Dobrý večer, poprosil bych o kontrolu logu. Mám problém s operou a IE, nelze klikat na odkazy, reklamy, fotky nic..
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:13, on 26.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [icq] C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Helca\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Helca\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Helca\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 6472 bytes
Nelze klikat na odkazy v prohlížeči Vyřešeno
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Nelze klikat na odkazy v prohlížeči
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Nelze klikat na odkazy v prohlížeči
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.07.27.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16618
Helca :: HELCA-PC [administrátor]
Ochrana: Povolena
27.7.2013 18:09:47
MBAM-log-2013-07-27 (18-19-08).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 197929
Uplynulý čas: 8 minut, 10 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 1
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Špatný: (C:\$Recycle.Bin\S-1-5-18\$41bf466c75efb2670d69aab56148dc06\n.) Dobrý: (fastprox.dll) -> Nebyla provedena žádná instrukce.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 4
C:\Users\Helca\AppData\Local\Temp\KMP_3.6.0.87.exe (PUP.Optional.Softonic) -> Nebyla provedena žádná instrukce.
C:\$Recycle.Bin\S-1-5-18\$41bf466c75efb2670d69aab56148dc06\n (Trojan.0Access) -> Nebyla provedena žádná instrukce.
C:\$Recycle.Bin\S-1-5-21-3073692932-360651883-3395257891-1000\$41bf466c75efb2670d69aab56148dc06\n (Trojan.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\assembly\GAC\Desktop.ini (Rootkit.0access) -> Nebyla provedena žádná instrukce.
(konec)
--------------------------------------------------------------------------
# AdwCleaner v2.306 - Logfile created 07/27/2013 at 18:22:09
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Helca - HELCA-PC
# Boot Mode : Normal
# Running from : C:\Users\Helca\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\Program Files\WinZip Registry Optimizer
Folder Found : C:\Users\Helca\AppData\Local\Temp\AskSearch
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\PIP
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry is clean.
-\\ Mozilla Firefox v22.0 (cs)
File : C:\Users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\a3iud446.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v28.0.1500.72
File : C:\Users\Helca\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.16.1860.0
File : C:\Users\Helca\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [3939 octets] - [27/07/2013 18:22:09]
########## EOF - C:\AdwCleaner[R1].txt - [3999 octets] ##########
www.malwarebytes.org
Verze: v2013.07.27.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16618
Helca :: HELCA-PC [administrátor]
Ochrana: Povolena
27.7.2013 18:09:47
MBAM-log-2013-07-27 (18-19-08).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 197929
Uplynulý čas: 8 minut, 10 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 1
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Špatný: (C:\$Recycle.Bin\S-1-5-18\$41bf466c75efb2670d69aab56148dc06\n.) Dobrý: (fastprox.dll) -> Nebyla provedena žádná instrukce.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 4
C:\Users\Helca\AppData\Local\Temp\KMP_3.6.0.87.exe (PUP.Optional.Softonic) -> Nebyla provedena žádná instrukce.
C:\$Recycle.Bin\S-1-5-18\$41bf466c75efb2670d69aab56148dc06\n (Trojan.0Access) -> Nebyla provedena žádná instrukce.
C:\$Recycle.Bin\S-1-5-21-3073692932-360651883-3395257891-1000\$41bf466c75efb2670d69aab56148dc06\n (Trojan.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\assembly\GAC\Desktop.ini (Rootkit.0access) -> Nebyla provedena žádná instrukce.
(konec)
--------------------------------------------------------------------------
# AdwCleaner v2.306 - Logfile created 07/27/2013 at 18:22:09
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Helca - HELCA-PC
# Boot Mode : Normal
# Running from : C:\Users\Helca\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\Program Files\WinZip Registry Optimizer
Folder Found : C:\Users\Helca\AppData\Local\Temp\AskSearch
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\PIP
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry is clean.
-\\ Mozilla Firefox v22.0 (cs)
File : C:\Users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\a3iud446.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v28.0.1500.72
File : C:\Users\Helca\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.16.1860.0
File : C:\Users\Helca\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [3939 octets] - [27/07/2013 18:22:09]
########## EOF - C:\AdwCleaner[R1].txt - [3999 octets] ##########
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Nelze klikat na odkazy v prohlížeči
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Nelze klikat na odkazy v prohlížeči
# AdwCleaner v2.306 - Logfile created 07/30/2013 at 15:13:46
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Helca - HELCA-PC
# Boot Mode : Normal
# Running from : C:\Users\Helca\Desktop\Čištění, odčervení\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Windows\system32\roboot.exe
Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\search protection
Folder Deleted : C:\Users\Helca\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Helca\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\a3iud446.default\adawaretb
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\Software\PIP
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry is clean.
-\\ Mozilla Firefox v22.0 (cs)
File : C:\Users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\a3iud446.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v28.0.1500.72
File : C:\Users\Helca\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.16.1860.0
File : C:\Users\Helca\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [4068 octets] - [27/07/2013 18:22:09]
AdwCleaner[S1].txt - [5046 octets] - [30/07/2013 15:13:46]
########## EOF - C:\AdwCleaner[S1].txt - [5106 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.8 (07.29.2013:2)
OS: Windows 7 Ultimate x86
Ran by Helca on Łt 30.07.2013 at 15:29:32,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sbregrebootcleaner
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Helca\appdata\local\adawarebp"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Helca\AppData\Roaming\mozilla\firefox\profiles\a3iud446.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted the following from C:\Users\Helca\AppData\Roaming\mozilla\firefox\profiles\a3iud446.default\prefs.js
user_pref("browser.search.selectedEngine", "SecureSearch");
Emptied folder: C:\Users\Helca\AppData\Roaming\mozilla\firefox\profiles\a3iud446.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 30.07.2013 at 15:33:39,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RogueKiller V8.6.4 [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Helca [Admin rights]
Mode : Scan -- Date : 07/30/2013 15:41:47
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Helca\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll [x] -> UNLOADED
¤¤¤ Registry Entries : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU [7]) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [x][x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3073692932-360651883-3395257891-1000\[...]\Run : icq (C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU [7]) -> FOUND
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-3073692932-360651883-3395257891-1000\$41bf466c75efb2670d69aab56148dc06\n. [x]) -> FOUND
[BROK VAL] HKCR\[...]\command : () -> MISSING
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Junction] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> FOUND
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHZ2160BH ATA Device +++++
--- User ---
[MBR] 3fc35ddd40b5f09bb12837a6d467d7d6
[BSP] 1d39840ba651b665a57a067c8e3c2849 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4008 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8209215 | Size: 66628 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 144681388 | Size: 81980 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_07302013_154147.txt >>
Tady jsou. Ten nový log z MbAM jsem zapomněl asi uložit, je důležitý? Pokud ano, kde bych ho mohl najít? Nebo bude potřeba nechat MbAM projet znova? A děkuju vám, že mi pomáháte, jste moc hodní :)
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Helca - HELCA-PC
# Boot Mode : Normal
# Running from : C:\Users\Helca\Desktop\Čištění, odčervení\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Windows\system32\roboot.exe
Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\search protection
Folder Deleted : C:\Users\Helca\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Helca\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\a3iud446.default\adawaretb
***** [Registry] *****
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\Software\PIP
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry is clean.
-\\ Mozilla Firefox v22.0 (cs)
File : C:\Users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\a3iud446.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v28.0.1500.72
File : C:\Users\Helca\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.16.1860.0
File : C:\Users\Helca\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [4068 octets] - [27/07/2013 18:22:09]
AdwCleaner[S1].txt - [5046 octets] - [30/07/2013 15:13:46]
########## EOF - C:\AdwCleaner[S1].txt - [5106 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.8 (07.29.2013:2)
OS: Windows 7 Ultimate x86
Ran by Helca on Łt 30.07.2013 at 15:29:32,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sbregrebootcleaner
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Helca\appdata\local\adawarebp"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Helca\AppData\Roaming\mozilla\firefox\profiles\a3iud446.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted the following from C:\Users\Helca\AppData\Roaming\mozilla\firefox\profiles\a3iud446.default\prefs.js
user_pref("browser.search.selectedEngine", "SecureSearch");
Emptied folder: C:\Users\Helca\AppData\Roaming\mozilla\firefox\profiles\a3iud446.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 30.07.2013 at 15:33:39,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RogueKiller V8.6.4 [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Helca [Admin rights]
Mode : Scan -- Date : 07/30/2013 15:41:47
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Helca\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll [x] -> UNLOADED
¤¤¤ Registry Entries : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU [7]) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [x][x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3073692932-360651883-3395257891-1000\[...]\Run : icq (C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU [7]) -> FOUND
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-3073692932-360651883-3395257891-1000\$41bf466c75efb2670d69aab56148dc06\n. [x]) -> FOUND
[BROK VAL] HKCR\[...]\command : () -> MISSING
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Junction] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> FOUND
[ZeroAccess][Junction] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> FOUND
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHZ2160BH ATA Device +++++
--- User ---
[MBR] 3fc35ddd40b5f09bb12837a6d467d7d6
[BSP] 1d39840ba651b665a57a067c8e3c2849 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4008 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8209215 | Size: 66628 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 144681388 | Size: 81980 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_07302013_154147.txt >>
Tady jsou. Ten nový log z MbAM jsem zapomněl asi uložit, je důležitý? Pokud ano, kde bych ho mohl najít? Nebo bude potřeba nechat MbAM projet znova? A děkuju vám, že mi pomáháte, jste moc hodní :)
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Nelze klikat na odkazy v prohlížeči
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Nelze klikat na odkazy v prohlížeči
RogueKiller V8.6.4 [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Helca [Práva správce]
Mód : Odebrat -- Datum : 07/30/2013 17:40:28
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Helca\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll [x] -> ODEBRÁNO
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKLM\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [x][x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-3073692932-360651883-3395257891-1000\[...]\Run : icq (C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-3073692932-360651883-3395257891-1000\$41bf466c75efb2670d69aab56148dc06\n. [x]) -> NAHRAZENO (C:\Windows\system32\shell32.dll)
[BROK VAL] HKCR\[...]\command : () -> vytvořené ("%1" %*)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[ZeroAccess][křižovatka] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ZeroAccess ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHZ2160BH ATA Device +++++
--- User ---
[MBR] 3fc35ddd40b5f09bb12837a6d467d7d6
[BSP] 1d39840ba651b665a57a067c8e3c2849 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4008 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8209215 | Size: 66628 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 144681388 | Size: 81980 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_07302013_174028.txt >>
RKreport[0]_S_07302013_154147.txt;RKreport[0]_S_07302013_173929.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Helca [Práva správce]
Mód : Odebrat -- Datum : 07/30/2013 17:40:28
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Helca\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll [x] -> ODEBRÁNO
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKLM\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [x][x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-3073692932-360651883-3395257891-1000\[...]\Run : icq (C:\Users\Helca\AppData\Roaming\ICQM\icq.exe -CU [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-3073692932-360651883-3395257891-1000\$41bf466c75efb2670d69aab56148dc06\n. [x]) -> NAHRAZENO (C:\Windows\system32\shell32.dll)
[BROK VAL] HKCR\[...]\command : () -> vytvořené ("%1" %*)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[ZeroAccess][křižovatka] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ZeroAccess ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHZ2160BH ATA Device +++++
--- User ---
[MBR] 3fc35ddd40b5f09bb12837a6d467d7d6
[BSP] 1d39840ba651b665a57a067c8e3c2849 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4008 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8209215 | Size: 66628 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 144681388 | Size: 81980 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_07302013_174028.txt >>
RKreport[0]_S_07302013_154147.txt;RKreport[0]_S_07302013_173929.txt
Re: Nelze klikat na odkazy v prohlížeči
17:44:51.0333 3976 ============================================================
17:44:51.0333 3976 Current date / time: 2013/07/30 17:44:51.0333
17:44:51.0333 3976 SystemInfo:
17:44:51.0334 3976
17:44:51.0334 3976 OS Version: 6.1.7601 ServicePack: 1.0
17:44:51.0334 3976 Product type: Workstation
17:44:51.0335 3976 ComputerName: HELCA-PC
17:44:51.0335 3976 UserName: Helca
17:44:51.0336 3976 Windows directory: C:\Windows
17:44:51.0336 3976 System windows directory: C:\Windows
17:44:51.0336 3976 Processor architecture: Intel x86
17:44:51.0336 3976 Number of processors: 2
17:44:51.0336 3976 Page size: 0x1000
17:44:51.0336 3976 Boot type: Normal boot
17:44:51.0336 3976 ============================================================
17:44:52.0815 3976 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:44:52.0832 3976 ============================================================
17:44:52.0832 3976 \Device\Harddisk0\DR0:
17:44:52.0832 3976 MBR partitions:
17:44:52.0833 3976 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x7D433F, BlocksNum 0x82227AE
17:44:52.0833 3976 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x89FA9AC, BlocksNum 0xA01E115
17:44:52.0833 3976 ============================================================
17:44:52.0855 3976 C: <-> \Device\Harddisk0\DR0\Partition2
17:44:52.0855 3976 ============================================================
17:44:52.0856 3976 Initialize success
17:44:52.0856 3976 ============================================================
17:44:57.0000 1672 ============================================================
17:44:57.0000 1672 Scan started
17:44:57.0000 1672 Mode: Manual;
17:44:57.0000 1672 ============================================================
17:44:57.0735 1672 ================ Scan system memory ========================
17:44:57.0736 1672 System memory - ok
17:44:57.0738 1672 ================ Scan services =============================
17:44:57.0990 1672 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:44:57.0995 1672 1394ohci - ok
17:44:58.0044 1672 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:44:58.0049 1672 ACPI - ok
17:44:58.0082 1672 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:44:58.0084 1672 AcpiPmi - ok
17:44:58.0217 1672 [ AE1671A3C798A3467DE5E7DD12179803 ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
17:44:58.0246 1672 Ad-Aware Service - ok
17:44:58.0342 1672 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:44:58.0345 1672 AdobeARMservice - ok
17:44:58.0423 1672 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:44:58.0429 1672 AdobeFlashPlayerUpdateSvc - ok
17:44:58.0488 1672 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:44:58.0495 1672 adp94xx - ok
17:44:58.0531 1672 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:44:58.0537 1672 adpahci - ok
17:44:58.0562 1672 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:44:58.0566 1672 adpu320 - ok
17:44:58.0609 1672 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:44:58.0612 1672 AeLookupSvc - ok
17:44:58.0686 1672 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:44:58.0690 1672 AFD - ok
17:44:58.0724 1672 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:44:58.0725 1672 agp440 - ok
17:44:58.0760 1672 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:44:58.0762 1672 aic78xx - ok
17:44:58.0798 1672 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:44:58.0801 1672 ALG - ok
17:44:58.0828 1672 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:44:58.0829 1672 aliide - ok
17:44:58.0862 1672 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:44:58.0863 1672 amdagp - ok
17:44:58.0895 1672 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:44:58.0897 1672 amdide - ok
17:44:58.0939 1672 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:44:58.0941 1672 AmdK8 - ok
17:44:58.0959 1672 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:44:58.0961 1672 AmdPPM - ok
17:44:59.0015 1672 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:44:59.0017 1672 amdsata - ok
17:44:59.0046 1672 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:44:59.0049 1672 amdsbs - ok
17:44:59.0077 1672 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:44:59.0078 1672 amdxata - ok
17:44:59.0131 1672 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:44:59.0132 1672 AppID - ok
17:44:59.0183 1672 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:44:59.0184 1672 AppIDSvc - ok
17:44:59.0223 1672 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
17:44:59.0225 1672 Appinfo - ok
17:44:59.0252 1672 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:44:59.0257 1672 AppMgmt - ok
17:44:59.0291 1672 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:44:59.0293 1672 arc - ok
17:44:59.0314 1672 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:44:59.0317 1672 arcsas - ok
17:44:59.0346 1672 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:59.0347 1672 AsyncMac - ok
17:44:59.0386 1672 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:44:59.0387 1672 atapi - ok
17:44:59.0439 1672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:44:59.0467 1672 AudioEndpointBuilder - ok
17:44:59.0511 1672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:44:59.0520 1672 Audiosrv - ok
17:44:59.0564 1672 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:44:59.0568 1672 AxInstSV - ok
17:44:59.0606 1672 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:44:59.0612 1672 b06bdrv - ok
17:44:59.0658 1672 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:44:59.0661 1672 b57nd60x - ok
17:44:59.0717 1672 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:44:59.0721 1672 BDESVC - ok
17:44:59.0750 1672 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:44:59.0751 1672 Beep - ok
17:44:59.0791 1672 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:44:59.0792 1672 blbdrive - ok
17:44:59.0850 1672 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:44:59.0852 1672 bowser - ok
17:44:59.0873 1672 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:44:59.0874 1672 BrFiltLo - ok
17:44:59.0897 1672 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:44:59.0898 1672 BrFiltUp - ok
17:44:59.0949 1672 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
17:44:59.0953 1672 Browser - ok
17:44:59.0984 1672 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:44:59.0988 1672 Brserid - ok
17:45:00.0006 1672 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:45:00.0009 1672 BrSerWdm - ok
17:45:00.0025 1672 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:45:00.0027 1672 BrUsbMdm - ok
17:45:00.0043 1672 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:45:00.0045 1672 BrUsbSer - ok
17:45:00.0105 1672 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:45:00.0106 1672 BthEnum - ok
17:45:00.0120 1672 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:45:00.0127 1672 BTHMODEM - ok
17:45:00.0174 1672 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:45:00.0176 1672 BthPan - ok
17:45:00.0222 1672 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:45:00.0229 1672 BTHPORT - ok
17:45:00.0277 1672 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:45:00.0280 1672 bthserv - ok
17:45:00.0306 1672 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:45:00.0308 1672 BTHUSB - ok
17:45:00.0348 1672 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:45:00.0350 1672 cdfs - ok
17:45:00.0405 1672 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:45:00.0407 1672 cdrom - ok
17:45:00.0455 1672 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:45:00.0458 1672 CertPropSvc - ok
17:45:00.0500 1672 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:45:00.0501 1672 circlass - ok
17:45:00.0538 1672 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:45:00.0542 1672 CLFS - ok
17:45:00.0691 1672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:00.0714 1672 clr_optimization_v2.0.50727_32 - ok
17:45:00.0854 1672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:00.0860 1672 clr_optimization_v4.0.30319_32 - ok
17:45:00.0895 1672 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:45:00.0897 1672 CmBatt - ok
17:45:00.0938 1672 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:45:00.0940 1672 cmdide - ok
17:45:00.0998 1672 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
17:45:01.0004 1672 CNG - ok
17:45:01.0036 1672 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:45:01.0038 1672 Compbatt - ok
17:45:01.0085 1672 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:45:01.0088 1672 CompositeBus - ok
17:45:01.0115 1672 COMSysApp - ok
17:45:01.0141 1672 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:45:01.0143 1672 crcdisk - ok
17:45:01.0186 1672 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:45:01.0192 1672 CryptSvc - ok
17:45:01.0242 1672 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:45:01.0247 1672 CSC - ok
17:45:01.0320 1672 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:45:01.0343 1672 CscService - ok
17:45:01.0386 1672 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:45:01.0397 1672 DcomLaunch - ok
17:45:01.0446 1672 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:45:01.0452 1672 defragsvc - ok
17:45:01.0515 1672 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:45:01.0517 1672 DfsC - ok
17:45:01.0566 1672 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:45:01.0576 1672 Dhcp - ok
17:45:01.0609 1672 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:45:01.0611 1672 discache - ok
17:45:01.0639 1672 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:45:01.0642 1672 Disk - ok
17:45:01.0698 1672 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:45:01.0708 1672 Dnscache - ok
17:45:01.0767 1672 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:45:01.0776 1672 dot3svc - ok
17:45:01.0832 1672 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:45:01.0841 1672 DPS - ok
17:45:01.0881 1672 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:45:01.0883 1672 drmkaud - ok
17:45:01.0952 1672 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:45:01.0971 1672 DXGKrnl - ok
17:45:02.0023 1672 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:45:02.0029 1672 EapHost - ok
17:45:02.0197 1672 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:45:02.0239 1672 ebdrv - ok
17:45:02.0282 1672 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:45:02.0286 1672 EFS - ok
17:45:02.0365 1672 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:45:02.0399 1672 ehRecvr - ok
17:45:02.0440 1672 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:45:02.0444 1672 ehSched - ok
17:45:02.0489 1672 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:45:02.0497 1672 elxstor - ok
17:45:02.0529 1672 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:45:02.0531 1672 ErrDev - ok
17:45:02.0597 1672 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:45:02.0604 1672 EventSystem - ok
17:45:02.0624 1672 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:45:02.0628 1672 exfat - ok
17:45:02.0670 1672 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:45:02.0673 1672 fastfat - ok
17:45:02.0720 1672 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:45:02.0743 1672 Fax - ok
17:45:02.0769 1672 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:45:02.0770 1672 fdc - ok
17:45:02.0800 1672 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:45:02.0803 1672 fdPHost - ok
17:45:02.0817 1672 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:45:02.0822 1672 FDResPub - ok
17:45:02.0838 1672 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:45:02.0845 1672 FileInfo - ok
17:45:02.0865 1672 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:45:02.0867 1672 Filetrace - ok
17:45:02.0889 1672 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:45:02.0891 1672 flpydisk - ok
17:45:02.0911 1672 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:45:02.0917 1672 FltMgr - ok
17:45:03.0001 1672 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
17:45:03.0043 1672 FontCache - ok
17:45:03.0115 1672 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:45:03.0120 1672 FontCache3.0.0.0 - ok
17:45:03.0148 1672 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:45:03.0151 1672 FsDepends - ok
17:45:03.0209 1672 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:45:03.0210 1672 Fs_Rec - ok
17:45:03.0275 1672 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:45:03.0279 1672 fvevol - ok
17:45:03.0328 1672 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:45:03.0330 1672 gagp30kx - ok
17:45:03.0416 1672 [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark C:\Windows\system32\drivers\gfiark.sys
17:45:03.0418 1672 gfiark - ok
17:45:03.0473 1672 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\Windows\system32\drivers\gfibto.sys
17:45:03.0475 1672 gfibto - ok
17:45:03.0541 1672 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:45:03.0576 1672 gpsvc - ok
17:45:03.0635 1672 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:45:03.0638 1672 gupdate - ok
17:45:03.0651 1672 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:45:03.0659 1672 gupdatem - ok
17:45:03.0689 1672 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:45:03.0691 1672 hcw85cir - ok
17:45:03.0753 1672 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:45:03.0758 1672 HdAudAddService - ok
17:45:03.0804 1672 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:45:03.0807 1672 HDAudBus - ok
17:45:03.0827 1672 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:45:03.0829 1672 HidBatt - ok
17:45:03.0852 1672 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:45:03.0855 1672 HidBth - ok
17:45:03.0884 1672 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:45:03.0886 1672 HidIr - ok
17:45:03.0925 1672 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
17:45:03.0929 1672 hidserv - ok
17:45:03.0965 1672 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:45:03.0967 1672 HidUsb - ok
17:45:04.0009 1672 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:45:04.0015 1672 hkmsvc - ok
17:45:04.0055 1672 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:45:04.0064 1672 HomeGroupListener - ok
17:45:04.0112 1672 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:45:04.0119 1672 HomeGroupProvider - ok
17:45:04.0164 1672 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:45:04.0166 1672 HpSAMD - ok
17:45:04.0237 1672 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:45:04.0244 1672 HTTP - ok
17:45:04.0297 1672 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:45:04.0298 1672 hwpolicy - ok
17:45:04.0351 1672 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:45:04.0354 1672 i8042prt - ok
17:45:04.0419 1672 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:45:04.0424 1672 iaStorV - ok
17:45:04.0507 1672 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:45:04.0554 1672 idsvc - ok
17:45:04.0780 1672 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
17:45:04.0841 1672 igfx - ok
17:45:04.0898 1672 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:45:04.0900 1672 iirsp - ok
17:45:04.0986 1672 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:45:05.0021 1672 IKEEXT - ok
17:45:05.0218 1672 [ EDE3314F64B012302A9AB2319FCE81FE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:45:05.0259 1672 IntcAzAudAddService - ok
17:45:05.0309 1672 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:45:05.0310 1672 intelide - ok
17:45:05.0342 1672 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:45:05.0344 1672 intelppm - ok
17:45:05.0379 1672 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:45:05.0386 1672 IPBusEnum - ok
17:45:05.0412 1672 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:45:05.0414 1672 IpFilterDriver - ok
17:45:05.0441 1672 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:45:05.0443 1672 IPMIDRV - ok
17:45:05.0473 1672 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:45:05.0476 1672 IPNAT - ok
17:45:05.0507 1672 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:45:05.0508 1672 IRENUM - ok
17:45:05.0536 1672 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:45:05.0538 1672 isapnp - ok
17:45:05.0575 1672 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:45:05.0579 1672 iScsiPrt - ok
17:45:05.0618 1672 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:45:05.0621 1672 kbdclass - ok
17:45:05.0670 1672 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:45:05.0671 1672 kbdhid - ok
17:45:05.0694 1672 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:45:05.0698 1672 KeyIso - ok
17:45:05.0727 1672 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:45:05.0729 1672 KSecDD - ok
17:45:05.0768 1672 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:45:05.0771 1672 KSecPkg - ok
17:45:05.0821 1672 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:45:05.0847 1672 KtmRm - ok
17:45:05.0915 1672 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
17:45:05.0928 1672 LanmanServer - ok
17:45:05.0971 1672 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:45:05.0983 1672 LanmanWorkstation - ok
17:45:06.0043 1672 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:45:06.0045 1672 lltdio - ok
17:45:06.0084 1672 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:45:06.0095 1672 lltdsvc - ok
17:44:51.0333 3976 Current date / time: 2013/07/30 17:44:51.0333
17:44:51.0333 3976 SystemInfo:
17:44:51.0334 3976
17:44:51.0334 3976 OS Version: 6.1.7601 ServicePack: 1.0
17:44:51.0334 3976 Product type: Workstation
17:44:51.0335 3976 ComputerName: HELCA-PC
17:44:51.0335 3976 UserName: Helca
17:44:51.0336 3976 Windows directory: C:\Windows
17:44:51.0336 3976 System windows directory: C:\Windows
17:44:51.0336 3976 Processor architecture: Intel x86
17:44:51.0336 3976 Number of processors: 2
17:44:51.0336 3976 Page size: 0x1000
17:44:51.0336 3976 Boot type: Normal boot
17:44:51.0336 3976 ============================================================
17:44:52.0815 3976 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:44:52.0832 3976 ============================================================
17:44:52.0832 3976 \Device\Harddisk0\DR0:
17:44:52.0832 3976 MBR partitions:
17:44:52.0833 3976 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x7D433F, BlocksNum 0x82227AE
17:44:52.0833 3976 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x89FA9AC, BlocksNum 0xA01E115
17:44:52.0833 3976 ============================================================
17:44:52.0855 3976 C: <-> \Device\Harddisk0\DR0\Partition2
17:44:52.0855 3976 ============================================================
17:44:52.0856 3976 Initialize success
17:44:52.0856 3976 ============================================================
17:44:57.0000 1672 ============================================================
17:44:57.0000 1672 Scan started
17:44:57.0000 1672 Mode: Manual;
17:44:57.0000 1672 ============================================================
17:44:57.0735 1672 ================ Scan system memory ========================
17:44:57.0736 1672 System memory - ok
17:44:57.0738 1672 ================ Scan services =============================
17:44:57.0990 1672 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:44:57.0995 1672 1394ohci - ok
17:44:58.0044 1672 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:44:58.0049 1672 ACPI - ok
17:44:58.0082 1672 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:44:58.0084 1672 AcpiPmi - ok
17:44:58.0217 1672 [ AE1671A3C798A3467DE5E7DD12179803 ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
17:44:58.0246 1672 Ad-Aware Service - ok
17:44:58.0342 1672 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:44:58.0345 1672 AdobeARMservice - ok
17:44:58.0423 1672 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:44:58.0429 1672 AdobeFlashPlayerUpdateSvc - ok
17:44:58.0488 1672 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:44:58.0495 1672 adp94xx - ok
17:44:58.0531 1672 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:44:58.0537 1672 adpahci - ok
17:44:58.0562 1672 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:44:58.0566 1672 adpu320 - ok
17:44:58.0609 1672 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:44:58.0612 1672 AeLookupSvc - ok
17:44:58.0686 1672 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:44:58.0690 1672 AFD - ok
17:44:58.0724 1672 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:44:58.0725 1672 agp440 - ok
17:44:58.0760 1672 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:44:58.0762 1672 aic78xx - ok
17:44:58.0798 1672 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:44:58.0801 1672 ALG - ok
17:44:58.0828 1672 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:44:58.0829 1672 aliide - ok
17:44:58.0862 1672 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:44:58.0863 1672 amdagp - ok
17:44:58.0895 1672 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:44:58.0897 1672 amdide - ok
17:44:58.0939 1672 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:44:58.0941 1672 AmdK8 - ok
17:44:58.0959 1672 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:44:58.0961 1672 AmdPPM - ok
17:44:59.0015 1672 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:44:59.0017 1672 amdsata - ok
17:44:59.0046 1672 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:44:59.0049 1672 amdsbs - ok
17:44:59.0077 1672 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:44:59.0078 1672 amdxata - ok
17:44:59.0131 1672 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:44:59.0132 1672 AppID - ok
17:44:59.0183 1672 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:44:59.0184 1672 AppIDSvc - ok
17:44:59.0223 1672 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
17:44:59.0225 1672 Appinfo - ok
17:44:59.0252 1672 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:44:59.0257 1672 AppMgmt - ok
17:44:59.0291 1672 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:44:59.0293 1672 arc - ok
17:44:59.0314 1672 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:44:59.0317 1672 arcsas - ok
17:44:59.0346 1672 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:59.0347 1672 AsyncMac - ok
17:44:59.0386 1672 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:44:59.0387 1672 atapi - ok
17:44:59.0439 1672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:44:59.0467 1672 AudioEndpointBuilder - ok
17:44:59.0511 1672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:44:59.0520 1672 Audiosrv - ok
17:44:59.0564 1672 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:44:59.0568 1672 AxInstSV - ok
17:44:59.0606 1672 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:44:59.0612 1672 b06bdrv - ok
17:44:59.0658 1672 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:44:59.0661 1672 b57nd60x - ok
17:44:59.0717 1672 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:44:59.0721 1672 BDESVC - ok
17:44:59.0750 1672 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:44:59.0751 1672 Beep - ok
17:44:59.0791 1672 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:44:59.0792 1672 blbdrive - ok
17:44:59.0850 1672 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:44:59.0852 1672 bowser - ok
17:44:59.0873 1672 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:44:59.0874 1672 BrFiltLo - ok
17:44:59.0897 1672 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:44:59.0898 1672 BrFiltUp - ok
17:44:59.0949 1672 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
17:44:59.0953 1672 Browser - ok
17:44:59.0984 1672 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:44:59.0988 1672 Brserid - ok
17:45:00.0006 1672 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:45:00.0009 1672 BrSerWdm - ok
17:45:00.0025 1672 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:45:00.0027 1672 BrUsbMdm - ok
17:45:00.0043 1672 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:45:00.0045 1672 BrUsbSer - ok
17:45:00.0105 1672 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:45:00.0106 1672 BthEnum - ok
17:45:00.0120 1672 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:45:00.0127 1672 BTHMODEM - ok
17:45:00.0174 1672 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:45:00.0176 1672 BthPan - ok
17:45:00.0222 1672 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:45:00.0229 1672 BTHPORT - ok
17:45:00.0277 1672 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:45:00.0280 1672 bthserv - ok
17:45:00.0306 1672 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:45:00.0308 1672 BTHUSB - ok
17:45:00.0348 1672 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:45:00.0350 1672 cdfs - ok
17:45:00.0405 1672 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:45:00.0407 1672 cdrom - ok
17:45:00.0455 1672 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:45:00.0458 1672 CertPropSvc - ok
17:45:00.0500 1672 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:45:00.0501 1672 circlass - ok
17:45:00.0538 1672 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:45:00.0542 1672 CLFS - ok
17:45:00.0691 1672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:00.0714 1672 clr_optimization_v2.0.50727_32 - ok
17:45:00.0854 1672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:00.0860 1672 clr_optimization_v4.0.30319_32 - ok
17:45:00.0895 1672 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:45:00.0897 1672 CmBatt - ok
17:45:00.0938 1672 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:45:00.0940 1672 cmdide - ok
17:45:00.0998 1672 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
17:45:01.0004 1672 CNG - ok
17:45:01.0036 1672 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:45:01.0038 1672 Compbatt - ok
17:45:01.0085 1672 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:45:01.0088 1672 CompositeBus - ok
17:45:01.0115 1672 COMSysApp - ok
17:45:01.0141 1672 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:45:01.0143 1672 crcdisk - ok
17:45:01.0186 1672 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:45:01.0192 1672 CryptSvc - ok
17:45:01.0242 1672 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:45:01.0247 1672 CSC - ok
17:45:01.0320 1672 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:45:01.0343 1672 CscService - ok
17:45:01.0386 1672 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:45:01.0397 1672 DcomLaunch - ok
17:45:01.0446 1672 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:45:01.0452 1672 defragsvc - ok
17:45:01.0515 1672 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:45:01.0517 1672 DfsC - ok
17:45:01.0566 1672 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:45:01.0576 1672 Dhcp - ok
17:45:01.0609 1672 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:45:01.0611 1672 discache - ok
17:45:01.0639 1672 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:45:01.0642 1672 Disk - ok
17:45:01.0698 1672 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:45:01.0708 1672 Dnscache - ok
17:45:01.0767 1672 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:45:01.0776 1672 dot3svc - ok
17:45:01.0832 1672 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:45:01.0841 1672 DPS - ok
17:45:01.0881 1672 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:45:01.0883 1672 drmkaud - ok
17:45:01.0952 1672 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:45:01.0971 1672 DXGKrnl - ok
17:45:02.0023 1672 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:45:02.0029 1672 EapHost - ok
17:45:02.0197 1672 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:45:02.0239 1672 ebdrv - ok
17:45:02.0282 1672 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:45:02.0286 1672 EFS - ok
17:45:02.0365 1672 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:45:02.0399 1672 ehRecvr - ok
17:45:02.0440 1672 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:45:02.0444 1672 ehSched - ok
17:45:02.0489 1672 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:45:02.0497 1672 elxstor - ok
17:45:02.0529 1672 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:45:02.0531 1672 ErrDev - ok
17:45:02.0597 1672 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:45:02.0604 1672 EventSystem - ok
17:45:02.0624 1672 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:45:02.0628 1672 exfat - ok
17:45:02.0670 1672 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:45:02.0673 1672 fastfat - ok
17:45:02.0720 1672 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:45:02.0743 1672 Fax - ok
17:45:02.0769 1672 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:45:02.0770 1672 fdc - ok
17:45:02.0800 1672 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:45:02.0803 1672 fdPHost - ok
17:45:02.0817 1672 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:45:02.0822 1672 FDResPub - ok
17:45:02.0838 1672 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:45:02.0845 1672 FileInfo - ok
17:45:02.0865 1672 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:45:02.0867 1672 Filetrace - ok
17:45:02.0889 1672 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:45:02.0891 1672 flpydisk - ok
17:45:02.0911 1672 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:45:02.0917 1672 FltMgr - ok
17:45:03.0001 1672 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
17:45:03.0043 1672 FontCache - ok
17:45:03.0115 1672 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:45:03.0120 1672 FontCache3.0.0.0 - ok
17:45:03.0148 1672 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:45:03.0151 1672 FsDepends - ok
17:45:03.0209 1672 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:45:03.0210 1672 Fs_Rec - ok
17:45:03.0275 1672 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:45:03.0279 1672 fvevol - ok
17:45:03.0328 1672 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:45:03.0330 1672 gagp30kx - ok
17:45:03.0416 1672 [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark C:\Windows\system32\drivers\gfiark.sys
17:45:03.0418 1672 gfiark - ok
17:45:03.0473 1672 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\Windows\system32\drivers\gfibto.sys
17:45:03.0475 1672 gfibto - ok
17:45:03.0541 1672 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:45:03.0576 1672 gpsvc - ok
17:45:03.0635 1672 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:45:03.0638 1672 gupdate - ok
17:45:03.0651 1672 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:45:03.0659 1672 gupdatem - ok
17:45:03.0689 1672 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:45:03.0691 1672 hcw85cir - ok
17:45:03.0753 1672 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:45:03.0758 1672 HdAudAddService - ok
17:45:03.0804 1672 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:45:03.0807 1672 HDAudBus - ok
17:45:03.0827 1672 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:45:03.0829 1672 HidBatt - ok
17:45:03.0852 1672 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:45:03.0855 1672 HidBth - ok
17:45:03.0884 1672 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:45:03.0886 1672 HidIr - ok
17:45:03.0925 1672 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
17:45:03.0929 1672 hidserv - ok
17:45:03.0965 1672 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:45:03.0967 1672 HidUsb - ok
17:45:04.0009 1672 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:45:04.0015 1672 hkmsvc - ok
17:45:04.0055 1672 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:45:04.0064 1672 HomeGroupListener - ok
17:45:04.0112 1672 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:45:04.0119 1672 HomeGroupProvider - ok
17:45:04.0164 1672 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:45:04.0166 1672 HpSAMD - ok
17:45:04.0237 1672 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:45:04.0244 1672 HTTP - ok
17:45:04.0297 1672 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:45:04.0298 1672 hwpolicy - ok
17:45:04.0351 1672 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:45:04.0354 1672 i8042prt - ok
17:45:04.0419 1672 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:45:04.0424 1672 iaStorV - ok
17:45:04.0507 1672 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:45:04.0554 1672 idsvc - ok
17:45:04.0780 1672 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
17:45:04.0841 1672 igfx - ok
17:45:04.0898 1672 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:45:04.0900 1672 iirsp - ok
17:45:04.0986 1672 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:45:05.0021 1672 IKEEXT - ok
17:45:05.0218 1672 [ EDE3314F64B012302A9AB2319FCE81FE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:45:05.0259 1672 IntcAzAudAddService - ok
17:45:05.0309 1672 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:45:05.0310 1672 intelide - ok
17:45:05.0342 1672 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:45:05.0344 1672 intelppm - ok
17:45:05.0379 1672 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:45:05.0386 1672 IPBusEnum - ok
17:45:05.0412 1672 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:45:05.0414 1672 IpFilterDriver - ok
17:45:05.0441 1672 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:45:05.0443 1672 IPMIDRV - ok
17:45:05.0473 1672 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:45:05.0476 1672 IPNAT - ok
17:45:05.0507 1672 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:45:05.0508 1672 IRENUM - ok
17:45:05.0536 1672 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:45:05.0538 1672 isapnp - ok
17:45:05.0575 1672 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:45:05.0579 1672 iScsiPrt - ok
17:45:05.0618 1672 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:45:05.0621 1672 kbdclass - ok
17:45:05.0670 1672 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:45:05.0671 1672 kbdhid - ok
17:45:05.0694 1672 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:45:05.0698 1672 KeyIso - ok
17:45:05.0727 1672 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:45:05.0729 1672 KSecDD - ok
17:45:05.0768 1672 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:45:05.0771 1672 KSecPkg - ok
17:45:05.0821 1672 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:45:05.0847 1672 KtmRm - ok
17:45:05.0915 1672 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
17:45:05.0928 1672 LanmanServer - ok
17:45:05.0971 1672 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:45:05.0983 1672 LanmanWorkstation - ok
17:45:06.0043 1672 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:45:06.0045 1672 lltdio - ok
17:45:06.0084 1672 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:45:06.0095 1672 lltdsvc - ok
Re: Nelze klikat na odkazy v prohlížeči
17:45:06.0122 1672 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:45:06.0127 1672 lmhosts - ok
17:45:06.0184 1672 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:45:06.0186 1672 LSI_FC - ok
17:45:06.0208 1672 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:45:06.0211 1672 LSI_SAS - ok
17:45:06.0236 1672 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:45:06.0238 1672 LSI_SAS2 - ok
17:45:06.0265 1672 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:45:06.0267 1672 LSI_SCSI - ok
17:45:06.0296 1672 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:45:06.0299 1672 luafv - ok
17:45:06.0333 1672 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:45:06.0335 1672 MBAMProtector - ok
17:45:06.0398 1672 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:45:06.0406 1672 MBAMScheduler - ok
17:45:06.0450 1672 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:45:06.0459 1672 MBAMService - ok
17:45:06.0501 1672 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:45:06.0507 1672 Mcx2Svc - ok
17:45:06.0547 1672 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:45:06.0548 1672 megasas - ok
17:45:06.0568 1672 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:45:06.0573 1672 MegaSR - ok
17:45:06.0650 1672 Microsoft SharePoint Workspace Audit Service - ok
17:45:06.0701 1672 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:45:06.0711 1672 MMCSS - ok
17:45:06.0752 1672 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:45:06.0755 1672 Modem - ok
17:45:06.0817 1672 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:45:06.0819 1672 monitor - ok
17:45:06.0872 1672 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:45:06.0875 1672 mouclass - ok
17:45:06.0910 1672 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:45:06.0913 1672 mouhid - ok
17:45:06.0966 1672 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:45:06.0969 1672 mountmgr - ok
17:45:07.0041 1672 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:45:07.0048 1672 MozillaMaintenance - ok
17:45:07.0086 1672 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:45:07.0089 1672 mpio - ok
17:45:07.0113 1672 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:45:07.0116 1672 mpsdrv - ok
17:45:07.0157 1672 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:45:07.0160 1672 MRxDAV - ok
17:45:07.0221 1672 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:45:07.0223 1672 mrxsmb - ok
17:45:07.0246 1672 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:45:07.0249 1672 mrxsmb10 - ok
17:45:07.0274 1672 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:45:07.0277 1672 mrxsmb20 - ok
17:45:07.0309 1672 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:45:07.0311 1672 msahci - ok
17:45:07.0338 1672 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:45:07.0341 1672 msdsm - ok
17:45:07.0370 1672 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:45:07.0377 1672 MSDTC - ok
17:45:07.0428 1672 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:45:07.0430 1672 Msfs - ok
17:45:07.0453 1672 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:45:07.0455 1672 mshidkmdf - ok
17:45:07.0480 1672 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:45:07.0481 1672 msisadrv - ok
17:45:07.0524 1672 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:45:07.0530 1672 MSiSCSI - ok
17:45:07.0544 1672 msiserver - ok
17:45:07.0580 1672 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:45:07.0582 1672 MSKSSRV - ok
17:45:07.0615 1672 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:45:07.0616 1672 MSPCLOCK - ok
17:45:07.0633 1672 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:45:07.0636 1672 MSPQM - ok
17:45:07.0664 1672 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:45:07.0667 1672 MsRPC - ok
17:45:07.0704 1672 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:45:07.0707 1672 mssmbios - ok
17:45:07.0727 1672 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:45:07.0733 1672 MSTEE - ok
17:45:07.0767 1672 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:45:07.0768 1672 MTConfig - ok
17:45:07.0782 1672 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:45:07.0784 1672 Mup - ok
17:45:07.0847 1672 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:45:07.0874 1672 napagent - ok
17:45:07.0929 1672 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:45:07.0933 1672 NativeWifiP - ok
17:45:08.0000 1672 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:45:08.0020 1672 NDIS - ok
17:45:08.0050 1672 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:45:08.0051 1672 NdisCap - ok
17:45:08.0084 1672 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:45:08.0086 1672 NdisTapi - ok
17:45:08.0141 1672 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:45:08.0143 1672 Ndisuio - ok
17:45:08.0200 1672 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:45:08.0205 1672 NdisWan - ok
17:45:08.0254 1672 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:45:08.0256 1672 NDProxy - ok
17:45:08.0280 1672 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:45:08.0284 1672 NetBIOS - ok
17:45:08.0353 1672 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:45:08.0356 1672 NetBT - ok
17:45:08.0384 1672 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:45:08.0391 1672 Netlogon - ok
17:45:08.0452 1672 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:45:08.0475 1672 Netman - ok
17:45:08.0497 1672 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:45:08.0510 1672 netprofm - ok
17:45:08.0568 1672 [ 652881F65B35564575255A0E05E23C55 ] netr28 C:\Windows\system32\DRIVERS\netr28.sys
17:45:08.0575 1672 netr28 - ok
17:45:08.0619 1672 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:45:08.0624 1672 NetTcpPortSharing - ok
17:45:08.0660 1672 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:45:08.0663 1672 nfrd960 - ok
17:45:08.0707 1672 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:45:08.0717 1672 NlaSvc - ok
17:45:08.0741 1672 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:45:08.0743 1672 Npfs - ok
17:45:08.0773 1672 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:45:08.0779 1672 nsi - ok
17:45:08.0795 1672 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:45:08.0797 1672 nsiproxy - ok
17:45:08.0873 1672 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:45:08.0889 1672 Ntfs - ok
17:45:08.0914 1672 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:45:08.0915 1672 Null - ok
17:45:08.0968 1672 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:45:08.0971 1672 nvraid - ok
17:45:09.0002 1672 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:45:09.0005 1672 nvstor - ok
17:45:09.0036 1672 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:45:09.0038 1672 nv_agp - ok
17:45:09.0072 1672 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:45:09.0074 1672 ohci1394 - ok
17:45:09.0136 1672 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:45:09.0142 1672 ose - ok
17:45:09.0373 1672 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:09.0561 1672 osppsvc - ok
17:45:09.0630 1672 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:45:09.0653 1672 p2pimsvc - ok
17:45:09.0702 1672 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:45:09.0726 1672 p2psvc - ok
17:45:09.0779 1672 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:45:09.0781 1672 Parport - ok
17:45:09.0822 1672 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:45:09.0824 1672 partmgr - ok
17:45:09.0849 1672 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:45:09.0851 1672 Parvdm - ok
17:45:09.0882 1672 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:45:09.0892 1672 PcaSvc - ok
17:45:09.0936 1672 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:45:09.0939 1672 pci - ok
17:45:09.0965 1672 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:45:09.0967 1672 pciide - ok
17:45:09.0998 1672 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:45:10.0002 1672 pcmcia - ok
17:45:10.0018 1672 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:45:10.0025 1672 pcw - ok
17:45:10.0074 1672 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:45:10.0082 1672 PEAUTH - ok
17:45:10.0157 1672 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:45:10.0199 1672 PeerDistSvc - ok
17:45:10.0360 1672 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:45:10.0437 1672 pla - ok
17:45:10.0505 1672 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:45:10.0540 1672 PlugPlay - ok
17:45:10.0598 1672 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:45:10.0604 1672 PNRPAutoReg - ok
17:45:10.0642 1672 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:45:10.0651 1672 PNRPsvc - ok
17:45:10.0685 1672 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:45:10.0708 1672 PolicyAgent - ok
17:45:10.0746 1672 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:45:10.0755 1672 Power - ok
17:45:10.0799 1672 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:45:10.0802 1672 PptpMiniport - ok
17:45:10.0834 1672 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:45:10.0837 1672 Processor - ok
17:45:10.0890 1672 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
17:45:10.0899 1672 ProfSvc - ok
17:45:10.0917 1672 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:45:10.0922 1672 ProtectedStorage - ok
17:45:10.0956 1672 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:45:10.0959 1672 Psched - ok
17:45:11.0021 1672 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:45:11.0039 1672 ql2300 - ok
17:45:11.0064 1672 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:45:11.0067 1672 ql40xx - ok
17:45:11.0106 1672 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:45:11.0116 1672 QWAVE - ok
17:45:11.0143 1672 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:45:11.0146 1672 QWAVEdrv - ok
17:45:11.0175 1672 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:45:11.0177 1672 RasAcd - ok
17:45:11.0211 1672 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:45:11.0212 1672 RasAgileVpn - ok
17:45:11.0240 1672 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:45:11.0247 1672 RasAuto - ok
17:45:11.0273 1672 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:45:11.0275 1672 Rasl2tp - ok
17:45:11.0341 1672 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:45:11.0362 1672 RasMan - ok
17:45:11.0383 1672 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:45:11.0386 1672 RasPppoe - ok
17:45:11.0414 1672 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:45:11.0417 1672 RasSstp - ok
17:45:11.0469 1672 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:45:11.0473 1672 rdbss - ok
17:45:11.0507 1672 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:45:11.0508 1672 rdpbus - ok
17:45:11.0553 1672 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:45:11.0554 1672 RDPCDD - ok
17:45:11.0595 1672 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:45:11.0597 1672 RDPDR - ok
17:45:11.0630 1672 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:45:11.0635 1672 RDPENCDD - ok
17:45:11.0674 1672 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:45:11.0676 1672 RDPREFMP - ok
17:45:11.0732 1672 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:45:11.0734 1672 RdpVideoMiniport - ok
17:45:11.0772 1672 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:45:11.0775 1672 RDPWD - ok
17:45:11.0826 1672 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:45:11.0829 1672 rdyboost - ok
17:45:11.0865 1672 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:45:11.0871 1672 RemoteAccess - ok
17:45:11.0922 1672 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:45:11.0931 1672 RemoteRegistry - ok
17:45:11.0954 1672 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:45:11.0957 1672 RFCOMM - ok
17:45:11.0996 1672 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:45:12.0004 1672 RpcEptMapper - ok
17:45:12.0030 1672 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:45:12.0035 1672 RpcLocator - ok
17:45:12.0076 1672 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:45:12.0086 1672 RpcSs - ok
17:45:12.0135 1672 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:45:12.0137 1672 rspndr - ok
17:45:12.0242 1672 [ BCB84B430A92AE31940870DF304AE659 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
17:45:12.0259 1672 RTL8167 - ok
17:45:12.0314 1672 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:45:12.0316 1672 s3cap - ok
17:45:12.0340 1672 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:45:12.0345 1672 SamSs - ok
17:45:12.0549 1672 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
17:45:12.0600 1672 SBAMSvc - ok
17:45:12.0625 1672 [ 87574F4C899E8AEDDDC1EDF71D3E045E ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
17:45:12.0627 1672 sbapifs - ok
17:45:12.0679 1672 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:45:12.0682 1672 sbp2port - ok
17:45:12.0721 1672 SBRE - ok
17:45:12.0762 1672 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:45:12.0771 1672 SCardSvr - ok
17:45:12.0836 1672 [ 51EC343E322DD43C6BE884F1CDA4CA38 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
17:45:12.0839 1672 SCDEmu - ok
17:45:12.0865 1672 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:45:12.0867 1672 scfilter - ok
17:45:12.0930 1672 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:45:12.0965 1672 Schedule - ok
17:45:13.0002 1672 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:45:13.0004 1672 SCPolicySvc - ok
17:45:13.0043 1672 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:45:13.0051 1672 SDRSVC - ok
17:45:13.0102 1672 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:45:13.0103 1672 secdrv - ok
17:45:13.0137 1672 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:45:13.0144 1672 seclogon - ok
17:45:13.0176 1672 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
17:45:13.0183 1672 SENS - ok
17:45:13.0207 1672 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:45:13.0219 1672 SensrSvc - ok
17:45:13.0244 1672 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:45:13.0246 1672 Serenum - ok
17:45:13.0266 1672 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:45:13.0269 1672 Serial - ok
17:45:13.0309 1672 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:45:13.0311 1672 sermouse - ok
17:45:13.0391 1672 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:45:13.0400 1672 SessionEnv - ok
17:45:13.0443 1672 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:45:13.0445 1672 sffdisk - ok
17:45:13.0472 1672 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:45:13.0474 1672 sffp_mmc - ok
17:45:13.0495 1672 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:45:13.0498 1672 sffp_sd - ok
17:45:13.0515 1672 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:45:13.0517 1672 sfloppy - ok
17:45:13.0566 1672 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:45:13.0593 1672 ShellHWDetection - ok
17:45:13.0633 1672 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:45:13.0636 1672 sisagp - ok
17:45:13.0687 1672 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:45:13.0690 1672 SiSRaid2 - ok
17:45:13.0716 1672 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:45:13.0718 1672 SiSRaid4 - ok
17:45:13.0922 1672 [ AE40D1BC6FB02A5625516AD74CA9A309 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:45:13.0979 1672 Skype C2C Service - ok
17:45:14.0020 1672 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:45:14.0022 1672 SkypeUpdate - ok
17:45:14.0046 1672 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:45:14.0049 1672 Smb - ok
17:45:14.0118 1672 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:45:14.0124 1672 SNMPTRAP - ok
17:45:14.0145 1672 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:45:14.0147 1672 spldr - ok
17:45:14.0207 1672 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
17:45:14.0216 1672 Spooler - ok
17:45:14.0370 1672 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:45:14.0513 1672 sppsvc - ok
17:45:14.0552 1672 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:45:14.0560 1672 sppuinotify - ok
17:45:14.0617 1672 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:45:14.0622 1672 srv - ok
17:45:14.0645 1672 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:45:14.0652 1672 srv2 - ok
17:45:14.0677 1672 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:45:14.0680 1672 srvnet - ok
17:45:14.0707 1672 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:45:14.0714 1672 SSDPSRV - ok
17:45:14.0730 1672 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:45:14.0743 1672 SstpSvc - ok
17:45:14.0769 1672 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:45:14.0771 1672 stexstor - ok
17:45:14.0821 1672 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:45:14.0833 1672 StiSvc - ok
17:45:14.0869 1672 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:45:14.0871 1672 storflt - ok
17:45:14.0892 1672 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:45:14.0894 1672 storvsc - ok
17:45:14.0920 1672 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:45:14.0922 1672 swenum - ok
17:45:14.0967 1672 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:45:14.0995 1672 swprv - ok
17:45:15.0024 1672 Synth3dVsc - ok
17:45:15.0112 1672 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:45:15.0174 1672 SysMain - ok
17:45:15.0222 1672 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:45:15.0231 1672 TabletInputService - ok
17:45:15.0291 1672 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:45:15.0313 1672 TapiSrv - ok
17:45:15.0353 1672 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:45:15.0364 1672 TBS - ok
17:45:15.0465 1672 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:45:15.0489 1672 Tcpip - ok
17:45:15.0595 1672 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:45:15.0620 1672 TCPIP6 - ok
17:45:15.0691 1672 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:45:15.0693 1672 tcpipreg - ok
17:45:15.0743 1672 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:45:15.0745 1672 TDPIPE - ok
17:45:15.0778 1672 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:45:15.0779 1672 TDTCP - ok
17:45:15.0838 1672 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:45:15.0840 1672 tdx - ok
17:45:15.0864 1672 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:45:15.0866 1672 TermDD - ok
17:45:15.0934 1672 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:45:15.0966 1672 TermService - ok
17:45:16.0013 1672 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:45:16.0021 1672 Themes - ok
17:45:16.0046 1672 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:45:16.0052 1672 THREADORDER - ok
17:45:16.0071 1672 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:45:16.0080 1672 TrkWks - ok
17:45:16.0150 1672 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:45:16.0159 1672 TrustedInstaller - ok
17:45:16.0218 1672 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:45:16.0220 1672 tssecsrv - ok
17:45:16.0265 1672 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:45:16.0267 1672 TsUsbFlt - ok
17:45:16.0295 1672 tsusbhub - ok
17:45:16.0361 1672 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:45:16.0363 1672 tunnel - ok
17:45:16.0409 1672 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:45:16.0412 1672 uagp35 - ok
17:45:16.0451 1672 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:45:16.0456 1672 udfs - ok
17:45:16.0514 1672 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:45:16.0521 1672 UI0Detect - ok
17:45:16.0564 1672 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:45:16.0566 1672 uliagpkx - ok
17:45:16.0608 1672 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:45:16.0611 1672 umbus - ok
17:45:16.0638 1672 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:45:16.0640 1672 UmPass - ok
17:45:16.0699 1672 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
17:45:16.0708 1672 UmRdpService - ok
17:45:16.0740 1672 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:45:16.0751 1672 upnphost - ok
17:45:16.0803 1672 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:45:16.0806 1672 usbccgp - ok
17:45:16.0841 1672 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:45:16.0844 1672 usbcir - ok
17:45:16.0887 1672 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:45:16.0889 1672 usbehci - ok
17:45:16.0928 1672 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:45:16.0933 1672 usbhub - ok
17:45:16.0968 1672 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:45:16.0970 1672 usbohci - ok
17:45:17.0006 1672 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:45:17.0009 1672 usbprint - ok
17:45:17.0060 1672 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:45:17.0062 1672 usbscan - ok
17:45:17.0088 1672 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:45:17.0091 1672 USBSTOR - ok
17:45:17.0134 1672 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:45:17.0135 1672 usbuhci - ok
17:45:17.0166 1672 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:45:17.0173 1672 UxSms - ok
17:45:17.0196 1672 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:45:17.0200 1672 VaultSvc - ok
17:45:17.0243 1672 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:45:17.0246 1672 vdrvroot - ok
17:45:17.0300 1672 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:45:17.0323 1672 vds - ok
17:45:17.0370 1672 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:45:17.0372 1672 vga - ok
17:45:17.0394 1672 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:45:17.0396 1672 VgaSave - ok
17:45:17.0409 1672 VGPU - ok
17:45:17.0461 1672 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:45:17.0464 1672 vhdmp - ok
17:45:17.0500 1672 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:45:17.0502 1672 viaagp - ok
17:45:17.0528 1672 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:45:17.0531 1672 ViaC7 - ok
17:45:17.0568 1672 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:45:17.0570 1672 viaide - ok
17:45:17.0610 1672 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:45:17.0614 1672 vmbus - ok
17:45:17.0643 1672 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:45:17.0645 1672 VMBusHID - ok
17:45:17.0672 1672 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:45:17.0674 1672 volmgr - ok
17:45:17.0705 1672 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:45:17.0710 1672 volmgrx - ok
17:45:17.0738 1672 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:45:17.0742 1672 volsnap - ok
17:45:17.0782 1672 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:45:17.0785 1672 vsmraid - ok
17:45:17.0857 1672 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:45:17.0907 1672 VSS - ok
17:45:17.0949 1672 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:45:17.0952 1672 vwifibus - ok
17:45:17.0979 1672 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:45:17.0983 1672 vwififlt - ok
17:45:18.0028 1672 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:45:18.0041 1672 W32Time - ok
17:45:18.0067 1672 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:45:18.0070 1672 WacomPen - ok
17:45:18.0117 1672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:45:18.0120 1672 WANARP - ok
17:45:18.0130 1672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:45:18.0133 1672 Wanarpv6 - ok
17:45:18.0204 1672 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:45:18.0250 1672 wbengine - ok
17:45:18.0299 1672 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:45:18.0308 1672 WbioSrvc - ok
17:45:18.0350 1672 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:45:18.0373 1672 wcncsvc - ok
17:45:18.0406 1672 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:45:18.0413 1672 WcsPlugInService - ok
17:45:18.0456 1672 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:45:18.0458 1672 Wd - ok
17:45:18.0514 1672 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:45:18.0522 1672 Wdf01000 - ok
17:45:18.0549 1672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:45:18.0558 1672 WdiServiceHost - ok
17:45:18.0569 1672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:45:18.0582 1672 WdiSystemHost - ok
17:45:18.0640 1672 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:45:18.0653 1672 WebClient - ok
17:45:18.0700 1672 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:45:18.0711 1672 Wecsvc - ok
17:45:18.0747 1672 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:45:18.0756 1672 wercplsupport - ok
17:45:18.0801 1672 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:45:18.0809 1672 WerSvc - ok
17:45:18.0835 1672 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:18.0838 1672 WfpLwf - ok
17:45:18.0866 1672 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:45:18.0868 1672 WIMMount - ok
17:45:18.0889 1672 WinHttpAutoProxySvc - ok
17:45:18.0963 1672 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:45:18.0969 1672 Winmgmt - ok
17:45:19.0079 1672 WinRing0_1_2_0 - ok
17:45:19.0183 1672 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:45:19.0251 1672 WinRM - ok
17:45:19.0314 1672 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUSB C:\Windows\system32\drivers\WinUSB.SYS
17:45:19.0316 1672 WinUSB - ok
17:45:19.0386 1672 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:45:19.0433 1672 Wlansvc - ok
17:45:19.0466 1672 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:45:19.0468 1672 WmiAcpi - ok
17:45:19.0522 1672 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:45:19.0527 1672 wmiApSrv - ok
17:45:19.0626 1672 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:45:19.0647 1672 WMPNetworkSvc - ok
17:45:19.0671 1672 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:45:19.0680 1672 WPCSvc - ok
17:45:19.0731 1672 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:45:19.0739 1672 WPDBusEnum - ok
17:45:19.0780 1672 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:45:19.0782 1672 ws2ifsl - ok
17:45:19.0850 1672 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:45:19.0852 1672 WSDPrintDevice - ok
17:45:19.0879 1672 [ 7DC0270CFD4A05B4112E3EBBF083B595 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
17:45:19.0881 1672 WSDScan - ok
17:45:19.0896 1672 WSearch - ok
17:45:19.0948 1672 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:45:19.0950 1672 WudfPf - ok
17:45:19.0976 1672 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:19.0980 1672 WUDFRd - ok
17:45:20.0050 1672 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:45:20.0060 1672 wudfsvc - ok
17:45:20.0107 1672 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:45:20.0119 1672 WwanSvc - ok
17:45:20.0168 1672 ================ Scan global ===============================
17:45:20.0217 1672 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:45:20.0254 1672 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:45:20.0278 1672 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:45:20.0321 1672 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:45:20.0355 1672 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:45:20.0364 1672 [Global] - ok
17:45:20.0367 1672 ================ Scan MBR ==================================
17:45:20.0398 1672 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:45:20.0698 1672 \Device\Harddisk0\DR0 - ok
17:45:20.0700 1672 ================ Scan VBR ==================================
17:45:20.0713 1672 [ 35739679F00AFEF167F7EF6595CA2FB3 ] \Device\Harddisk0\DR0\Partition1
17:45:20.0727 1672 \Device\Harddisk0\DR0\Partition1 - ok
17:45:20.0763 1672 [ 4C83616291602EE1DD777864CEF2939C ] \Device\Harddisk0\DR0\Partition2
17:45:20.0768 1672 \Device\Harddisk0\DR0\Partition2 - ok
17:45:20.0769 1672 ============================================================
17:45:20.0769 1672 Scan finished
17:45:20.0769 1672 ============================================================
17:45:20.0803 3192 Detected object count: 0
17:45:20.0803 3192 Actual detected object count: 0
17:45:29.0452 1756 Deinitialize success
17:45:06.0127 1672 lmhosts - ok
17:45:06.0184 1672 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:45:06.0186 1672 LSI_FC - ok
17:45:06.0208 1672 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:45:06.0211 1672 LSI_SAS - ok
17:45:06.0236 1672 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:45:06.0238 1672 LSI_SAS2 - ok
17:45:06.0265 1672 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:45:06.0267 1672 LSI_SCSI - ok
17:45:06.0296 1672 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:45:06.0299 1672 luafv - ok
17:45:06.0333 1672 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:45:06.0335 1672 MBAMProtector - ok
17:45:06.0398 1672 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:45:06.0406 1672 MBAMScheduler - ok
17:45:06.0450 1672 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:45:06.0459 1672 MBAMService - ok
17:45:06.0501 1672 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:45:06.0507 1672 Mcx2Svc - ok
17:45:06.0547 1672 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:45:06.0548 1672 megasas - ok
17:45:06.0568 1672 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:45:06.0573 1672 MegaSR - ok
17:45:06.0650 1672 Microsoft SharePoint Workspace Audit Service - ok
17:45:06.0701 1672 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:45:06.0711 1672 MMCSS - ok
17:45:06.0752 1672 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:45:06.0755 1672 Modem - ok
17:45:06.0817 1672 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:45:06.0819 1672 monitor - ok
17:45:06.0872 1672 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:45:06.0875 1672 mouclass - ok
17:45:06.0910 1672 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:45:06.0913 1672 mouhid - ok
17:45:06.0966 1672 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:45:06.0969 1672 mountmgr - ok
17:45:07.0041 1672 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:45:07.0048 1672 MozillaMaintenance - ok
17:45:07.0086 1672 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:45:07.0089 1672 mpio - ok
17:45:07.0113 1672 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:45:07.0116 1672 mpsdrv - ok
17:45:07.0157 1672 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:45:07.0160 1672 MRxDAV - ok
17:45:07.0221 1672 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:45:07.0223 1672 mrxsmb - ok
17:45:07.0246 1672 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:45:07.0249 1672 mrxsmb10 - ok
17:45:07.0274 1672 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:45:07.0277 1672 mrxsmb20 - ok
17:45:07.0309 1672 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:45:07.0311 1672 msahci - ok
17:45:07.0338 1672 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:45:07.0341 1672 msdsm - ok
17:45:07.0370 1672 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:45:07.0377 1672 MSDTC - ok
17:45:07.0428 1672 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:45:07.0430 1672 Msfs - ok
17:45:07.0453 1672 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:45:07.0455 1672 mshidkmdf - ok
17:45:07.0480 1672 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:45:07.0481 1672 msisadrv - ok
17:45:07.0524 1672 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:45:07.0530 1672 MSiSCSI - ok
17:45:07.0544 1672 msiserver - ok
17:45:07.0580 1672 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:45:07.0582 1672 MSKSSRV - ok
17:45:07.0615 1672 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:45:07.0616 1672 MSPCLOCK - ok
17:45:07.0633 1672 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:45:07.0636 1672 MSPQM - ok
17:45:07.0664 1672 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:45:07.0667 1672 MsRPC - ok
17:45:07.0704 1672 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:45:07.0707 1672 mssmbios - ok
17:45:07.0727 1672 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:45:07.0733 1672 MSTEE - ok
17:45:07.0767 1672 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:45:07.0768 1672 MTConfig - ok
17:45:07.0782 1672 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:45:07.0784 1672 Mup - ok
17:45:07.0847 1672 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:45:07.0874 1672 napagent - ok
17:45:07.0929 1672 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:45:07.0933 1672 NativeWifiP - ok
17:45:08.0000 1672 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:45:08.0020 1672 NDIS - ok
17:45:08.0050 1672 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:45:08.0051 1672 NdisCap - ok
17:45:08.0084 1672 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:45:08.0086 1672 NdisTapi - ok
17:45:08.0141 1672 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:45:08.0143 1672 Ndisuio - ok
17:45:08.0200 1672 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:45:08.0205 1672 NdisWan - ok
17:45:08.0254 1672 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:45:08.0256 1672 NDProxy - ok
17:45:08.0280 1672 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:45:08.0284 1672 NetBIOS - ok
17:45:08.0353 1672 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:45:08.0356 1672 NetBT - ok
17:45:08.0384 1672 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:45:08.0391 1672 Netlogon - ok
17:45:08.0452 1672 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:45:08.0475 1672 Netman - ok
17:45:08.0497 1672 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:45:08.0510 1672 netprofm - ok
17:45:08.0568 1672 [ 652881F65B35564575255A0E05E23C55 ] netr28 C:\Windows\system32\DRIVERS\netr28.sys
17:45:08.0575 1672 netr28 - ok
17:45:08.0619 1672 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:45:08.0624 1672 NetTcpPortSharing - ok
17:45:08.0660 1672 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:45:08.0663 1672 nfrd960 - ok
17:45:08.0707 1672 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:45:08.0717 1672 NlaSvc - ok
17:45:08.0741 1672 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:45:08.0743 1672 Npfs - ok
17:45:08.0773 1672 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:45:08.0779 1672 nsi - ok
17:45:08.0795 1672 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:45:08.0797 1672 nsiproxy - ok
17:45:08.0873 1672 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:45:08.0889 1672 Ntfs - ok
17:45:08.0914 1672 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:45:08.0915 1672 Null - ok
17:45:08.0968 1672 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:45:08.0971 1672 nvraid - ok
17:45:09.0002 1672 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:45:09.0005 1672 nvstor - ok
17:45:09.0036 1672 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:45:09.0038 1672 nv_agp - ok
17:45:09.0072 1672 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:45:09.0074 1672 ohci1394 - ok
17:45:09.0136 1672 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:45:09.0142 1672 ose - ok
17:45:09.0373 1672 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:09.0561 1672 osppsvc - ok
17:45:09.0630 1672 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:45:09.0653 1672 p2pimsvc - ok
17:45:09.0702 1672 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:45:09.0726 1672 p2psvc - ok
17:45:09.0779 1672 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:45:09.0781 1672 Parport - ok
17:45:09.0822 1672 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:45:09.0824 1672 partmgr - ok
17:45:09.0849 1672 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:45:09.0851 1672 Parvdm - ok
17:45:09.0882 1672 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:45:09.0892 1672 PcaSvc - ok
17:45:09.0936 1672 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:45:09.0939 1672 pci - ok
17:45:09.0965 1672 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:45:09.0967 1672 pciide - ok
17:45:09.0998 1672 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:45:10.0002 1672 pcmcia - ok
17:45:10.0018 1672 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:45:10.0025 1672 pcw - ok
17:45:10.0074 1672 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:45:10.0082 1672 PEAUTH - ok
17:45:10.0157 1672 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:45:10.0199 1672 PeerDistSvc - ok
17:45:10.0360 1672 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:45:10.0437 1672 pla - ok
17:45:10.0505 1672 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:45:10.0540 1672 PlugPlay - ok
17:45:10.0598 1672 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:45:10.0604 1672 PNRPAutoReg - ok
17:45:10.0642 1672 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:45:10.0651 1672 PNRPsvc - ok
17:45:10.0685 1672 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:45:10.0708 1672 PolicyAgent - ok
17:45:10.0746 1672 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:45:10.0755 1672 Power - ok
17:45:10.0799 1672 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:45:10.0802 1672 PptpMiniport - ok
17:45:10.0834 1672 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:45:10.0837 1672 Processor - ok
17:45:10.0890 1672 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
17:45:10.0899 1672 ProfSvc - ok
17:45:10.0917 1672 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:45:10.0922 1672 ProtectedStorage - ok
17:45:10.0956 1672 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:45:10.0959 1672 Psched - ok
17:45:11.0021 1672 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:45:11.0039 1672 ql2300 - ok
17:45:11.0064 1672 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:45:11.0067 1672 ql40xx - ok
17:45:11.0106 1672 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:45:11.0116 1672 QWAVE - ok
17:45:11.0143 1672 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:45:11.0146 1672 QWAVEdrv - ok
17:45:11.0175 1672 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:45:11.0177 1672 RasAcd - ok
17:45:11.0211 1672 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:45:11.0212 1672 RasAgileVpn - ok
17:45:11.0240 1672 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:45:11.0247 1672 RasAuto - ok
17:45:11.0273 1672 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:45:11.0275 1672 Rasl2tp - ok
17:45:11.0341 1672 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:45:11.0362 1672 RasMan - ok
17:45:11.0383 1672 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:45:11.0386 1672 RasPppoe - ok
17:45:11.0414 1672 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:45:11.0417 1672 RasSstp - ok
17:45:11.0469 1672 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:45:11.0473 1672 rdbss - ok
17:45:11.0507 1672 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:45:11.0508 1672 rdpbus - ok
17:45:11.0553 1672 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:45:11.0554 1672 RDPCDD - ok
17:45:11.0595 1672 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:45:11.0597 1672 RDPDR - ok
17:45:11.0630 1672 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:45:11.0635 1672 RDPENCDD - ok
17:45:11.0674 1672 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:45:11.0676 1672 RDPREFMP - ok
17:45:11.0732 1672 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:45:11.0734 1672 RdpVideoMiniport - ok
17:45:11.0772 1672 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:45:11.0775 1672 RDPWD - ok
17:45:11.0826 1672 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:45:11.0829 1672 rdyboost - ok
17:45:11.0865 1672 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:45:11.0871 1672 RemoteAccess - ok
17:45:11.0922 1672 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:45:11.0931 1672 RemoteRegistry - ok
17:45:11.0954 1672 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:45:11.0957 1672 RFCOMM - ok
17:45:11.0996 1672 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:45:12.0004 1672 RpcEptMapper - ok
17:45:12.0030 1672 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:45:12.0035 1672 RpcLocator - ok
17:45:12.0076 1672 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:45:12.0086 1672 RpcSs - ok
17:45:12.0135 1672 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:45:12.0137 1672 rspndr - ok
17:45:12.0242 1672 [ BCB84B430A92AE31940870DF304AE659 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
17:45:12.0259 1672 RTL8167 - ok
17:45:12.0314 1672 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:45:12.0316 1672 s3cap - ok
17:45:12.0340 1672 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:45:12.0345 1672 SamSs - ok
17:45:12.0549 1672 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
17:45:12.0600 1672 SBAMSvc - ok
17:45:12.0625 1672 [ 87574F4C899E8AEDDDC1EDF71D3E045E ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
17:45:12.0627 1672 sbapifs - ok
17:45:12.0679 1672 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:45:12.0682 1672 sbp2port - ok
17:45:12.0721 1672 SBRE - ok
17:45:12.0762 1672 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:45:12.0771 1672 SCardSvr - ok
17:45:12.0836 1672 [ 51EC343E322DD43C6BE884F1CDA4CA38 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
17:45:12.0839 1672 SCDEmu - ok
17:45:12.0865 1672 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:45:12.0867 1672 scfilter - ok
17:45:12.0930 1672 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:45:12.0965 1672 Schedule - ok
17:45:13.0002 1672 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:45:13.0004 1672 SCPolicySvc - ok
17:45:13.0043 1672 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:45:13.0051 1672 SDRSVC - ok
17:45:13.0102 1672 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:45:13.0103 1672 secdrv - ok
17:45:13.0137 1672 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:45:13.0144 1672 seclogon - ok
17:45:13.0176 1672 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
17:45:13.0183 1672 SENS - ok
17:45:13.0207 1672 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:45:13.0219 1672 SensrSvc - ok
17:45:13.0244 1672 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:45:13.0246 1672 Serenum - ok
17:45:13.0266 1672 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:45:13.0269 1672 Serial - ok
17:45:13.0309 1672 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:45:13.0311 1672 sermouse - ok
17:45:13.0391 1672 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:45:13.0400 1672 SessionEnv - ok
17:45:13.0443 1672 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:45:13.0445 1672 sffdisk - ok
17:45:13.0472 1672 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:45:13.0474 1672 sffp_mmc - ok
17:45:13.0495 1672 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:45:13.0498 1672 sffp_sd - ok
17:45:13.0515 1672 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:45:13.0517 1672 sfloppy - ok
17:45:13.0566 1672 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:45:13.0593 1672 ShellHWDetection - ok
17:45:13.0633 1672 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:45:13.0636 1672 sisagp - ok
17:45:13.0687 1672 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:45:13.0690 1672 SiSRaid2 - ok
17:45:13.0716 1672 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:45:13.0718 1672 SiSRaid4 - ok
17:45:13.0922 1672 [ AE40D1BC6FB02A5625516AD74CA9A309 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:45:13.0979 1672 Skype C2C Service - ok
17:45:14.0020 1672 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:45:14.0022 1672 SkypeUpdate - ok
17:45:14.0046 1672 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:45:14.0049 1672 Smb - ok
17:45:14.0118 1672 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:45:14.0124 1672 SNMPTRAP - ok
17:45:14.0145 1672 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:45:14.0147 1672 spldr - ok
17:45:14.0207 1672 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
17:45:14.0216 1672 Spooler - ok
17:45:14.0370 1672 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:45:14.0513 1672 sppsvc - ok
17:45:14.0552 1672 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:45:14.0560 1672 sppuinotify - ok
17:45:14.0617 1672 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:45:14.0622 1672 srv - ok
17:45:14.0645 1672 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:45:14.0652 1672 srv2 - ok
17:45:14.0677 1672 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:45:14.0680 1672 srvnet - ok
17:45:14.0707 1672 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:45:14.0714 1672 SSDPSRV - ok
17:45:14.0730 1672 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:45:14.0743 1672 SstpSvc - ok
17:45:14.0769 1672 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:45:14.0771 1672 stexstor - ok
17:45:14.0821 1672 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:45:14.0833 1672 StiSvc - ok
17:45:14.0869 1672 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:45:14.0871 1672 storflt - ok
17:45:14.0892 1672 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:45:14.0894 1672 storvsc - ok
17:45:14.0920 1672 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:45:14.0922 1672 swenum - ok
17:45:14.0967 1672 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:45:14.0995 1672 swprv - ok
17:45:15.0024 1672 Synth3dVsc - ok
17:45:15.0112 1672 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:45:15.0174 1672 SysMain - ok
17:45:15.0222 1672 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:45:15.0231 1672 TabletInputService - ok
17:45:15.0291 1672 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:45:15.0313 1672 TapiSrv - ok
17:45:15.0353 1672 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:45:15.0364 1672 TBS - ok
17:45:15.0465 1672 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:45:15.0489 1672 Tcpip - ok
17:45:15.0595 1672 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:45:15.0620 1672 TCPIP6 - ok
17:45:15.0691 1672 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:45:15.0693 1672 tcpipreg - ok
17:45:15.0743 1672 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:45:15.0745 1672 TDPIPE - ok
17:45:15.0778 1672 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:45:15.0779 1672 TDTCP - ok
17:45:15.0838 1672 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:45:15.0840 1672 tdx - ok
17:45:15.0864 1672 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:45:15.0866 1672 TermDD - ok
17:45:15.0934 1672 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:45:15.0966 1672 TermService - ok
17:45:16.0013 1672 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:45:16.0021 1672 Themes - ok
17:45:16.0046 1672 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:45:16.0052 1672 THREADORDER - ok
17:45:16.0071 1672 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:45:16.0080 1672 TrkWks - ok
17:45:16.0150 1672 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:45:16.0159 1672 TrustedInstaller - ok
17:45:16.0218 1672 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:45:16.0220 1672 tssecsrv - ok
17:45:16.0265 1672 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:45:16.0267 1672 TsUsbFlt - ok
17:45:16.0295 1672 tsusbhub - ok
17:45:16.0361 1672 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:45:16.0363 1672 tunnel - ok
17:45:16.0409 1672 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:45:16.0412 1672 uagp35 - ok
17:45:16.0451 1672 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:45:16.0456 1672 udfs - ok
17:45:16.0514 1672 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:45:16.0521 1672 UI0Detect - ok
17:45:16.0564 1672 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:45:16.0566 1672 uliagpkx - ok
17:45:16.0608 1672 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:45:16.0611 1672 umbus - ok
17:45:16.0638 1672 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:45:16.0640 1672 UmPass - ok
17:45:16.0699 1672 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
17:45:16.0708 1672 UmRdpService - ok
17:45:16.0740 1672 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:45:16.0751 1672 upnphost - ok
17:45:16.0803 1672 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:45:16.0806 1672 usbccgp - ok
17:45:16.0841 1672 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:45:16.0844 1672 usbcir - ok
17:45:16.0887 1672 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:45:16.0889 1672 usbehci - ok
17:45:16.0928 1672 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:45:16.0933 1672 usbhub - ok
17:45:16.0968 1672 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:45:16.0970 1672 usbohci - ok
17:45:17.0006 1672 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:45:17.0009 1672 usbprint - ok
17:45:17.0060 1672 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:45:17.0062 1672 usbscan - ok
17:45:17.0088 1672 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:45:17.0091 1672 USBSTOR - ok
17:45:17.0134 1672 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:45:17.0135 1672 usbuhci - ok
17:45:17.0166 1672 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:45:17.0173 1672 UxSms - ok
17:45:17.0196 1672 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:45:17.0200 1672 VaultSvc - ok
17:45:17.0243 1672 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:45:17.0246 1672 vdrvroot - ok
17:45:17.0300 1672 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:45:17.0323 1672 vds - ok
17:45:17.0370 1672 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:45:17.0372 1672 vga - ok
17:45:17.0394 1672 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:45:17.0396 1672 VgaSave - ok
17:45:17.0409 1672 VGPU - ok
17:45:17.0461 1672 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:45:17.0464 1672 vhdmp - ok
17:45:17.0500 1672 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:45:17.0502 1672 viaagp - ok
17:45:17.0528 1672 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:45:17.0531 1672 ViaC7 - ok
17:45:17.0568 1672 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:45:17.0570 1672 viaide - ok
17:45:17.0610 1672 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:45:17.0614 1672 vmbus - ok
17:45:17.0643 1672 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:45:17.0645 1672 VMBusHID - ok
17:45:17.0672 1672 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:45:17.0674 1672 volmgr - ok
17:45:17.0705 1672 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:45:17.0710 1672 volmgrx - ok
17:45:17.0738 1672 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:45:17.0742 1672 volsnap - ok
17:45:17.0782 1672 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:45:17.0785 1672 vsmraid - ok
17:45:17.0857 1672 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:45:17.0907 1672 VSS - ok
17:45:17.0949 1672 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:45:17.0952 1672 vwifibus - ok
17:45:17.0979 1672 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:45:17.0983 1672 vwififlt - ok
17:45:18.0028 1672 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:45:18.0041 1672 W32Time - ok
17:45:18.0067 1672 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:45:18.0070 1672 WacomPen - ok
17:45:18.0117 1672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:45:18.0120 1672 WANARP - ok
17:45:18.0130 1672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:45:18.0133 1672 Wanarpv6 - ok
17:45:18.0204 1672 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:45:18.0250 1672 wbengine - ok
17:45:18.0299 1672 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:45:18.0308 1672 WbioSrvc - ok
17:45:18.0350 1672 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:45:18.0373 1672 wcncsvc - ok
17:45:18.0406 1672 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:45:18.0413 1672 WcsPlugInService - ok
17:45:18.0456 1672 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:45:18.0458 1672 Wd - ok
17:45:18.0514 1672 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:45:18.0522 1672 Wdf01000 - ok
17:45:18.0549 1672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:45:18.0558 1672 WdiServiceHost - ok
17:45:18.0569 1672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:45:18.0582 1672 WdiSystemHost - ok
17:45:18.0640 1672 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:45:18.0653 1672 WebClient - ok
17:45:18.0700 1672 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:45:18.0711 1672 Wecsvc - ok
17:45:18.0747 1672 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:45:18.0756 1672 wercplsupport - ok
17:45:18.0801 1672 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:45:18.0809 1672 WerSvc - ok
17:45:18.0835 1672 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:18.0838 1672 WfpLwf - ok
17:45:18.0866 1672 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:45:18.0868 1672 WIMMount - ok
17:45:18.0889 1672 WinHttpAutoProxySvc - ok
17:45:18.0963 1672 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:45:18.0969 1672 Winmgmt - ok
17:45:19.0079 1672 WinRing0_1_2_0 - ok
17:45:19.0183 1672 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:45:19.0251 1672 WinRM - ok
17:45:19.0314 1672 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUSB C:\Windows\system32\drivers\WinUSB.SYS
17:45:19.0316 1672 WinUSB - ok
17:45:19.0386 1672 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:45:19.0433 1672 Wlansvc - ok
17:45:19.0466 1672 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:45:19.0468 1672 WmiAcpi - ok
17:45:19.0522 1672 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:45:19.0527 1672 wmiApSrv - ok
17:45:19.0626 1672 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:45:19.0647 1672 WMPNetworkSvc - ok
17:45:19.0671 1672 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:45:19.0680 1672 WPCSvc - ok
17:45:19.0731 1672 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:45:19.0739 1672 WPDBusEnum - ok
17:45:19.0780 1672 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:45:19.0782 1672 ws2ifsl - ok
17:45:19.0850 1672 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:45:19.0852 1672 WSDPrintDevice - ok
17:45:19.0879 1672 [ 7DC0270CFD4A05B4112E3EBBF083B595 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
17:45:19.0881 1672 WSDScan - ok
17:45:19.0896 1672 WSearch - ok
17:45:19.0948 1672 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:45:19.0950 1672 WudfPf - ok
17:45:19.0976 1672 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:19.0980 1672 WUDFRd - ok
17:45:20.0050 1672 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:45:20.0060 1672 wudfsvc - ok
17:45:20.0107 1672 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:45:20.0119 1672 WwanSvc - ok
17:45:20.0168 1672 ================ Scan global ===============================
17:45:20.0217 1672 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:45:20.0254 1672 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:45:20.0278 1672 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:45:20.0321 1672 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:45:20.0355 1672 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:45:20.0364 1672 [Global] - ok
17:45:20.0367 1672 ================ Scan MBR ==================================
17:45:20.0398 1672 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:45:20.0698 1672 \Device\Harddisk0\DR0 - ok
17:45:20.0700 1672 ================ Scan VBR ==================================
17:45:20.0713 1672 [ 35739679F00AFEF167F7EF6595CA2FB3 ] \Device\Harddisk0\DR0\Partition1
17:45:20.0727 1672 \Device\Harddisk0\DR0\Partition1 - ok
17:45:20.0763 1672 [ 4C83616291602EE1DD777864CEF2939C ] \Device\Harddisk0\DR0\Partition2
17:45:20.0768 1672 \Device\Harddisk0\DR0\Partition2 - ok
17:45:20.0769 1672 ============================================================
17:45:20.0769 1672 Scan finished
17:45:20.0769 1672 ============================================================
17:45:20.0803 3192 Detected object count: 0
17:45:20.0803 3192 Actual detected object count: 0
17:45:29.0452 1756 Deinitialize success
Re: Nelze klikat na odkazy v prohlížeči
Tak hlásím, že už to funguje, takže děkuju všem za pomoc, myslím, že to bude vše :)
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Nelze klikat na odkazy v prohlížeči
TDDS taky OK. Dodej ještě nový HJT na dočištění a myslím, že to po kontrole to zavřeme...
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Nelze klikat na odkazy v prohlížeči
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:25:00, on 30.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Users\Helca\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com/inde ... 51F3F7B7F9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Helca\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 6321 bytes
Scan saved at 23:25:00, on 30.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Users\Helca\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com/inde ... 51F3F7B7F9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Helca\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 6321 bytes
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 78 hostů