Preventivní kontrola logu Vyřešeno

[tony13]

Zdravím, prosím o preventivní kontrolu logu. Notebook sice problémy nedělá, ale jistota je jistota . Předem díky.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:41, on 4.11.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\PMDriver\PMHandler.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Users\Comfor\Desktop\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Comfor\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FFEE5D1-D46A-4E06-BB58-DBB25392C431}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PMDriver\PMSveH.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5217 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[tony13]

# AdwCleaner v3.011 - Report created 05/11/2013 at 11:56:03
# Updated 03/11/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Comfor - COMFOR-PC
# Running from : C:\Users\Comfor\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
File Found : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\searchplugins\SearchquWebSearch.xml
File Found : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\user.js
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\DAEMON Tools Toolbar
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\Users\Comfor\AppData\Local\OpenCandy
Folder Found C:\Users\Comfor\AppData\LocalLow\Conduit
Folder Found C:\Users\Comfor\AppData\LocalLow\SiteRanker
Folder Found C:\Users\Comfor\AppData\Roaming\Desktopicon
Folder Found C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\ICQToolbarData
Folder Found C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\SearchquTB
Folder Found C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\Smartbar
Folder Found C:\Users\Comfor\AppData\Roaming\OpenCandy

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\searchqutb
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\wscontb
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\Bandoo
Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16448

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\prefs.js ]

Line Found : user_pref("CT3225826.129887590378280857.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0,closeonexternalclick=1,savelocation=0,openposition=offset:(0;30)");
Line Found : user_pref("CT3225826.BT_Stats", "{\"last_log\":1348683643,\"uuid\":327923886205745,\"seq_id\":1,\"ssb\":1348683643}");
Line Found : user_pref("CT3225826.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3225826.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3225826.FirstTime", "true");
Line Found : user_pref("CT3225826.FirstTimeFF3", "true");
Line Found : user_pref("CT3225826.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&SearchSource=2&q=");
Line Found : user_pref("CT3225826.UserID", "UN93681066313891280");
Line Found : user_pref("CT3225826.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3225826.autoDisableScopes", -1);
Line Found : user_pref("CT3225826.browser.search.defaultthis.engineName", true);
Line Found : user_pref("CT3225826.cbfirsttime", "Wed Sep 26 2012 20:20:49 GMT+0200");
Line Found : user_pref("CT3225826.embeddedsData", "[{\"appId\":\"129830626805552092\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Found : user_pref("CT3225826.enableAlerts", "always");
Line Found : user_pref("CT3225826.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT3225826.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3225826.fixPageNotFoundError", "true");
Line Found : user_pref("CT3225826.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3225826.fixUrls", true);
Line Found : user_pref("CT3225826.installId", "fftCDBC.tmp.exe");
Line Found : user_pref("CT3225826.installType", "XPE");
Line Found : user_pref("CT3225826.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3225826.isNewTabEnabled", false);
Line Found : user_pref("CT3225826.isPerformedSmartBarTransition", "true");
Line Found : user_pref("CT3225826.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3225826.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3225826.keyword", true);
Line Found : user_pref("CT3225826.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BitTorrentControlv12.Our[...]
Line Found : user_pref("CT3225826.openThankYouPage", "true");
Line Found : user_pref("CT3225826.openUninstallPage", "FALSE");
Line Found : user_pref("CT3225826.search.searchAppId", "129830626805552092");
Line Found : user_pref("CT3225826.search.searchCount", "0");
Line Found : user_pref("CT3225826.searchInNewTabEnabled", "false");
Line Found : user_pref("CT3225826.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3225826.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3225826.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3225826.sendUsageEnabled", "false");
Line Found : user_pref("CT3225826.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3225826.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3225826\"}");
Line Found : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentControlv12.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentControl_v12\"}");
Line Found : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3225826.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3225826.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1348683639788");
Line Found : user_pref("CT3225826.serviceLayer_services_appsMetadata_lastUpdate", "1348683639777");
Line Found : user_pref("CT3225826.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1348683640552");
Line Found : user_pref("CT3225826.serviceLayer_services_login_10.10.27.6_lastUpdate", "1348683641278");
Line Found : user_pref("CT3225826.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1348683640176");
Line Found : user_pref("CT3225826.serviceLayer_services_searchAPI_lastUpdate", "1348683639183");
Line Found : user_pref("CT3225826.serviceLayer_services_serviceMap_lastUpdate", "1348683638409");
Line Found : user_pref("CT3225826.serviceLayer_services_toolbarContextMenu_lastUpdate", "1348683642587");
Line Found : user_pref("CT3225826.serviceLayer_services_toolbarSettings_lastUpdate", "1348683638984");
Line Found : user_pref("CT3225826.serviceLayer_services_translation_lastUpdate", "1348683640435");
Line Found : user_pref("CT3225826.settingsINI", true);
Line Found : user_pref("CT3225826.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3225826.smartbar.CTID", "CT3225826");
Line Found : user_pref("CT3225826.smartbar.Uninstall", "0");
Line Found : user_pref("CT3225826.smartbar.homepage", true);
Line Found : user_pref("CT3225826.smartbar.toolbarName", "BitTorrentControl_v12 ");
Line Found : user_pref("CT3225826.startPage", "userChanged");
Line Found : user_pref("CT3225826.toolbarBornServerTime", "26-9-2012");
Line Found : user_pref("CT3225826.toolbarCurrentServerTime", "26-9-2012");
Line Found : user_pref("Smartbar.ConduitHomepagesList", "");
Line Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.searchqu.com/web?src=ffb&systemid=101&q=");
Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "");
Line Found : user_pref("browser.search.defaultenginename", "SweetIM Search");
Line Found : user_pref("browser.search.order.1", "Web Search");
Line Found : user_pref("ibxcomtb.defs", "<buttons>\r\n<button id=\"maps_search_cz\" position=\"241\" default=\"3\" type=\"simple\" action=\"hxxp://toolbar.inbox.com/link.aspx?code=maps_search_cz_mapsgoogle&amp;que[...]
Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.engineVerified", true);
Line Found : user_pref("icqtoolbar.firstTbRun", false);
Line Found : user_pref("icqtoolbar.geolastmodified", 1351026649);
Line Found : user_pref("icqtoolbar.history", "moulin%20rouge%20brno||moulin%20rouge||klub%20belveder||kino%20%C5%A1pal%C3%AD%C4%8Dek%20brno||%22martin%20kunert%22||%22jarmila%20vintrov%C3%A1%22||hxxp%3A%2F%2Fwww.g[...]
Line Found : user_pref("icqtoolbar.icqgeo", 42);
Line Found : user_pref("icqtoolbar.installTime", "1351061581");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "16.0.1");
Line Found : user_pref("icqtoolbar.skip_default_search", "no");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uninstStatSent", true);
Line Found : user_pref("icqtoolbar.uniqueID", "125346813512534681351253471628096");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1351026652);
Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.1&q=");

-\\ Google Chrome v

[ File : C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [47869 octets] - [05/11/2013 11:56:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [47930 octets] ##########

[tony13]

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.05.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Comfor :: COMFOR-PC [administrátor]

Ochrana: Zakázána

5.11.2013 12:11:34
MBAM-log-2013-11-05 (12-31-32).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 226284
Uplynulý čas: 9 minut, 11 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (PUP.Optional.InboxToolBar.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {07341179-08DC-11E2-B8F1-00235A19F8EB} -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {07341179-08DC-11E2-B8F1-00235A19F8EB} -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 2
C:\Users\Comfor\AppData\Roaming\OPENCANDY (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Comfor\AppData\Roaming\OPENCANDY\OpenCandy_C66D24E1FE924748BEFF8D251F1CB296 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 5
C:\Users\Comfor\Downloads\TorrentDownload.exe (PUP.Optional.Installrex) -> Nebyla provedena žádná instrukce.
C:\Users\Comfor\Downloads\YTDSetup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Comfor\AppData\Roaming\Mozilla\EXTENSIONS\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Nebyla provedena žádná instrukce.
C:\Users\Comfor\AppData\Roaming\OPENCANDY\OPENCANDY_C66D24E1FE924748BEFF8D251F1CB296\1193.ico (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Comfor\AppData\Roaming\OPENCANDY\OPENCANDY_C66D24E1FE924748BEFF8D251F1CB296\SpeedstarterCZ.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)

[memphisto]

V obou nech vše smazat a dodej logy

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[tony13]

# AdwCleaner v3.011 - Report created 06/11/2013 at 08:33:21
# Updated 03/11/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Comfor - COMFOR-PC
# Running from : C:\Users\Comfor\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Users\Comfor\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Comfor\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Comfor\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\Comfor\AppData\Roaming\Desktopicon
Folder Deleted : C:\Users\Comfor\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\ICQToolbarData
Folder Deleted : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\SearchquTB
Folder Deleted : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\Smartbar
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\searchplugins\SearchquWebSearch.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
File Deleted : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09BF21AA-CFD4-4121-AAAB-8635DFA00E1E}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08E3692-7D76-4271-B486-17BF9D305E14}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Bandoo
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16448

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\prefs.js ]

Line Deleted : user_pref("CT3225826.129887590378280857.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0,closeonexternalclick=1,savelocation=0,openposition=offset:(0;30)");
Line Deleted : user_pref("CT3225826.BT_Stats", "{\"last_log\":1348683643,\"uuid\":327923886205745,\"seq_id\":1,\"ssb\":1348683643}");
Line Deleted : user_pref("CT3225826.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3225826.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3225826.FirstTime", "true");
Line Deleted : user_pref("CT3225826.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3225826.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&SearchSource=2&q=");
Line Deleted : user_pref("CT3225826.UserID", "UN93681066313891280");
Line Deleted : user_pref("CT3225826.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3225826.autoDisableScopes", -1);
Line Deleted : user_pref("CT3225826.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT3225826.cbfirsttime", "Wed Sep 26 2012 20:20:49 GMT+0200");
Line Deleted : user_pref("CT3225826.embeddedsData", "[{\"appId\":\"129830626805552092\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3225826.enableAlerts", "always");
Line Deleted : user_pref("CT3225826.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3225826.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3225826.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3225826.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3225826.fixUrls", true);
Line Deleted : user_pref("CT3225826.installId", "fftCDBC.tmp.exe");
Line Deleted : user_pref("CT3225826.installType", "XPE");
Line Deleted : user_pref("CT3225826.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3225826.isNewTabEnabled", false);
Line Deleted : user_pref("CT3225826.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3225826.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3225826.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3225826.keyword", true);
Line Deleted : user_pref("CT3225826.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BitTorrentControlv12.Our[...]
Line Deleted : user_pref("CT3225826.openThankYouPage", "true");
Line Deleted : user_pref("CT3225826.openUninstallPage", "FALSE");
Line Deleted : user_pref("CT3225826.search.searchAppId", "129830626805552092");
Line Deleted : user_pref("CT3225826.search.searchCount", "0");
Line Deleted : user_pref("CT3225826.searchInNewTabEnabled", "false");
Line Deleted : user_pref("CT3225826.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3225826.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3225826.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3225826.sendUsageEnabled", "false");
Line Deleted : user_pref("CT3225826.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3225826\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentControlv12.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentControl_v12\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3225826.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1348683639788");
Line Deleted : user_pref("CT3225826.serviceLayer_services_appsMetadata_lastUpdate", "1348683639777");
Line Deleted : user_pref("CT3225826.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1348683640552");
Line Deleted : user_pref("CT3225826.serviceLayer_services_login_10.10.27.6_lastUpdate", "1348683641278");
Line Deleted : user_pref("CT3225826.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1348683640176");
Line Deleted : user_pref("CT3225826.serviceLayer_services_searchAPI_lastUpdate", "1348683639183");
Line Deleted : user_pref("CT3225826.serviceLayer_services_serviceMap_lastUpdate", "1348683638409");
Line Deleted : user_pref("CT3225826.serviceLayer_services_toolbarContextMenu_lastUpdate", "1348683642587");
Line Deleted : user_pref("CT3225826.serviceLayer_services_toolbarSettings_lastUpdate", "1348683638984");
Line Deleted : user_pref("CT3225826.serviceLayer_services_translation_lastUpdate", "1348683640435");
Line Deleted : user_pref("CT3225826.settingsINI", true);
Line Deleted : user_pref("CT3225826.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3225826.smartbar.CTID", "CT3225826");
Line Deleted : user_pref("CT3225826.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3225826.smartbar.homepage", true);
Line Deleted : user_pref("CT3225826.smartbar.toolbarName", "BitTorrentControl_v12 ");
Line Deleted : user_pref("CT3225826.startPage", "userChanged");
Line Deleted : user_pref("CT3225826.toolbarBornServerTime", "26-9-2012");
Line Deleted : user_pref("CT3225826.toolbarCurrentServerTime", "26-9-2012");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.searchqu.com/web?src=ffb&systemid=101&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "");
Line Deleted : user_pref("browser.search.defaultenginename", "SweetIM Search");
Line Deleted : user_pref("browser.search.order.1", "Web Search");
Line Deleted : user_pref("ibxcomtb.defs", "<buttons>\r\n<button id=\"maps_search_cz\" position=\"241\" default=\"3\" type=\"simple\" action=\"hxxp://toolbar.inbox.com/link.aspx?code=maps_search_cz_mapsgoogle&amp;que[...]
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1351026649);
Line Deleted : user_pref("icqtoolbar.history", "moulin%20rouge%20brno||moulin%20rouge||klub%20belveder||kino%20%C5%A1pal%C3%AD%C4%8Dek%20brno||%22martin%20kunert%22||%22jarmila%20vintrov%C3%A1%22||hxxp%3A%2F%2Fwww.g[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1351061581");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "16.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
Line Deleted : user_pref("icqtoolbar.uniqueID", "125346813512534681351253471628096");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1351026652);
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.1&q=");

-\\ Google Chrome v

[ File : C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [48011 octets] - [05/11/2013 11:56:03]
AdwCleaner[R1].txt - [48072 octets] - [06/11/2013 08:31:24]
AdwCleaner[S0].txt - [17074 octets] - [06/11/2013 08:33:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17135 octets] ##########

[tony13]

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.05.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Comfor :: COMFOR-PC [administrátor]

Ochrana: Povolena

6.11.2013 8:36:56
mbam-log-2013-11-06 (08-36-56).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 226517
Uplynulý čas: 10 minut, 41 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Users\Comfor\Downloads\TorrentDownload.exe (PUP.Optional.Installrex) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Comfor\Downloads\YTDSetup.exe (PUP.Optional.Spigot.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Comfor\AppData\Roaming\Mozilla\EXTENSIONS\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Přesun do karantény a smazání se zdařilo.

(konec)

[tony13]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Comfor on st 06.11.2013 at 9:16:16,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 06.11.2013 at 9:22:33,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[tony13]

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : Comfor [Práva správce]
Mód : Kontrola -- Datum : 11/06/2013 10:54:13
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FF][PROXY] 5ye992uu.default : user_pref("network.proxy.hxxp", "proxy.mendelu.cz"); -> NALEZENO
[FF][PROXY] 5ye992uu.default : user_pref("network.proxy.hxxp_port", 5555); -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85AE31F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85AE31F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85AE31F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85AE31F8)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85AE31F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85AE31F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85AE31F8)
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3614CC66)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3614CC66)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3614CC66)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500BEVT-88ZCT0 ATA Device +++++
--- User ---
[MBR] 9197f2cba4fdf160c3d41a3a90e8f46e
[BSP] 73ee09f6a8c6eaee0636e5b22a4bcb19 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 209726 Mo
2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 432598320 | Size: 27243 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11062013_105413.txt >>

[Žbeky]

Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[tony13]

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : Comfor [Práva správce]
Mód : Odebrat -- Datum : 11/07/2013 09:17:53
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85CE21F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85CE21F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85CE21F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85CE21F8)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85CE21F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85CE21F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85CE21F8)
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36B56C66)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36B56C66)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36B56C66)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500BEVT-88ZCT0 ATA Device +++++
--- User ---
[MBR] 9197f2cba4fdf160c3d41a3a90e8f46e
[BSP] 73ee09f6a8c6eaee0636e5b22a4bcb19 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 209726 Mo
2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 432598320 | Size: 27243 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_11072013_091753.txt >>
RKreport[0]_S_11072013_091730.txt

[tony13]

09:23:13.0244 0x12b0 TDSS rootkit removing tool 3.0.0.16 Nov 1 2013 15:53:38
09:23:17.0190 0x12b0 ============================================================
09:23:17.0190 0x12b0 Current date / time: 2013/11/07 09:23:17.0190
09:23:17.0190 0x12b0 SystemInfo:
09:23:17.0190 0x12b0
09:23:17.0190 0x12b0 OS Version: 6.0.6002 ServicePack: 2.0
09:23:17.0190 0x12b0 Product type: Workstation
09:23:17.0190 0x12b0 ComputerName: COMFOR-PC
09:23:17.0190 0x12b0 UserName: Comfor
09:23:17.0190 0x12b0 Windows directory: C:\Windows
09:23:17.0190 0x12b0 System windows directory: C:\Windows
09:23:17.0190 0x12b0 Processor architecture: Intel x86
09:23:17.0190 0x12b0 Number of processors: 2
09:23:17.0190 0x12b0 Page size: 0x1000
09:23:17.0190 0x12b0 Boot type: Normal boot
09:23:17.0190 0x12b0 ============================================================
09:23:19.0796 0x12b0 System UUID: {A1BFE909-8F5A-3459-7FCB-76BED1CD4B61}
09:23:20.0513 0x12b0 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:23:20.0529 0x12b0 ============================================================
09:23:20.0529 0x12b0 \Device\Harddisk0\DR0:
09:23:20.0529 0x12b0 MBR partitions:
09:23:20.0529 0x12b0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
09:23:20.0529 0x12b0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1999F188
09:23:20.0544 0x12b0 ============================================================
09:23:20.0607 0x12b0 C: <-> \Device\Harddisk0\DR0\Partition2
09:23:20.0654 0x12b0 S: <-> \Device\Harddisk0\DR0\Partition1
09:23:20.0654 0x12b0 ============================================================
09:23:20.0654 0x12b0 Initialize success
09:23:20.0654 0x12b0 ============================================================
09:23:23.0384 0x156c ============================================================
09:23:23.0384 0x156c Scan started
09:23:23.0384 0x156c Mode: Manual;
09:23:23.0384 0x156c ============================================================
09:23:23.0384 0x156c KSN ping started
09:23:23.0571 0x156c KSN ping finished: true
09:23:24.0897 0x156c ================ Scan system memory ========================
09:23:24.0897 0x156c System memory - ok
09:23:24.0897 0x156c ================ Scan services =============================
09:23:25.0146 0x156c [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:23:25.0162 0x156c ACPI - ok
09:23:25.0287 0x156c [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:23:25.0287 0x156c AdobeARMservice - ok
09:23:25.0349 0x156c [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:23:25.0380 0x156c adp94xx - ok
09:23:25.0412 0x156c [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:23:25.0427 0x156c adpahci - ok
09:23:25.0474 0x156c [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:23:25.0490 0x156c adpu160m - ok
09:23:25.0521 0x156c [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:23:25.0521 0x156c adpu320 - ok
09:23:25.0568 0x156c [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:23:25.0568 0x156c AeLookupSvc - ok
09:23:25.0630 0x156c [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD C:\Windows\system32\drivers\afd.sys
09:23:25.0630 0x156c AFD - ok
09:23:25.0661 0x156c [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:23:25.0661 0x156c agp440 - ok
09:23:25.0692 0x156c [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:23:25.0692 0x156c aic78xx - ok
09:23:25.0724 0x156c [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
09:23:25.0724 0x156c ALG - ok
09:23:25.0755 0x156c [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
09:23:25.0755 0x156c aliide - ok
09:23:25.0802 0x156c [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:23:25.0802 0x156c amdagp - ok
09:23:25.0833 0x156c [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
09:23:25.0833 0x156c amdide - ok
09:23:25.0848 0x156c [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:23:25.0848 0x156c AmdK7 - ok
09:23:25.0864 0x156c [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:23:25.0880 0x156c AmdK8 - ok
09:23:25.0880 0x156c AmdLLD - ok
09:23:25.0926 0x156c [ 0F83CB9BCB247869BCAD28026B8F134B, 3C44950C4714DDB16E397B5C8937129771BC3DB2B432FB01A5CA15297EAD28FA ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:23:25.0942 0x156c ApfiltrService - ok
09:23:25.0973 0x156c [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
09:23:25.0973 0x156c Appinfo - ok
09:23:26.0004 0x156c [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
09:23:26.0004 0x156c arc - ok
09:23:26.0020 0x156c [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:23:26.0036 0x156c arcsas - ok
09:23:26.0098 0x156c [ D5730129EA9ADF7AE710DA0B14F9DE19, 79DECECA6DF86D85280C41242924753302B181584E3C4E60EF0F0E8EE2672E64 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:23:26.0098 0x156c aswFsBlk - ok
09:23:26.0145 0x156c [ 6F23333C8358D267718F9ECB21CBB6F4, 647A743E9E95763B45BF2A83A30C5FD08CB085DC805B096724ACE29037AF29A1 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:23:26.0160 0x156c aswMonFlt - ok
09:23:26.0207 0x156c [ 29CB7009F11470A24B1D49849A6118A5, 67CAF72D6DB5E10889AFDD90D004B15A3FCFF47432167C209A6DB5233206A626 ] AswRdr C:\Windows\system32\drivers\aswRdr.sys
09:23:26.0207 0x156c AswRdr - ok
09:23:26.0270 0x156c [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
09:23:26.0285 0x156c aswRvrt - ok
09:23:26.0363 0x156c [ 50C85412AD31F5C0F687F00C2E34C673, D8EBD884AD717DFC78948177A1DED1D6FD8E3E88B20847751078B553F6C5D54A ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:23:26.0394 0x156c aswSnx - ok
09:23:26.0457 0x156c [ DDEBA353975F0827143484D5A9310935, 639FFE049A95679FB7B58D971A11DD73A37233DE0F7A017388E4B7A47E0D21BD ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:23:26.0472 0x156c aswSP - ok
09:23:26.0504 0x156c [ 8BCD47E79EAA40C387D7B9DCEC41DE2D, FDED5A91287037DA21C5456BD67C5898FB6F063B28DD97B1E47D4AB0D9365BAD ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:23:26.0504 0x156c aswTdi - ok
09:23:26.0535 0x156c [ BADA8FD627F1D0E22308211C33F0BDB5, F88751280969B8963DCFC684C99C7CCF396B50FD0AC0F869628A009557438609 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
09:23:26.0550 0x156c aswVmm - ok
09:23:26.0582 0x156c [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:23:26.0582 0x156c AsyncMac - ok
09:23:26.0613 0x156c [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
09:23:26.0613 0x156c atapi - ok
09:23:26.0675 0x156c [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:23:26.0691 0x156c AudioEndpointBuilder - ok
09:23:26.0722 0x156c [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:23:26.0738 0x156c Audiosrv - ok
09:23:26.0816 0x156c [ 4BE7EC02133544CDE7A580875E130208, DF665024664252BB6005B80B99C091905F9B5873D58CE9FED2E66F578E372D13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:23:26.0816 0x156c avast! Antivirus - ok
09:23:26.0878 0x156c [ F17463EDDB3B6A988F939FF403E067C3, 77B2CB22F622D5D753E1FA1E9609170526CBDD738F298DE9B6342D2CEB2CA1BA ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:23:26.0878 0x156c b57nd60x - ok
09:23:26.0987 0x156c [ 36AEC496BA179120305319D1086228FC, C60495F7D3ADF07260C8254E27CDD3994B88BAA95114189FF05E71DE934584C1 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
09:23:27.0034 0x156c BCM43XX - ok
09:23:27.0081 0x156c [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
09:23:27.0081 0x156c Beep - ok
09:23:27.0128 0x156c [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
09:23:27.0143 0x156c BFE - ok
09:23:27.0237 0x156c [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
09:23:27.0284 0x156c BITS - ok
09:23:27.0315 0x156c [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:23:27.0315 0x156c blbdrive - ok
09:23:27.0362 0x156c [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:23:27.0362 0x156c bowser - ok
09:23:27.0393 0x156c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:23:27.0393 0x156c BrFiltLo - ok
09:23:27.0408 0x156c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:23:27.0408 0x156c BrFiltUp - ok
09:23:27.0440 0x156c [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
09:23:27.0455 0x156c Browser - ok
09:23:27.0471 0x156c [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:23:27.0471 0x156c Brserid - ok
09:23:27.0502 0x156c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:23:27.0502 0x156c BrSerWdm - ok
09:23:27.0518 0x156c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:23:27.0518 0x156c BrUsbMdm - ok
09:23:27.0549 0x156c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:23:27.0549 0x156c BrUsbSer - ok
09:23:27.0564 0x156c [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:23:27.0580 0x156c BTHMODEM - ok
09:23:27.0611 0x156c [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
09:23:27.0627 0x156c BthServ - ok
09:23:27.0642 0x156c [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:23:27.0642 0x156c cdfs - ok
09:23:27.0689 0x156c [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:23:27.0689 0x156c cdrom - ok
09:23:27.0720 0x156c [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
09:23:27.0720 0x156c CertPropSvc - ok
09:23:27.0752 0x156c [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
09:23:27.0752 0x156c circlass - ok
09:23:27.0798 0x156c [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
09:23:27.0798 0x156c CLFS - ok
09:23:27.0876 0x156c [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:23:27.0876 0x156c clr_optimization_v2.0.50727_32 - ok
09:23:27.0954 0x156c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:23:27.0954 0x156c clr_optimization_v4.0.30319_32 - ok
09:23:28.0017 0x156c [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:23:28.0017 0x156c CmBatt - ok
09:23:28.0032 0x156c [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:23:28.0048 0x156c cmdide - ok
09:23:28.0095 0x156c [ 8B7A0CE6613F991359FF95212900396C, 11D95BF40F5AAE9638B21AE2AFA78213DED1934D14FF27293942DE25528B5A46 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
09:23:28.0110 0x156c CnxtHdAudService - ok
09:23:28.0126 0x156c [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:23:28.0126 0x156c Compbatt - ok
09:23:28.0142 0x156c COMSysApp - ok
09:23:28.0173 0x156c [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:23:28.0173 0x156c crcdisk - ok
09:23:28.0204 0x156c [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:23:28.0204 0x156c Crusoe - ok
09:23:28.0251 0x156c [ 75C6A297E364014840B48ECCD7525E30, CD12F8DC46590B4E9D6629A75E5D21146F62188772CF29594B4D9A4E911D1088 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:23:28.0266 0x156c CryptSvc - ok
09:23:28.0329 0x156c [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:23:28.0376 0x156c DcomLaunch - ok
09:23:28.0391 0x156c [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:23:28.0407 0x156c DfsC - ok
09:23:28.0547 0x156c [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
09:23:28.0672 0x156c DFSR - ok
09:23:28.0734 0x156c [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:23:28.0750 0x156c Dhcp - ok
09:23:28.0766 0x156c [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
09:23:28.0766 0x156c disk - ok
09:23:28.0812 0x156c [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:23:28.0812 0x156c Dnscache - ok
09:23:28.0859 0x156c [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
09:23:28.0875 0x156c dot3svc - ok
09:23:28.0922 0x156c [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
09:23:28.0937 0x156c DPS - ok
09:23:28.0968 0x156c [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:23:28.0968 0x156c drmkaud - ok
09:23:29.0046 0x156c [ C68AC676B0EF30CFBB1080ADCE49EB1F, 62A808F2BB22507B66AE825315BBB655776AFEFD9E7DE33795DD308ACE87F0CD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:23:29.0078 0x156c DXGKrnl - ok
09:23:29.0109 0x156c [ 908ED85B7806E8AF3AF5E9B74F7809D4, 9A763D247035578A946094D2C1CE8204E6EDFFD7237C7BF2058B5F4ECC0306E0 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
09:23:29.0109 0x156c e1express - ok
09:23:29.0140 0x156c [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:23:29.0140 0x156c E1G60 - ok
09:23:29.0171 0x156c [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
09:23:29.0171 0x156c EapHost - ok
09:23:29.0218 0x156c [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
09:23:29.0218 0x156c Ecache - ok
09:23:29.0296 0x156c [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:23:29.0327 0x156c ehRecvr - ok
09:23:29.0358 0x156c [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
09:23:29.0374 0x156c ehSched - ok
09:23:29.0390 0x156c [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
09:23:29.0390 0x156c ehstart - ok
09:23:29.0452 0x156c [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:23:29.0468 0x156c elxstor - ok
09:23:29.0530 0x156c [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:23:29.0577 0x156c EMDMgmt - ok
09:23:29.0624 0x156c EraserUtilDrvI3 - ok
09:23:29.0639 0x156c [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:23:29.0639 0x156c ErrDev - ok
09:23:29.0717 0x156c [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
09:23:29.0733 0x156c EventSystem - ok
09:23:29.0780 0x156c [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
09:23:29.0795 0x156c exfat - ok
09:23:29.0826 0x156c [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:23:29.0842 0x156c fastfat - ok
09:23:29.0873 0x156c [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:23:29.0873 0x156c fdc - ok
09:23:29.0904 0x156c [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
09:23:29.0920 0x156c fdPHost - ok
09:23:29.0936 0x156c [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
09:23:29.0936 0x156c FDResPub - ok
09:23:29.0982 0x156c [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:23:29.0982 0x156c FileInfo - ok
09:23:29.0998 0x156c [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:23:30.0014 0x156c Filetrace - ok
09:23:30.0092 0x156c [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:23:30.0138 0x156c FLEXnet Licensing Service - ok
09:23:30.0170 0x156c [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:23:30.0170 0x156c flpydisk - ok
09:23:30.0216 0x156c [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:23:30.0216 0x156c FltMgr - ok
09:23:30.0326 0x156c [ 8CE364388C8ECA59B14B539179276D44, AD37AD512412A1A0955218A3DA0D6FBE1E30F373153CAF5912EFC076D348FED8 ] FontCache C:\Windows\system32\FntCache.dll
09:23:30.0372 0x156c FontCache - ok
09:23:30.0450 0x156c [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:23:30.0450 0x156c FontCache3.0.0.0 - ok
09:23:30.0497 0x156c [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:23:30.0497 0x156c Fs_Rec - ok
09:23:30.0528 0x156c [ 000B97EFE617D05F197420E4112DC8A8, 959931809C8394894BB0D1CBB7A31A053817170128F8035F10153308AE8891C5 ] funfrm C:\Windows\system32\drivers\funfrm.sys
09:23:30.0544 0x156c funfrm - ok
09:23:30.0560 0x156c [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:23:30.0575 0x156c gagp30kx - ok
09:23:30.0638 0x156c [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
09:23:30.0684 0x156c gpsvc - ok
09:23:30.0731 0x156c [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:23:30.0731 0x156c gupdate - ok
09:23:30.0762 0x156c [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:23:30.0762 0x156c gupdatem - ok
09:23:30.0809 0x156c [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:23:30.0825 0x156c gusvc - ok
09:23:30.0856 0x156c [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:23:30.0872 0x156c HdAudAddService - ok
09:23:30.0934 0x156c [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:23:30.0965 0x156c HDAudBus - ok
09:23:30.0996 0x156c [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:23:30.0996 0x156c HidBth - ok
09:23:31.0012 0x156c [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
09:23:31.0012 0x156c HidIr - ok
09:23:31.0074 0x156c [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
09:23:31.0074 0x156c hidserv - ok
09:23:31.0137 0x156c [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:23:31.0137 0x156c HidUsb - ok
09:23:31.0168 0x156c [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
09:23:31.0184 0x156c hkmsvc - ok
09:23:31.0199 0x156c [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:23:31.0199 0x156c HpCISSs - ok
09:23:31.0262 0x156c [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:23:31.0262 0x156c HSFHWAZL - ok
09:23:31.0355 0x156c [ FADD7095163CB3CB4073793EBB50FE75, 12555D259DA75CA4B4EC8F5F86EAA2A57270BC2016E2DE05AFE95256E8C010E2 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:23:31.0402 0x156c HSF_DPV - ok
09:23:31.0449 0x156c [ 058783BEDD17615D1FECE09F77960436, 2DC2C98F40016C50521C0BE4C276C04065376A43F81DCBCE80E8E09F850AF1C8 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:23:31.0464 0x156c HSXHWAZL - ok
09:23:31.0511 0x156c [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:23:31.0542 0x156c HTTP - ok
09:23:31.0558 0x156c [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:23:31.0558 0x156c i2omp - ok
09:23:31.0589 0x156c [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:23:31.0589 0x156c i8042prt - ok
09:23:31.0636 0x156c [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:23:31.0652 0x156c iaStorV - ok
09:23:31.0698 0x156c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:23:31.0698 0x156c IDriverT - ok
09:23:31.0839 0x156c [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:23:31.0917 0x156c idsvc - ok
09:23:32.0494 0x156c [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:23:32.0884 0x156c igfx - ok
09:23:32.0978 0x156c [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:23:32.0978 0x156c iirsp - ok
09:23:33.0071 0x156c [ 9908D8A397B76CD8D31D0D383C5773C9, FFA6996BE9F11A81CB63C849C2400EB44A07706D1EEB7A3502D4110DAC3684A2 ] IKEEXT C:\Windows\System32\ikeext.dll
09:23:33.0102 0x156c IKEEXT - ok
09:23:33.0149 0x156c [ C7E7E43CBD34D3B0A0156B51B917DFCC, 8F40D053D1AF89E0739D798D41F92801F95AB55CA0109386C426AB57784DD540 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
09:23:33.0165 0x156c IntcHdmiAddService - ok
09:23:33.0180 0x156c [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
09:23:33.0180 0x156c intelide - ok
09:23:33.0212 0x156c [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:23:33.0212 0x156c intelppm - ok
09:23:33.0243 0x156c [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:23:33.0258 0x156c IPBusEnum - ok
09:23:33.0274 0x156c [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:23:33.0274 0x156c IpFilterDriver - ok
09:23:33.0305 0x156c [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:23:33.0336 0x156c iphlpsvc - ok
09:23:33.0352 0x156c IpInIp - ok
09:23:33.0368 0x156c [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:23:33.0368 0x156c IPMIDRV - ok
09:23:33.0399 0x156c [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:23:33.0414 0x156c IPNAT - ok
09:23:33.0430 0x156c [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:23:33.0430 0x156c IRENUM - ok
09:23:33.0461 0x156c [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:23:33.0461 0x156c isapnp - ok
09:23:33.0508 0x156c [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:23:33.0524 0x156c iScsiPrt - ok
09:23:33.0555 0x156c [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:23:33.0555 0x156c iteatapi - ok
09:23:33.0602 0x156c [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:23:33.0602 0x156c iteraid - ok
09:23:33.0695 0x156c [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:23:33.0695 0x156c IviRegMgr - ok
09:23:33.0726 0x156c [ A69A1B991824B98F744913555F665893, C113FC03DD043F500E68F8E8AC74C17840270BEEEF0E19E5CAF37FA4DD72AD22 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
09:23:33.0726 0x156c JMCR - ok
09:23:33.0773 0x156c [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:23:33.0773 0x156c kbdclass - ok
09:23:33.0804 0x156c [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:23:33.0804 0x156c kbdhid - ok
09:23:33.0836 0x156c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
09:23:33.0851 0x156c KeyIso - ok
09:23:33.0914 0x156c [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:23:33.0929 0x156c KSecDD - ok
09:23:33.0976 0x156c [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:23:34.0038 0x156c KtmRm - ok
09:23:34.0085 0x156c [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
09:23:34.0101 0x156c LanmanServer - ok
09:23:34.0148 0x156c [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:23:34.0163 0x156c LanmanWorkstation - ok