...]
Nalezeno : user_pref("extensions.SGT-V6.hpr", "\"hxxp://www.search.ask.com/?l=dis&o=APN10026&gct=hp&apn_ptnrs=^[...]
Nalezeno : user_pref("extensions.SGT-V6.pref_tab_close", "[{\"title\":\"tn.cz%20-%20Seznam\",\"url\":\"hxxp://s[...]
Nalezeno : user_pref("extensions.enabledAddons", "%7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15,toolbar_SGT[...]
Nalezeno : user_pref("extensions.foxcub.prev.HP", "hxxp://www.search.ask.com/?l=dis&o=APN10026&gct=hp&apn_ptnrs[...]
Nalezeno : user_pref("extensions.foxcub.prev.KWD", "hxxp://asksearch.ask.com/redirect?client=ff&src=kw&tb=SGT-V[...]
Nalezeno : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=6&barid={026C3BCE-9368-4530-8D53-[...]
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Seznam");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/?clid=14875");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.seznam.cz/?sourceid=undefined&q=");
Nalezeno : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&ba[...]
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nalezeno [l.24] : icon_url = "hxxp://www.ask.com/favicon.ico",
Nalezeno [l.31] : search_url = "hxxp://asksearch.ask.com/redirect?client=cr&src=kw&tb=SGT-V6&o=APN10026&itbv=11.8.1.291&doi=2013-04-05&locale=en_EU&apn_uid=C0DFDF09-C0EB-4532-B687-A4080E9D9467&apn_ptnrs=^AM3&apn_dtid=^YYYYYY^YY^CZ&apn_dbr=ff_19.0&&q={searchTerms}",
Nalezeno [l.32] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}"
*************************
AdwCleaner[R1].txt - [6691 octets] - [20/07/2013 19:45:02]
AdwCleaner[R2].txt - [6751 octets] - [20/07/2013 19:45:52]
AdwCleaner[R3].txt - [6682 octets] - [20/07/2013 19:48:25]
########## EOF - C:\AdwCleaner[R3].txt - [6742 octets] ##########
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu
# AdwCleaner v2.306 - Log vytvooen 21/07/2013 v 16:49:55
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Katka - KATKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Katka\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : APNMCP
Zastaveno & vymazáno : IBUpdaterService
Zastaveno & vymazáno : PCSUService
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\Ask.com
Složka Vymazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Vymazáno : C:\Program Files (x86)\SweetIM
Složka Vymazáno : C:\Program Files (x86)\sweetpacks bundle uninstaller
Složka Vymazáno : C:\ProgramData\APN
Složka Vymazáno : C:\ProgramData\AskPartnerNetwork
Složka Vymazáno : C:\ProgramData\boost_interprocess
Složka Vymazáno : C:\ProgramData\SweetIM
Složka Vymazáno : C:\Users\Katka\AppData\Roaming\iWin
Složka Vymazáno : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Složka Vymazáno : C:\Windows\SysWOW64\ARFC
Složka Vymazáno : C:\Windows\SysWOW64\jmdp
Složka Vymazáno : C:\Windows\SysWOW64\WNLT
Soubor Vymazáno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Vymazáno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\ask-search.xml
Soubor Vymazáno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\SweetIM Search.xml
Soubor Vymazáno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\SweetIm.xml
***** [Registry] *****
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AskPartnerNetwork
Klíe Vymazáno : HKCU\Software\IM
Klíe Vymazáno : HKCU\Software\ImInstaller
Klíe Vymazáno : HKCU\Software\WNLT
Klíe Vymazáno : HKLM\Software\AskPartnerNetwork
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\sim-packages
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EEE6C374-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.search.ask.com/?l=dis&o=APN1 ... apn_ptnrs=^AM3&apn_dtid=^YYYYYY^YY^CZ&p2=^AM3^YYYYYY^YY^CZ&tpid=SGT-V6&apn_dbr=ff_19.0 --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\prefs.js
Vymazáno : user_pref("browser.search.defaultenginename", "SweetIM Search");
Vymazáno : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&barid={[...]
Vymazáno : user_pref("extensions.SGT-V6.hpr", "\"hxxp://www.search.ask.com/?l=dis&o=APN10026&gct=hp&apn_ptnrs=^[...]
Vymazáno : user_pref("extensions.SGT-V6.pref_tab_close", "[{\"title\":\"Hijackthis.cz\",\"url\":\"hxxp://www.hi[...]
Vymazáno : user_pref("extensions.enabledAddons", "%7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15,toolbar_SGT[...]
Vymazáno : user_pref("extensions.foxcub.prev.HP", "hxxp://www.search.ask.com/?l=dis&o=APN10026&gct=hp&apn_ptnrs[...]
Vymazáno : user_pref("extensions.foxcub.prev.KWD", "hxxp://asksearch.ask.com/redirect?client=ff&src=kw&tb=SGT-V[...]
Vymazáno : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=6&barid={026C3BCE-9368-4530-8D53-[...]
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Seznam");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/?clid=14875");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.seznam.cz/?sourceid=undefined&q=");
Vymazáno : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&ba[...]
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.24] : icon_url = "hxxp://www.ask.com/favicon.ico",
Vymazáno [l.31] : search_url = "hxxp://asksearch.ask.com/redirect?client=cr&src=kw&tb=SGT-V6&o=APN10026&itbv=[...]
Vymazáno [l.32] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchT[...]
*************************
AdwCleaner[R1].txt - [6691 octets] - [20/07/2013 19:45:02]
AdwCleaner[R2].txt - [6751 octets] - [20/07/2013 19:45:52]
AdwCleaner[R3].txt - [6811 octets] - [20/07/2013 19:48:25]
AdwCleaner[S1].txt - [6661 octets] - [21/07/2013 16:49:55]
########## EOF - C:\AdwCleaner[S1].txt - [6721 octets] ##########
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Katka - KATKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Katka\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : APNMCP
Zastaveno & vymazáno : IBUpdaterService
Zastaveno & vymazáno : PCSUService
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\Ask.com
Složka Vymazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Vymazáno : C:\Program Files (x86)\SweetIM
Složka Vymazáno : C:\Program Files (x86)\sweetpacks bundle uninstaller
Složka Vymazáno : C:\ProgramData\APN
Složka Vymazáno : C:\ProgramData\AskPartnerNetwork
Složka Vymazáno : C:\ProgramData\boost_interprocess
Složka Vymazáno : C:\ProgramData\SweetIM
Složka Vymazáno : C:\Users\Katka\AppData\Roaming\iWin
Složka Vymazáno : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Složka Vymazáno : C:\Windows\SysWOW64\ARFC
Složka Vymazáno : C:\Windows\SysWOW64\jmdp
Složka Vymazáno : C:\Windows\SysWOW64\WNLT
Soubor Vymazáno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Vymazáno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\ask-search.xml
Soubor Vymazáno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\SweetIM Search.xml
Soubor Vymazáno : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\searchplugins\SweetIm.xml
***** [Registry] *****
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AskPartnerNetwork
Klíe Vymazáno : HKCU\Software\IM
Klíe Vymazáno : HKCU\Software\ImInstaller
Klíe Vymazáno : HKCU\Software\WNLT
Klíe Vymazáno : HKLM\Software\AskPartnerNetwork
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\sim-packages
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EEE6C374-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.search.ask.com/?l=dis&o=APN1 ... apn_ptnrs=^AM3&apn_dtid=^YYYYYY^YY^CZ&p2=^AM3^YYYYYY^YY^CZ&tpid=SGT-V6&apn_dbr=ff_19.0 --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\2jokxc27.default\prefs.js
Vymazáno : user_pref("browser.search.defaultenginename", "SweetIM Search");
Vymazáno : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&barid={[...]
Vymazáno : user_pref("extensions.SGT-V6.hpr", "\"hxxp://www.search.ask.com/?l=dis&o=APN10026&gct=hp&apn_ptnrs=^[...]
Vymazáno : user_pref("extensions.SGT-V6.pref_tab_close", "[{\"title\":\"Hijackthis.cz\",\"url\":\"hxxp://www.hi[...]
Vymazáno : user_pref("extensions.enabledAddons", "%7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15,toolbar_SGT[...]
Vymazáno : user_pref("extensions.foxcub.prev.HP", "hxxp://www.search.ask.com/?l=dis&o=APN10026&gct=hp&apn_ptnrs[...]
Vymazáno : user_pref("extensions.foxcub.prev.KWD", "hxxp://asksearch.ask.com/redirect?client=ff&src=kw&tb=SGT-V[...]
Vymazáno : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=6&barid={026C3BCE-9368-4530-8D53-[...]
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Seznam");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/?clid=14875");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.seznam.cz/?sourceid=undefined&q=");
Vymazáno : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&ba[...]
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.24] : icon_url = "hxxp://www.ask.com/favicon.ico",
Vymazáno [l.31] : search_url = "hxxp://asksearch.ask.com/redirect?client=cr&src=kw&tb=SGT-V6&o=APN10026&itbv=[...]
Vymazáno [l.32] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchT[...]
*************************
AdwCleaner[R1].txt - [6691 octets] - [20/07/2013 19:45:02]
AdwCleaner[R2].txt - [6751 octets] - [20/07/2013 19:45:52]
AdwCleaner[R3].txt - [6811 octets] - [20/07/2013 19:48:25]
AdwCleaner[S1].txt - [6661 octets] - [21/07/2013 16:49:55]
########## EOF - C:\AdwCleaner[S1].txt - [6721 octets] ##########
Re: prosim o kontrolu logu
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.07.20.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Katka :: KATKA-PC [administrátor]
25.7.2013 12:37:19
mbam-log-2013-07-25 (12-37-19).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 262392
Uplynulý čas: 14 minut, 23 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
www.malwarebytes.org
Verze: v2013.07.20.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Katka :: KATKA-PC [administrátor]
25.7.2013 12:37:19
mbam-log-2013-07-25 (12-37-19).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 262392
Uplynulý čas: 14 minut, 23 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: prosim o kontrolu logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 7 Home Premium x64
Ran by Katka on źt 25.07.2013 at 12:54:20,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\pcspeedup
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B391CB0D-2EB9-4B71-8E41-5170F756FE47}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F25D8851-F897-4299-B31B-F023A6C20597}
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho34C5.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{09FC23CD-7ED5-43C6-A5CB-367055EF6AF8}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{0BF06714-9B9E-4716-9D7A-CB42C79F6C35}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{1880396E-B915-4389-8E31-441E181B90DB}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{1C092565-368C-4AF4-9F69-765B3F5E501F}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{2B99F2A3-63AD-4A17-92F4-1A675F1EA98C}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{2C8022B1-21D8-4181-8EBD-5D216889970E}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{305414EE-5DFD-432D-8980-AEE145A302D0}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{4C44A18C-D21C-4D26-AB20-1549250FBC7A}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{7744C166-CA65-40C5-8BF1-7C8995A66FEA}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{8D21D92A-7763-4E94-9382-3D46E9605251}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{919E925A-DF5D-4896-B8B1-459AB2CEDB88}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{91ED8A1A-2320-41CE-87C0-F976BD26D397}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{9845C880-4C5E-4ADC-B95A-04AECE9989A7}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{B118E087-D164-4456-B971-8BF0247CBE8D}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{CE4C7922-796D-4CDA-8B99-31187D3178D1}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{DA174AF3-828C-49DE-8D1E-92C1B218462A}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{EA37129D-8DFF-4FA5-9821-8795EF0839EB}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{F8109B32-5B74-4E4B-8787-441685121F4A}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{F81A8CA9-BCCC-4D29-ACB8-050C967288D4}
~~~ FireFox
Successfully deleted the following from C:\Users\Katka\AppData\Roaming\mozilla\firefox\profiles\2jokxc27.default\prefs.js
user_pref("extensions.foxcub.config.encodedConfig", "{\"core\":{\"configUrl\":\"hxxp://download.seznam.cz/software/conf/\",\"updateUrl\":\"hxxp://download.seznam.cz/software/c
Emptied folder: C:\Users\Katka\AppData\Roaming\mozilla\firefox\profiles\2jokxc27.default\minidumps [84 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 25.07.2013 at 13:01:37,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 7 Home Premium x64
Ran by Katka on źt 25.07.2013 at 12:54:20,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\pcspeedup
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B391CB0D-2EB9-4B71-8E41-5170F756FE47}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F25D8851-F897-4299-B31B-F023A6C20597}
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho34C5.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{09FC23CD-7ED5-43C6-A5CB-367055EF6AF8}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{0BF06714-9B9E-4716-9D7A-CB42C79F6C35}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{1880396E-B915-4389-8E31-441E181B90DB}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{1C092565-368C-4AF4-9F69-765B3F5E501F}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{2B99F2A3-63AD-4A17-92F4-1A675F1EA98C}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{2C8022B1-21D8-4181-8EBD-5D216889970E}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{305414EE-5DFD-432D-8980-AEE145A302D0}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{4C44A18C-D21C-4D26-AB20-1549250FBC7A}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{7744C166-CA65-40C5-8BF1-7C8995A66FEA}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{8D21D92A-7763-4E94-9382-3D46E9605251}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{919E925A-DF5D-4896-B8B1-459AB2CEDB88}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{91ED8A1A-2320-41CE-87C0-F976BD26D397}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{9845C880-4C5E-4ADC-B95A-04AECE9989A7}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{B118E087-D164-4456-B971-8BF0247CBE8D}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{CE4C7922-796D-4CDA-8B99-31187D3178D1}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{DA174AF3-828C-49DE-8D1E-92C1B218462A}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{EA37129D-8DFF-4FA5-9821-8795EF0839EB}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{F8109B32-5B74-4E4B-8787-441685121F4A}
Successfully deleted: [Empty Folder] C:\Users\Katka\appdata\local\{F81A8CA9-BCCC-4D29-ACB8-050C967288D4}
~~~ FireFox
Successfully deleted the following from C:\Users\Katka\AppData\Roaming\mozilla\firefox\profiles\2jokxc27.default\prefs.js
user_pref("extensions.foxcub.config.encodedConfig", "{\"core\":{\"configUrl\":\"hxxp://download.seznam.cz/software/conf/\",\"updateUrl\":\"hxxp://download.seznam.cz/software/c
Emptied folder: C:\Users\Katka\AppData\Roaming\mozilla\firefox\profiles\2jokxc27.default\minidumps [84 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 25.07.2013 at 13:01:37,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: prosim o kontrolu logu
RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Katka [Práva správce]
Mód : Kontrola -- Datum : 07/25/2013 13:12:05
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] szndesktop.exe -- C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]
¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2308658125-278399326-2170045589-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2308658125-278399326-2170045589-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK7559GSXP +++++
--- User ---
[MBR] 80747365c43145da3ab638ece6f15f02
[BSP] 6a3f5f5994159f36c15c28f4350a55c0 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 699942 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_07252013_131205.txt >>
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Katka [Práva správce]
Mód : Kontrola -- Datum : 07/25/2013 13:12:05
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] szndesktop.exe -- C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]
¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2308658125-278399326-2170045589-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2308658125-278399326-2170045589-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK7559GSXP +++++
--- User ---
[MBR] 80747365c43145da3ab638ece6f15f02
[BSP] 6a3f5f5994159f36c15c28f4350a55c0 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 699942 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_07252013_131205.txt >>
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: prosim o kontrolu logu
RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Katka [Práva správce]
Mód : Odebrat -- Datum : 08/01/2013 11:28:18
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-2308658125-278399326-2170045589-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-2308658125-278399326-2170045589-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK7559GSXP +++++
--- User ---
[MBR] 80747365c43145da3ab638ece6f15f02
[BSP] 6a3f5f5994159f36c15c28f4350a55c0 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 699942 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_08012013_112818.txt >>
RKreport[0]_S_07252013_131205.txt;RKreport[0]_S_08012013_112811.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Katka [Práva správce]
Mód : Odebrat -- Datum : 08/01/2013 11:28:18
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-2308658125-278399326-2170045589-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Katka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-2308658125-278399326-2170045589-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Katka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK7559GSXP +++++
--- User ---
[MBR] 80747365c43145da3ab638ece6f15f02
[BSP] 6a3f5f5994159f36c15c28f4350a55c0 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 699942 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_08012013_112818.txt >>
RKreport[0]_S_07252013_131205.txt;RKreport[0]_S_08012013_112811.txt
Re: prosim o kontrolu logu
11:31:02.0346 1144 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:31:02.0627 1144 ============================================================
11:31:02.0627 1144 Current date / time: 2013/08/01 11:31:02.0627
11:31:02.0627 1144 SystemInfo:
11:31:02.0627 1144
11:31:02.0627 1144 OS Version: 6.1.7601 ServicePack: 1.0
11:31:02.0627 1144 Product type: Workstation
11:31:02.0627 1144 ComputerName: KATKA-PC
11:31:02.0627 1144 UserName: Katka
11:31:02.0627 1144 Windows directory: C:\Windows
11:31:02.0627 1144 System windows directory: C:\Windows
11:31:02.0627 1144 Running under WOW64
11:31:02.0627 1144 Processor architecture: Intel x64
11:31:02.0627 1144 Number of processors: 4
11:31:02.0627 1144 Page size: 0x1000
11:31:02.0627 1144 Boot type: Normal boot
11:31:02.0627 1144 ============================================================
11:31:03.0017 1144 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:31:03.0017 1144 ============================================================
11:31:03.0017 1144 \Device\Harddisk0\DR0:
11:31:03.0017 1144 MBR partitions:
11:31:03.0017 1144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
11:31:03.0017 1144 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x55713000
11:31:03.0017 1144 ============================================================
11:31:03.0048 1144 C: <-> \Device\Harddisk0\DR0\Partition2
11:31:03.0048 1144 ============================================================
11:31:03.0048 1144 Initialize success
11:31:03.0048 1144 ============================================================
11:31:21.0643 4140 ============================================================
11:31:21.0643 4140 Scan started
11:31:21.0643 4140 Mode: Manual;
11:31:21.0643 4140 ============================================================
11:31:21.0846 4140 ================ Scan system memory ========================
11:31:21.0846 4140 System memory - ok
11:31:21.0846 4140 ================ Scan services =============================
11:31:22.0064 4140 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:31:22.0080 4140 1394ohci - ok
11:31:22.0127 4140 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:31:22.0127 4140 ACPI - ok
11:31:22.0158 4140 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:31:22.0158 4140 AcpiPmi - ok
11:31:22.0298 4140 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:31:22.0298 4140 AdobeARMservice - ok
11:31:22.0454 4140 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:31:22.0454 4140 AdobeFlashPlayerUpdateSvc - ok
11:31:22.0532 4140 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:31:22.0532 4140 adp94xx - ok
11:31:22.0579 4140 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:31:22.0579 4140 adpahci - ok
11:31:22.0579 4140 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:31:22.0595 4140 adpu320 - ok
11:31:22.0610 4140 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:31:22.0610 4140 AeLookupSvc - ok
11:31:22.0657 4140 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:31:22.0673 4140 AFD - ok
11:31:22.0720 4140 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:31:22.0720 4140 agp440 - ok
11:31:22.0735 4140 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:31:22.0751 4140 ALG - ok
11:31:22.0766 4140 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:31:22.0766 4140 aliide - ok
11:31:22.0782 4140 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:31:22.0782 4140 amdide - ok
11:31:22.0829 4140 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:31:22.0829 4140 AmdK8 - ok
11:31:22.0829 4140 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:31:22.0829 4140 AmdPPM - ok
11:31:22.0844 4140 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:31:22.0844 4140 amdsata - ok
11:31:22.0891 4140 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:31:22.0907 4140 amdsbs - ok
11:31:22.0938 4140 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:31:22.0938 4140 amdxata - ok
11:31:22.0954 4140 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:31:22.0954 4140 AppID - ok
11:31:22.0985 4140 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:31:23.0000 4140 AppIDSvc - ok
11:31:23.0032 4140 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
11:31:23.0032 4140 Appinfo - ok
11:31:23.0078 4140 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:31:23.0078 4140 arc - ok
11:31:23.0110 4140 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:31:23.0110 4140 arcsas - ok
11:31:23.0172 4140 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
11:31:23.0172 4140 aswFsBlk - ok
11:31:23.0250 4140 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
11:31:23.0250 4140 aswKbd - ok
11:31:23.0297 4140 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:31:23.0297 4140 aswMonFlt - ok
11:31:23.0359 4140 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
11:31:23.0359 4140 aswRdr - ok
11:31:23.0390 4140 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
11:31:23.0390 4140 aswRvrt - ok
11:31:23.0453 4140 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:31:23.0468 4140 aswSnx - ok
11:31:23.0531 4140 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:31:23.0531 4140 aswSP - ok
11:31:23.0578 4140 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
11:31:23.0578 4140 aswTdi - ok
11:31:23.0609 4140 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
11:31:23.0609 4140 aswVmm - ok
11:31:23.0624 4140 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:31:23.0624 4140 AsyncMac - ok
11:31:23.0671 4140 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:31:23.0671 4140 atapi - ok
11:31:23.0827 4140 [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:31:23.0843 4140 athr - ok
11:31:23.0968 4140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:31:23.0983 4140 AudioEndpointBuilder - ok
11:31:23.0999 4140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:31:24.0014 4140 AudioSrv - ok
11:31:24.0124 4140 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:31:24.0124 4140 avast! Antivirus - ok
11:31:24.0170 4140 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:31:24.0170 4140 AxInstSV - ok
11:31:24.0233 4140 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:31:24.0233 4140 b06bdrv - ok
11:31:24.0280 4140 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:31:24.0280 4140 b57nd60a - ok
11:31:24.0389 4140 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
11:31:24.0404 4140 BBSvc - ok
11:31:24.0467 4140 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
11:31:24.0467 4140 BBUpdate - ok
11:31:24.0514 4140 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:31:24.0529 4140 BDESVC - ok
11:31:24.0576 4140 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:31:24.0576 4140 Beep - ok
11:31:24.0638 4140 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:31:24.0638 4140 BFE - ok
11:31:24.0701 4140 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:31:24.0716 4140 BITS - ok
11:31:24.0763 4140 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:31:24.0763 4140 blbdrive - ok
11:31:24.0810 4140 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:31:24.0810 4140 bowser - ok
11:31:24.0841 4140 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:31:24.0841 4140 BrFiltLo - ok
11:31:24.0872 4140 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:31:24.0888 4140 BrFiltUp - ok
11:31:24.0935 4140 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:31:24.0935 4140 Browser - ok
11:31:24.0982 4140 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:31:24.0982 4140 Brserid - ok
11:31:24.0982 4140 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:31:24.0982 4140 BrSerWdm - ok
11:31:24.0997 4140 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:31:24.0997 4140 BrUsbMdm - ok
11:31:24.0997 4140 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:31:24.0997 4140 BrUsbSer - ok
11:31:25.0013 4140 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:31:25.0013 4140 BTHMODEM - ok
11:31:25.0060 4140 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:31:25.0075 4140 bthserv - ok
11:31:25.0122 4140 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:31:25.0122 4140 cdfs - ok
11:31:25.0169 4140 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:31:25.0169 4140 cdrom - ok
11:31:25.0216 4140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:31:25.0231 4140 CertPropSvc - ok
11:31:25.0262 4140 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:31:25.0262 4140 circlass - ok
11:31:25.0294 4140 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:31:25.0294 4140 CLFS - ok
11:31:25.0372 4140 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:31:25.0372 4140 clr_optimization_v2.0.50727_32 - ok
11:31:25.0403 4140 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:31:25.0418 4140 clr_optimization_v2.0.50727_64 - ok
11:31:25.0512 4140 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:31:25.0512 4140 clr_optimization_v4.0.30319_32 - ok
11:31:25.0543 4140 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:31:25.0559 4140 clr_optimization_v4.0.30319_64 - ok
11:31:25.0559 4140 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:31:25.0559 4140 CmBatt - ok
11:31:25.0590 4140 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:31:25.0590 4140 cmdide - ok
11:31:25.0637 4140 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:31:25.0637 4140 CNG - ok
11:31:25.0699 4140 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:31:25.0699 4140 Compbatt - ok
11:31:25.0746 4140 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:31:25.0746 4140 CompositeBus - ok
11:31:25.0762 4140 COMSysApp - ok
11:31:25.0793 4140 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:31:25.0793 4140 crcdisk - ok
11:31:25.0840 4140 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:31:25.0840 4140 CryptSvc - ok
11:31:25.0933 4140 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:31:25.0949 4140 cvhsvc - ok
11:31:26.0011 4140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:31:26.0011 4140 DcomLaunch - ok
11:31:26.0042 4140 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:31:26.0058 4140 defragsvc - ok
11:31:26.0074 4140 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:31:26.0089 4140 DfsC - ok
11:31:26.0120 4140 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:31:26.0136 4140 Dhcp - ok
11:31:26.0136 4140 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:31:26.0136 4140 discache - ok
11:31:26.0198 4140 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:31:26.0198 4140 Disk - ok
11:31:26.0230 4140 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:31:26.0230 4140 Dnscache - ok
11:31:26.0245 4140 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:31:26.0261 4140 dot3svc - ok
11:31:26.0261 4140 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:31:26.0261 4140 DPS - ok
11:31:26.0323 4140 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:31:26.0323 4140 drmkaud - ok
11:31:26.0401 4140 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:31:26.0401 4140 DsiWMIService - ok
11:31:26.0464 4140 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:31:26.0464 4140 dtsoftbus01 - ok
11:31:26.0510 4140 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:31:26.0526 4140 DXGKrnl - ok
11:31:26.0542 4140 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:31:26.0542 4140 EapHost - ok
11:31:26.0651 4140 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:31:26.0666 4140 ebdrv - ok
11:31:26.0713 4140 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:31:26.0713 4140 EFS - ok
11:31:26.0760 4140 [ 18DD872DD46ACB24E106DC2C9C270466 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
11:31:26.0760 4140 EgisTec Ticket Service - ok
11:31:26.0854 4140 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:31:26.0854 4140 ehRecvr - ok
11:31:26.0869 4140 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:31:26.0869 4140 ehSched - ok
11:31:26.0932 4140 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:31:26.0932 4140 elxstor - ok
11:31:27.0010 4140 [ 2AEE0416C54A1A86D035366DE192B2F0 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:31:27.0025 4140 ePowerSvc - ok
11:31:27.0025 4140 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:31:27.0041 4140 ErrDev - ok
11:31:27.0088 4140 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
11:31:27.0088 4140 ETD - ok
11:31:27.0134 4140 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:31:27.0134 4140 EventSystem - ok
11:31:27.0181 4140 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:31:27.0181 4140 exfat - ok
11:31:27.0197 4140 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:31:27.0197 4140 fastfat - ok
11:31:27.0244 4140 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:31:27.0259 4140 Fax - ok
11:31:27.0306 4140 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:31:27.0322 4140 fdc - ok
11:31:27.0337 4140 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:31:27.0337 4140 fdPHost - ok
11:31:27.0353 4140 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:31:27.0368 4140 FDResPub - ok
11:31:27.0384 4140 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:31:27.0400 4140 FileInfo - ok
11:31:27.0415 4140 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:31:27.0415 4140 Filetrace - ok
11:31:27.0478 4140 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:31:27.0493 4140 FLEXnet Licensing Service - ok
11:31:27.0524 4140 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:31:27.0524 4140 flpydisk - ok
11:31:27.0571 4140 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:31:27.0571 4140 FltMgr - ok
11:31:27.0634 4140 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
11:31:27.0649 4140 FontCache - ok
11:31:27.0712 4140 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:31:27.0712 4140 FontCache3.0.0.0 - ok
11:31:27.0727 4140 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:31:27.0743 4140 FsDepends - ok
11:31:27.0774 4140 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:31:27.0774 4140 Fs_Rec - ok
11:31:27.0836 4140 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:31:27.0836 4140 fvevol - ok
11:31:27.0868 4140 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:31:27.0868 4140 gagp30kx - ok
11:31:27.0946 4140 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:31:27.0946 4140 GamesAppService - ok
11:31:28.0008 4140 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:31:28.0008 4140 gpsvc - ok
11:31:28.0086 4140 [ 84E58FEA8B1A7537696A20C59CB9B0C9 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
11:31:28.0086 4140 GREGService - ok
11:31:28.0164 4140 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:31:28.0164 4140 gupdate - ok
11:31:28.0195 4140 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:31:28.0195 4140 gupdatem - ok
11:31:28.0226 4140 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:31:28.0226 4140 hcw85cir - ok
11:31:28.0289 4140 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:31:28.0289 4140 HdAudAddService - ok
11:31:28.0336 4140 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:31:28.0336 4140 HDAudBus - ok
11:31:28.0398 4140 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
11:31:28.0398 4140 HECIx64 - ok
11:31:28.0414 4140 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:31:28.0414 4140 HidBatt - ok
11:31:28.0429 4140 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:31:28.0429 4140 HidBth - ok
11:31:28.0460 4140 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:31:28.0460 4140 HidIr - ok
11:31:28.0492 4140 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:31:28.0507 4140 hidserv - ok
11:31:28.0554 4140 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:31:28.0554 4140 HidUsb - ok
11:31:28.0570 4140 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:31:28.0570 4140 hkmsvc - ok
11:31:28.0616 4140 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:31:28.0632 4140 HomeGroupListener - ok
11:31:28.0663 4140 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:31:28.0679 4140 HomeGroupProvider - ok
11:31:28.0710 4140 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:31:28.0710 4140 HpSAMD - ok
11:31:28.0726 4140 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:31:28.0741 4140 HTTP - ok
11:31:28.0772 4140 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:31:28.0788 4140 hwpolicy - ok
11:31:28.0788 4140 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:31:28.0804 4140 i8042prt - ok
11:31:28.0835 4140 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:31:28.0835 4140 iaStor - ok
11:31:28.0913 4140 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:31:28.0913 4140 IAStorDataMgrSvc - ok
11:31:28.0960 4140 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:31:28.0960 4140 iaStorV - ok
11:31:29.0022 4140 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:31:29.0038 4140 idsvc - ok
11:31:29.0303 4140 [ 31569A2E836C12014148BF7342716946 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:31:29.0365 4140 igfx - ok
11:31:29.0381 4140 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:31:29.0381 4140 iirsp - ok
11:31:29.0428 4140 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:31:29.0428 4140 IKEEXT - ok
11:31:29.0474 4140 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
11:31:29.0474 4140 Impcd - ok
11:31:29.0568 4140 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:31:29.0584 4140 IntcAzAudAddService - ok
11:31:29.0646 4140 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:31:29.0646 4140 IntcDAud - ok
11:31:29.0708 4140 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:31:29.0708 4140 intelide - ok
11:31:29.0740 4140 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:31:29.0740 4140 intelppm - ok
11:31:29.0771 4140 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:31:29.0771 4140 IPBusEnum - ok
11:31:29.0771 4140 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:31:29.0786 4140 IpFilterDriver - ok
11:31:29.0818 4140 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:31:29.0833 4140 iphlpsvc - ok
11:31:29.0864 4140 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:31:29.0864 4140 IPMIDRV - ok
11:31:29.0864 4140 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:31:29.0864 4140 IPNAT - ok
11:31:29.0896 4140 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:31:29.0896 4140 IRENUM - ok
11:31:29.0911 4140 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:31:29.0911 4140 isapnp - ok
11:31:29.0927 4140 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:31:29.0942 4140 iScsiPrt - ok
11:31:29.0974 4140 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
11:31:29.0989 4140 k57nd60a - ok
11:31:30.0036 4140 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:31:30.0036 4140 kbdclass - ok
11:31:30.0067 4140 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:31:30.0067 4140 kbdhid - ok
11:31:30.0098 4140 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:31:30.0098 4140 KeyIso - ok
11:31:30.0114 4140 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:31:30.0130 4140 KSecDD - ok
11:31:30.0145 4140 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:31:30.0145 4140 KSecPkg - ok
11:31:30.0176 4140 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:31:30.0176 4140 ksthunk - ok
11:31:30.0208 4140 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:31:30.0208 4140 KtmRm - ok
11:31:30.0270 4140 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:31:30.0270 4140 LanmanServer - ok
11:31:30.0286 4140 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:31:30.0301 4140 LanmanWorkstation - ok
11:31:30.0364 4140 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:31:30.0379 4140 Live Updater Service - ok
11:31:30.0410 4140 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:31:30.0410 4140 lltdio - ok
11:31:30.0457 4140 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:31:30.0457 4140 lltdsvc - ok
11:31:30.0473 4140 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:31:30.0473 4140 lmhosts - ok
11:31:30.0535 4140 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:31:30.0535 4140 LMS - ok
11:31:30.0598 4140 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:31:30.0598 4140 LSI_FC - ok
11:31:30.0613 4140 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:31:30.0613 4140 LSI_SAS - ok
11:31:30.0629 4140 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:31:30.0629 4140 LSI_SAS2 - ok
11:31:30.0629 4140 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:31:30.0644 4140 LSI_SCSI - ok
11:31:30.0660 4140 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:31:30.0660 4140 luafv - ok
11:31:30.0754 4140 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
11:31:30.0769 4140 McComponentHostService - ok
11:31:30.0785 4140 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:31:30.0785 4140 Mcx2Svc - ok
11:31:30.0816 4140 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:31:30.0832 4140 megasas - ok
11:31:30.0863 4140 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:31:30.0863 4140 MegaSR - ok
11:31:30.0894 4140 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:31:30.0894 4140 MMCSS - ok
11:31:30.0894 4140 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:31:30.0894 4140 Modem - ok
11:31:30.0925 4140 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:31:30.0941 4140 monitor - ok
11:31:30.0956 4140 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:31:30.0956 4140 mouclass - ok
11:31:30.0972 4140 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:31:30.0988 4140 mouhid - ok
11:31:31.0003 4140 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:31:31.0003 4140 mountmgr - ok
11:31:31.0081 4140 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:31:31.0097 4140 MozillaMaintenance - ok
11:31:31.0112 4140 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:31:31.0112 4140 mpio - ok
11:31:31.0144 4140 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:31:31.0144 4140 mpsdrv - ok
11:31:31.0190 4140 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:31:31.0206 4140 MpsSvc - ok
11:31:31.0222 4140 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:31:31.0222 4140 MRxDAV - ok
11:31:31.0253 4140 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:31:31.0253 4140 mrxsmb - ok
11:31:31.0284 4140 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:31:31.0284 4140 mrxsmb10 - ok
11:31:31.0315 4140 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:31:31.0315 4140 mrxsmb20 - ok
11:31:31.0331 4140 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:31:31.0331 4140 msahci - ok
11:31:31.0331 4140 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:31:31.0331 4140 msdsm - ok
11:31:31.0362 4140 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:31:31.0362 4140 MSDTC - ok
11:31:31.0378 4140 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:31:31.0393 4140 Msfs - ok
11:31:31.0409 4140 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:31:31.0424 4140 mshidkmdf - ok
11:31:31.0424 4140 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:31:31.0440 4140 msisadrv - ok
11:31:31.0456 4140 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:31:31.0471 4140 MSiSCSI - ok
11:31:31.0471 4140 msiserver - ok
11:31:31.0518 4140 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:31:31.0518 4140 MSKSSRV - ok
11:31:31.0534 4140 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:31:31.0534 4140 MSPCLOCK - ok
11:31:31.0534 4140 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:31:31.0534 4140 MSPQM - ok
11:31:31.0565 4140 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:31:31.0565 4140 MsRPC - ok
11:31:31.0580 4140 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:31:31.0580 4140 mssmbios - ok
11:31:31.0596 4140 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:31:31.0596 4140 MSTEE - ok
11:31:31.0612 4140 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:31:31.0612 4140 MTConfig - ok
11:31:31.0627 4140 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:31:31.0627 4140 Mup - ok
11:31:31.0643 4140 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:31:31.0643 4140 mwlPSDFilter - ok
11:31:31.0658 4140 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:31:31.0658 4140 mwlPSDNServ - ok
11:31:31.0690 4140 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:31:31.0690 4140 mwlPSDVDisk - ok
11:31:31.0705 4140 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:31:31.0721 4140 napagent - ok
11:31:31.0768 4140 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:31:31.0768 4140 NativeWifiP - ok
11:31:31.0830 4140 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:31:31.0846 4140 NDIS - ok
11:31:31.0877 4140 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:31:31.0877 4140 NdisCap - ok
11:31:31.0924 4140 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:31:31.0924 4140 NdisTapi - ok
11:31:31.0955 4140 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:31:31.0955 4140 Ndisuio - ok
11:31:31.0986 4140 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:31:31.0986 4140 NdisWan - ok
11:31:32.0002 4140 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:31:32.0002 4140 NDProxy - ok
11:31:32.0048 4140 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:31:32.0048 4140 NetBIOS - ok
11:31:32.0064 4140 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:31:32.0064 4140 NetBT - ok
11:31:32.0095 4140 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:31:32.0111 4140 Netlogon - ok
11:31:32.0173 4140 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:31:32.0173 4140 Netman - ok
11:31:32.0189 4140 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:31:32.0204 4140 netprofm - ok
11:31:32.0236 4140 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:31:32.0236 4140 NetTcpPortSharing - ok
11:31:32.0267 4140 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:31:32.0267 4140 nfrd960 - ok
11:31:32.0314 4140 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:31:32.0329 4140 NlaSvc - ok
11:31:32.0454 4140 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:31:32.0485 4140 NOBU - ok
11:31:32.0501 4140 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:31:32.0501 4140 Npfs - ok
11:31:32.0532 4140 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:31:32.0532 4140 nsi - ok
11:31:32.0548 4140 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:31:32.0548 4140 nsiproxy - ok
11:31:32.0610 4140 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:31:32.0626 4140 Ntfs - ok
11:31:32.0704 4140 [ 874C6BEB44845D56D5F6B01ABE409E9C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
11:31:32.0719 4140 NTI IScheduleSvc - ok
11:31:32.0750 4140 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
11:31:32.0750 4140 NTIDrvr - ok
11:31:32.0766 4140 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:31:32.0766 4140 Null - ok
11:31:33.0031 4140 [ 73DC184AF4D2ADDC41B37344636D2CC7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:31:33.0109 4140 nvlddmkm - ok
11:31:33.0140 4140 [ 477A3CF725C4040F77EB9E2C17B922A0 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
11:31:33.0140 4140 nvpciflt - ok
11:31:33.0172 4140 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:31:33.0172 4140 nvraid - ok
11:31:33.0187 4140 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:31:33.0187 4140 nvstor - ok
11:31:33.0265 4140 [ 6D1056430AFC72A6097409A70A716C15 ] NVSvc C:\Windows\system32\nvvsvc.exe
11:31:33.0281 4140 NVSvc - ok
11:31:33.0374 4140 [ A072423C3812472D326BC774610055CF ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:31:33.0390 4140 nvUpdatusService - ok
11:31:33.0406 4140 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:31:33.0406 4140 nv_agp - ok
11:31:33.0421 4140 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:31:33.0421 4140 ohci1394 - ok
11:31:33.0468 4140 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:31:33.0468 4140 ose - ok
11:31:33.0671 4140 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:31:33.0749 4140 osppsvc - ok
11:31:33.0780 4140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:31:33.0780 4140 p2pimsvc - ok
11:31:02.0627 1144 ============================================================
11:31:02.0627 1144 Current date / time: 2013/08/01 11:31:02.0627
11:31:02.0627 1144 SystemInfo:
11:31:02.0627 1144
11:31:02.0627 1144 OS Version: 6.1.7601 ServicePack: 1.0
11:31:02.0627 1144 Product type: Workstation
11:31:02.0627 1144 ComputerName: KATKA-PC
11:31:02.0627 1144 UserName: Katka
11:31:02.0627 1144 Windows directory: C:\Windows
11:31:02.0627 1144 System windows directory: C:\Windows
11:31:02.0627 1144 Running under WOW64
11:31:02.0627 1144 Processor architecture: Intel x64
11:31:02.0627 1144 Number of processors: 4
11:31:02.0627 1144 Page size: 0x1000
11:31:02.0627 1144 Boot type: Normal boot
11:31:02.0627 1144 ============================================================
11:31:03.0017 1144 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:31:03.0017 1144 ============================================================
11:31:03.0017 1144 \Device\Harddisk0\DR0:
11:31:03.0017 1144 MBR partitions:
11:31:03.0017 1144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
11:31:03.0017 1144 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x55713000
11:31:03.0017 1144 ============================================================
11:31:03.0048 1144 C: <-> \Device\Harddisk0\DR0\Partition2
11:31:03.0048 1144 ============================================================
11:31:03.0048 1144 Initialize success
11:31:03.0048 1144 ============================================================
11:31:21.0643 4140 ============================================================
11:31:21.0643 4140 Scan started
11:31:21.0643 4140 Mode: Manual;
11:31:21.0643 4140 ============================================================
11:31:21.0846 4140 ================ Scan system memory ========================
11:31:21.0846 4140 System memory - ok
11:31:21.0846 4140 ================ Scan services =============================
11:31:22.0064 4140 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:31:22.0080 4140 1394ohci - ok
11:31:22.0127 4140 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:31:22.0127 4140 ACPI - ok
11:31:22.0158 4140 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:31:22.0158 4140 AcpiPmi - ok
11:31:22.0298 4140 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:31:22.0298 4140 AdobeARMservice - ok
11:31:22.0454 4140 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:31:22.0454 4140 AdobeFlashPlayerUpdateSvc - ok
11:31:22.0532 4140 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:31:22.0532 4140 adp94xx - ok
11:31:22.0579 4140 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:31:22.0579 4140 adpahci - ok
11:31:22.0579 4140 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:31:22.0595 4140 adpu320 - ok
11:31:22.0610 4140 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:31:22.0610 4140 AeLookupSvc - ok
11:31:22.0657 4140 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:31:22.0673 4140 AFD - ok
11:31:22.0720 4140 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:31:22.0720 4140 agp440 - ok
11:31:22.0735 4140 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:31:22.0751 4140 ALG - ok
11:31:22.0766 4140 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:31:22.0766 4140 aliide - ok
11:31:22.0782 4140 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:31:22.0782 4140 amdide - ok
11:31:22.0829 4140 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:31:22.0829 4140 AmdK8 - ok
11:31:22.0829 4140 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:31:22.0829 4140 AmdPPM - ok
11:31:22.0844 4140 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:31:22.0844 4140 amdsata - ok
11:31:22.0891 4140 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:31:22.0907 4140 amdsbs - ok
11:31:22.0938 4140 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:31:22.0938 4140 amdxata - ok
11:31:22.0954 4140 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:31:22.0954 4140 AppID - ok
11:31:22.0985 4140 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:31:23.0000 4140 AppIDSvc - ok
11:31:23.0032 4140 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
11:31:23.0032 4140 Appinfo - ok
11:31:23.0078 4140 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:31:23.0078 4140 arc - ok
11:31:23.0110 4140 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:31:23.0110 4140 arcsas - ok
11:31:23.0172 4140 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
11:31:23.0172 4140 aswFsBlk - ok
11:31:23.0250 4140 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
11:31:23.0250 4140 aswKbd - ok
11:31:23.0297 4140 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:31:23.0297 4140 aswMonFlt - ok
11:31:23.0359 4140 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
11:31:23.0359 4140 aswRdr - ok
11:31:23.0390 4140 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
11:31:23.0390 4140 aswRvrt - ok
11:31:23.0453 4140 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:31:23.0468 4140 aswSnx - ok
11:31:23.0531 4140 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:31:23.0531 4140 aswSP - ok
11:31:23.0578 4140 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
11:31:23.0578 4140 aswTdi - ok
11:31:23.0609 4140 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
11:31:23.0609 4140 aswVmm - ok
11:31:23.0624 4140 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:31:23.0624 4140 AsyncMac - ok
11:31:23.0671 4140 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:31:23.0671 4140 atapi - ok
11:31:23.0827 4140 [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:31:23.0843 4140 athr - ok
11:31:23.0968 4140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:31:23.0983 4140 AudioEndpointBuilder - ok
11:31:23.0999 4140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:31:24.0014 4140 AudioSrv - ok
11:31:24.0124 4140 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:31:24.0124 4140 avast! Antivirus - ok
11:31:24.0170 4140 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:31:24.0170 4140 AxInstSV - ok
11:31:24.0233 4140 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:31:24.0233 4140 b06bdrv - ok
11:31:24.0280 4140 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:31:24.0280 4140 b57nd60a - ok
11:31:24.0389 4140 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
11:31:24.0404 4140 BBSvc - ok
11:31:24.0467 4140 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
11:31:24.0467 4140 BBUpdate - ok
11:31:24.0514 4140 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:31:24.0529 4140 BDESVC - ok
11:31:24.0576 4140 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:31:24.0576 4140 Beep - ok
11:31:24.0638 4140 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:31:24.0638 4140 BFE - ok
11:31:24.0701 4140 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:31:24.0716 4140 BITS - ok
11:31:24.0763 4140 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:31:24.0763 4140 blbdrive - ok
11:31:24.0810 4140 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:31:24.0810 4140 bowser - ok
11:31:24.0841 4140 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:31:24.0841 4140 BrFiltLo - ok
11:31:24.0872 4140 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:31:24.0888 4140 BrFiltUp - ok
11:31:24.0935 4140 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:31:24.0935 4140 Browser - ok
11:31:24.0982 4140 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:31:24.0982 4140 Brserid - ok
11:31:24.0982 4140 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:31:24.0982 4140 BrSerWdm - ok
11:31:24.0997 4140 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:31:24.0997 4140 BrUsbMdm - ok
11:31:24.0997 4140 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:31:24.0997 4140 BrUsbSer - ok
11:31:25.0013 4140 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:31:25.0013 4140 BTHMODEM - ok
11:31:25.0060 4140 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:31:25.0075 4140 bthserv - ok
11:31:25.0122 4140 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:31:25.0122 4140 cdfs - ok
11:31:25.0169 4140 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:31:25.0169 4140 cdrom - ok
11:31:25.0216 4140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:31:25.0231 4140 CertPropSvc - ok
11:31:25.0262 4140 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:31:25.0262 4140 circlass - ok
11:31:25.0294 4140 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:31:25.0294 4140 CLFS - ok
11:31:25.0372 4140 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:31:25.0372 4140 clr_optimization_v2.0.50727_32 - ok
11:31:25.0403 4140 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:31:25.0418 4140 clr_optimization_v2.0.50727_64 - ok
11:31:25.0512 4140 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:31:25.0512 4140 clr_optimization_v4.0.30319_32 - ok
11:31:25.0543 4140 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:31:25.0559 4140 clr_optimization_v4.0.30319_64 - ok
11:31:25.0559 4140 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:31:25.0559 4140 CmBatt - ok
11:31:25.0590 4140 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:31:25.0590 4140 cmdide - ok
11:31:25.0637 4140 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:31:25.0637 4140 CNG - ok
11:31:25.0699 4140 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:31:25.0699 4140 Compbatt - ok
11:31:25.0746 4140 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:31:25.0746 4140 CompositeBus - ok
11:31:25.0762 4140 COMSysApp - ok
11:31:25.0793 4140 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:31:25.0793 4140 crcdisk - ok
11:31:25.0840 4140 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:31:25.0840 4140 CryptSvc - ok
11:31:25.0933 4140 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:31:25.0949 4140 cvhsvc - ok
11:31:26.0011 4140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:31:26.0011 4140 DcomLaunch - ok
11:31:26.0042 4140 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:31:26.0058 4140 defragsvc - ok
11:31:26.0074 4140 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:31:26.0089 4140 DfsC - ok
11:31:26.0120 4140 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:31:26.0136 4140 Dhcp - ok
11:31:26.0136 4140 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:31:26.0136 4140 discache - ok
11:31:26.0198 4140 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:31:26.0198 4140 Disk - ok
11:31:26.0230 4140 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:31:26.0230 4140 Dnscache - ok
11:31:26.0245 4140 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:31:26.0261 4140 dot3svc - ok
11:31:26.0261 4140 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:31:26.0261 4140 DPS - ok
11:31:26.0323 4140 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:31:26.0323 4140 drmkaud - ok
11:31:26.0401 4140 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:31:26.0401 4140 DsiWMIService - ok
11:31:26.0464 4140 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:31:26.0464 4140 dtsoftbus01 - ok
11:31:26.0510 4140 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:31:26.0526 4140 DXGKrnl - ok
11:31:26.0542 4140 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:31:26.0542 4140 EapHost - ok
11:31:26.0651 4140 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:31:26.0666 4140 ebdrv - ok
11:31:26.0713 4140 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:31:26.0713 4140 EFS - ok
11:31:26.0760 4140 [ 18DD872DD46ACB24E106DC2C9C270466 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
11:31:26.0760 4140 EgisTec Ticket Service - ok
11:31:26.0854 4140 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:31:26.0854 4140 ehRecvr - ok
11:31:26.0869 4140 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:31:26.0869 4140 ehSched - ok
11:31:26.0932 4140 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:31:26.0932 4140 elxstor - ok
11:31:27.0010 4140 [ 2AEE0416C54A1A86D035366DE192B2F0 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:31:27.0025 4140 ePowerSvc - ok
11:31:27.0025 4140 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:31:27.0041 4140 ErrDev - ok
11:31:27.0088 4140 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
11:31:27.0088 4140 ETD - ok
11:31:27.0134 4140 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:31:27.0134 4140 EventSystem - ok
11:31:27.0181 4140 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:31:27.0181 4140 exfat - ok
11:31:27.0197 4140 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:31:27.0197 4140 fastfat - ok
11:31:27.0244 4140 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:31:27.0259 4140 Fax - ok
11:31:27.0306 4140 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:31:27.0322 4140 fdc - ok
11:31:27.0337 4140 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:31:27.0337 4140 fdPHost - ok
11:31:27.0353 4140 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:31:27.0368 4140 FDResPub - ok
11:31:27.0384 4140 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:31:27.0400 4140 FileInfo - ok
11:31:27.0415 4140 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:31:27.0415 4140 Filetrace - ok
11:31:27.0478 4140 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:31:27.0493 4140 FLEXnet Licensing Service - ok
11:31:27.0524 4140 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:31:27.0524 4140 flpydisk - ok
11:31:27.0571 4140 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:31:27.0571 4140 FltMgr - ok
11:31:27.0634 4140 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
11:31:27.0649 4140 FontCache - ok
11:31:27.0712 4140 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:31:27.0712 4140 FontCache3.0.0.0 - ok
11:31:27.0727 4140 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:31:27.0743 4140 FsDepends - ok
11:31:27.0774 4140 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:31:27.0774 4140 Fs_Rec - ok
11:31:27.0836 4140 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:31:27.0836 4140 fvevol - ok
11:31:27.0868 4140 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:31:27.0868 4140 gagp30kx - ok
11:31:27.0946 4140 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:31:27.0946 4140 GamesAppService - ok
11:31:28.0008 4140 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:31:28.0008 4140 gpsvc - ok
11:31:28.0086 4140 [ 84E58FEA8B1A7537696A20C59CB9B0C9 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
11:31:28.0086 4140 GREGService - ok
11:31:28.0164 4140 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:31:28.0164 4140 gupdate - ok
11:31:28.0195 4140 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:31:28.0195 4140 gupdatem - ok
11:31:28.0226 4140 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:31:28.0226 4140 hcw85cir - ok
11:31:28.0289 4140 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:31:28.0289 4140 HdAudAddService - ok
11:31:28.0336 4140 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:31:28.0336 4140 HDAudBus - ok
11:31:28.0398 4140 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
11:31:28.0398 4140 HECIx64 - ok
11:31:28.0414 4140 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:31:28.0414 4140 HidBatt - ok
11:31:28.0429 4140 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:31:28.0429 4140 HidBth - ok
11:31:28.0460 4140 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:31:28.0460 4140 HidIr - ok
11:31:28.0492 4140 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:31:28.0507 4140 hidserv - ok
11:31:28.0554 4140 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:31:28.0554 4140 HidUsb - ok
11:31:28.0570 4140 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:31:28.0570 4140 hkmsvc - ok
11:31:28.0616 4140 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:31:28.0632 4140 HomeGroupListener - ok
11:31:28.0663 4140 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:31:28.0679 4140 HomeGroupProvider - ok
11:31:28.0710 4140 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:31:28.0710 4140 HpSAMD - ok
11:31:28.0726 4140 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:31:28.0741 4140 HTTP - ok
11:31:28.0772 4140 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:31:28.0788 4140 hwpolicy - ok
11:31:28.0788 4140 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:31:28.0804 4140 i8042prt - ok
11:31:28.0835 4140 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:31:28.0835 4140 iaStor - ok
11:31:28.0913 4140 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:31:28.0913 4140 IAStorDataMgrSvc - ok
11:31:28.0960 4140 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:31:28.0960 4140 iaStorV - ok
11:31:29.0022 4140 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:31:29.0038 4140 idsvc - ok
11:31:29.0303 4140 [ 31569A2E836C12014148BF7342716946 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:31:29.0365 4140 igfx - ok
11:31:29.0381 4140 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:31:29.0381 4140 iirsp - ok
11:31:29.0428 4140 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:31:29.0428 4140 IKEEXT - ok
11:31:29.0474 4140 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
11:31:29.0474 4140 Impcd - ok
11:31:29.0568 4140 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:31:29.0584 4140 IntcAzAudAddService - ok
11:31:29.0646 4140 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:31:29.0646 4140 IntcDAud - ok
11:31:29.0708 4140 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:31:29.0708 4140 intelide - ok
11:31:29.0740 4140 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:31:29.0740 4140 intelppm - ok
11:31:29.0771 4140 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:31:29.0771 4140 IPBusEnum - ok
11:31:29.0771 4140 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:31:29.0786 4140 IpFilterDriver - ok
11:31:29.0818 4140 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:31:29.0833 4140 iphlpsvc - ok
11:31:29.0864 4140 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:31:29.0864 4140 IPMIDRV - ok
11:31:29.0864 4140 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:31:29.0864 4140 IPNAT - ok
11:31:29.0896 4140 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:31:29.0896 4140 IRENUM - ok
11:31:29.0911 4140 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:31:29.0911 4140 isapnp - ok
11:31:29.0927 4140 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:31:29.0942 4140 iScsiPrt - ok
11:31:29.0974 4140 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
11:31:29.0989 4140 k57nd60a - ok
11:31:30.0036 4140 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:31:30.0036 4140 kbdclass - ok
11:31:30.0067 4140 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:31:30.0067 4140 kbdhid - ok
11:31:30.0098 4140 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:31:30.0098 4140 KeyIso - ok
11:31:30.0114 4140 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:31:30.0130 4140 KSecDD - ok
11:31:30.0145 4140 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:31:30.0145 4140 KSecPkg - ok
11:31:30.0176 4140 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:31:30.0176 4140 ksthunk - ok
11:31:30.0208 4140 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:31:30.0208 4140 KtmRm - ok
11:31:30.0270 4140 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:31:30.0270 4140 LanmanServer - ok
11:31:30.0286 4140 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:31:30.0301 4140 LanmanWorkstation - ok
11:31:30.0364 4140 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:31:30.0379 4140 Live Updater Service - ok
11:31:30.0410 4140 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:31:30.0410 4140 lltdio - ok
11:31:30.0457 4140 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:31:30.0457 4140 lltdsvc - ok
11:31:30.0473 4140 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:31:30.0473 4140 lmhosts - ok
11:31:30.0535 4140 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:31:30.0535 4140 LMS - ok
11:31:30.0598 4140 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:31:30.0598 4140 LSI_FC - ok
11:31:30.0613 4140 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:31:30.0613 4140 LSI_SAS - ok
11:31:30.0629 4140 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:31:30.0629 4140 LSI_SAS2 - ok
11:31:30.0629 4140 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:31:30.0644 4140 LSI_SCSI - ok
11:31:30.0660 4140 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:31:30.0660 4140 luafv - ok
11:31:30.0754 4140 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
11:31:30.0769 4140 McComponentHostService - ok
11:31:30.0785 4140 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:31:30.0785 4140 Mcx2Svc - ok
11:31:30.0816 4140 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:31:30.0832 4140 megasas - ok
11:31:30.0863 4140 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:31:30.0863 4140 MegaSR - ok
11:31:30.0894 4140 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:31:30.0894 4140 MMCSS - ok
11:31:30.0894 4140 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:31:30.0894 4140 Modem - ok
11:31:30.0925 4140 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:31:30.0941 4140 monitor - ok
11:31:30.0956 4140 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:31:30.0956 4140 mouclass - ok
11:31:30.0972 4140 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:31:30.0988 4140 mouhid - ok
11:31:31.0003 4140 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:31:31.0003 4140 mountmgr - ok
11:31:31.0081 4140 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:31:31.0097 4140 MozillaMaintenance - ok
11:31:31.0112 4140 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:31:31.0112 4140 mpio - ok
11:31:31.0144 4140 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:31:31.0144 4140 mpsdrv - ok
11:31:31.0190 4140 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:31:31.0206 4140 MpsSvc - ok
11:31:31.0222 4140 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:31:31.0222 4140 MRxDAV - ok
11:31:31.0253 4140 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:31:31.0253 4140 mrxsmb - ok
11:31:31.0284 4140 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:31:31.0284 4140 mrxsmb10 - ok
11:31:31.0315 4140 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:31:31.0315 4140 mrxsmb20 - ok
11:31:31.0331 4140 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:31:31.0331 4140 msahci - ok
11:31:31.0331 4140 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:31:31.0331 4140 msdsm - ok
11:31:31.0362 4140 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:31:31.0362 4140 MSDTC - ok
11:31:31.0378 4140 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:31:31.0393 4140 Msfs - ok
11:31:31.0409 4140 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:31:31.0424 4140 mshidkmdf - ok
11:31:31.0424 4140 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:31:31.0440 4140 msisadrv - ok
11:31:31.0456 4140 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:31:31.0471 4140 MSiSCSI - ok
11:31:31.0471 4140 msiserver - ok
11:31:31.0518 4140 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:31:31.0518 4140 MSKSSRV - ok
11:31:31.0534 4140 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:31:31.0534 4140 MSPCLOCK - ok
11:31:31.0534 4140 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:31:31.0534 4140 MSPQM - ok
11:31:31.0565 4140 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:31:31.0565 4140 MsRPC - ok
11:31:31.0580 4140 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:31:31.0580 4140 mssmbios - ok
11:31:31.0596 4140 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:31:31.0596 4140 MSTEE - ok
11:31:31.0612 4140 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:31:31.0612 4140 MTConfig - ok
11:31:31.0627 4140 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:31:31.0627 4140 Mup - ok
11:31:31.0643 4140 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:31:31.0643 4140 mwlPSDFilter - ok
11:31:31.0658 4140 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:31:31.0658 4140 mwlPSDNServ - ok
11:31:31.0690 4140 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:31:31.0690 4140 mwlPSDVDisk - ok
11:31:31.0705 4140 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:31:31.0721 4140 napagent - ok
11:31:31.0768 4140 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:31:31.0768 4140 NativeWifiP - ok
11:31:31.0830 4140 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:31:31.0846 4140 NDIS - ok
11:31:31.0877 4140 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:31:31.0877 4140 NdisCap - ok
11:31:31.0924 4140 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:31:31.0924 4140 NdisTapi - ok
11:31:31.0955 4140 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:31:31.0955 4140 Ndisuio - ok
11:31:31.0986 4140 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:31:31.0986 4140 NdisWan - ok
11:31:32.0002 4140 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:31:32.0002 4140 NDProxy - ok
11:31:32.0048 4140 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:31:32.0048 4140 NetBIOS - ok
11:31:32.0064 4140 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:31:32.0064 4140 NetBT - ok
11:31:32.0095 4140 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:31:32.0111 4140 Netlogon - ok
11:31:32.0173 4140 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:31:32.0173 4140 Netman - ok
11:31:32.0189 4140 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:31:32.0204 4140 netprofm - ok
11:31:32.0236 4140 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:31:32.0236 4140 NetTcpPortSharing - ok
11:31:32.0267 4140 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:31:32.0267 4140 nfrd960 - ok
11:31:32.0314 4140 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:31:32.0329 4140 NlaSvc - ok
11:31:32.0454 4140 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:31:32.0485 4140 NOBU - ok
11:31:32.0501 4140 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:31:32.0501 4140 Npfs - ok
11:31:32.0532 4140 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:31:32.0532 4140 nsi - ok
11:31:32.0548 4140 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:31:32.0548 4140 nsiproxy - ok
11:31:32.0610 4140 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:31:32.0626 4140 Ntfs - ok
11:31:32.0704 4140 [ 874C6BEB44845D56D5F6B01ABE409E9C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
11:31:32.0719 4140 NTI IScheduleSvc - ok
11:31:32.0750 4140 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
11:31:32.0750 4140 NTIDrvr - ok
11:31:32.0766 4140 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:31:32.0766 4140 Null - ok
11:31:33.0031 4140 [ 73DC184AF4D2ADDC41B37344636D2CC7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:31:33.0109 4140 nvlddmkm - ok
11:31:33.0140 4140 [ 477A3CF725C4040F77EB9E2C17B922A0 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
11:31:33.0140 4140 nvpciflt - ok
11:31:33.0172 4140 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:31:33.0172 4140 nvraid - ok
11:31:33.0187 4140 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:31:33.0187 4140 nvstor - ok
11:31:33.0265 4140 [ 6D1056430AFC72A6097409A70A716C15 ] NVSvc C:\Windows\system32\nvvsvc.exe
11:31:33.0281 4140 NVSvc - ok
11:31:33.0374 4140 [ A072423C3812472D326BC774610055CF ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:31:33.0390 4140 nvUpdatusService - ok
11:31:33.0406 4140 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:31:33.0406 4140 nv_agp - ok
11:31:33.0421 4140 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:31:33.0421 4140 ohci1394 - ok
11:31:33.0468 4140 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:31:33.0468 4140 ose - ok
11:31:33.0671 4140 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:31:33.0749 4140 osppsvc - ok
11:31:33.0780 4140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:31:33.0780 4140 p2pimsvc - ok
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 109 hostů