Prosím o kontrolu logu - vyřešeno

Gabryš · Příspěvekod **Gabryš** » 09 říj 2013 12:18

Prosím o kontrolu logu. pc je pomalé, místo ť mi píše ˇˇt, při hovoru na Skypu po 30s Skyp vypne a dlouho čekám na znovunahození. Nehodlám používat ani AVG, ani AVAST (nejdou odinstalovat), koupil jsem Ashapoo antivirus a mám Spybot - Search & Destroy a Microsoft Esential security
Předem díky za ochotu

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:33:18, on 9.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21352)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\WINDOWS\HKExt3.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\MHotkey.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\GIGABYTE\GEST\gest.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Ashampoo\Ashampoo Anti-Virus\AAV_Guard.exe
C:\WINDOWS\ChiFuncExt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\GIGABYTE\GEST\GSvr.exe
C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files\Ashampoo\Ashampoo Anti-Virus\AAV_Service_XP.exe
C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe
C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\trend micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1374162870
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1374162870
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1374162870
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\juw,C:\DOCUME~1\ALLUSE~1\APPLIC~1\juwihur.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\bewuly.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\qegyp.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\gycivo.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\pewomoh.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\xotijej.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\fegiwy.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\tuqoty.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\tiputok.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\poziluh.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\bilic.exe,C:\DOCUME~1\ALLUSE~1\APPLIC~1\filuri.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\DOCUME~1\GABRY~1\APPLIC~1\MEDIAF~1\EXTENS~1\GENCRA~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: smartdownloader Class - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O3 - Toolbar: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [HKExt3] HKExt3.exe
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [GEST] "C:\Program Files\GIGABYTE\GEST\run.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Ashampoo Anti-Virus Guard] "C:\Program Files\Ashampoo\Ashampoo Anti-Virus\AAV_Guard.exe" -AUTORUN
O4 - HKLM\..\Run: [Ashampoo WinOptimizer Live-Tuner] "C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe" -TRAY
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1801674531-343818398-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Jurai')
O4 - HKUS\S-1-5-21-1801674531-343818398-839522115-1003\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\Jurai\Application Data\Seznam.cz\szninstall.exe" -c (User 'Jurai')
O4 - HKUS\S-1-5-21-1801674531-343818398-839522115-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1801674531-343818398-839522115-1007\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1801674531-343818398-839522115-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator')
O4 - HKUS\S-1-5-21-1801674531-343818398-839522115-500\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0701191093
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AAVService - Unknown owner - C:\Program Files\Ashampoo\Ashampoo Anti-Virus\AAV_Service_XP.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe

--
End of file - 14185 bytes

Reklama

Příspěvekod **jaro3** » 09 říj 2013 16:34

Nedávej logy do quote!

Ashapoo antivirus a mám Spybot - Search & Destroy a Microsoft Esential security

Spybot - Search & Destroy --odinstaluj!

Nech buď Ashampo nebo MSE , dva mít nemůžeš!

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Gabryš · Příspěvekod **Gabryš** » 09 říj 2013 20:54

# AdwCleaner v3.007 - Report created 09/10/2013 at 20:16:58
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Gabryš - JURAI-17DEB283D
# Running from : C:\Documents and Settings\Gabryš\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Gabryš\Application Data\Mozilla\Firefox\Profiles\extensions\user.js
File Found : C:\Documents and Settings\Gabryš\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
File Found : C:\WINDOWS\system32\roboot.exe
Folder Found : C:\Documents and Settings\Gabryš\Application Data\Mozilla\Firefox\Profiles\extensions\Extensions\plugin@getwebcake.com
Folder Found : C:\Documents and Settings\Gabryš\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Found : C:\Documents and Settings\Gabryš\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Documents and Settings\Jurai\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Found : C:\Documents and Settings\Jurai\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found C:\Documents and Settings\All Users\Application Data\AlawarWrapper
Folder Found C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Found C:\Documents and Settings\All Users\Application Data\eSafe
Folder Found C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Found C:\Documents and Settings\Gabryš\Application Data\Babylon
Folder Found C:\Documents and Settings\Gabryš\Application Data\BabylonToolbar
Folder Found C:\Documents and Settings\Gabryš\Application Data\Desk 365
Folder Found C:\Documents and Settings\Gabryš\Application Data\eIntaller
Folder Found C:\Documents and Settings\Gabryš\Application Data\Mail.Ru
Folder Found C:\Documents and Settings\Gabryš\Application Data\Media Finder
Folder Found C:\Documents and Settings\Gabryš\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Found C:\Documents and Settings\Gabryš\Application Data\PriceGong
Folder Found C:\Documents and Settings\Gabryš\Application Data\searchquband
Folder Found C:\Documents and Settings\Gabryš\Application Data\Searchqutoolbar
Folder Found C:\Documents and Settings\Gabryš\Application Data\WinZipper
Folder Found C:\Documents and Settings\Gabryš\Local Settings\Application Data\Bundled software uninstaller
Folder Found C:\Documents and Settings\Gabryš\Local Settings\Application Data\Conduit
Folder Found C:\Documents and Settings\Gabryš\Local Settings\Application Data\cool_mirage
Folder Found C:\Documents and Settings\Gabryš\Local Settings\Application Data\DVDVideoSoftTB
Folder Found C:\Documents and Settings\Gabryš\Local Settings\Application Data\eSupport.com
Folder Found C:\Documents and Settings\Gabryš\Local Settings\Application Data\MyAshampoo
Folder Found C:\Documents and Settings\Gabryš\Local Settings\Application Data\PackageAware
Folder Found C:\Documents and Settings\Gabryš\Local Settings\Application Data\uTorrentControl2
Folder Found C:\Documents and Settings\Jurai\Application Data\PriceGong
Folder Found C:\Documents and Settings\Jurai\Local Settings\Application Data\AskToolbar
Folder Found C:\Documents and Settings\Jurai\Local Settings\Application Data\Conduit
Folder Found C:\Documents and Settings\Jurai\Local Settings\Application Data\ConduitEngine
Folder Found C:\Documents and Settings\Jurai\Local Settings\Application Data\MyAshampoo
Folder Found C:\Documents and Settings\NetworkService\Local Settings\Application Data\DVDVideoSoftTB
Folder Found C:\Documents and Settings\NetworkService\Local Settings\Application Data\MyAshampoo
Folder Found C:\Documents and Settings\NetworkService\Local Settings\Application Data\uTorrentControl2
Folder Found C:\Program Files\Ask.com
Folder Found C:\Program Files\Babylon
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\DAEMON Tools Toolbar
Folder Found C:\Program Files\Desk 365
Folder Found C:\Program Files\driver-soft
Folder Found C:\Program Files\Inbox Toolbar
Folder Found C:\Program Files\MyAshampoo
Folder Found C:\Program Files\SweetIM
Folder Found C:\Program Files\uTorrentControl2
Folder Found C:\Program Files\WinZipper

***** [ Shortcuts ] *****

Shortcut Found : C:\Documents and Settings\Gabryš\Desktop\Zástupce - chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870 )
Shortcut Found : C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870 )
Shortcut Found : C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870 )
Shortcut Found : C:\Documents and Settings\Gabryš\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870 )
Shortcut Found : C:\Documents and Settings\Gabryš\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870 )
Shortcut Found : C:\Documents and Settings\Gabryš\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870 )
Shortcut Found : C:\Documents and Settings\Gabryš\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870 )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\53edb8cbc3cbe10
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\AskToolbarInfo
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\DVDVideoSoftTB
Key Found : HKCU\Software\MediaFinder
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DDF0091-4A4E-47EB-8E17-BA3C1390C84A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKCU\Software\MyAshampoo
Key Found : HKCU\Software\MyAshampoo\toolbar
Key Found : HKCU\Software\powerpack
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\searchqutoolbar
Key Found : HKCU\Software\smartbar
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\uTorrentControl2
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Toolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
Key Found : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{162E06EC-4E38-4809-AE76-BF2400D34334}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Desksvc
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon Chrome Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyAshampoo Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Found : HKLM\Software\MyAshampoo
Key Found : HKLM\Software\MyAshampoo\toolbar
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\qvo6Software
Key Found : HKLM\Software\Tarma Installer
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21352

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374162870

-\\ Mozilla Firefox v

-\\ Google Chrome v30.0.1599.69

[ File : C:\Documents and Settings\Jurai\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Gabryš\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : search_url
Found : keyword

*************************

AdwCleaner[R0].txt - [23656 octets] - [09/10/2013 20:16:58]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [23717 octets] ##########

Gabryš · Příspěvekod **Gabryš** » 09 říj 2013 20:55

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.09.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Gabryš :: JURAI-17DEB283D [administrátor]

Ochrana: Povolena

9.10.2013 20:38:13
MBAM-log-2013-10-09 (20-51-48).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 286688
Uplynulý čas: 12 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000162-9980-0010-8000-00AA00389B71} (Rogue.WinAntiVirus) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 8
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p03].bmp (Trojan.Dropper.MST) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p04].bmp (Trojan.Dropper.MST) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p05].bmp (Trojan.Dropper.MST) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p06].bmp (Trojan.Dropper.MST) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p07].bmp (Trojan.Dropper.MST) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p08].bmp (Trojan.Dropper.MST) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p09].bmp (Trojan.Dropper.MST) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p10].bmp (Trojan.Dropper.MST) -> Nebyla provedena žádná instrukce.

(konec)

Příspěvekod **jaro3** » 09 říj 2013 22:30

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si shortcut-cleaner
na svojí plochu. Poklepej na ploše na sc-cleaner.exe
Program se spustí a poté vyhotoví log , ten sem vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Gabryš · Příspěvekod **Gabryš** » 10 říj 2013 01:06

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.10.09.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Gabryš :: JURAI-17DEB283D [administrátor]

Ochrana: Povolena

9.10.2013 22:59:19
mbam-log-2013-10-09 (22-59-19).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 286911
Uplynulý čas: 12 minut, 50 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000162-9980-0010-8000-00AA00389B71} (Rogue.WinAntiVirus) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 8
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p03].bmp (Trojan.Dropper.MST) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p04].bmp (Trojan.Dropper.MST) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p05].bmp (Trojan.Dropper.MST) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p06].bmp (Trojan.Dropper.MST) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p07].bmp (Trojan.Dropper.MST) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p08].bmp (Trojan.Dropper.MST) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p09].bmp (Trojan.Dropper.MST) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Gabryš\Local Settings\Application Data[j0004]-[p10].bmp (Trojan.Dropper.MST) -> Přesun do karantény a smazání se zdařilo.

(konec)

============================================================================

# AdwCleaner v3.007 - Report created 09/10/2013 at 23:17:37
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Gabryš - JURAI-17DEB283D
# Running from : C:\Documents and Settings\Gabryš\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21352

-\\ Mozilla Firefox v

-\\ Google Chrome v30.0.1599.69

[ File : C:\Documents and Settings\Jurai\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Gabryš\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [23798 octets] - [09/10/2013 20:16:58]
AdwCleaner[R1].txt - [1091 octets] - [09/10/2013 23:15:03]
AdwCleaner[S0].txt - [22801 octets] - [09/10/2013 20:22:07]
AdwCleaner[S1].txt - [1013 octets] - [09/10/2013 23:17:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1073 octets] ##########

========================================================================================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on ct 10.10.2013 at 0:07:05,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ct 10.10.2013 at 0:17:52,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

==============================================================================================
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Gabryš [Práva správce]
Mód : Oprava Proxy -- Datum : 10/10/2013 00:35:10
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH] filuri.exe -- C:\Documents and Settings\All Users\Application Data\filuri.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] HKExt3.exe -- C:\WINDOWS\HKExt3.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] mHotkey.exe -- C:\WINDOWS\mHotkey.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] ChiFuncExt.exe -- C:\WINDOWS\ChiFuncExt.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (:0) -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

Dokončeno : << RKreport[0]_PR_10102013_003510.txt >>
RKreport[0]_D_10102013_003453.txt;RKreport[0]_S_10102013_003404.txt

RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Gabryš [Práva správce]
Mód : Oprava HOSTS -- Datum : 10/10/2013 00:39:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH] filuri.exe -- C:\Documents and Settings\All Users\Application Data\filuri.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] HKExt3.exe -- C:\WINDOWS\HKExt3.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] mHotkey.exe -- C:\WINDOWS\mHotkey.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] ChiFuncExt.exe -- C:\WINDOWS\ChiFuncExt.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 http://www.100sexlinks.com
[...]

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_10102013_003919.txt >>
RKreport[0]_D_10102013_003453.txt;RKreport[0]_S_10102013_003404.txt;RKreport[0]_S_10102013_003812.txt

zaujalo mě, že při spuštění Rogue Killeru mě varoval antivir před uložením trojského koně.
Použil jsem již před tím RK několikrát při odstraňování "policejního zablokování". Jen s MSE.
Přikládám proto první čištění RK a rozdílné 2. čištění po několika minutách.
Mám podezření, že právě "oprava" RK měla za následek takové zavirování 8x Trojan.Dropper.MST a i nabídku? podvodných linek.
Můžu mít pravdu ???

Příspěvekod **jaro3** » 10 říj 2013 09:47

Nemáš , proto se doporučuje seaktivovat antivir , mylně ho detekují jako nákazu.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:zev souboru: zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Pak nový RK.

Gabryš · Příspěvekod **Gabryš** » 10 říj 2013 11:33

RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Gabryš [Práva správce]
Mód : Kontrola -- Datum : 10/10/2013 11:25:42
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[SUSP PATH] HKExt3.exe -- C:\WINDOWS\HKExt3.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] mHotkey.exe -- C:\WINDOWS\mHotkey.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] ChiFuncExt.exe -- C:\WINDOWS\ChiFuncExt.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[257] : NtTerminateProcess @ 0x805D2308 -> HOOKED (C:\Program Files\Ashampoo\Ashampoo Anti-Virus\AAV_IFSXP32.sys @ 0xB8441968)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - SAMSUNG HD502IJ +++++
--- User ---
[MBR] 3f69150a746693eb65abc63328e23b08
[BSP] fa8e8dba7bc226dab85329b0a923d421 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238496 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 488440260 | Size: 238433 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) (Standard disk drives) - WDC WD5000AADS-00S9B0 +++++
--- User ---
[MBR] cc0eafd9866305df6d39922ae8708712
[BSP] 87c8844f0c48ae72c729fd99c07da150 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) (Standard disk drives) - WD My Book 1110 USB Device +++++
--- User ---
[MBR] a0ba9644f737ada08954aab8b875d256
[BSP] 6a474a259c0776f44de1b2e0fca05cee : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953198 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) (Standard disk drives) - WD My Book USB Device +++++
--- User ---
[MBR] 99d66fe6f8cdcfa743357e433d1b8550
[BSP] f483ff3645bec987279721f6cffe563b : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_10102013_112542.txt >>
RKreport[0]_D_10102013_003453.txt

Mně se nepodařilo nijak deaktivovat Antivir, takže teď jen povoluji u RK jeho vstupy.
Každopádně moc děkuju za pomoc, pc je daleko rychlejší a už mi jde ď ň ť a Skype taky funguje jak má.
Doufám, že poslední zápis je už v pořádku. Ještě jednou DÍKY. G.

Příspěvekod **jaro3** » 10 říj 2013 18:44

Ještě si nedal:
Stáhni si shortcut-cleaner
na svojí plochu. Poklepej na ploše na sc-cleaner.exe
Program se spustí a poté vyhotoví log , ten sem vlož.

Takže všechno OK?

Gabryš · Příspěvekod **Gabryš** » 11 říj 2013 19:02

Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 10/09/2013 11:30:16 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Documents and Settings\Gabryš\Start Menu\

Searching C:\Documents and Settings\All Users\Start Menu\

Searching C:\Documents and Settings\Gabryš\Application Data\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Documents and Settings\All Users\Desktop\

Searching C:\Documents and Settings\Gabryš\Desktop

0 bad shortcuts found.

Program finished at: 10/09/2013 11:30:19 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)

Tady je.
mezi ostatními se mi schoval :)
Zůstal jen problém s pomalým spouštěním programů. Ale to už asi nebude virová záležitost.

Příspěvekod **jaro3** » 12 říj 2013 10:23

Ještě dočistíme.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Gabryš · Příspěvekod **Gabryš** » 14 říj 2013 00:36

00:28:45.0984 0x157c TDSS rootkit removing tool 3.0.0.12 Oct 9 2013 14:59:22
00:28:46.0296 0x157c ============================================================
00:28:46.0296 0x157c Current date / time: 2013/10/14 00:28:46.0296
00:28:46.0296 0x157c SystemInfo:
00:28:46.0296 0x157c
00:28:46.0296 0x157c OS Version: 5.1.2600 ServicePack: 3.0
00:28:46.0296 0x157c Product type: Workstation
00:28:46.0296 0x157c ComputerName: JURAI-17DEB283D
00:28:46.0296 0x157c UserName: Gabryš
00:28:46.0296 0x157c Windows directory: C:\WINDOWS
00:28:46.0296 0x157c System windows directory: C:\WINDOWS
00:28:46.0296 0x157c Processor architecture: Intel x86
00:28:46.0296 0x157c Number of processors: 4
00:28:46.0296 0x157c Page size: 0x1000
00:28:46.0296 0x157c Boot type: Normal boot
00:28:46.0296 0x157c ============================================================
00:28:50.0734 0x157c System UUID: {8A8F6BC7-D2E7-222A-894F-3502B77CA81F}
00:28:52.0484 0x157c Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:28:52.0500 0x157c Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:28:52.0515 0x157c Drive \Device\Harddisk2\DR5 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:28:52.0531 0x157c Drive \Device\Harddisk3\DR7 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:28:57.0625 0x157c ============================================================
00:28:57.0625 0x157c \Device\Harddisk0\DR0:
00:28:57.0625 0x157c MBR partitions:
00:28:57.0625 0x157c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1D0185
00:28:57.0625 0x157c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D1D0203, BlocksNum 0x1D1B0B7D
00:28:57.0625 0x157c \Device\Harddisk1\DR1:
00:28:57.0625 0x157c MBR partitions:
00:28:57.0625 0x157c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
00:28:57.0625 0x157c \Device\Harddisk2\DR5:
00:28:57.0625 0x157c MBR partitions:
00:28:57.0625 0x157c \Device\Harddisk2\DR5\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x745B7000
00:28:57.0625 0x157c \Device\Harddisk3\DR7:
00:28:57.0625 0x157c MBR partitions:
00:28:57.0625 0x157c \Device\Harddisk3\DR7\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
00:28:57.0625 0x157c ============================================================
00:28:57.0656 0x157c C: <-> \Device\Harddisk0\DR0\Partition1
00:28:57.0671 0x157c D: <-> \Device\Harddisk1\DR1\Partition1
00:28:57.0687 0x157c E: <-> \Device\Harddisk0\DR0\Partition2
00:28:57.0734 0x157c I: <-> \Device\Harddisk2\DR5\Partition1
00:28:57.0734 0x157c J: <-> \Device\Harddisk3\DR7\Partition1
00:28:57.0734 0x157c ============================================================
00:28:57.0734 0x157c Initialize success
00:28:57.0734 0x157c ============================================================
00:29:09.0062 0x09dc ============================================================
00:29:09.0062 0x09dc Scan started
00:29:09.0062 0x09dc Mode: Manual;
00:29:09.0062 0x09dc ============================================================
00:29:09.0062 0x09dc KSN ping started
00:29:11.0843 0x09dc KSN ping finished: true
00:29:12.0843 0x09dc ================ Scan system memory ========================
00:29:12.0843 0x09dc System memory - ok
00:29:12.0843 0x09dc ================ Scan services =============================
00:29:12.0937 0x09dc [ 720AEB9F18D76BE49DE86C8B25A9FC38, 37DB8919AD8A3508BC967F6CCB1D54BFE1F98BAE781A0503025DFBB318357A45 ] a2injectiondriver C:\Program Files\Ashampoo\Ashampoo Anti-Virus\a2dix86.sys
00:29:12.0953 0x09dc a2injectiondriver - ok
00:29:13.0062 0x09dc [ 8DEA3FE12A6686573F16A06AD95D7AB9, 7C3ED19440088F7EE28F8A527DDABDAFD8C5321002B2847907F4669CEE010F72 ] a2util C:\Program Files\Ashampoo\Ashampoo Anti-Virus\a2util32.sys
00:29:13.0078 0x09dc a2util - ok
00:29:13.0078 0x09dc [ ABFEE3561EDC83A2CF052C9F6D5FE9AC, 23056EA5A4DC1D0F7D446BDF15E787FBABC69BDB626576A329B00DD7129B3982 ] AAVScan C:\Program Files\Ashampoo\Ashampoo Anti-Virus\AAV_IFSXP32.sys
00:29:13.0093 0x09dc AAVScan - ok
00:29:13.0140 0x09dc [ 4DDE30108FBF6FF79581AA10797F7C3A, 8DF37830569527C538BDF5B0A2B1CB2403EEF783DA5DCB0060C46A4E8838EC4E ] AAVService C:\Program Files\Ashampoo\Ashampoo Anti-Virus\AAV_Service_XP.exe
00:29:13.0218 0x09dc AAVService - ok
00:29:13.0265 0x09dc Abiosdsk - ok
00:29:13.0265 0x09dc abp480n5 - ok
00:29:13.0312 0x09dc [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:29:13.0328 0x09dc ACPI - ok
00:29:13.0359 0x09dc [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:29:13.0359 0x09dc ACPIEC - ok
00:29:13.0437 0x09dc [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:29:13.0484 0x09dc AdobeFlashPlayerUpdateSvc - ok
00:29:13.0484 0x09dc adpu160m - ok
00:29:13.0515 0x09dc [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:29:13.0531 0x09dc aec - ok
00:29:13.0578 0x09dc [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:29:13.0609 0x09dc AFD - ok
00:29:13.0609 0x09dc Aha154x - ok
00:29:13.0625 0x09dc aic78u2 - ok
00:29:13.0625 0x09dc aic78xx - ok
00:29:13.0656 0x09dc [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:29:13.0656 0x09dc Alerter - ok
00:29:13.0687 0x09dc [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
00:29:13.0687 0x09dc ALG - ok
00:29:13.0703 0x09dc AliIde - ok
00:29:13.0781 0x09dc [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
00:29:13.0859 0x09dc Ambfilt - ok
00:29:13.0875 0x09dc amsint - ok
00:29:13.0906 0x09dc [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:29:13.0921 0x09dc AppMgmt - ok
00:29:13.0921 0x09dc asc - ok
00:29:13.0921 0x09dc asc3350p - ok
00:29:13.0937 0x09dc asc3550 - ok
00:29:14.0015 0x09dc [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:29:14.0046 0x09dc aspnet_state - ok
00:29:14.0062 0x09dc [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:29:14.0093 0x09dc AsyncMac - ok
00:29:14.0125 0x09dc [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:29:14.0140 0x09dc atapi - ok
00:29:14.0140 0x09dc Atdisk - ok
00:29:14.0171 0x09dc [ E46D344412D1ABC60C58E95C73BCDC70, DEB1C138BF5B83E2B48D3867BCD3A69BB77819427891B1986639395B37E426F4 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
00:29:14.0203 0x09dc atksgt - ok
00:29:14.0218 0x09dc [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:29:14.0234 0x09dc Atmarpc - ok
00:29:14.0250 0x09dc [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:29:14.0265 0x09dc AudioSrv - ok
00:29:14.0296 0x09dc [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:29:14.0312 0x09dc audstub - ok
00:29:14.0343 0x09dc [ D39A1C2FB0486D55F2CFBB4359363788, 07F633B089D605BA4BC9AC9F127C8AE8BF9A1D61AFB998B16712169048F7C12F ] Avgdiskx C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
00:29:14.0359 0x09dc Avgdiskx - ok
00:29:14.0546 0x09dc [ 75295E1C49F068F0C7C3ED1211DF3EFB, EFC0E3BABD41067242E666D1FA072BCF25BB1FA3D6E621974E3514A37446CF96 ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
00:29:14.0703 0x09dc AVGIDSAgent - ok
00:29:14.0750 0x09dc [ E2D441E3F58C04DD91286F38916CE102, C03F50CE5BDFCBC2B0DB062D6517ADE99DFF8EB65859CF6122DC95D3167E7C7E ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
00:29:14.0765 0x09dc AVGIDSDriver - ok
00:29:14.0781 0x09dc [ 7E7E946C5620BD398BFCFA41E435545B, 0B2F496367F36BE20AD075DF0054E8DE083E690179F9C5C9ECF9B3677069D6CF ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
00:29:14.0796 0x09dc AVGIDSHX - ok
00:29:14.0812 0x09dc [ C3828E5C49924969799ED8B1E123A267, 26713E308FC9BBDF28BD4E47234002D6928AAA234F73B2248BB2466EBA41747E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
00:29:14.0828 0x09dc AVGIDSShim - ok
00:29:14.0828 0x09dc [ A997D4A7361F4870A4F13BA5BF36F388, 1DF529F4207081E154BC377154A02FD641C20EF8BDB913C232465519AAC48827 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
00:29:14.0843 0x09dc Avgldx86 - ok
00:29:14.0859 0x09dc [ 62C926243D7875BDE097904E4DE4FFAD, 32730FEB5133F51A62DEDB9528EDE5A8F9A3C8121753D09699C5EEB930E4E217 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
00:29:14.0890 0x09dc Avglogx - ok
00:29:14.0890 0x09dc [ 02C25C2974F728391E33A2E45A23FFA4, B36A9601BF855ABAC4855023913A8D977567AD15EDCC3FFAB3028A9B6FE5D2CA ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
00:29:14.0906 0x09dc Avgmfx86 - ok
00:29:14.0921 0x09dc [ 9745AD34365318593909EDDEDAE66B9A, 16374BF9789053AA0124CB8437E1192442F44E46D14435BF80A049CD0D47F16A ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
00:29:14.0921 0x09dc Avgrkx86 - ok
00:29:14.0937 0x09dc [ E98603F9D1F412F38ADF2F76053F9E5A, 1CE4668E0202ADD8C4C3D7D883DC837F7888F5D6E3B6FEE8338E15A86FE6AC22 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
00:29:14.0953 0x09dc Avgtdix - ok
00:29:15.0000 0x09dc [ D9EB91D8DD04D4DCE41C8FAE67D20449, 32A2BFFE546A7A8315CF7B8481E640E761BB2F0D7BFC2F6A7DD542F74224BA9D ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
00:29:15.0031 0x09dc avgwd - ok
00:29:15.0046 0x09dc [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:29:15.0078 0x09dc Beep - ok
00:29:15.0140 0x09dc [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
00:29:15.0234 0x09dc BITS - ok
00:29:15.0234 0x09dc BlueletAudio - ok
00:29:15.0234 0x09dc BlueletSCOAudio - ok
00:29:15.0265 0x09dc [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
00:29:15.0328 0x09dc Browser - ok
00:29:15.0328 0x09dc BT - ok
00:29:15.0328 0x09dc BTHidEnum - ok
00:29:15.0328 0x09dc BTHidMgr - ok
00:29:15.0328 0x09dc bulbashy - ok
00:29:15.0359 0x09dc [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:29:15.0390 0x09dc cbidf2k - ok
00:29:15.0421 0x09dc [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:29:15.0453 0x09dc CCDECODE - ok
00:29:15.0453 0x09dc cd20xrnt - ok
00:29:15.0468 0x09dc [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:29:15.0484 0x09dc Cdaudio - ok
00:29:15.0500 0x09dc [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:29:15.0500 0x09dc Cdfs - ok
00:29:15.0515 0x09dc [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:29:15.0546 0x09dc Cdrom - ok
00:29:15.0546 0x09dc Changer - ok
00:29:15.0593 0x09dc [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:29:15.0593 0x09dc CiSvc - ok
00:29:15.0625 0x09dc [ 85F1DDEA3C10921190CDBA107B22590C, 1B3BD413256BA1F06B3A7C06ADDEFF5823A68F8FEC058DB02023791B4D87A540 ] cleanhlp C:\Program Files\Ashampoo\Ashampoo Anti-Virus\cleanhlp32.sys
00:29:15.0640 0x09dc cleanhlp - ok
00:29:15.0640 0x09dc [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:29:15.0656 0x09dc ClipSrv - ok
00:29:15.0718 0x09dc [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:29:15.0765 0x09dc clr_optimization_v2.0.50727_32 - ok
00:29:15.0781 0x09dc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:29:15.0875 0x09dc clr_optimization_v4.0.30319_32 - ok
00:29:15.0875 0x09dc CmdIde - ok
00:29:15.0875 0x09dc COMSysApp - ok
00:29:15.0890 0x09dc Cpqarray - ok
00:29:15.0921 0x09dc [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:29:15.0921 0x09dc CryptSvc - ok
00:29:15.0937 0x09dc dac2w2k - ok
00:29:15.0937 0x09dc dac960nt - ok
00:29:15.0984 0x09dc [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:29:16.0000 0x09dc DcomLaunch - ok
00:29:16.0062 0x09dc [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C, 7133A9931A3BCC02D65CB77271F9505256D4DD74A7E77F73747C5D3F0D29B85E ] DfSdkS C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS.exe
00:29:16.0109 0x09dc DfSdkS - ok
00:29:16.0125 0x09dc [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:29:16.0140 0x09dc Dhcp - ok
00:29:16.0140 0x09dc [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:29:16.0171 0x09dc Disk - ok
00:29:16.0171 0x09dc dmadmin - ok
00:29:16.0218 0x09dc [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:29:16.0265 0x09dc dmboot - ok
00:29:16.0281 0x09dc [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:29:16.0296 0x09dc dmio - ok
00:29:16.0312 0x09dc [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:29:16.0328 0x09dc dmload - ok
00:29:16.0343 0x09dc [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
00:29:16.0375 0x09dc dmserver - ok
00:29:16.0390 0x09dc [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:29:16.0421 0x09dc DMusic - ok
00:29:16.0453 0x09dc [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:29:16.0468 0x09dc Dnscache - ok
00:29:16.0500 0x09dc [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:29:16.0515 0x09dc Dot3svc - ok
00:29:16.0531 0x09dc dpti2o - ok
00:29:16.0546 0x09dc [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:29:16.0562 0x09dc drmkaud - ok
00:29:16.0578 0x09dc [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:29:16.0593 0x09dc EapHost - ok
00:29:16.0609 0x09dc [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:29:16.0625 0x09dc ERSvc - ok
00:29:16.0640 0x09dc [ E5030E34DE21A6818E8586BFB7DD4B60, 20C602B310B70997F502252D2F6FD204462A19B836CD84326A57FB0337BE8456 ] ET5Drv C:\WINDOWS\system32\Drivers\ET5Drv.sys
00:29:16.0656 0x09dc ET5Drv - ok
00:29:16.0687 0x09dc [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
00:29:16.0703 0x09dc Eventlog - ok
00:29:16.0750 0x09dc [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
00:29:16.0765 0x09dc EventSystem - ok
00:29:16.0765 0x09dc [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:29:16.0781 0x09dc Fastfat - ok
00:29:16.0828 0x09dc [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:29:16.0843 0x09dc FastUserSwitchingCompatibility - ok
00:29:16.0859 0x09dc [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:29:16.0859 0x09dc Fdc - ok
00:29:16.0859 0x09dc FilterService - ok
00:29:16.0875 0x09dc [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:29:16.0890 0x09dc Fips - ok
00:29:16.0890 0x09dc [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:29:16.0906 0x09dc Flpydisk - ok
00:29:16.0937 0x09dc [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:29:16.0953 0x09dc FltMgr - ok
00:29:17.0000 0x09dc [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:29:17.0015 0x09dc FontCache3.0.0.0 - ok
00:29:17.0031 0x09dc [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:29:17.0046 0x09dc Fs_Rec - ok
00:29:17.0046 0x09dc [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:29:17.0062 0x09dc Ftdisk - ok
00:29:17.0093 0x09dc [ 5C230948DD6652228F88CA7AE6CB276C, EDEC6E6B9E2B0CDB6934460EF473FBEAC290DF4A33536A47B3EB1786BDCA197B ] gdrv C:\WINDOWS\gdrv.sys
00:29:17.0156 0x09dc gdrv - ok
00:29:17.0187 0x09dc [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:29:17.0203 0x09dc GEARAspiWDM - ok
00:29:17.0250 0x09dc [ A73082BAB773171B34D656609C6D5854, 93522AD123A844178AD27F914187534859CCF67EF21CC6B17580EA17ABB62F1B ] GEST Service C:\Program Files\GIGABYTE\GEST\GSvr.exe
00:29:17.0265 0x09dc GEST Service - ok
00:29:17.0281 0x09dc [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:29:17.0312 0x09dc Gpc - ok
00:29:17.0390 0x09dc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:29:17.0421 0x09dc gupdate - ok
00:29:17.0437 0x09dc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:29:17.0437 0x09dc gupdatem - ok
00:29:17.0453 0x09dc [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:29:17.0468 0x09dc HDAudBus - ok
00:29:17.0546 0x09dc [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:29:17.0546 0x09dc helpsvc - ok
00:29:17.0593 0x09dc [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:29:17.0593 0x09dc HidServ - ok
00:29:17.0609 0x09dc [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:29:17.0625 0x09dc hidusb - ok
00:29:17.0640 0x09dc [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:29:17.0656 0x09dc hkmsvc - ok
00:29:17.0671 0x09dc hpn - ok
00:29:17.0765 0x09dc [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
00:29:17.0781 0x09dc hpqcxs08 - ok
00:29:17.0796 0x09dc [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
00:29:17.0828 0x09dc hpqddsvc - ok
00:29:17.0843 0x09dc [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
00:29:17.0859 0x09dc HPZid412 - ok
00:29:17.0875 0x09dc [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
00:29:17.0890 0x09dc HPZipr12 - ok
00:29:17.0890 0x09dc [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
00:29:17.0906 0x09dc HPZius12 - ok
00:29:17.0937 0x09dc [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:29:17.0968 0x09dc HTTP - ok
00:29:17.0984 0x09dc [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:29:18.0000 0x09dc HTTPFilter - ok
00:29:18.0015 0x09dc i2omgmt - ok
00:29:18.0015 0x09dc i2omp - ok
00:29:18.0046 0x09dc [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:29:18.0062 0x09dc i8042prt - ok
00:29:18.0125 0x09dc [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:29:18.0234 0x09dc idsvc - ok
00:29:18.0250 0x09dc [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:29:18.0281 0x09dc Imapi - ok
00:29:18.0296 0x09dc [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
00:29:18.0328 0x09dc ImapiService - ok
00:29:18.0343 0x09dc ini910u - ok
00:29:18.0656 0x09dc [ 5D138ADC44C43BF37634C8E528D75B1F, 4FA38D9B34C9F840B432F6E1337ED39323C4457563FC7167B5815A9D91343361 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:29:18.0875 0x09dc IntcAzAudAddService - ok
00:29:18.0890 0x09dc IntelIde - ok
00:29:18.0921 0x09dc [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:29:18.0921 0x09dc intelppm - ok
00:29:18.0953 0x09dc [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:29:18.0953 0x09dc Ip6Fw - ok
00:29:18.0984 0x09dc [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:29:19.0015 0x09dc IpFilterDriver - ok
00:29:19.0015 0x09dc [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:29:19.0031 0x09dc IpInIp - ok
00:29:19.0046 0x09dc [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:29:19.0062 0x09dc IpNat - ok
00:29:19.0078 0x09dc [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:29:19.0109 0x09dc IPSec - ok
00:29:19.0125 0x09dc [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:29:19.0140 0x09dc IRENUM - ok
00:29:19.0156 0x09dc [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:29:19.0171 0x09dc isapnp - ok
00:29:19.0187 0x09dc [ 339DEA550CC17283D6FD689AC7E67C57, C0AC1D0ED29D2D2109E02A62A2416358A5D178C2D29ACA7F50A846202035E863 ] ivusb C:\WINDOWS\system32\DRIVERS\ivusb.sys
00:29:19.0203 0x09dc ivusb - ok
00:29:19.0296 0x09dc [ 5E06A9D23727DAF96FAA796F1135FDCD, CE17B26F6DE8FD229A32A0057855A35EA2A728162808095D2000FF6987AF2939 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
00:29:19.0343 0x09dc JavaQuickStarterService - ok
00:29:19.0359 0x09dc [ 15D6BE1F12CC749391EC2FB3556E5A60, 1B3D08F29D7511A639A4CA3030991646D8635836AA8A2546E0DEC31F8CFD8361 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
00:29:19.0375 0x09dc JRAID - ok
00:29:19.0406 0x09dc [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:29:19.0406 0x09dc Kbdclass - ok
00:29:19.0421 0x09dc [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:29:19.0437 0x09dc kbdhid - ok
00:29:19.0468 0x09dc [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:29:19.0500 0x09dc kmixer - ok
00:29:19.0515 0x09dc [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:29:19.0531 0x09dc KSecDD - ok
00:29:19.0562 0x09dc [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:29:19.0578 0x09dc lanmanserver - ok
00:29:19.0593 0x09dc [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:29:19.0625 0x09dc lanmanworkstation - ok
00:29:19.0656 0x09dc [ BE2DC24D403643A2D1D98F33C7087B38, 0E72CAABFD41A30E6BD8E8EC7C75CAC6F96C4C32D578B58913686F1326116678 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
00:29:19.0671 0x09dc LBeepKE - ok
00:29:19.0671 0x09dc lbrtfdc - ok
00:29:19.0703 0x09dc [ 910344E2A984010435AE84783B25E5EB, 0A547AA691EE89383A8DDF5191943C9AB4021BFD55B51504E81308C52EBE5130 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:29:19.0734 0x09dc LBTServ - ok
00:29:19.0781 0x09dc [ 717E6714BCA808F2A372E636AFF3D15A, C73CF00757BFD5BEF378F4A6431926C4837D8C53E2BD76FC723F217A930FC2A1 ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
00:29:19.0796 0x09dc LEqdUsb - ok
00:29:19.0828 0x09dc [ 2786F7B4003ADFF88CE28BC1800B5407, B55F1AAC0FED9A8B50E900AC107922A4C418525484728C139839E1DA4FF7A52E ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
00:29:19.0843 0x09dc LHidEqd - ok
00:29:19.0859 0x09dc [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
00:29:19.0875 0x09dc LHidFilt - ok
00:29:19.0906 0x09dc [ 8CCF9ED46D52AF1375875F74A91FFACF, 43A38AE17D054C88176C7F1527CAA0D45AB0AC429C1C0440D9F2DECE0F90C058 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
00:29:19.0921 0x09dc lirsgt - ok
00:29:19.0953 0x09dc [ 1307C0131756A1160B1821CE8293FE64, 68891B0122D24ADE32F11DCD7781182FA516D5B621B6E8D3948EF22FA3E910A6 ] LiveTunerPM C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor32.sys
00:29:19.0953 0x09dc LiveTunerPM - ok
00:29:20.0000 0x09dc [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:29:20.0015 0x09dc LmHosts - ok
00:29:20.0015 0x09dc [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
00:29:20.0031 0x09dc LMouFilt - ok
00:29:20.0125 0x09dc [ 9A3D4FC6B86E7E36473079AB76AC703D, 24E9EB39F4BC19B8D4D89F41E03761A5B1BD9B4968D5C269FB18523E8F41D5AF ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys
00:29:20.0203 0x09dc LVcKap - ok
00:29:20.0312 0x09dc [ 0ACBC11F19320AF6C19F2E20013D9095, 0D7AABAE9D5213B6B9392893A58F1294B799D85D21C8BCE61B3442B098FAD08F ] LVMVDrv C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
00:29:20.0406 0x09dc LVMVDrv - ok
00:29:20.0406 0x09dc lvpopflt - ok
00:29:20.0421 0x09dc LVRS - ok
00:29:20.0453 0x09dc [ A005CEE9BE199C5E375FAA559CA9A7A9, D39DD4463B2E30FECDFE3E65E1FD1ACF67310A33157B39B003CE05F66A950574 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
00:29:20.0484 0x09dc LVSrvLauncher - ok
00:29:20.0515 0x09dc [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
00:29:20.0531 0x09dc MBAMProtector - ok
00:29:20.0593 0x09dc [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:29:20.0656 0x09dc MBAMScheduler - ok
00:29:20.0703 0x09dc [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:29:20.0765 0x09dc MBAMService - ok
00:29:20.0796 0x09dc [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:29:20.0812 0x09dc Messenger - ok
00:29:20.0843 0x09dc [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:29:20.0859 0x09dc mnmdd - ok
00:29:20.0906 0x09dc [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:29:20.0921 0x09dc mnmsrvc - ok
00:29:20.0953 0x09dc [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:29:20.0953 0x09dc Modem - ok
00:29:21.0031 0x09dc [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
00:29:21.0109 0x09dc Monfilt - ok
00:29:21.0140 0x09dc [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:29:21.0156 0x09dc Mouclass - ok
00:29:21.0156 0x09dc [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:29:21.0171 0x09dc mouhid - ok
00:29:21.0187 0x09dc [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:29:21.0203 0x09dc MountMgr - ok
00:29:21.0203 0x09dc mraid35x - ok
00:29:21.0234 0x09dc [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:29:21.0250 0x09dc MRxDAV - ok
00:29:21.0312 0x09dc [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:29:21.0359 0x09dc MRxSmb - ok
00:29:21.0375 0x09dc [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:29:21.0375 0x09dc MSDTC - ok
00:29:21.0390 0x09dc [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:29:21.0406 0x09dc Msfs - ok
00:29:21.0421 0x09dc MSIServer - ok
00:29:21.0437 0x09dc [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:29:21.0453 0x09dc MSKSSRV - ok
00:29:21.0453 0x09dc [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:29:21.0468 0x09dc MSPCLOCK - ok
00:29:21.0484 0x09dc [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:29:21.0500 0x09dc MSPQM - ok
00:29:21.0500 0x09dc [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:29:21.0515 0x09dc mssmbios - ok
00:29:21.0546 0x09dc [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:29:21.0546 0x09dc MSTEE - ok
00:29:21.0578 0x09dc [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:29:21.0609 0x09dc Mup - ok
00:29:21.0625 0x09dc [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:29:21.0656 0x09dc NABTSFEC - ok
00:29:21.0687 0x09dc [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:29:21.0718 0x09dc napagent - ok
00:29:21.0828 0x09dc [ 89844C3D3A7AAE8999E229C88E452633, 63CA79A59D684B4AA2DEEC244FCD84A74746B47D733CE1CDB69DB825A13B7628 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
00:29:21.0875 0x09dc NBService - ok
00:29:21.0890 0x09dc [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:29:21.0921 0x09dc NDIS - ok
00:29:21.0937 0x09dc [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:29:21.0968 0x09dc NdisIP - ok
00:29:22.0015 0x09dc [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:29:22.0015 0x09dc NdisTapi - ok
00:29:22.0031 0x09dc [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:29:22.0046 0x09dc Ndisuio - ok
00:29:22.0062 0x09dc [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:29:22.0078 0x09dc NdisWan - ok
00:29:22.0093 0x09dc [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:29:22.0109 0x09dc NDProxy - ok
00:29:22.0140 0x09dc [ F7C14F5077BF2BC476C348B88A7F74E2, 2B9B73143AD279BF38FADE86F815CCECE90F727D33693FEF52658D93A7101A0F ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
00:29:22.0156 0x09dc Net Driver HPZ12 - ok
00:29:22.0156 0x09dc [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:29:22.0171 0x09dc NetBIOS - ok
00:29:22.0187 0x09dc [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:29:22.0218 0x09dc NetBT - ok
00:29:22.0250 0x09dc [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
00:29:22.0265 0x09dc NetDDE - ok
00:29:22.0281 0x09dc [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:29:22.0281 0x09dc NetDDEdsdm - ok
00:29:22.0328 0x09dc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:29:22.0343 0x09dc Netlogon - ok
00:29:22.0359 0x09dc [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
00:29:22.0375 0x09dc Netman - ok
00:29:22.0406 0x09dc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:29:22.0468 0x09dc NetTcpPortSharing - ok
00:29:22.0515 0x09dc [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
00:29:22.0531 0x09dc Nla - ok
00:29:22.0609 0x09dc [ 433049770B810D7C83C5C94CDB3E09D2, C629831E34C0FE873A6B4887DBB4C50A4CFA1E86A8B27A8A3F1A3407DE21A27F ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
00:29:22.0656 0x09dc NMIndexingService - ok
00:29:22.0671 0x09dc [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:29:22.0687 0x09dc Npfs - ok
00:29:22.0718 0x09dc [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:29:22.0765 0x09dc Ntfs - ok
00:29:22.0781 0x09dc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:29:22.0781 0x09dc NtLmSsp - ok
00:29:22.0812 0x09dc [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:29:22.0843 0x09dc NtmsSvc - ok
00:29:22.0875 0x09dc [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
00:29:22.0875 0x09dc Null - ok
00:29:23.0343 0x09dc [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:29:23.0671 0x09dc nv - ok
00:29:23.0734 0x09dc [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:29:23.0750 0x09dc NVSvc - ok
00:29:23.0890 0x09dc [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:29:23.0984 0x09dc nvUpdatusService - ok
00:29:24.0000 0x09dc [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:29:24.0015 0x09dc NwlnkFlt - ok
00:29:24.0015 0x09dc [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:29:24.0062 0x09dc NwlnkFwd - ok
00:29:24.0109 0x09dc [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:29:24.0125 0x09dc ose - ok
00:29:24.0140 0x09dc [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:29:24.0171 0x09dc Parport - ok
00:29:24.0203 0x09dc [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:29:24.0218 0x09dc PartMgr - ok
00:29:24.0250 0x09dc [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:29:24.0250 0x09dc ParVdm - ok
00:29:24.0265 0x09dc [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:29:24.0281 0x09dc PCI - ok
00:29:24.0281 0x09dc PCIDump - ok
00:29:24.0296 0x09dc [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:29:24.0296 0x09dc PCIIde - ok
00:29:24.0328 0x09dc [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:29:24.0343 0x09dc Pcmcia - ok
00:29:24.0359 0x09dc PDCOMP - ok
00:29:24.0359 0x09dc PDFRAME - ok
00:29:24.0359 0x09dc PDRELI - ok
00:29:24.0375 0x09dc PDRFRAME - ok
00:29:24.0375 0x09dc perc2 - ok
00:29:24.0375 0x09dc perc2hib - ok
00:29:24.0421 0x09dc [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
00:29:24.0421 0x09dc PlugPlay - ok
00:29:24.0421 0x09dc [ E638656001C52A1FAA34F92E6D3A086B, 1DFB3991346657277CB83AC32D232855B377C8A87C871329214FB942D14E5271 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
00:29:24.0437 0x09dc Pml Driver HPZ12 - ok
00:29:24.0468 0x09dc [ 3A2E85F7D90D15460C337CE80C2E3B29, EECAA20359FD2D75D6A564A3BAADACAA2CB69D061E455AA3F75055A3EAB54168 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
00:29:24.0515 0x09dc PnkBstrA - ok
00:29:24.0531 0x09dc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:29:24.0531 0x09dc PolicyAgent - ok
00:29:24.0546 0x09dc [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:29:24.0562 0x09dc PptpMiniport - ok
00:29:24.0562 0x09dc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:29:24.0562 0x09dc ProtectedStorage - ok
00:29:24.0578 0x09dc [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:29:24.0593 0x09dc PSched - ok
00:29:24.0593 0x09dc [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:29:24.0609 0x09dc Ptilink - ok
00:29:24.0625 0x09dc [ 053A608BCFEB5A4D0CECDDA703B08C83, 58DA926B0F885A31CACA55E2D9F9CA014B19A7C5374B861CE3E4A11C55F4EB5C ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:29:24.0640 0x09dc PxHelp20 - ok
00:29:24.0640 0x09dc ql1080 - ok
00:29:24.0640 0x09dc Ql10wnt - ok
00:29:24.0656 0x09dc ql12160 - ok
00:29:24.0656 0x09dc ql1240 - ok
00:29:24.0656 0x09dc ql1280 - ok
00:29:24.0687 0x09dc [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:29:24.0687 0x09dc RasAcd - ok
00:29:24.0718 0x09dc [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:29:24.0734 0x09dc RasAuto - ok
00:29:24.0750 0x09dc [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:29:24.0765 0x09dc Rasl2tp - ok
00:29:24.0796 0x09dc [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:29:24.0812 0x09dc RasMan - ok
00:29:24.0812 0x09dc [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:29:24.0859 0x09dc RasPppoe - ok
00:29:24.0859 0x09dc [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:29:24.0937 0x09dc Raspti - ok
00:29:24.0984 0x09dc [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:29:25.0031 0x09dc Rdbss - ok
00:29:25.0046 0x09dc [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:29:25.0062 0x09dc RDPCDD - ok
00:29:25.0078 0x09dc [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:29:25.0109 0x09dc rdpdr - ok
00:29:25.0140 0x09dc [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:29:25.0156 0x09dc RDPWD - ok
00:29:25.0187 0x09dc [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:29:25.0218 0x09dc RDSessMgr - ok
00:29:25.0234 0x09dc [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:29:25.0296 0x09dc redbook - ok
00:29:25.0312 0x09dc [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:29:25.0328 0x09dc RemoteAccess - ok
00:29:25.0359 0x09dc [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:29:25.0359 0x09dc RemoteRegistry - ok
00:29:25.0406 0x09dc [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
00:29:25.0406 0x09dc ROOTMODEM - ok
00:29:25.0421 0x09dc [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
00:29:25.0437 0x09dc RpcLocator - ok
00:29:25.0484 0x09dc [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:29:25.0515 0x09dc RpcSs - ok
00:29:25.0531 0x09dc [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:29:25.0546 0x09dc RSVP - ok
00:29:25.0609 0x09dc [ D3578C3806ED545E5C36B2A20F5C0B5A, 167FBEB5FE761C0F906F96C9FF00A10D733BD36C61C9288BDBDCABAB86F7AF08 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
00:29:25.0640 0x09dc RTLE8023xp - ok
00:29:25.0671 0x09dc [ 7E2737D94433365CD576FE9C8534E1E8, 80E174741AB82A955226D5311AFE525E9DB9996BFAC5331E8F522C4AC28A9B3C ] RTLTEAMING C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS
00:29:25.0687 0x09dc RTLTEAMING - ok
00:29:25.0703 0x09dc [ 2B15CAE2CE4F5A8A4D575B53A30CDF4C, 9F6E7D436E342924853C355509EC619DBA55699713EE73757F2E9F84CBCB3807 ] RTLVLAN C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
00:29:25.0718 0x09dc RTLVLAN - ok
00:29:25.0718 0x09dc [ 2B15CAE2CE4F5A8A4D575B53A30CDF4C, 9F6E7D436E342924853C355509EC619DBA55699713EE73757F2E9F84CBCB3807 ] RTLVLANMP C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
00:29:25.0734 0x09dc RTLVLANMP - ok
00:29:25.0765 0x09dc [ 37A00C2DC0F61073AD61182B4D6F1BE7, 75644E5A6AAA067EEE86622AB357B6FA9143161DF98D7D6129DE5808D039298D ] RtNdPt5x C:\WINDOWS\system32\DRIVERS\RtNdPt5x.sys
00:29:25.0781 0x09dc RtNdPt5x - ok
00:29:25.0796 0x09dc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
00:29:25.0796 0x09dc SamSs - ok
00:29:25.0812 0x09dc [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:29:25.0828 0x09dc SCardSvr - ok
00:29:25.0859 0x09dc [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:29:25.0890 0x09dc Schedule - ok
00:29:25.0921 0x09dc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:29:25.0921 0x09dc Secdrv - ok
00:29:25.0953 0x09dc [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:29:25.0968 0x09dc seclogon - ok
00:29:25.0984 0x09dc [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
00:29:25.0984 0x09dc SENS - ok
00:29:26.0000 0x09dc [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:29:26.0015 0x09dc serenum - ok
00:29:26.0015 0x09dc [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:29:26.0031 0x09dc Serial - ok
00:29:26.0109 0x09dc [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:29:26.0125 0x09dc Sfloppy - ok
00:29:26.0171 0x09dc [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:29:26.0203 0x09dc SharedAccess - ok
00:29:26.0218 0x09dc [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:29:26.0234 0x09dc ShellHWDetection - ok
00:29:26.0250 0x09dc Simbad - ok
00:29:26.0500 0x09dc [ 73E3B5D1F1EB5FDC51A5C3437EEE3348, AE4059D62AF5AC6F6174EE39CEA5B4DFBD7B91DDAD7D6BC4E38173221EAAE7AC ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
00:29:26.0671 0x09dc Skype C2C Service - ok
00:29:26.0765 0x09dc [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
00:29:26.0812 0x09dc SkypeUpdate - ok
00:29:26.0843 0x09dc [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:29:26.0875 0x09dc SLIP - ok
00:29:26.0890 0x09dc Sparrow - ok
00:29:26.0921 0x09dc [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:29:26.0937 0x09dc splitter - ok
00:29:26.0968 0x09dc [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:29:26.0984 0x09dc Spooler - ok
00:29:27.0031 0x09dc [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
00:29:27.0031 0x09dc Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB

pokračování =>

Prosím o kontrolu logu - vyřešeno

Prosím o kontrolu logu - vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online