Ahoj všem,
PC je úplně rozhašené.Prosím o kontorlu a rady.Děkuji
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:06, on 31.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://googel.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~1\APPGRA~1\APPGRA~1.DLL
O2 - BHO: maucampo - {89ea300a-d75b-4270-a63f-c45f0ff5f7a3} - C:\Program Files\maucampo\maucampobho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
O4 - HKLM\..\Run: [SiteRanker] "C:\Program Files\SiteRanker\SiteRankTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpeedUpMyComputer] C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
O4 - HKCU\..\Run: [FixMyRegistry] C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/3.0 ... ontrol.CAB
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
--
End of file - 6219 bytes
Prosím o konrolu Logu
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o konrolu Logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o konrolu Logu
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.03.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
dealer4 :: PC27 [administrátor]
Ochrana: Povolena
3.2.2014 19:54:44
MBAM-log-2014-02-03 (20-07-07).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228361
Uplynulý čas: 8 minut, 4 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 17
HKCR\CLSID\{89ea300a-d75b-4270-a63f-c45f0ff5f7a3} (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{26043cca-638a-4656-adca-cc0d25947068} (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{A6D375A7-85A9-4904-9D1A-FD89FE4E97ED} (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89EA300A-D75B-4270-A63F-C45F0FF5F7A3} (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{022C9F90-2E96-47D6-A971-107650154563} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1 (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\maucampo (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\maucampo (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKLM\Software\maucampo (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 3
C:\Program Files\AppGraffiti (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\Update (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\maucampo (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 18
C:\Program Files\maucampo\maucampoBHO.dll (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti.dll (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\AppData\Local\Temp\SpeedUpMyComputer.exe (PUP.Optional.SmartTweak) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\MyPhoneExplorer_Setup_1.8.5.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\TVSetup(1).exe (PUP.Optional.Inbox) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\TVSetup.exe (PUP.Optional.Inbox) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\nokia-pc-suite-lista-centrumcz.exe (Trojan.Downloader.Agent) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\unins000.dat (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti.exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti._dll (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti._exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti64.dll (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\config.dat (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\unins000.exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\maucampo\maucampo.ico (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\maucampo\maucampoUninstall.exe (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
(konec)
# AdwCleaner v3.018 - Report created 03/02/2014 at 20:08:29
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : dealer4 - PC27
# Running from : C:\Users\dealer4\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-10.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-5.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-6.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-7.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-8.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-9.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\my-web-search.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\user.js
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\Extensions\AppGraffiti@AppGraffiti.com
Folder Found C:\Program Files\AppGraffiti
Folder Found C:\Program Files\ICQ6Toolbar
Folder Found C:\Program Files\SiteRanker
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Found C:\ProgramData\RegClean
Folder Found C:\Users\dealer4\AppData\Local\iac
Folder Found C:\Users\dealer4\AppData\LocalLow\AppGraffiti
Folder Found C:\Users\dealer4\AppData\LocalLow\SiteRanker
Folder Found C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\ICQToolbarData
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppGraffiti
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\SiteRanker
Key Found : HKLM\Software\AppGraffiti
Key Found : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\pc27\AppData\Roaming\Mozilla\Firefox\Profiles\krammldy.default\prefs.js ]
[ File : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\prefs.js ]
Line Found : user_pref("extensions.mywebsearch.prevDefaultEngine", "ICQ Search");
Line Found : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Found : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://www2.inbox.com/search/dispatcher.aspx?tp=sf&tbid=82120&language=cs&qkw=");
Line Found : user_pref("extensions.mywebsearch.prevSelectedEngine", "ICQ Search");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=98B309F5-6CA0-400C-BE6D-8125849525B4&n=77fc9245&p2=^HJ^xdm073^YY^cz&si=pconverter");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013041221");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^cz");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "98B309F5-6CA0-400C-BE6D-8125849525B4");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1366048745818");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.engineVerified", false);
Line Found : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
Line Found : user_pref("icqtoolbar.firstTbRun", false);
Line Found : user_pref("icqtoolbar.geolastmodified", 1391193295);
Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_default itb_games itb_highlight");
Line Found : user_pref("icqtoolbar.history", "pc%20help||hotel%20admir%C3%A1l%20lipno||Hotel%20restaurant%20Admir%C3%A1l||%C5%A1pindleruv%20ml%C3%BDn||hxxp%3A%2F%2Fwww.sportbp.cz%2Fsportovnikurzy%2Fkurz-instruktor[...]
Line Found : user_pref("icqtoolbar.icqgeo", 42);
Line Found : user_pref("icqtoolbar.installTime", "1346224452");
Line Found : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Found : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "26.0");
Line Found : user_pref("icqtoolbar.skip_default_search", "no");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uniqueID", "134604832613460486861346052094851");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1391452930);
Line Found : user_pref("icqtoolbar.version", "1.5.3");
Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Found : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=98B309F5-6CA0-400C-BE6D-8125849525B4&n=77fc9245&ind=2013041221&p2=^HJ^xdm073^YY^cz&si=pconverter&searchfor="[...]
*************************
AdwCleaner[R0].txt - [11173 octets] - [03/02/2014 20:08:29]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11234 octets] ##########
www.malwarebytes.org
Verze: v2014.02.03.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
dealer4 :: PC27 [administrátor]
Ochrana: Povolena
3.2.2014 19:54:44
MBAM-log-2014-02-03 (20-07-07).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228361
Uplynulý čas: 8 minut, 4 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 17
HKCR\CLSID\{89ea300a-d75b-4270-a63f-c45f0ff5f7a3} (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{26043cca-638a-4656-adca-cc0d25947068} (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{A6D375A7-85A9-4904-9D1A-FD89FE4E97ED} (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89EA300A-D75B-4270-A63F-C45F0FF5F7A3} (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{022C9F90-2E96-47D6-A971-107650154563} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1 (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\maucampo (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\maucampo (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
HKLM\Software\maucampo (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 3
C:\Program Files\AppGraffiti (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\Update (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\maucampo (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 18
C:\Program Files\maucampo\maucampoBHO.dll (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti.dll (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\AppData\Local\Temp\SpeedUpMyComputer.exe (PUP.Optional.SmartTweak) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\MyPhoneExplorer_Setup_1.8.5.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\TVSetup(1).exe (PUP.Optional.Inbox) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\TVSetup.exe (PUP.Optional.Inbox) -> Nebyla provedena žádná instrukce.
C:\Users\dealer4\Downloads\nokia-pc-suite-lista-centrumcz.exe (Trojan.Downloader.Agent) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\unins000.dat (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti.exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti._dll (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti._exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\AppGraffiti64.dll (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\config.dat (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\AppGraffiti\unins000.exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\maucampo\maucampo.ico (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\maucampo\maucampoUninstall.exe (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
(konec)
# AdwCleaner v3.018 - Report created 03/02/2014 at 20:08:29
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : dealer4 - PC27
# Running from : C:\Users\dealer4\Downloads\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-10.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-5.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-6.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-7.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-8.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-9.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\my-web-search.xml
File Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\user.js
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\Extensions\AppGraffiti@AppGraffiti.com
Folder Found C:\Program Files\AppGraffiti
Folder Found C:\Program Files\ICQ6Toolbar
Folder Found C:\Program Files\SiteRanker
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Found C:\ProgramData\RegClean
Folder Found C:\Users\dealer4\AppData\Local\iac
Folder Found C:\Users\dealer4\AppData\LocalLow\AppGraffiti
Folder Found C:\Users\dealer4\AppData\LocalLow\SiteRanker
Folder Found C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\ICQToolbarData
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppGraffiti
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\SiteRanker
Key Found : HKLM\Software\AppGraffiti
Key Found : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\pc27\AppData\Roaming\Mozilla\Firefox\Profiles\krammldy.default\prefs.js ]
[ File : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\prefs.js ]
Line Found : user_pref("extensions.mywebsearch.prevDefaultEngine", "ICQ Search");
Line Found : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Found : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://www2.inbox.com/search/dispatcher.aspx?tp=sf&tbid=82120&language=cs&qkw=");
Line Found : user_pref("extensions.mywebsearch.prevSelectedEngine", "ICQ Search");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=98B309F5-6CA0-400C-BE6D-8125849525B4&n=77fc9245&p2=^HJ^xdm073^YY^cz&si=pconverter");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013041221");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^cz");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "98B309F5-6CA0-400C-BE6D-8125849525B4");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1366048745818");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.engineVerified", false);
Line Found : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
Line Found : user_pref("icqtoolbar.firstTbRun", false);
Line Found : user_pref("icqtoolbar.geolastmodified", 1391193295);
Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_default itb_games itb_highlight");
Line Found : user_pref("icqtoolbar.history", "pc%20help||hotel%20admir%C3%A1l%20lipno||Hotel%20restaurant%20Admir%C3%A1l||%C5%A1pindleruv%20ml%C3%BDn||hxxp%3A%2F%2Fwww.sportbp.cz%2Fsportovnikurzy%2Fkurz-instruktor[...]
Line Found : user_pref("icqtoolbar.icqgeo", 42);
Line Found : user_pref("icqtoolbar.installTime", "1346224452");
Line Found : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Found : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "26.0");
Line Found : user_pref("icqtoolbar.skip_default_search", "no");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uniqueID", "134604832613460486861346052094851");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1391452930);
Line Found : user_pref("icqtoolbar.version", "1.5.3");
Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Found : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=98B309F5-6CA0-400C-BE6D-8125849525B4&n=77fc9245&ind=2013041221&p2=^HJ^xdm073^YY^cz&si=pconverter&searchfor="[...]
*************************
AdwCleaner[R0].txt - [11173 octets] - [03/02/2014 20:08:29]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11234 octets] ##########
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o konrolu Logu
Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
====================================================
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
====================================================
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
====================================================
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o konrolu Logu
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org
Verze: v2014.02.04.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
dealer4 :: PC27 [administrátor]
Ochrana: Povolena
4.2.2014 15:24:27
mbam-log-2014-02-04 (15-24-27).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228555
Uplynulý čas: 10 minut, 13 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 17
HKCR\CLSID\{89ea300a-d75b-4270-a63f-c45f0ff5f7a3} (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{26043cca-638a-4656-adca-cc0d25947068} (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{A6D375A7-85A9-4904-9D1A-FD89FE4E97ED} (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89EA300A-D75B-4270-A63F-C45F0FF5F7A3} (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Bude smazán při restartu.
HKCR\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{022C9F90-2E96-47D6-A971-107650154563} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1 (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\maucampo (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\maucampo (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\Software\maucampo (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 3
C:\Program Files\AppGraffiti (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\Update (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\maucampo (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
Nalezené soubory: 18
C:\Program Files\maucampo\maucampoBHO.dll (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti.dll (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\AppData\Local\Temp\SpeedUpMyComputer.exe (PUP.Optional.SmartTweak) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\MyPhoneExplorer_Setup_1.8.5.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\TVSetup(1).exe (PUP.Optional.Inbox) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\TVSetup.exe (PUP.Optional.Inbox) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\nokia-pc-suite-lista-centrumcz.exe (Trojan.Downloader.Agent) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\unins000.dat (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti.exe (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti._dll (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti._exe (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti64.dll (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\config.dat (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\unins000.exe (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\maucampo\maucampo.ico (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\maucampo\maucampoUninstall.exe (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
(konec)
AdwCleaner v3.018 - Report created 04/02/2014 at 17:08:07
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : dealer4 - PC27
# Running from : C:\Users\dealer4\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\SiteRanker
Folder Deleted : C:\Users\dealer4\AppData\Local\iac
Folder Deleted : C:\Users\dealer4\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\dealer4\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\ICQToolbarData
Folder Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\Extensions\AppGraffiti@AppGraffiti.com
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\my-web-search.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKLM\Software\AppGraffiti
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\pc27\AppData\Roaming\Mozilla\Firefox\Profiles\krammldy.default\prefs.js ]
[ File : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\prefs.js ]
Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "ICQ Search");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://www2.inbox.com/search/dispatcher.aspx?tp=sf&tbid=82120&language=cs&qkw=");
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "ICQ Search");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=98B309F5-6CA0-400C-BE6D-8125849525B4&n=77fc9245&p2=^HJ^xdm073^YY^cz&si=pconverter");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013041221");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^cz");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "98B309F5-6CA0-400C-BE6D-8125849525B4");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1366048745818");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1391193295);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_default itb_games itb_highlight");
Line Deleted : user_pref("icqtoolbar.history", "Bosch%20PTK||zadov%20ly%C5%BEov%C3%A1n%C3%AD||p%C5%99ed%C3%A1v%C3%A1m%C4%9B%20firm%C4%9B%20factoring||go||pc%20help||hotel%20admir%C3%A1l%20lipno||Hotel%20restaurant%2[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1346224452");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "26.0");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "134604832613460486861346052094851");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1391452930);
Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=98B309F5-6CA0-400C-BE6D-8125849525B4&n=77fc9245&ind=2013041221&p2=^HJ^xdm073^YY^cz&si=pconverter&searchfor="[...]
*************************
AdwCleaner[R0].txt - [11315 octets] - [03/02/2014 20:08:29]
AdwCleaner[R1].txt - [10276 octets] - [04/02/2014 17:07:27]
AdwCleaner[S0].txt - [10191 octets] - [04/02/2014 17:08:07]
unkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x86
Ran by dealer4 on Łt 04.02.2014 at 17:30:26,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files\smarttweak"
Successfully deleted: [Folder] "C:\Users\dealer4\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
~~~ FireFox
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com
Emptied folder: C:\Users\dealer4\AppData\Roaming\mozilla\firefox\profiles\r7c7ov6d.default\minidumps [217 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 04.02.2014 at 17:39:13,81
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RogueKiller V8.8.5 [Feb 3 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : dealer4 [Práva správce]
Mód : Kontrola -- Datum : 02/04/2014 17:46:37
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600AAJS-60Z0A0 ATA Device +++++
--- User ---
[MBR] 350656d9bf544161abfbe97ade003b56
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152525 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_02042014_174637.txt >>
http://www.malwarebytes.org
Verze: v2014.02.04.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
dealer4 :: PC27 [administrátor]
Ochrana: Povolena
4.2.2014 15:24:27
mbam-log-2014-02-04 (15-24-27).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228555
Uplynulý čas: 10 minut, 13 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 17
HKCR\CLSID\{89ea300a-d75b-4270-a63f-c45f0ff5f7a3} (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{26043cca-638a-4656-adca-cc0d25947068} (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{A6D375A7-85A9-4904-9D1A-FD89FE4E97ED} (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89EA300A-D75B-4270-A63F-C45F0FF5F7A3} (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Bude smazán při restartu.
HKCR\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{022C9F90-2E96-47D6-A971-107650154563} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1 (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\maucampo (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\maucampo (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\Software\maucampo (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 3
C:\Program Files\AppGraffiti (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\Update (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\maucampo (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
Nalezené soubory: 18
C:\Program Files\maucampo\maucampoBHO.dll (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti.dll (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\AppData\Local\Temp\SpeedUpMyComputer.exe (PUP.Optional.SmartTweak) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\MyPhoneExplorer_Setup_1.8.5.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\TVSetup(1).exe (PUP.Optional.Inbox) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\TVSetup.exe (PUP.Optional.Inbox) -> Přesun do karantény a smazání se zdařilo.
C:\Users\dealer4\Downloads\nokia-pc-suite-lista-centrumcz.exe (Trojan.Downloader.Agent) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\unins000.dat (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti.exe (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti._dll (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti._exe (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\AppGraffiti64.dll (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\config.dat (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\AppGraffiti\unins000.exe (PUP.Optional.AppGraffiti.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\maucampo\maucampo.ico (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\maucampo\maucampoUninstall.exe (PUP.Optional.Maucampo.A) -> Přesun do karantény a smazání se zdařilo.
(konec)
AdwCleaner v3.018 - Report created 04/02/2014 at 17:08:07
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : dealer4 - PC27
# Running from : C:\Users\dealer4\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\SiteRanker
Folder Deleted : C:\Users\dealer4\AppData\Local\iac
Folder Deleted : C:\Users\dealer4\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\dealer4\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\ICQToolbarData
Folder Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\Extensions\AppGraffiti@AppGraffiti.com
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\searchplugins\my-web-search.xml
File Deleted : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKLM\Software\AppGraffiti
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\pc27\AppData\Roaming\Mozilla\Firefox\Profiles\krammldy.default\prefs.js ]
[ File : C:\Users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\prefs.js ]
Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "ICQ Search");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://www2.inbox.com/search/dispatcher.aspx?tp=sf&tbid=82120&language=cs&qkw=");
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "ICQ Search");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=98B309F5-6CA0-400C-BE6D-8125849525B4&n=77fc9245&p2=^HJ^xdm073^YY^cz&si=pconverter");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013041221");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^cz");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "98B309F5-6CA0-400C-BE6D-8125849525B4");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1366048745818");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1391193295);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_default itb_games itb_highlight");
Line Deleted : user_pref("icqtoolbar.history", "Bosch%20PTK||zadov%20ly%C5%BEov%C3%A1n%C3%AD||p%C5%99ed%C3%A1v%C3%A1m%C4%9B%20firm%C4%9B%20factoring||go||pc%20help||hotel%20admir%C3%A1l%20lipno||Hotel%20restaurant%2[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1346224452");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "26.0");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "134604832613460486861346052094851");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1391452930);
Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=98B309F5-6CA0-400C-BE6D-8125849525B4&n=77fc9245&ind=2013041221&p2=^HJ^xdm073^YY^cz&si=pconverter&searchfor="[...]
*************************
AdwCleaner[R0].txt - [11315 octets] - [03/02/2014 20:08:29]
AdwCleaner[R1].txt - [10276 octets] - [04/02/2014 17:07:27]
AdwCleaner[S0].txt - [10191 octets] - [04/02/2014 17:08:07]
unkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x86
Ran by dealer4 on Łt 04.02.2014 at 17:30:26,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files\smarttweak"
Successfully deleted: [Folder] "C:\Users\dealer4\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
~~~ FireFox
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com
Emptied folder: C:\Users\dealer4\AppData\Roaming\mozilla\firefox\profiles\r7c7ov6d.default\minidumps [217 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 04.02.2014 at 17:39:13,81
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RogueKiller V8.8.5 [Feb 3 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : dealer4 [Práva správce]
Mód : Kontrola -- Datum : 02/04/2014 17:46:37
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600AAJS-60Z0A0 ATA Device +++++
--- User ---
[MBR] 350656d9bf544161abfbe97ade003b56
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152525 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_02042014_174637.txt >>
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o konrolu Logu
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o konrolu Logu
ogueKiller V8.8.5 [Feb 3 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : dealer4 [Práva správce]
Mód : Odebrat -- Datum : 02/04/2014 19:30:59
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600AAJS-60Z0A0 ATA Device +++++
--- User ---
[MBR] 350656d9bf544161abfbe97ade003b56
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152525 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_02042014_193059.txt >>
RKreport[0]_S_02042014_174637.txt;RKreport[0]_S_02042014_193046.txt
19:33:34.0904 1596 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:33:38.0858 1596 ============================================================
19:33:38.0858 1596 Current date / time: 2014/02/04 19:33:38.0858
19:33:38.0858 1596 SystemInfo:
19:33:38.0858 1596
19:33:38.0858 1596 OS Version: 6.1.7601 ServicePack: 1.0
19:33:38.0858 1596 Product type: Workstation
19:33:38.0858 1596 ComputerName: PC27
19:33:38.0863 1596 UserName: dealer4
19:33:38.0863 1596 Windows directory: C:\Windows
19:33:38.0863 1596 System windows directory: C:\Windows
19:33:38.0863 1596 Processor architecture: Intel x86
19:33:38.0863 1596 Number of processors: 2
19:33:38.0863 1596 Page size: 0x1000
19:33:38.0863 1596 Boot type: Normal boot
19:33:38.0863 1596 ============================================================
19:33:40.0047 1596 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:33:40.0087 1596 ============================================================
19:33:40.0087 1596 \Device\Harddisk0\DR0:
19:33:40.0103 1596 MBR partitions:
19:33:40.0104 1596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:33:40.0104 1596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6EB0
19:33:40.0104 1596 ============================================================
19:33:40.0133 1596 C: <-> \Device\Harddisk0\DR0\Partition2
19:33:40.0133 1596 ============================================================
19:33:40.0133 1596 Initialize success
19:33:40.0133 1596 ============================================================
19:33:46.0244 5228 Deinitialize success
19:34:10.0590 5456 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:34:12.0431 5456 Perform update action was selected
19:34:12.0438 5956 Deinitialize success
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : dealer4 [Práva správce]
Mód : Odebrat -- Datum : 02/04/2014 19:30:59
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600AAJS-60Z0A0 ATA Device +++++
--- User ---
[MBR] 350656d9bf544161abfbe97ade003b56
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152525 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_02042014_193059.txt >>
RKreport[0]_S_02042014_174637.txt;RKreport[0]_S_02042014_193046.txt
19:33:34.0904 1596 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:33:38.0858 1596 ============================================================
19:33:38.0858 1596 Current date / time: 2014/02/04 19:33:38.0858
19:33:38.0858 1596 SystemInfo:
19:33:38.0858 1596
19:33:38.0858 1596 OS Version: 6.1.7601 ServicePack: 1.0
19:33:38.0858 1596 Product type: Workstation
19:33:38.0858 1596 ComputerName: PC27
19:33:38.0863 1596 UserName: dealer4
19:33:38.0863 1596 Windows directory: C:\Windows
19:33:38.0863 1596 System windows directory: C:\Windows
19:33:38.0863 1596 Processor architecture: Intel x86
19:33:38.0863 1596 Number of processors: 2
19:33:38.0863 1596 Page size: 0x1000
19:33:38.0863 1596 Boot type: Normal boot
19:33:38.0863 1596 ============================================================
19:33:40.0047 1596 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:33:40.0087 1596 ============================================================
19:33:40.0087 1596 \Device\Harddisk0\DR0:
19:33:40.0103 1596 MBR partitions:
19:33:40.0104 1596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:33:40.0104 1596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6EB0
19:33:40.0104 1596 ============================================================
19:33:40.0133 1596 C: <-> \Device\Harddisk0\DR0\Partition2
19:33:40.0133 1596 ============================================================
19:33:40.0133 1596 Initialize success
19:33:40.0133 1596 ============================================================
19:33:46.0244 5228 Deinitialize success
19:34:10.0590 5456 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:34:12.0431 5456 Perform update action was selected
19:34:12.0438 5956 Deinitialize success
Re: Prosím o konrolu Logu
24 4312 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:34:21.0039 4312 ============================================================
19:34:21.0039 4312 Current date / time: 2014/02/04 19:34:21.0039
19:34:21.0039 4312 SystemInfo:
19:34:21.0039 4312
19:34:21.0040 4312 OS Version: 6.1.7601 ServicePack: 1.0
19:34:21.0040 4312 Product type: Workstation
19:34:21.0040 4312 ComputerName: PC27
19:34:21.0040 4312 UserName: dealer4
19:34:21.0040 4312 Windows directory: C:\Windows
19:34:21.0040 4312 System windows directory: C:\Windows
19:34:21.0040 4312 Processor architecture: Intel x86
19:34:21.0040 4312 Number of processors: 2
19:34:21.0040 4312 Page size: 0x1000
19:34:21.0040 4312 Boot type: Normal boot
19:34:21.0040 4312 ============================================================
19:34:21.0979 4312 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:34:22.0017 4312 ============================================================
19:34:22.0017 4312 \Device\Harddisk0\DR0:
19:34:22.0017 4312 MBR partitions:
19:34:22.0017 4312 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:34:22.0017 4312 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6EB0
19:34:22.0017 4312 ============================================================
19:34:22.0040 4312 C: <-> \Device\Harddisk0\DR0\Partition2
19:34:22.0041 4312 ============================================================
19:34:22.0041 4312 Initialize success
19:34:22.0041 4312 ============================================================
19:34:24.0019 6084 ============================================================
19:34:24.0019 6084 Scan started
19:34:24.0019 6084 Mode: Manual;
19:34:24.0019 6084 ============================================================
19:34:24.0490 6084 ================ Scan system memory ========================
19:34:24.0490 6084 System memory - ok
19:34:24.0491 6084 ================ Scan services =============================
19:34:24.0667 6084 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:34:24.0670 6084 1394ohci - ok
19:34:24.0700 6084 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:34:24.0704 6084 ACPI - ok
19:34:24.0738 6084 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:34:24.0739 6084 AcpiPmi - ok
19:34:24.0816 6084 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:34:24.0818 6084 AdobeARMservice - ok
19:34:24.0879 6084 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:34:24.0883 6084 AdobeFlashPlayerUpdateSvc - ok
19:34:24.0922 6084 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:34:24.0928 6084 adp94xx - ok
19:34:24.0954 6084 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:34:24.0959 6084 adpahci - ok
19:34:24.0988 6084 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:34:24.0991 6084 adpu320 - ok
19:34:25.0019 6084 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:34:25.0022 6084 AeLookupSvc - ok
19:34:25.0063 6084 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
19:34:25.0068 6084 AFD - ok
19:34:25.0106 6084 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:34:25.0108 6084 agp440 - ok
19:34:25.0129 6084 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:34:25.0131 6084 aic78xx - ok
19:34:25.0149 6084 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:34:25.0151 6084 ALG - ok
19:34:25.0169 6084 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:34:25.0170 6084 aliide - ok
19:34:25.0189 6084 [ F1635C21B484713BCA63182BCD5DC498 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:34:25.0191 6084 AMD External Events Utility - ok
19:34:25.0208 6084 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:34:25.0209 6084 amdagp - ok
19:34:25.0219 6084 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:34:25.0220 6084 amdide - ok
19:34:25.0232 6084 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:34:25.0233 6084 AmdK8 - ok
19:34:25.0351 6084 [ 8331BF867EFEA8067026394B26A045BA ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
19:34:25.0379 6084 amdkmdag - ok
19:34:25.0399 6084 [ 5F9D49DF02E2DDE0A962A0DD8FF2B405 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:34:25.0400 6084 amdkmdap - ok
19:34:25.0408 6084 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:34:25.0408 6084 AmdPPM - ok
19:34:25.0433 6084 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:34:25.0434 6084 amdsata - ok
19:34:25.0452 6084 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:34:25.0453 6084 amdsbs - ok
19:34:25.0465 6084 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:34:25.0465 6084 amdxata - ok
19:34:25.0490 6084 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
19:34:25.0492 6084 AppID - ok
19:34:25.0524 6084 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:34:25.0526 6084 AppIDSvc - ok
19:34:25.0560 6084 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
19:34:25.0561 6084 Appinfo - ok
19:34:25.0580 6084 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:34:25.0581 6084 arc - ok
19:34:25.0601 6084 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:34:25.0602 6084 arcsas - ok
19:34:25.0618 6084 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:34:25.0619 6084 AsyncMac - ok
19:34:25.0642 6084 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:34:25.0643 6084 atapi - ok
19:34:25.0777 6084 [ 8331BF867EFEA8067026394B26A045BA ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:34:25.0806 6084 atikmdag - ok
19:34:25.0829 6084 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:34:25.0830 6084 AtiPcie - ok
19:34:25.0869 6084 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:34:25.0886 6084 AudioEndpointBuilder - ok
19:34:25.0902 6084 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:34:25.0910 6084 Audiosrv - ok
19:34:25.0935 6084 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:34:25.0937 6084 AxInstSV - ok
19:34:25.0963 6084 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:34:25.0966 6084 b06bdrv - ok
19:34:25.0996 6084 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:34:25.0998 6084 b57nd60x - ok
19:34:26.0020 6084 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:34:26.0022 6084 BDESVC - ok
19:34:26.0040 6084 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:34:26.0040 6084 Beep - ok
19:34:26.0076 6084 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
19:34:26.0093 6084 BFE - ok
19:34:26.0140 6084 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
19:34:26.0166 6084 BITS - ok
19:34:26.0187 6084 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:34:26.0188 6084 blbdrive - ok
19:34:26.0225 6084 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:34:26.0227 6084 bowser - ok
19:34:26.0244 6084 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:34:26.0245 6084 BrFiltLo - ok
19:34:26.0267 6084 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:34:26.0268 6084 BrFiltUp - ok
19:34:26.0307 6084 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
19:34:26.0310 6084 Browser - ok
19:34:26.0340 6084 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:34:26.0345 6084 Brserid - ok
19:34:26.0363 6084 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:34:26.0365 6084 BrSerWdm - ok
19:34:26.0379 6084 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:34:26.0380 6084 BrUsbMdm - ok
19:34:26.0399 6084 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:34:26.0399 6084 BrUsbSer - ok
19:34:26.0416 6084 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:34:26.0417 6084 BTHMODEM - ok
19:34:26.0437 6084 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:34:26.0439 6084 bthserv - ok
19:34:26.0452 6084 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:34:26.0453 6084 cdfs - ok
19:34:26.0480 6084 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:34:26.0482 6084 cdrom - ok
19:34:26.0513 6084 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
19:34:26.0516 6084 CertPropSvc - ok
19:34:26.0546 6084 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:34:26.0547 6084 circlass - ok
19:34:26.0575 6084 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:34:26.0580 6084 CLFS - ok
19:34:26.0636 6084 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:34:26.0642 6084 clr_optimization_v2.0.50727_32 - ok
19:34:26.0698 6084 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:34:26.0756 6084 clr_optimization_v4.0.30319_32 - ok
19:34:26.0779 6084 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:34:26.0780 6084 CmBatt - ok
19:34:26.0812 6084 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:34:26.0814 6084 cmdide - ok
19:34:26.0860 6084 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
19:34:26.0866 6084 CNG - ok
19:34:26.0892 6084 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:34:26.0894 6084 Compbatt - ok
19:34:26.0916 6084 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:34:26.0918 6084 CompositeBus - ok
19:34:26.0928 6084 COMSysApp - ok
19:34:26.0945 6084 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:34:26.0946 6084 crcdisk - ok
19:34:26.0985 6084 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:34:26.0988 6084 CryptSvc - ok
19:34:27.0025 6084 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:34:27.0036 6084 DcomLaunch - ok
19:34:27.0072 6084 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:34:27.0075 6084 defragsvc - ok
19:34:27.0100 6084 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:34:27.0101 6084 DfsC - ok
19:34:27.0127 6084 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:34:27.0132 6084 Dhcp - ok
19:34:27.0144 6084 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:34:27.0145 6084 discache - ok
19:34:27.0157 6084 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:34:27.0158 6084 Disk - ok
19:34:27.0184 6084 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:34:27.0187 6084 Dnscache - ok
19:34:27.0221 6084 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
19:34:27.0225 6084 dot3svc - ok
19:34:27.0256 6084 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
19:34:27.0259 6084 DPS - ok
19:34:27.0273 6084 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:34:27.0274 6084 drmkaud - ok
19:34:27.0303 6084 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:34:27.0308 6084 DXGKrnl - ok
19:34:27.0313 6084 eamon - ok
19:34:27.0338 6084 [ 73CE42907CF42BFB91BCD27FE7C7A7AF ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:34:27.0339 6084 eamonm - ok
19:34:27.0357 6084 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:34:27.0359 6084 EapHost - ok
19:34:27.0448 6084 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:34:27.0470 6084 ebdrv - ok
19:34:27.0496 6084 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
19:34:27.0497 6084 EFS - ok
19:34:27.0518 6084 [ 7D300A43A7BD8769E0F901BF9E1AE367 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:34:27.0519 6084 ehdrv - ok
19:34:27.0572 6084 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:34:27.0590 6084 ehRecvr - ok
19:34:27.0618 6084 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
19:34:27.0621 6084 ehSched - ok
19:34:27.0683 6084 [ D83323D7CD5D1CC46B42DA9E59409890 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
19:34:27.0684 6084 EhttpSrv - ok
19:34:27.0723 6084 [ EFA198F8983D064A81052851F7BB80C2 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
19:34:27.0735 6084 ekrn - ok
19:34:27.0770 6084 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:34:27.0774 6084 elxstor - ok
19:34:27.0796 6084 [ 96F9030CA15A8D2E8D44E53C1F0E842D ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
19:34:27.0797 6084 epfwwfpr - ok
19:34:27.0809 6084 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:34:27.0810 6084 ErrDev - ok
19:34:27.0847 6084 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:34:27.0849 6084 EventSystem - ok
19:34:27.0869 6084 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:34:27.0871 6084 exfat - ok
19:34:27.0886 6084 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:34:27.0888 6084 fastfat - ok
19:34:27.0943 6084 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
19:34:27.0977 6084 Fax - ok
19:34:28.0020 6084 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:34:28.0021 6084 fdc - ok
19:34:28.0049 6084 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:34:28.0053 6084 fdPHost - ok
19:34:28.0072 6084 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:34:28.0076 6084 FDResPub - ok
19:34:28.0093 6084 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:34:28.0095 6084 FileInfo - ok
19:34:28.0110 6084 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:34:28.0111 6084 Filetrace - ok
19:34:28.0119 6084 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:34:28.0119 6084 flpydisk - ok
19:34:28.0135 6084 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:34:28.0137 6084 FltMgr - ok
19:34:28.0165 6084 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
19:34:28.0183 6084 FontCache - ok
19:34:28.0227 6084 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:34:28.0230 6084 FontCache3.0.0.0 - ok
19:34:28.0243 6084 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:34:28.0245 6084 FsDepends - ok
19:34:28.0272 6084 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:34:28.0273 6084 Fs_Rec - ok
19:34:28.0309 6084 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:34:28.0313 6084 fvevol - ok
19:34:28.0346 6084 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:34:28.0348 6084 gagp30kx - ok
19:34:28.0393 6084 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
19:34:28.0411 6084 gpsvc - ok
19:34:28.0427 6084 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:34:28.0427 6084 hcw85cir - ok
19:34:28.0456 6084 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:34:28.0459 6084 HdAudAddService - ok
19:34:28.0478 6084 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:34:28.0480 6084 HDAudBus - ok
19:34:28.0485 6084 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:34:28.0486 6084 HidBatt - ok
19:34:28.0505 6084 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:34:28.0506 6084 HidBth - ok
19:34:28.0511 6084 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:34:28.0512 6084 HidIr - ok
19:34:28.0538 6084 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
19:34:28.0540 6084 hidserv - ok
19:34:28.0553 6084 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:34:28.0554 6084 HidUsb - ok
19:34:28.0580 6084 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:34:28.0583 6084 hkmsvc - ok
19:34:28.0602 6084 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:34:28.0606 6084 HomeGroupListener - ok
19:34:28.0640 6084 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:34:28.0643 6084 HomeGroupProvider - ok
19:34:28.0660 6084 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:34:28.0661 6084 HpSAMD - ok
19:34:28.0685 6084 [ 950CC1E6AE3A6CD23E0945CDE089B02C ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:34:28.0686 6084 HTCAND32 - ok
19:34:28.0744 6084 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
19:34:28.0747 6084 HTCMonitorService - ok
19:34:28.0772 6084 [ 339ADEFAD60353F960E3CA67CE468C24 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
19:34:28.0773 6084 htcnprot - ok
19:34:28.0812 6084 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:34:28.0820 6084 HTTP - ok
19:34:28.0853 6084 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:34:28.0855 6084 hwpolicy - ok
19:34:28.0889 6084 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:34:28.0891 6084 i8042prt - ok
19:34:28.0917 6084 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:34:28.0923 6084 iaStorV - ok
19:34:28.0993 6084 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:34:29.0019 6084 idsvc - ok
19:34:29.0052 6084 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:34:29.0053 6084 iirsp - ok
19:34:29.0106 6084 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
19:34:29.0109 6084 IJPLMSVC - ok
19:34:29.0159 6084 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
19:34:29.0185 6084 IKEEXT - ok
19:34:29.0277 6084 [ 441A9ADCE9394E18FF6C23F77C983C04 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:34:29.0299 6084 IntcAzAudAddService - ok
19:34:29.0314 6084 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:34:29.0315 6084 intelide - ok
19:34:29.0328 6084 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:34:29.0329 6084 intelppm - ok
19:34:29.0358 6084 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:34:29.0360 6084 IPBusEnum - ok
19:34:29.0377 6084 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:34:29.0378 6084 IpFilterDriver - ok
19:34:29.0411 6084 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:34:29.0427 6084 iphlpsvc - ok
19:34:29.0453 6084 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:34:29.0455 6084 IPMIDRV - ok
19:34:29.0479 6084 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:34:29.0481 6084 IPNAT - ok
19:34:29.0501 6084 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:34:29.0502 6084 IRENUM - ok
19:34:29.0526 6084 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:34:29.0527 6084 isapnp - ok
19:34:29.0557 6084 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:34:29.0559 6084 iScsiPrt - ok
19:34:29.0575 6084 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:34:29.0576 6084 kbdclass - ok
19:34:29.0606 6084 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:34:29.0607 6084 kbdhid - ok
19:34:29.0621 6084 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
19:34:29.0623 6084 KeyIso - ok
19:34:29.0658 6084 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:34:29.0659 6084 KSecDD - ok
19:34:29.0703 6084 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:34:29.0706 6084 KSecPkg - ok
19:34:29.0736 6084 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:34:29.0753 6084 KtmRm - ok
19:34:29.0778 6084 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
19:34:29.0795 6084 LanmanServer - ok
19:34:29.0834 6084 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:34:29.0843 6084 LanmanWorkstation - ok
19:34:29.0880 6084 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:34:29.0881 6084 lltdio - ok
19:34:29.0908 6084 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:34:29.0912 6084 lltdsvc - ok
19:34:29.0926 6084 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:34:29.0928 6084 lmhosts - ok
19:34:29.0951 6084 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:34:29.0953 6084 LSI_FC - ok
19:34:29.0970 6084 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:34:29.0971 6084 LSI_SAS - ok
19:34:29.0984 6084 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:34:29.0985 6084 LSI_SAS2 - ok
19:34:29.0999 6084 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:34:30.0001 6084 LSI_SCSI - ok
19:34:30.0014 6084 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:34:30.0016 6084 luafv - ok
19:34:30.0047 6084 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:34:30.0048 6084 MBAMProtector - ok
19:34:30.0104 6084 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:34:30.0111 6084 MBAMScheduler - ok
19:34:30.0158 6084 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:34:30.0169 6084 MBAMService - ok
19:34:30.0199 6084 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:34:30.0203 6084 Mcx2Svc - ok
19:34:30.0219 6084 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:34:30.0220 6084 megasas - ok
19:34:30.0237 6084 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:34:30.0239 6084 MegaSR - ok
19:34:30.0265 6084 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:34:30.0268 6084 MMCSS - ok
19:34:30.0282 6084 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:34:30.0283 6084 Modem - ok
19:34:30.0301 6084 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:34:30.0301 6084 monitor - ok
19:34:30.0331 6084 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:34:30.0331 6084 mouclass - ok
19:34:30.0345 6084 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:34:30.0345 6084 mouhid - ok
19:34:30.0375 6084 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:34:30.0376 6084 mountmgr - ok
19:34:30.0404 6084 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:34:30.0406 6084 mpio - ok
19:34:30.0422 6084 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:34:30.0422 6084 mpsdrv - ok
19:34:30.0460 6084 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:34:30.0481 6084 MpsSvc - ok
19:34:21.0039 4312 ============================================================
19:34:21.0039 4312 Current date / time: 2014/02/04 19:34:21.0039
19:34:21.0039 4312 SystemInfo:
19:34:21.0039 4312
19:34:21.0040 4312 OS Version: 6.1.7601 ServicePack: 1.0
19:34:21.0040 4312 Product type: Workstation
19:34:21.0040 4312 ComputerName: PC27
19:34:21.0040 4312 UserName: dealer4
19:34:21.0040 4312 Windows directory: C:\Windows
19:34:21.0040 4312 System windows directory: C:\Windows
19:34:21.0040 4312 Processor architecture: Intel x86
19:34:21.0040 4312 Number of processors: 2
19:34:21.0040 4312 Page size: 0x1000
19:34:21.0040 4312 Boot type: Normal boot
19:34:21.0040 4312 ============================================================
19:34:21.0979 4312 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:34:22.0017 4312 ============================================================
19:34:22.0017 4312 \Device\Harddisk0\DR0:
19:34:22.0017 4312 MBR partitions:
19:34:22.0017 4312 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:34:22.0017 4312 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6EB0
19:34:22.0017 4312 ============================================================
19:34:22.0040 4312 C: <-> \Device\Harddisk0\DR0\Partition2
19:34:22.0041 4312 ============================================================
19:34:22.0041 4312 Initialize success
19:34:22.0041 4312 ============================================================
19:34:24.0019 6084 ============================================================
19:34:24.0019 6084 Scan started
19:34:24.0019 6084 Mode: Manual;
19:34:24.0019 6084 ============================================================
19:34:24.0490 6084 ================ Scan system memory ========================
19:34:24.0490 6084 System memory - ok
19:34:24.0491 6084 ================ Scan services =============================
19:34:24.0667 6084 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:34:24.0670 6084 1394ohci - ok
19:34:24.0700 6084 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:34:24.0704 6084 ACPI - ok
19:34:24.0738 6084 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:34:24.0739 6084 AcpiPmi - ok
19:34:24.0816 6084 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:34:24.0818 6084 AdobeARMservice - ok
19:34:24.0879 6084 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:34:24.0883 6084 AdobeFlashPlayerUpdateSvc - ok
19:34:24.0922 6084 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:34:24.0928 6084 adp94xx - ok
19:34:24.0954 6084 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:34:24.0959 6084 adpahci - ok
19:34:24.0988 6084 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:34:24.0991 6084 adpu320 - ok
19:34:25.0019 6084 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:34:25.0022 6084 AeLookupSvc - ok
19:34:25.0063 6084 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
19:34:25.0068 6084 AFD - ok
19:34:25.0106 6084 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:34:25.0108 6084 agp440 - ok
19:34:25.0129 6084 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:34:25.0131 6084 aic78xx - ok
19:34:25.0149 6084 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:34:25.0151 6084 ALG - ok
19:34:25.0169 6084 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:34:25.0170 6084 aliide - ok
19:34:25.0189 6084 [ F1635C21B484713BCA63182BCD5DC498 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:34:25.0191 6084 AMD External Events Utility - ok
19:34:25.0208 6084 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:34:25.0209 6084 amdagp - ok
19:34:25.0219 6084 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:34:25.0220 6084 amdide - ok
19:34:25.0232 6084 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:34:25.0233 6084 AmdK8 - ok
19:34:25.0351 6084 [ 8331BF867EFEA8067026394B26A045BA ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
19:34:25.0379 6084 amdkmdag - ok
19:34:25.0399 6084 [ 5F9D49DF02E2DDE0A962A0DD8FF2B405 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:34:25.0400 6084 amdkmdap - ok
19:34:25.0408 6084 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:34:25.0408 6084 AmdPPM - ok
19:34:25.0433 6084 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:34:25.0434 6084 amdsata - ok
19:34:25.0452 6084 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:34:25.0453 6084 amdsbs - ok
19:34:25.0465 6084 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:34:25.0465 6084 amdxata - ok
19:34:25.0490 6084 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
19:34:25.0492 6084 AppID - ok
19:34:25.0524 6084 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:34:25.0526 6084 AppIDSvc - ok
19:34:25.0560 6084 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
19:34:25.0561 6084 Appinfo - ok
19:34:25.0580 6084 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:34:25.0581 6084 arc - ok
19:34:25.0601 6084 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:34:25.0602 6084 arcsas - ok
19:34:25.0618 6084 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:34:25.0619 6084 AsyncMac - ok
19:34:25.0642 6084 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:34:25.0643 6084 atapi - ok
19:34:25.0777 6084 [ 8331BF867EFEA8067026394B26A045BA ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:34:25.0806 6084 atikmdag - ok
19:34:25.0829 6084 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:34:25.0830 6084 AtiPcie - ok
19:34:25.0869 6084 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:34:25.0886 6084 AudioEndpointBuilder - ok
19:34:25.0902 6084 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:34:25.0910 6084 Audiosrv - ok
19:34:25.0935 6084 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:34:25.0937 6084 AxInstSV - ok
19:34:25.0963 6084 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:34:25.0966 6084 b06bdrv - ok
19:34:25.0996 6084 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:34:25.0998 6084 b57nd60x - ok
19:34:26.0020 6084 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:34:26.0022 6084 BDESVC - ok
19:34:26.0040 6084 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:34:26.0040 6084 Beep - ok
19:34:26.0076 6084 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
19:34:26.0093 6084 BFE - ok
19:34:26.0140 6084 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
19:34:26.0166 6084 BITS - ok
19:34:26.0187 6084 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:34:26.0188 6084 blbdrive - ok
19:34:26.0225 6084 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:34:26.0227 6084 bowser - ok
19:34:26.0244 6084 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:34:26.0245 6084 BrFiltLo - ok
19:34:26.0267 6084 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:34:26.0268 6084 BrFiltUp - ok
19:34:26.0307 6084 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
19:34:26.0310 6084 Browser - ok
19:34:26.0340 6084 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:34:26.0345 6084 Brserid - ok
19:34:26.0363 6084 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:34:26.0365 6084 BrSerWdm - ok
19:34:26.0379 6084 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:34:26.0380 6084 BrUsbMdm - ok
19:34:26.0399 6084 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:34:26.0399 6084 BrUsbSer - ok
19:34:26.0416 6084 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:34:26.0417 6084 BTHMODEM - ok
19:34:26.0437 6084 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:34:26.0439 6084 bthserv - ok
19:34:26.0452 6084 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:34:26.0453 6084 cdfs - ok
19:34:26.0480 6084 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:34:26.0482 6084 cdrom - ok
19:34:26.0513 6084 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
19:34:26.0516 6084 CertPropSvc - ok
19:34:26.0546 6084 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:34:26.0547 6084 circlass - ok
19:34:26.0575 6084 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:34:26.0580 6084 CLFS - ok
19:34:26.0636 6084 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:34:26.0642 6084 clr_optimization_v2.0.50727_32 - ok
19:34:26.0698 6084 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:34:26.0756 6084 clr_optimization_v4.0.30319_32 - ok
19:34:26.0779 6084 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:34:26.0780 6084 CmBatt - ok
19:34:26.0812 6084 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:34:26.0814 6084 cmdide - ok
19:34:26.0860 6084 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
19:34:26.0866 6084 CNG - ok
19:34:26.0892 6084 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:34:26.0894 6084 Compbatt - ok
19:34:26.0916 6084 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:34:26.0918 6084 CompositeBus - ok
19:34:26.0928 6084 COMSysApp - ok
19:34:26.0945 6084 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:34:26.0946 6084 crcdisk - ok
19:34:26.0985 6084 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:34:26.0988 6084 CryptSvc - ok
19:34:27.0025 6084 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:34:27.0036 6084 DcomLaunch - ok
19:34:27.0072 6084 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:34:27.0075 6084 defragsvc - ok
19:34:27.0100 6084 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:34:27.0101 6084 DfsC - ok
19:34:27.0127 6084 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:34:27.0132 6084 Dhcp - ok
19:34:27.0144 6084 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:34:27.0145 6084 discache - ok
19:34:27.0157 6084 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:34:27.0158 6084 Disk - ok
19:34:27.0184 6084 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:34:27.0187 6084 Dnscache - ok
19:34:27.0221 6084 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
19:34:27.0225 6084 dot3svc - ok
19:34:27.0256 6084 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
19:34:27.0259 6084 DPS - ok
19:34:27.0273 6084 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:34:27.0274 6084 drmkaud - ok
19:34:27.0303 6084 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:34:27.0308 6084 DXGKrnl - ok
19:34:27.0313 6084 eamon - ok
19:34:27.0338 6084 [ 73CE42907CF42BFB91BCD27FE7C7A7AF ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:34:27.0339 6084 eamonm - ok
19:34:27.0357 6084 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:34:27.0359 6084 EapHost - ok
19:34:27.0448 6084 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:34:27.0470 6084 ebdrv - ok
19:34:27.0496 6084 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
19:34:27.0497 6084 EFS - ok
19:34:27.0518 6084 [ 7D300A43A7BD8769E0F901BF9E1AE367 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:34:27.0519 6084 ehdrv - ok
19:34:27.0572 6084 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:34:27.0590 6084 ehRecvr - ok
19:34:27.0618 6084 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
19:34:27.0621 6084 ehSched - ok
19:34:27.0683 6084 [ D83323D7CD5D1CC46B42DA9E59409890 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
19:34:27.0684 6084 EhttpSrv - ok
19:34:27.0723 6084 [ EFA198F8983D064A81052851F7BB80C2 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
19:34:27.0735 6084 ekrn - ok
19:34:27.0770 6084 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:34:27.0774 6084 elxstor - ok
19:34:27.0796 6084 [ 96F9030CA15A8D2E8D44E53C1F0E842D ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
19:34:27.0797 6084 epfwwfpr - ok
19:34:27.0809 6084 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:34:27.0810 6084 ErrDev - ok
19:34:27.0847 6084 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:34:27.0849 6084 EventSystem - ok
19:34:27.0869 6084 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:34:27.0871 6084 exfat - ok
19:34:27.0886 6084 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:34:27.0888 6084 fastfat - ok
19:34:27.0943 6084 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
19:34:27.0977 6084 Fax - ok
19:34:28.0020 6084 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:34:28.0021 6084 fdc - ok
19:34:28.0049 6084 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:34:28.0053 6084 fdPHost - ok
19:34:28.0072 6084 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:34:28.0076 6084 FDResPub - ok
19:34:28.0093 6084 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:34:28.0095 6084 FileInfo - ok
19:34:28.0110 6084 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:34:28.0111 6084 Filetrace - ok
19:34:28.0119 6084 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:34:28.0119 6084 flpydisk - ok
19:34:28.0135 6084 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:34:28.0137 6084 FltMgr - ok
19:34:28.0165 6084 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
19:34:28.0183 6084 FontCache - ok
19:34:28.0227 6084 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:34:28.0230 6084 FontCache3.0.0.0 - ok
19:34:28.0243 6084 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:34:28.0245 6084 FsDepends - ok
19:34:28.0272 6084 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:34:28.0273 6084 Fs_Rec - ok
19:34:28.0309 6084 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:34:28.0313 6084 fvevol - ok
19:34:28.0346 6084 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:34:28.0348 6084 gagp30kx - ok
19:34:28.0393 6084 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
19:34:28.0411 6084 gpsvc - ok
19:34:28.0427 6084 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:34:28.0427 6084 hcw85cir - ok
19:34:28.0456 6084 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:34:28.0459 6084 HdAudAddService - ok
19:34:28.0478 6084 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:34:28.0480 6084 HDAudBus - ok
19:34:28.0485 6084 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:34:28.0486 6084 HidBatt - ok
19:34:28.0505 6084 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:34:28.0506 6084 HidBth - ok
19:34:28.0511 6084 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:34:28.0512 6084 HidIr - ok
19:34:28.0538 6084 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
19:34:28.0540 6084 hidserv - ok
19:34:28.0553 6084 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:34:28.0554 6084 HidUsb - ok
19:34:28.0580 6084 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:34:28.0583 6084 hkmsvc - ok
19:34:28.0602 6084 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:34:28.0606 6084 HomeGroupListener - ok
19:34:28.0640 6084 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:34:28.0643 6084 HomeGroupProvider - ok
19:34:28.0660 6084 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:34:28.0661 6084 HpSAMD - ok
19:34:28.0685 6084 [ 950CC1E6AE3A6CD23E0945CDE089B02C ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:34:28.0686 6084 HTCAND32 - ok
19:34:28.0744 6084 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
19:34:28.0747 6084 HTCMonitorService - ok
19:34:28.0772 6084 [ 339ADEFAD60353F960E3CA67CE468C24 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
19:34:28.0773 6084 htcnprot - ok
19:34:28.0812 6084 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:34:28.0820 6084 HTTP - ok
19:34:28.0853 6084 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:34:28.0855 6084 hwpolicy - ok
19:34:28.0889 6084 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:34:28.0891 6084 i8042prt - ok
19:34:28.0917 6084 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:34:28.0923 6084 iaStorV - ok
19:34:28.0993 6084 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:34:29.0019 6084 idsvc - ok
19:34:29.0052 6084 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:34:29.0053 6084 iirsp - ok
19:34:29.0106 6084 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
19:34:29.0109 6084 IJPLMSVC - ok
19:34:29.0159 6084 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
19:34:29.0185 6084 IKEEXT - ok
19:34:29.0277 6084 [ 441A9ADCE9394E18FF6C23F77C983C04 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:34:29.0299 6084 IntcAzAudAddService - ok
19:34:29.0314 6084 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:34:29.0315 6084 intelide - ok
19:34:29.0328 6084 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:34:29.0329 6084 intelppm - ok
19:34:29.0358 6084 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:34:29.0360 6084 IPBusEnum - ok
19:34:29.0377 6084 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:34:29.0378 6084 IpFilterDriver - ok
19:34:29.0411 6084 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:34:29.0427 6084 iphlpsvc - ok
19:34:29.0453 6084 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:34:29.0455 6084 IPMIDRV - ok
19:34:29.0479 6084 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:34:29.0481 6084 IPNAT - ok
19:34:29.0501 6084 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:34:29.0502 6084 IRENUM - ok
19:34:29.0526 6084 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:34:29.0527 6084 isapnp - ok
19:34:29.0557 6084 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:34:29.0559 6084 iScsiPrt - ok
19:34:29.0575 6084 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:34:29.0576 6084 kbdclass - ok
19:34:29.0606 6084 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:34:29.0607 6084 kbdhid - ok
19:34:29.0621 6084 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
19:34:29.0623 6084 KeyIso - ok
19:34:29.0658 6084 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:34:29.0659 6084 KSecDD - ok
19:34:29.0703 6084 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:34:29.0706 6084 KSecPkg - ok
19:34:29.0736 6084 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:34:29.0753 6084 KtmRm - ok
19:34:29.0778 6084 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
19:34:29.0795 6084 LanmanServer - ok
19:34:29.0834 6084 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:34:29.0843 6084 LanmanWorkstation - ok
19:34:29.0880 6084 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:34:29.0881 6084 lltdio - ok
19:34:29.0908 6084 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:34:29.0912 6084 lltdsvc - ok
19:34:29.0926 6084 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:34:29.0928 6084 lmhosts - ok
19:34:29.0951 6084 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:34:29.0953 6084 LSI_FC - ok
19:34:29.0970 6084 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:34:29.0971 6084 LSI_SAS - ok
19:34:29.0984 6084 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:34:29.0985 6084 LSI_SAS2 - ok
19:34:29.0999 6084 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:34:30.0001 6084 LSI_SCSI - ok
19:34:30.0014 6084 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:34:30.0016 6084 luafv - ok
19:34:30.0047 6084 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:34:30.0048 6084 MBAMProtector - ok
19:34:30.0104 6084 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:34:30.0111 6084 MBAMScheduler - ok
19:34:30.0158 6084 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:34:30.0169 6084 MBAMService - ok
19:34:30.0199 6084 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:34:30.0203 6084 Mcx2Svc - ok
19:34:30.0219 6084 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:34:30.0220 6084 megasas - ok
19:34:30.0237 6084 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:34:30.0239 6084 MegaSR - ok
19:34:30.0265 6084 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:34:30.0268 6084 MMCSS - ok
19:34:30.0282 6084 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:34:30.0283 6084 Modem - ok
19:34:30.0301 6084 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:34:30.0301 6084 monitor - ok
19:34:30.0331 6084 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:34:30.0331 6084 mouclass - ok
19:34:30.0345 6084 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:34:30.0345 6084 mouhid - ok
19:34:30.0375 6084 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:34:30.0376 6084 mountmgr - ok
19:34:30.0404 6084 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:34:30.0406 6084 mpio - ok
19:34:30.0422 6084 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:34:30.0422 6084 mpsdrv - ok
19:34:30.0460 6084 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:34:30.0481 6084 MpsSvc - ok
Re: Prosím o konrolu Logu
19:34:30.0507 6084 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:34:30.0509 6084 MRxDAV - ok
19:34:30.0546 6084 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:34:30.0549 6084 mrxsmb - ok
19:34:30.0585 6084 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:34:30.0589 6084 mrxsmb10 - ok
19:34:30.0605 6084 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:34:30.0607 6084 mrxsmb20 - ok
19:34:30.0640 6084 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
19:34:30.0640 6084 msahci - ok
19:34:30.0656 6084 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:34:30.0657 6084 msdsm - ok
19:34:30.0672 6084 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:34:30.0676 6084 MSDTC - ok
19:34:30.0713 6084 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:34:30.0714 6084 Msfs - ok
19:34:30.0728 6084 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:34:30.0729 6084 mshidkmdf - ok
19:34:30.0732 6084 MSICDSetup - ok
19:34:30.0758 6084 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:34:30.0758 6084 msisadrv - ok
19:34:30.0780 6084 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:34:30.0786 6084 MSiSCSI - ok
19:34:30.0795 6084 msiserver - ok
19:34:30.0814 6084 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:34:30.0815 6084 MSKSSRV - ok
19:34:30.0828 6084 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:34:30.0829 6084 MSPCLOCK - ok
19:34:30.0846 6084 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:34:30.0846 6084 MSPQM - ok
19:34:30.0859 6084 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:34:30.0860 6084 MsRPC - ok
19:34:30.0877 6084 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:34:30.0878 6084 mssmbios - ok
19:34:30.0896 6084 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:34:30.0897 6084 MSTEE - ok
19:34:30.0912 6084 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:34:30.0912 6084 MTConfig - ok
19:34:30.0926 6084 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:34:30.0926 6084 Mup - ok
19:34:30.0959 6084 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
19:34:30.0977 6084 napagent - ok
19:34:30.0999 6084 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:34:31.0003 6084 NativeWifiP - ok
19:34:31.0052 6084 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:34:31.0063 6084 NDIS - ok
19:34:31.0082 6084 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:34:31.0083 6084 NdisCap - ok
19:34:31.0095 6084 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:34:31.0096 6084 NdisTapi - ok
19:34:31.0119 6084 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:34:31.0120 6084 Ndisuio - ok
19:34:31.0144 6084 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:34:31.0146 6084 NdisWan - ok
19:34:31.0178 6084 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:34:31.0178 6084 NDProxy - ok
19:34:31.0190 6084 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:34:31.0190 6084 NetBIOS - ok
19:34:31.0218 6084 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:34:31.0220 6084 NetBT - ok
19:34:31.0229 6084 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
19:34:31.0231 6084 Netlogon - ok
19:34:31.0253 6084 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:34:31.0258 6084 Netman - ok
19:34:31.0317 6084 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:34:31.0333 6084 netprofm - ok
19:34:31.0360 6084 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:34:31.0365 6084 NetTcpPortSharing - ok
19:34:31.0383 6084 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:34:31.0385 6084 nfrd960 - ok
19:34:31.0419 6084 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:34:31.0424 6084 NlaSvc - ok
19:34:31.0449 6084 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
19:34:31.0449 6084 nmwcd - ok
19:34:31.0473 6084 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
19:34:31.0473 6084 nmwcdc - ok
19:34:31.0500 6084 [ 99B224F8026CB534724AA3C408561E45 ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys
19:34:31.0501 6084 nmwcdnsu - ok
19:34:31.0520 6084 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:34:31.0521 6084 Npfs - ok
19:34:31.0542 6084 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:34:31.0545 6084 nsi - ok
19:34:31.0557 6084 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:34:31.0558 6084 nsiproxy - ok
19:34:31.0603 6084 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:34:31.0613 6084 Ntfs - ok
19:34:31.0651 6084 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:34:31.0651 6084 Null - ok
19:34:31.0677 6084 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:34:31.0678 6084 nvraid - ok
19:34:31.0690 6084 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:34:31.0691 6084 nvstor - ok
19:34:31.0702 6084 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:34:31.0703 6084 nv_agp - ok
19:34:31.0758 6084 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:34:31.0769 6084 odserv - ok
19:34:31.0801 6084 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:34:31.0803 6084 ohci1394 - ok
19:34:31.0832 6084 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:34:31.0835 6084 ose - ok
19:34:31.0867 6084 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:34:31.0873 6084 p2pimsvc - ok
19:34:31.0900 6084 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:34:31.0906 6084 p2psvc - ok
19:34:31.0943 6084 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:34:31.0945 6084 Parport - ok
19:34:31.0975 6084 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:34:31.0977 6084 partmgr - ok
19:34:31.0997 6084 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:34:31.0998 6084 Parvdm - ok
19:34:32.0031 6084 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
19:34:32.0034 6084 PassThru Service - ok
19:34:32.0054 6084 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:34:32.0069 6084 PcaSvc - ok
19:34:32.0093 6084 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:34:32.0094 6084 pccsmcfd - ok
19:34:32.0123 6084 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
19:34:32.0124 6084 pci - ok
19:34:32.0134 6084 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:34:32.0135 6084 pciide - ok
19:34:32.0153 6084 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:34:32.0154 6084 pcmcia - ok
19:34:32.0169 6084 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:34:32.0170 6084 pcw - ok
19:34:32.0196 6084 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:34:32.0200 6084 PEAUTH - ok
19:34:32.0263 6084 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
19:34:32.0298 6084 pla - ok
19:34:32.0327 6084 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:34:32.0333 6084 PlugPlay - ok
19:34:32.0351 6084 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:34:32.0354 6084 PNRPAutoReg - ok
19:34:32.0367 6084 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:34:32.0371 6084 PNRPsvc - ok
19:34:32.0396 6084 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:34:32.0412 6084 PolicyAgent - ok
19:34:32.0438 6084 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
19:34:32.0441 6084 Power - ok
19:34:32.0460 6084 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:34:32.0461 6084 PptpMiniport - ok
19:34:32.0475 6084 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:34:32.0476 6084 Processor - ok
19:34:32.0513 6084 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
19:34:32.0530 6084 ProfSvc - ok
19:34:32.0546 6084 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:34:32.0550 6084 ProtectedStorage - ok
19:34:32.0580 6084 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:34:32.0581 6084 Psched - ok
19:34:32.0620 6084 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:34:32.0630 6084 ql2300 - ok
19:34:32.0646 6084 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:34:32.0646 6084 ql40xx - ok
19:34:32.0674 6084 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:34:32.0678 6084 QWAVE - ok
19:34:32.0688 6084 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:34:32.0689 6084 QWAVEdrv - ok
19:34:32.0697 6084 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:34:32.0697 6084 RasAcd - ok
19:34:32.0716 6084 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:34:32.0717 6084 RasAgileVpn - ok
19:34:32.0727 6084 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:34:32.0730 6084 RasAuto - ok
19:34:32.0740 6084 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:34:32.0741 6084 Rasl2tp - ok
19:34:32.0768 6084 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
19:34:32.0772 6084 RasMan - ok
19:34:32.0786 6084 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:34:32.0787 6084 RasPppoe - ok
19:34:32.0813 6084 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:34:32.0815 6084 RasSstp - ok
19:34:32.0857 6084 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:34:32.0859 6084 rdbss - ok
19:34:32.0874 6084 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:34:32.0874 6084 rdpbus - ok
19:34:32.0898 6084 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:34:32.0899 6084 RDPCDD - ok
19:34:32.0910 6084 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:34:32.0911 6084 RDPENCDD - ok
19:34:32.0920 6084 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:34:32.0920 6084 RDPREFMP - ok
19:34:32.0950 6084 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:34:32.0951 6084 RDPWD - ok
19:34:32.0986 6084 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:34:32.0987 6084 rdyboost - ok
19:34:33.0016 6084 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:34:33.0022 6084 RemoteAccess - ok
19:34:33.0049 6084 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:34:33.0057 6084 RemoteRegistry - ok
19:34:33.0073 6084 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:34:33.0080 6084 RpcEptMapper - ok
19:34:33.0100 6084 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:34:33.0102 6084 RpcLocator - ok
19:34:33.0122 6084 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
19:34:33.0127 6084 RpcSs - ok
19:34:33.0150 6084 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:34:33.0151 6084 rspndr - ok
19:34:33.0168 6084 [ 2FDC33B63F80FBFE95203C2186AF0CE8 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
19:34:33.0170 6084 RTHDMIAzAudService - ok
19:34:33.0197 6084 [ D5EDE44CA85899E0478208C8413C1C31 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
19:34:33.0199 6084 RTL8167 - ok
19:34:33.0212 6084 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
19:34:33.0214 6084 SamSs - ok
19:34:33.0244 6084 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:34:33.0245 6084 sbp2port - ok
19:34:33.0264 6084 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:34:33.0269 6084 SCardSvr - ok
19:34:33.0283 6084 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:34:33.0284 6084 scfilter - ok
19:34:33.0317 6084 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
19:34:33.0334 6084 Schedule - ok
19:34:33.0353 6084 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:34:33.0354 6084 SCPolicySvc - ok
19:34:33.0383 6084 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:34:33.0387 6084 SDRSVC - ok
19:34:33.0402 6084 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:34:33.0402 6084 secdrv - ok
19:34:33.0416 6084 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:34:33.0419 6084 seclogon - ok
19:34:33.0437 6084 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
19:34:33.0441 6084 SENS - ok
19:34:33.0456 6084 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:34:33.0459 6084 SensrSvc - ok
19:34:33.0469 6084 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:34:33.0469 6084 Serenum - ok
19:34:33.0483 6084 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:34:33.0485 6084 Serial - ok
19:34:33.0500 6084 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:34:33.0500 6084 sermouse - ok
19:34:33.0567 6084 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:34:33.0594 6084 ServiceLayer - ok
19:34:33.0653 6084 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
19:34:33.0661 6084 SessionEnv - ok
19:34:33.0685 6084 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:34:33.0687 6084 sffdisk - ok
19:34:33.0700 6084 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:34:33.0701 6084 sffp_mmc - ok
19:34:33.0719 6084 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:34:33.0720 6084 sffp_sd - ok
19:34:33.0748 6084 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:34:33.0748 6084 sfloppy - ok
19:34:33.0791 6084 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:34:33.0796 6084 SharedAccess - ok
19:34:33.0828 6084 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:34:33.0843 6084 ShellHWDetection - ok
19:34:33.0861 6084 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:34:33.0862 6084 sisagp - ok
19:34:33.0872 6084 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:34:33.0873 6084 SiSRaid2 - ok
19:34:33.0889 6084 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:34:33.0890 6084 SiSRaid4 - ok
19:34:33.0904 6084 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:34:33.0905 6084 Smb - ok
19:34:33.0935 6084 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:34:33.0937 6084 SNMPTRAP - ok
19:34:33.0954 6084 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:34:33.0956 6084 spldr - ok
19:34:33.0992 6084 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
19:34:34.0002 6084 Spooler - ok
19:34:34.0081 6084 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
19:34:34.0104 6084 sppsvc - ok
19:34:34.0127 6084 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:34:34.0129 6084 sppuinotify - ok
19:34:34.0164 6084 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:34:34.0169 6084 srv - ok
19:34:34.0188 6084 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:34:34.0192 6084 srv2 - ok
19:34:34.0206 6084 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:34:34.0207 6084 srvnet - ok
19:34:34.0238 6084 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:34:34.0243 6084 SSDPSRV - ok
19:34:34.0254 6084 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:34:34.0258 6084 SstpSvc - ok
19:34:34.0273 6084 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:34:34.0274 6084 stexstor - ok
19:34:34.0293 6084 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
19:34:34.0302 6084 StiSvc - ok
19:34:34.0326 6084 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:34:34.0327 6084 swenum - ok
19:34:34.0348 6084 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:34:34.0355 6084 swprv - ok
19:34:34.0397 6084 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
19:34:34.0424 6084 SysMain - ok
19:34:34.0449 6084 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:34:34.0453 6084 TabletInputService - ok
19:34:34.0481 6084 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
19:34:34.0486 6084 TapiSrv - ok
19:34:34.0499 6084 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:34:34.0503 6084 TBS - ok
19:34:34.0552 6084 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:34:34.0562 6084 Tcpip - ok
19:34:34.0591 6084 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:34:34.0597 6084 TCPIP6 - ok
19:34:34.0630 6084 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:34:34.0630 6084 tcpipreg - ok
19:34:34.0658 6084 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:34:34.0658 6084 TDPIPE - ok
19:34:34.0683 6084 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:34:34.0685 6084 TDTCP - ok
19:34:34.0720 6084 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:34:34.0723 6084 tdx - ok
19:34:34.0825 6084 [ B1CE840C2405E8FA499DC62090F5DB06 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
19:34:34.0853 6084 TeamViewer7 - ok
19:34:34.0861 6084 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:34:34.0862 6084 TermDD - ok
19:34:34.0899 6084 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
19:34:34.0922 6084 TermService - ok
19:34:34.0950 6084 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:34:34.0957 6084 Themes - ok
19:34:34.0974 6084 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:34:34.0978 6084 THREADORDER - ok
19:34:34.0993 6084 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:34:35.0000 6084 TrkWks - ok
19:34:35.0031 6084 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:34:35.0034 6084 TrustedInstaller - ok
19:34:35.0053 6084 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:34:35.0054 6084 tssecsrv - ok
19:34:35.0084 6084 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:34:35.0085 6084 TsUsbFlt - ok
19:34:35.0119 6084 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:34:35.0120 6084 tunnel - ok
19:34:35.0148 6084 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:34:35.0150 6084 uagp35 - ok
19:34:35.0183 6084 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:34:35.0188 6084 udfs - ok
19:34:35.0224 6084 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:34:35.0228 6084 UI0Detect - ok
19:34:35.0247 6084 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:34:35.0248 6084 uliagpkx - ok
19:34:35.0269 6084 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
19:34:35.0270 6084 umbus - ok
19:34:35.0286 6084 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:34:35.0286 6084 UmPass - ok
19:34:35.0304 6084 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:34:35.0309 6084 upnphost - ok
19:34:35.0333 6084 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
19:34:35.0334 6084 upperdev - ok
19:34:35.0349 6084 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:34:35.0350 6084 usbccgp - ok
19:34:35.0378 6084 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:34:35.0379 6084 usbcir - ok
19:34:35.0395 6084 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:34:35.0396 6084 usbehci - ok
19:34:35.0422 6084 [ E5B14557793164DB879EE56F5B59C3E2 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:34:35.0423 6084 usbfilter - ok
19:34:35.0434 6084 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:34:35.0436 6084 usbhub - ok
19:34:35.0450 6084 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:34:35.0450 6084 usbohci - ok
19:34:35.0470 6084 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:34:35.0471 6084 usbprint - ok
19:34:35.0487 6084 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:34:35.0488 6084 usbscan - ok
19:34:35.0517 6084 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
19:34:35.0517 6084 usbser - ok
19:34:35.0541 6084 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
19:34:35.0543 6084 UsbserFilt - ok
19:34:35.0560 6084 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:34:35.0562 6084 USBSTOR - ok
19:34:35.0581 6084 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:34:35.0582 6084 usbuhci - ok
19:34:35.0608 6084 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:34:35.0609 6084 usb_rndisx - ok
19:34:35.0631 6084 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:34:35.0634 6084 UxSms - ok
19:34:35.0645 6084 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
19:34:35.0647 6084 VaultSvc - ok
19:34:35.0660 6084 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:34:35.0661 6084 vdrvroot - ok
19:34:35.0695 6084 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
19:34:35.0712 6084 vds - ok
19:34:35.0745 6084 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:34:35.0746 6084 vga - ok
19:34:35.0759 6084 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:34:35.0760 6084 VgaSave - ok
19:34:35.0792 6084 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:34:35.0793 6084 vhdmp - ok
19:34:35.0809 6084 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:34:35.0810 6084 viaagp - ok
19:34:35.0821 6084 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:34:35.0822 6084 ViaC7 - ok
19:34:35.0845 6084 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:34:35.0846 6084 viaide - ok
19:34:35.0865 6084 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:34:35.0866 6084 volmgr - ok
19:34:35.0882 6084 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:34:35.0885 6084 volmgrx - ok
19:34:35.0903 6084 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:34:35.0905 6084 volsnap - ok
19:34:35.0928 6084 [ 008600FF8C38DBF6CF38B5448D192410 ] VPPP C:\Windows\system32\DRIVERS\VPPP.sys
19:34:35.0929 6084 VPPP - ok
19:34:35.0946 6084 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:34:35.0947 6084 vsmraid - ok
19:34:35.0983 6084 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
19:34:36.0009 6084 VSS - ok
19:34:36.0025 6084 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:34:36.0026 6084 vwifibus - ok
19:34:36.0060 6084 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:34:36.0068 6084 W32Time - ok
19:34:36.0081 6084 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:34:36.0081 6084 WacomPen - ok
19:34:36.0109 6084 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:34:36.0110 6084 WANARP - ok
19:34:36.0114 6084 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:34:36.0115 6084 Wanarpv6 - ok
19:34:36.0167 6084 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:34:36.0193 6084 WatAdminSvc - ok
19:34:36.0229 6084 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
19:34:36.0240 6084 wbengine - ok
19:34:36.0264 6084 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:34:36.0270 6084 WbioSrvc - ok
19:34:36.0298 6084 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:34:36.0314 6084 wcncsvc - ok
19:34:36.0333 6084 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:34:36.0336 6084 WcsPlugInService - ok
19:34:36.0359 6084 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:34:36.0360 6084 Wd - ok
19:34:36.0396 6084 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:34:36.0400 6084 Wdf01000 - ok
19:34:36.0412 6084 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:34:36.0416 6084 WdiServiceHost - ok
19:34:36.0420 6084 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:34:36.0424 6084 WdiSystemHost - ok
19:34:36.0451 6084 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
19:34:36.0457 6084 WebClient - ok
19:34:36.0477 6084 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:34:36.0483 6084 Wecsvc - ok
19:34:36.0498 6084 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:34:36.0502 6084 wercplsupport - ok
19:34:36.0514 6084 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:34:36.0518 6084 WerSvc - ok
19:34:36.0526 6084 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:34:36.0527 6084 WfpLwf - ok
19:34:36.0545 6084 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:34:36.0545 6084 WIMMount - ok
19:34:36.0589 6084 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:34:36.0607 6084 WinDefend - ok
19:34:36.0614 6084 WinHttpAutoProxySvc - ok
19:34:36.0653 6084 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:34:36.0655 6084 Winmgmt - ok
19:34:36.0705 6084 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
19:34:36.0731 6084 WinRM - ok
19:34:36.0770 6084 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:34:36.0772 6084 WinUsb - ok
19:34:36.0822 6084 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:34:36.0848 6084 Wlansvc - ok
19:34:36.0877 6084 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:34:36.0877 6084 WmiAcpi - ok
19:34:36.0902 6084 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:34:36.0904 6084 wmiApSrv - ok
19:34:36.0980 6084 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:34:37.0032 6084 WMPNetworkSvc - ok
19:34:37.0051 6084 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:34:37.0055 6084 WPCSvc - ok
19:34:37.0091 6084 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:34:37.0095 6084 WPDBusEnum - ok
19:34:37.0115 6084 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:34:37.0116 6084 ws2ifsl - ok
19:34:37.0132 6084 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
19:34:37.0137 6084 wscsvc - ok
19:34:37.0141 6084 WSearch - ok
19:34:37.0222 6084 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:34:37.0263 6084 wuauserv - ok
19:34:37.0283 6084 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:34:37.0285 6084 WudfPf - ok
19:34:37.0300 6084 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:34:37.0302 6084 WUDFRd - ok
19:34:37.0326 6084 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:34:37.0330 6084 wudfsvc - ok
19:34:37.0342 6084 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:34:37.0348 6084 WwanSvc - ok
19:34:37.0360 6084 ================ Scan global ===============================
19:34:37.0393 6084 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:34:37.0425 6084 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
19:34:37.0451 6084 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
19:34:37.0487 6084 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:34:37.0520 6084 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:34:37.0529 6084 [Global] - ok
19:34:37.0530 6084 ================ Scan MBR ==================================
19:34:37.0546 6084 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:34:37.0887 6084 \Device\Harddisk0\DR0 - ok
19:34:37.0888 6084 ================ Scan VBR ==================================
19:34:37.0894 6084 [ AEAAD9BC09F69600FA31D526760BB673 ] \Device\Harddisk0\DR0\Partition1
19:34:37.0897 6084 \Device\Harddisk0\DR0\Partition1 - ok
19:34:37.0915 6084 [ E9C39BD9ED4CCCA7DDFC0AE6EBDA2AD3 ] \Device\Harddisk0\DR0\Partition2
19:34:37.0917 6084 \Device\Harddisk0\DR0\Partition2 - ok
19:34:37.0917 6084 ============================================================
19:34:37.0917 6084 Scan finished
19:34:37.0917 6084 ============================================================
19:34:37.0928 4112 Detected object count: 0
19:34:37.0928 4112 Actual detected object count: 0
19:34:45.0241 0260 Deinitialize success
19:34:30.0509 6084 MRxDAV - ok
19:34:30.0546 6084 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:34:30.0549 6084 mrxsmb - ok
19:34:30.0585 6084 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:34:30.0589 6084 mrxsmb10 - ok
19:34:30.0605 6084 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:34:30.0607 6084 mrxsmb20 - ok
19:34:30.0640 6084 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
19:34:30.0640 6084 msahci - ok
19:34:30.0656 6084 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:34:30.0657 6084 msdsm - ok
19:34:30.0672 6084 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:34:30.0676 6084 MSDTC - ok
19:34:30.0713 6084 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:34:30.0714 6084 Msfs - ok
19:34:30.0728 6084 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:34:30.0729 6084 mshidkmdf - ok
19:34:30.0732 6084 MSICDSetup - ok
19:34:30.0758 6084 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:34:30.0758 6084 msisadrv - ok
19:34:30.0780 6084 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:34:30.0786 6084 MSiSCSI - ok
19:34:30.0795 6084 msiserver - ok
19:34:30.0814 6084 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:34:30.0815 6084 MSKSSRV - ok
19:34:30.0828 6084 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:34:30.0829 6084 MSPCLOCK - ok
19:34:30.0846 6084 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:34:30.0846 6084 MSPQM - ok
19:34:30.0859 6084 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:34:30.0860 6084 MsRPC - ok
19:34:30.0877 6084 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:34:30.0878 6084 mssmbios - ok
19:34:30.0896 6084 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:34:30.0897 6084 MSTEE - ok
19:34:30.0912 6084 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:34:30.0912 6084 MTConfig - ok
19:34:30.0926 6084 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:34:30.0926 6084 Mup - ok
19:34:30.0959 6084 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
19:34:30.0977 6084 napagent - ok
19:34:30.0999 6084 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:34:31.0003 6084 NativeWifiP - ok
19:34:31.0052 6084 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:34:31.0063 6084 NDIS - ok
19:34:31.0082 6084 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:34:31.0083 6084 NdisCap - ok
19:34:31.0095 6084 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:34:31.0096 6084 NdisTapi - ok
19:34:31.0119 6084 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:34:31.0120 6084 Ndisuio - ok
19:34:31.0144 6084 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:34:31.0146 6084 NdisWan - ok
19:34:31.0178 6084 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:34:31.0178 6084 NDProxy - ok
19:34:31.0190 6084 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:34:31.0190 6084 NetBIOS - ok
19:34:31.0218 6084 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:34:31.0220 6084 NetBT - ok
19:34:31.0229 6084 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
19:34:31.0231 6084 Netlogon - ok
19:34:31.0253 6084 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:34:31.0258 6084 Netman - ok
19:34:31.0317 6084 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:34:31.0333 6084 netprofm - ok
19:34:31.0360 6084 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:34:31.0365 6084 NetTcpPortSharing - ok
19:34:31.0383 6084 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:34:31.0385 6084 nfrd960 - ok
19:34:31.0419 6084 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:34:31.0424 6084 NlaSvc - ok
19:34:31.0449 6084 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
19:34:31.0449 6084 nmwcd - ok
19:34:31.0473 6084 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
19:34:31.0473 6084 nmwcdc - ok
19:34:31.0500 6084 [ 99B224F8026CB534724AA3C408561E45 ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys
19:34:31.0501 6084 nmwcdnsu - ok
19:34:31.0520 6084 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:34:31.0521 6084 Npfs - ok
19:34:31.0542 6084 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:34:31.0545 6084 nsi - ok
19:34:31.0557 6084 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:34:31.0558 6084 nsiproxy - ok
19:34:31.0603 6084 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:34:31.0613 6084 Ntfs - ok
19:34:31.0651 6084 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:34:31.0651 6084 Null - ok
19:34:31.0677 6084 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:34:31.0678 6084 nvraid - ok
19:34:31.0690 6084 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:34:31.0691 6084 nvstor - ok
19:34:31.0702 6084 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:34:31.0703 6084 nv_agp - ok
19:34:31.0758 6084 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:34:31.0769 6084 odserv - ok
19:34:31.0801 6084 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:34:31.0803 6084 ohci1394 - ok
19:34:31.0832 6084 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:34:31.0835 6084 ose - ok
19:34:31.0867 6084 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:34:31.0873 6084 p2pimsvc - ok
19:34:31.0900 6084 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:34:31.0906 6084 p2psvc - ok
19:34:31.0943 6084 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:34:31.0945 6084 Parport - ok
19:34:31.0975 6084 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:34:31.0977 6084 partmgr - ok
19:34:31.0997 6084 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:34:31.0998 6084 Parvdm - ok
19:34:32.0031 6084 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
19:34:32.0034 6084 PassThru Service - ok
19:34:32.0054 6084 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:34:32.0069 6084 PcaSvc - ok
19:34:32.0093 6084 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:34:32.0094 6084 pccsmcfd - ok
19:34:32.0123 6084 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
19:34:32.0124 6084 pci - ok
19:34:32.0134 6084 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:34:32.0135 6084 pciide - ok
19:34:32.0153 6084 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:34:32.0154 6084 pcmcia - ok
19:34:32.0169 6084 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:34:32.0170 6084 pcw - ok
19:34:32.0196 6084 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:34:32.0200 6084 PEAUTH - ok
19:34:32.0263 6084 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
19:34:32.0298 6084 pla - ok
19:34:32.0327 6084 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:34:32.0333 6084 PlugPlay - ok
19:34:32.0351 6084 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:34:32.0354 6084 PNRPAutoReg - ok
19:34:32.0367 6084 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:34:32.0371 6084 PNRPsvc - ok
19:34:32.0396 6084 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:34:32.0412 6084 PolicyAgent - ok
19:34:32.0438 6084 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
19:34:32.0441 6084 Power - ok
19:34:32.0460 6084 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:34:32.0461 6084 PptpMiniport - ok
19:34:32.0475 6084 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:34:32.0476 6084 Processor - ok
19:34:32.0513 6084 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
19:34:32.0530 6084 ProfSvc - ok
19:34:32.0546 6084 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:34:32.0550 6084 ProtectedStorage - ok
19:34:32.0580 6084 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:34:32.0581 6084 Psched - ok
19:34:32.0620 6084 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:34:32.0630 6084 ql2300 - ok
19:34:32.0646 6084 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:34:32.0646 6084 ql40xx - ok
19:34:32.0674 6084 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:34:32.0678 6084 QWAVE - ok
19:34:32.0688 6084 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:34:32.0689 6084 QWAVEdrv - ok
19:34:32.0697 6084 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:34:32.0697 6084 RasAcd - ok
19:34:32.0716 6084 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:34:32.0717 6084 RasAgileVpn - ok
19:34:32.0727 6084 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:34:32.0730 6084 RasAuto - ok
19:34:32.0740 6084 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:34:32.0741 6084 Rasl2tp - ok
19:34:32.0768 6084 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
19:34:32.0772 6084 RasMan - ok
19:34:32.0786 6084 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:34:32.0787 6084 RasPppoe - ok
19:34:32.0813 6084 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:34:32.0815 6084 RasSstp - ok
19:34:32.0857 6084 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:34:32.0859 6084 rdbss - ok
19:34:32.0874 6084 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:34:32.0874 6084 rdpbus - ok
19:34:32.0898 6084 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:34:32.0899 6084 RDPCDD - ok
19:34:32.0910 6084 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:34:32.0911 6084 RDPENCDD - ok
19:34:32.0920 6084 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:34:32.0920 6084 RDPREFMP - ok
19:34:32.0950 6084 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:34:32.0951 6084 RDPWD - ok
19:34:32.0986 6084 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:34:32.0987 6084 rdyboost - ok
19:34:33.0016 6084 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:34:33.0022 6084 RemoteAccess - ok
19:34:33.0049 6084 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:34:33.0057 6084 RemoteRegistry - ok
19:34:33.0073 6084 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:34:33.0080 6084 RpcEptMapper - ok
19:34:33.0100 6084 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:34:33.0102 6084 RpcLocator - ok
19:34:33.0122 6084 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
19:34:33.0127 6084 RpcSs - ok
19:34:33.0150 6084 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:34:33.0151 6084 rspndr - ok
19:34:33.0168 6084 [ 2FDC33B63F80FBFE95203C2186AF0CE8 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
19:34:33.0170 6084 RTHDMIAzAudService - ok
19:34:33.0197 6084 [ D5EDE44CA85899E0478208C8413C1C31 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
19:34:33.0199 6084 RTL8167 - ok
19:34:33.0212 6084 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
19:34:33.0214 6084 SamSs - ok
19:34:33.0244 6084 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:34:33.0245 6084 sbp2port - ok
19:34:33.0264 6084 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:34:33.0269 6084 SCardSvr - ok
19:34:33.0283 6084 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:34:33.0284 6084 scfilter - ok
19:34:33.0317 6084 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
19:34:33.0334 6084 Schedule - ok
19:34:33.0353 6084 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:34:33.0354 6084 SCPolicySvc - ok
19:34:33.0383 6084 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:34:33.0387 6084 SDRSVC - ok
19:34:33.0402 6084 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:34:33.0402 6084 secdrv - ok
19:34:33.0416 6084 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:34:33.0419 6084 seclogon - ok
19:34:33.0437 6084 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
19:34:33.0441 6084 SENS - ok
19:34:33.0456 6084 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:34:33.0459 6084 SensrSvc - ok
19:34:33.0469 6084 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:34:33.0469 6084 Serenum - ok
19:34:33.0483 6084 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:34:33.0485 6084 Serial - ok
19:34:33.0500 6084 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:34:33.0500 6084 sermouse - ok
19:34:33.0567 6084 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:34:33.0594 6084 ServiceLayer - ok
19:34:33.0653 6084 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
19:34:33.0661 6084 SessionEnv - ok
19:34:33.0685 6084 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:34:33.0687 6084 sffdisk - ok
19:34:33.0700 6084 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:34:33.0701 6084 sffp_mmc - ok
19:34:33.0719 6084 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:34:33.0720 6084 sffp_sd - ok
19:34:33.0748 6084 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:34:33.0748 6084 sfloppy - ok
19:34:33.0791 6084 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:34:33.0796 6084 SharedAccess - ok
19:34:33.0828 6084 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:34:33.0843 6084 ShellHWDetection - ok
19:34:33.0861 6084 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:34:33.0862 6084 sisagp - ok
19:34:33.0872 6084 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:34:33.0873 6084 SiSRaid2 - ok
19:34:33.0889 6084 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:34:33.0890 6084 SiSRaid4 - ok
19:34:33.0904 6084 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:34:33.0905 6084 Smb - ok
19:34:33.0935 6084 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:34:33.0937 6084 SNMPTRAP - ok
19:34:33.0954 6084 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:34:33.0956 6084 spldr - ok
19:34:33.0992 6084 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
19:34:34.0002 6084 Spooler - ok
19:34:34.0081 6084 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
19:34:34.0104 6084 sppsvc - ok
19:34:34.0127 6084 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:34:34.0129 6084 sppuinotify - ok
19:34:34.0164 6084 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:34:34.0169 6084 srv - ok
19:34:34.0188 6084 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:34:34.0192 6084 srv2 - ok
19:34:34.0206 6084 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:34:34.0207 6084 srvnet - ok
19:34:34.0238 6084 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:34:34.0243 6084 SSDPSRV - ok
19:34:34.0254 6084 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:34:34.0258 6084 SstpSvc - ok
19:34:34.0273 6084 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:34:34.0274 6084 stexstor - ok
19:34:34.0293 6084 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
19:34:34.0302 6084 StiSvc - ok
19:34:34.0326 6084 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:34:34.0327 6084 swenum - ok
19:34:34.0348 6084 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:34:34.0355 6084 swprv - ok
19:34:34.0397 6084 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
19:34:34.0424 6084 SysMain - ok
19:34:34.0449 6084 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:34:34.0453 6084 TabletInputService - ok
19:34:34.0481 6084 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
19:34:34.0486 6084 TapiSrv - ok
19:34:34.0499 6084 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:34:34.0503 6084 TBS - ok
19:34:34.0552 6084 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:34:34.0562 6084 Tcpip - ok
19:34:34.0591 6084 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:34:34.0597 6084 TCPIP6 - ok
19:34:34.0630 6084 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:34:34.0630 6084 tcpipreg - ok
19:34:34.0658 6084 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:34:34.0658 6084 TDPIPE - ok
19:34:34.0683 6084 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:34:34.0685 6084 TDTCP - ok
19:34:34.0720 6084 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:34:34.0723 6084 tdx - ok
19:34:34.0825 6084 [ B1CE840C2405E8FA499DC62090F5DB06 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
19:34:34.0853 6084 TeamViewer7 - ok
19:34:34.0861 6084 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:34:34.0862 6084 TermDD - ok
19:34:34.0899 6084 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
19:34:34.0922 6084 TermService - ok
19:34:34.0950 6084 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:34:34.0957 6084 Themes - ok
19:34:34.0974 6084 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:34:34.0978 6084 THREADORDER - ok
19:34:34.0993 6084 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:34:35.0000 6084 TrkWks - ok
19:34:35.0031 6084 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:34:35.0034 6084 TrustedInstaller - ok
19:34:35.0053 6084 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:34:35.0054 6084 tssecsrv - ok
19:34:35.0084 6084 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:34:35.0085 6084 TsUsbFlt - ok
19:34:35.0119 6084 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:34:35.0120 6084 tunnel - ok
19:34:35.0148 6084 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:34:35.0150 6084 uagp35 - ok
19:34:35.0183 6084 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:34:35.0188 6084 udfs - ok
19:34:35.0224 6084 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:34:35.0228 6084 UI0Detect - ok
19:34:35.0247 6084 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:34:35.0248 6084 uliagpkx - ok
19:34:35.0269 6084 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
19:34:35.0270 6084 umbus - ok
19:34:35.0286 6084 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:34:35.0286 6084 UmPass - ok
19:34:35.0304 6084 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:34:35.0309 6084 upnphost - ok
19:34:35.0333 6084 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
19:34:35.0334 6084 upperdev - ok
19:34:35.0349 6084 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:34:35.0350 6084 usbccgp - ok
19:34:35.0378 6084 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:34:35.0379 6084 usbcir - ok
19:34:35.0395 6084 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:34:35.0396 6084 usbehci - ok
19:34:35.0422 6084 [ E5B14557793164DB879EE56F5B59C3E2 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:34:35.0423 6084 usbfilter - ok
19:34:35.0434 6084 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:34:35.0436 6084 usbhub - ok
19:34:35.0450 6084 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:34:35.0450 6084 usbohci - ok
19:34:35.0470 6084 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:34:35.0471 6084 usbprint - ok
19:34:35.0487 6084 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:34:35.0488 6084 usbscan - ok
19:34:35.0517 6084 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
19:34:35.0517 6084 usbser - ok
19:34:35.0541 6084 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
19:34:35.0543 6084 UsbserFilt - ok
19:34:35.0560 6084 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:34:35.0562 6084 USBSTOR - ok
19:34:35.0581 6084 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:34:35.0582 6084 usbuhci - ok
19:34:35.0608 6084 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:34:35.0609 6084 usb_rndisx - ok
19:34:35.0631 6084 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:34:35.0634 6084 UxSms - ok
19:34:35.0645 6084 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
19:34:35.0647 6084 VaultSvc - ok
19:34:35.0660 6084 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:34:35.0661 6084 vdrvroot - ok
19:34:35.0695 6084 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
19:34:35.0712 6084 vds - ok
19:34:35.0745 6084 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:34:35.0746 6084 vga - ok
19:34:35.0759 6084 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:34:35.0760 6084 VgaSave - ok
19:34:35.0792 6084 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:34:35.0793 6084 vhdmp - ok
19:34:35.0809 6084 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:34:35.0810 6084 viaagp - ok
19:34:35.0821 6084 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:34:35.0822 6084 ViaC7 - ok
19:34:35.0845 6084 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:34:35.0846 6084 viaide - ok
19:34:35.0865 6084 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:34:35.0866 6084 volmgr - ok
19:34:35.0882 6084 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:34:35.0885 6084 volmgrx - ok
19:34:35.0903 6084 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:34:35.0905 6084 volsnap - ok
19:34:35.0928 6084 [ 008600FF8C38DBF6CF38B5448D192410 ] VPPP C:\Windows\system32\DRIVERS\VPPP.sys
19:34:35.0929 6084 VPPP - ok
19:34:35.0946 6084 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:34:35.0947 6084 vsmraid - ok
19:34:35.0983 6084 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
19:34:36.0009 6084 VSS - ok
19:34:36.0025 6084 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:34:36.0026 6084 vwifibus - ok
19:34:36.0060 6084 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:34:36.0068 6084 W32Time - ok
19:34:36.0081 6084 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:34:36.0081 6084 WacomPen - ok
19:34:36.0109 6084 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:34:36.0110 6084 WANARP - ok
19:34:36.0114 6084 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:34:36.0115 6084 Wanarpv6 - ok
19:34:36.0167 6084 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:34:36.0193 6084 WatAdminSvc - ok
19:34:36.0229 6084 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
19:34:36.0240 6084 wbengine - ok
19:34:36.0264 6084 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:34:36.0270 6084 WbioSrvc - ok
19:34:36.0298 6084 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:34:36.0314 6084 wcncsvc - ok
19:34:36.0333 6084 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:34:36.0336 6084 WcsPlugInService - ok
19:34:36.0359 6084 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:34:36.0360 6084 Wd - ok
19:34:36.0396 6084 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:34:36.0400 6084 Wdf01000 - ok
19:34:36.0412 6084 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:34:36.0416 6084 WdiServiceHost - ok
19:34:36.0420 6084 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:34:36.0424 6084 WdiSystemHost - ok
19:34:36.0451 6084 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
19:34:36.0457 6084 WebClient - ok
19:34:36.0477 6084 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:34:36.0483 6084 Wecsvc - ok
19:34:36.0498 6084 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:34:36.0502 6084 wercplsupport - ok
19:34:36.0514 6084 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:34:36.0518 6084 WerSvc - ok
19:34:36.0526 6084 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:34:36.0527 6084 WfpLwf - ok
19:34:36.0545 6084 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:34:36.0545 6084 WIMMount - ok
19:34:36.0589 6084 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:34:36.0607 6084 WinDefend - ok
19:34:36.0614 6084 WinHttpAutoProxySvc - ok
19:34:36.0653 6084 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:34:36.0655 6084 Winmgmt - ok
19:34:36.0705 6084 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
19:34:36.0731 6084 WinRM - ok
19:34:36.0770 6084 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:34:36.0772 6084 WinUsb - ok
19:34:36.0822 6084 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:34:36.0848 6084 Wlansvc - ok
19:34:36.0877 6084 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:34:36.0877 6084 WmiAcpi - ok
19:34:36.0902 6084 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:34:36.0904 6084 wmiApSrv - ok
19:34:36.0980 6084 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:34:37.0032 6084 WMPNetworkSvc - ok
19:34:37.0051 6084 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:34:37.0055 6084 WPCSvc - ok
19:34:37.0091 6084 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:34:37.0095 6084 WPDBusEnum - ok
19:34:37.0115 6084 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:34:37.0116 6084 ws2ifsl - ok
19:34:37.0132 6084 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
19:34:37.0137 6084 wscsvc - ok
19:34:37.0141 6084 WSearch - ok
19:34:37.0222 6084 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:34:37.0263 6084 wuauserv - ok
19:34:37.0283 6084 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:34:37.0285 6084 WudfPf - ok
19:34:37.0300 6084 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:34:37.0302 6084 WUDFRd - ok
19:34:37.0326 6084 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:34:37.0330 6084 wudfsvc - ok
19:34:37.0342 6084 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:34:37.0348 6084 WwanSvc - ok
19:34:37.0360 6084 ================ Scan global ===============================
19:34:37.0393 6084 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:34:37.0425 6084 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
19:34:37.0451 6084 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
19:34:37.0487 6084 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:34:37.0520 6084 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:34:37.0529 6084 [Global] - ok
19:34:37.0530 6084 ================ Scan MBR ==================================
19:34:37.0546 6084 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:34:37.0887 6084 \Device\Harddisk0\DR0 - ok
19:34:37.0888 6084 ================ Scan VBR ==================================
19:34:37.0894 6084 [ AEAAD9BC09F69600FA31D526760BB673 ] \Device\Harddisk0\DR0\Partition1
19:34:37.0897 6084 \Device\Harddisk0\DR0\Partition1 - ok
19:34:37.0915 6084 [ E9C39BD9ED4CCCA7DDFC0AE6EBDA2AD3 ] \Device\Harddisk0\DR0\Partition2
19:34:37.0917 6084 \Device\Harddisk0\DR0\Partition2 - ok
19:34:37.0917 6084 ============================================================
19:34:37.0917 6084 Scan finished
19:34:37.0917 6084 ============================================================
19:34:37.0928 4112 Detected object count: 0
19:34:37.0928 4112 Actual detected object count: 0
19:34:45.0241 0260 Deinitialize success
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o konrolu Logu
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
====================================================
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
Pokud budou problémy , spusť v nouz. režimu.
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
====================================================
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o konrolu Logu
Omlouvám se za pozdní Logy.
omboFix 14-02-12.01 - dealer4 14.02.2014 15:43:41.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1791.731 [GMT 1:00]
Spuštěný z: c:\users\dealer4\Desktop\Vir\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\programdata\0tbpw.pad
c:\users\dealer4\Desktop\Scanner.lnk
c:\windows\DPINST.LOG
c:\windows\PFRO.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
-- Předchozí spuštění --
.
Nakažená kopie c:\windows\system32\Drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
.
--------
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-14 do 2014-02-14 )))))))))))))))))))))))))))))))
.
.
2014-02-14 14:50 . 2014-02-14 14:50 -------- d-----w- c:\users\pc27\AppData\Local\temp
2014-02-14 14:50 . 2014-02-14 14:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-13 13:50 . 2014-02-14 11:51 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7972791-64FA-4CA3-993C-C48C1D620A96}\offreg.dll
2014-02-11 07:23 . 2014-02-11 07:23 -------- d-----w- c:\program files\Common Files\PCSuite
2014-02-11 04:54 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7972791-64FA-4CA3-993C-C48C1D620A96}\mpengine.dll
2014-02-10 11:13 . 2014-02-10 11:14 -------- d-----w- c:\users\dealer4\AppData\Local\Nokia
2014-02-10 11:12 . 2014-02-11 07:22 -------- d-----w- c:\program files\Common Files\Nokia
2014-02-10 11:12 . 2014-02-10 11:13 -------- d-----w- c:\programdata\Nokia
2014-02-10 11:11 . 2012-10-17 13:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2014-02-10 11:11 . 2014-02-10 11:11 -------- d-----w- c:\program files\PC Connectivity Solution
2014-02-10 11:09 . 2014-02-11 07:22 -------- d-----w- c:\program files\Nokia
2014-02-07 15:16 . 2014-02-07 15:16 -------- d-----w- c:\users\dealer4\AppData\Local\Diagnostics
2014-02-04 18:36 . 2014-02-04 18:36 -------- d-----w- c:\users\dealer4\AppData\Local\VirtualStore
2014-02-04 16:25 . 2014-02-04 16:25 -------- d-----w- c:\windows\ERUNT
2014-02-04 16:14 . 2014-02-04 16:14 -------- d-----w- c:\programdata\RegClean
2014-02-04 07:36 . 2014-02-04 07:36 -------- d-----w- c:\users\dealer4\AppData\Local\Adobe
2014-02-04 07:03 . 2014-02-04 07:03 -------- d-----w- c:\users\dealer4\AppData\Local\Apple Computer
2014-02-04 07:02 . 2014-02-04 07:02 -------- d-----w- c:\users\dealer4\AppData\Local\ATI
2014-02-03 18:55 . 2014-02-04 16:08 -------- d-----w- C:\AdwCleaner
2014-02-03 18:53 . 2014-02-03 18:53 -------- d-----w- c:\users\dealer4\AppData\Roaming\Malwarebytes
2014-02-03 18:53 . 2014-02-03 18:53 -------- d-----w- c:\programdata\Malwarebytes
2014-02-03 18:53 . 2014-02-03 18:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-03 18:53 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-31 18:51 . 2014-01-31 18:51 388096 ----a-r- c:\users\dealer4\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-31 18:51 . 2014-01-31 18:51 -------- d-----w- c:\program files\Trend Micro
2014-01-29 11:13 . 2014-01-29 11:13 -------- d-----w- c:\users\dealer4\.android
2014-01-22 11:36 . 2014-02-13 14:09 -------- d-----w- C:\sport_tj
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-07 15:59 . 2012-04-10 07:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-07 15:59 . 2011-05-31 06:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-06 9394792]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2010-07-29 91648]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Garmin Lifetime Updater"="c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe" [2011-12-15 1446248]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2012-09-25 23040]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 MSICDSetup;MSICDSetup;D:\CDriver.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-15 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-10 172032]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 HTCMonitorService;HTCMonitorService;c:\program files\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-01-29 87368]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2677160]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 30392]
S3 VPPP;DrayTek Virtual PPP Adapter;c:\windows\system32\DRIVERS\VPPP.sys [2010-03-31 31696]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 15:59]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://googel.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0 ... ontrol.CAB
FF - ProfilePath - c:\users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-FixMyRegistry - c:\program files\SmartTweak\FixMyRegistry\FixMyRegistry.exe
AddRemove-FixMyRegistry - c:\program files\SmartTweak\FixMyRegistry\uninst.exe
AddRemove-Miranda IM - f:\miranda im\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-14 15:51:54
ComboFix-quarantined-files.txt 2014-02-14 14:51
.
Před spuštěním: Volných bajtů: 14 838 673 408
Po spuštění: Volných bajtů: 14 511 808 512
.
- - End Of File - - CD0E98765F0B10B8BAD1B5EB9F331182
A36C5E4F47E84449FF07ED3517B43A31
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-02-13 19:53:11
-----------------------------
19:53:11.535 OS Version: Windows 6.1.7601 Service Pack 1
19:53:11.535 Number of processors: 2 586 0x603
19:53:11.548 ComputerName: PC27 UserName:
19:53:15.357 Initialize success
19:53:21.284 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:53:21.288 Disk 0 Vendor: WDC_WD1600AAJS-60Z0A0 03.03E03 Size: 152627MB BusType: 3
19:53:21.397 Disk 0 MBR read successfully
19:53:21.401 Disk 0 MBR scan
19:53:21.404 Disk 0 Windows 7 default MBR code
19:53:21.414 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:53:21.423 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152525 MB offset 206848
19:53:21.431 Disk 0 scanning sectors +312579760
19:53:21.508 Disk 0 scanning C:\Windows\system32\drivers
19:53:28.354 Service scanning
19:53:42.618 Modules scanning
19:53:52.958 Disk 0 trace - called modules:
19:53:52.979 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
19:53:52.981 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8607b030]
19:53:53.014 3 CLASSPNP.SYS[88d8f59e] -> nt!IofCallDriver -> [0x86088918]
19:53:53.018 5 ACPI.sys[83ba93d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8606c908]
19:53:53.022 Scan finished successfully
19:54:10.416 Disk 0 MBR has been saved successfully to "C:\Users\dealer4\Desktop\Vir\MBR.dat"
19:54:10.431 The log file has been saved successfully to "C:\Users\dealer4\Desktop\Vir\aswMBR.txt"
omboFix 14-02-12.01 - dealer4 14.02.2014 15:43:41.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1791.731 [GMT 1:00]
Spuštěný z: c:\users\dealer4\Desktop\Vir\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\programdata\0tbpw.pad
c:\users\dealer4\Desktop\Scanner.lnk
c:\windows\DPINST.LOG
c:\windows\PFRO.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
-- Předchozí spuštění --
.
Nakažená kopie c:\windows\system32\Drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
.
--------
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-14 do 2014-02-14 )))))))))))))))))))))))))))))))
.
.
2014-02-14 14:50 . 2014-02-14 14:50 -------- d-----w- c:\users\pc27\AppData\Local\temp
2014-02-14 14:50 . 2014-02-14 14:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-13 13:50 . 2014-02-14 11:51 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7972791-64FA-4CA3-993C-C48C1D620A96}\offreg.dll
2014-02-11 07:23 . 2014-02-11 07:23 -------- d-----w- c:\program files\Common Files\PCSuite
2014-02-11 04:54 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7972791-64FA-4CA3-993C-C48C1D620A96}\mpengine.dll
2014-02-10 11:13 . 2014-02-10 11:14 -------- d-----w- c:\users\dealer4\AppData\Local\Nokia
2014-02-10 11:12 . 2014-02-11 07:22 -------- d-----w- c:\program files\Common Files\Nokia
2014-02-10 11:12 . 2014-02-10 11:13 -------- d-----w- c:\programdata\Nokia
2014-02-10 11:11 . 2012-10-17 13:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2014-02-10 11:11 . 2014-02-10 11:11 -------- d-----w- c:\program files\PC Connectivity Solution
2014-02-10 11:09 . 2014-02-11 07:22 -------- d-----w- c:\program files\Nokia
2014-02-07 15:16 . 2014-02-07 15:16 -------- d-----w- c:\users\dealer4\AppData\Local\Diagnostics
2014-02-04 18:36 . 2014-02-04 18:36 -------- d-----w- c:\users\dealer4\AppData\Local\VirtualStore
2014-02-04 16:25 . 2014-02-04 16:25 -------- d-----w- c:\windows\ERUNT
2014-02-04 16:14 . 2014-02-04 16:14 -------- d-----w- c:\programdata\RegClean
2014-02-04 07:36 . 2014-02-04 07:36 -------- d-----w- c:\users\dealer4\AppData\Local\Adobe
2014-02-04 07:03 . 2014-02-04 07:03 -------- d-----w- c:\users\dealer4\AppData\Local\Apple Computer
2014-02-04 07:02 . 2014-02-04 07:02 -------- d-----w- c:\users\dealer4\AppData\Local\ATI
2014-02-03 18:55 . 2014-02-04 16:08 -------- d-----w- C:\AdwCleaner
2014-02-03 18:53 . 2014-02-03 18:53 -------- d-----w- c:\users\dealer4\AppData\Roaming\Malwarebytes
2014-02-03 18:53 . 2014-02-03 18:53 -------- d-----w- c:\programdata\Malwarebytes
2014-02-03 18:53 . 2014-02-03 18:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-03 18:53 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-31 18:51 . 2014-01-31 18:51 388096 ----a-r- c:\users\dealer4\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-31 18:51 . 2014-01-31 18:51 -------- d-----w- c:\program files\Trend Micro
2014-01-29 11:13 . 2014-01-29 11:13 -------- d-----w- c:\users\dealer4\.android
2014-01-22 11:36 . 2014-02-13 14:09 -------- d-----w- C:\sport_tj
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-07 15:59 . 2012-04-10 07:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-07 15:59 . 2011-05-31 06:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-06 9394792]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2010-07-29 91648]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Garmin Lifetime Updater"="c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe" [2011-12-15 1446248]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2012-09-25 23040]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 MSICDSetup;MSICDSetup;D:\CDriver.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-15 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-10 172032]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 HTCMonitorService;HTCMonitorService;c:\program files\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-01-29 87368]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2677160]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 30392]
S3 VPPP;DrayTek Virtual PPP Adapter;c:\windows\system32\DRIVERS\VPPP.sys [2010-03-31 31696]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 15:59]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://googel.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0 ... ontrol.CAB
FF - ProfilePath - c:\users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-FixMyRegistry - c:\program files\SmartTweak\FixMyRegistry\FixMyRegistry.exe
AddRemove-FixMyRegistry - c:\program files\SmartTweak\FixMyRegistry\uninst.exe
AddRemove-Miranda IM - f:\miranda im\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-14 15:51:54
ComboFix-quarantined-files.txt 2014-02-14 14:51
.
Před spuštěním: Volných bajtů: 14 838 673 408
Po spuštění: Volných bajtů: 14 511 808 512
.
- - End Of File - - CD0E98765F0B10B8BAD1B5EB9F331182
A36C5E4F47E84449FF07ED3517B43A31
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-02-13 19:53:11
-----------------------------
19:53:11.535 OS Version: Windows 6.1.7601 Service Pack 1
19:53:11.535 Number of processors: 2 586 0x603
19:53:11.548 ComputerName: PC27 UserName:
19:53:15.357 Initialize success
19:53:21.284 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:53:21.288 Disk 0 Vendor: WDC_WD1600AAJS-60Z0A0 03.03E03 Size: 152627MB BusType: 3
19:53:21.397 Disk 0 MBR read successfully
19:53:21.401 Disk 0 MBR scan
19:53:21.404 Disk 0 Windows 7 default MBR code
19:53:21.414 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:53:21.423 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152525 MB offset 206848
19:53:21.431 Disk 0 scanning sectors +312579760
19:53:21.508 Disk 0 scanning C:\Windows\system32\drivers
19:53:28.354 Service scanning
19:53:42.618 Modules scanning
19:53:52.958 Disk 0 trace - called modules:
19:53:52.979 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
19:53:52.981 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8607b030]
19:53:53.014 3 CLASSPNP.SYS[88d8f59e] -> nt!IofCallDriver -> [0x86088918]
19:53:53.018 5 ACPI.sys[83ba93d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8606c908]
19:53:53.022 Scan finished successfully
19:54:10.416 Disk 0 MBR has been saved successfully to "C:\Users\dealer4\Desktop\Vir\MBR.dat"
19:54:10.431 The log file has been saved successfully to "C:\Users\dealer4\Desktop\Vir\aswMBR.txt"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o konrolu Logu
c:\users\dealer4\Desktop\Vir\ComboFix.exe- přesuň ho na plochu , nesmí být ve složce!
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\system32\Drivers\atapi.sys
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
Firefox::
FF - ProfilePath - c:\users\dealer4\AppData\Roaming\Mozilla\Firefox\Profiles\r7c7ov6d.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\system32\Drivers\atapi.sys
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 105 hostů