Prosím o kontrolu logu -> zamrzání, pády netu Vyřešeno

[Slegr]

Zdravím, kamarádku trpí častým zamrzáním PC, výpadky netu zřejmě v souvislosti s nějakým šmejdem v počítači. Poprosil bych o kontrololu logu - > pokusím se na dálku přetlumočit případné pokyny od Vás (pokud by nerozuměla). Děkuji

Pc projet Avastem s negativním výsledkem, pročištěn CCleanerem včetně registrů.
Hned po otevření logu jsem jí řek ať odinstaluje všechny toolbary -> na tom teď pracuje.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:21, on 28.8.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\QSTART.SYS\config\DVMExportService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmctl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\moje programy\vyhledávač chyb\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4984
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: GdfrDUEn - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: KMPlayer Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:4d9cc66ebaa24613ee08ddce437e82fd] "C:\DOCUME~1\Michala\LOCALS~1\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Documents and Settings\Michala\Data aplikací\Seznam.cz"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm
O9 - Extra button: LENOVO - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\moje programy\icq7\ICQ7.0\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\moje programy\icq7\ICQ7.0\ICQ.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\moje programy\qip\qip-instalace\QIP\qip.exe (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{8444E25C-9D12-4CAC-81C7-E127394AC5C9}: NameServer = 213.194.204.126,85.132.148.70
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: PicNotify - PicNotify.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\QSTART.SYS\config\DVMExportService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: System Repair Windows Update Monitor (System_Repair_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
O23 - Service: Vodafone Mobile Connect Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--
End of file - 7024 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Slegr]

ATF hotovo.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.28.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Michala :: LENOVO-388D0B3C [administrátor]

Ochrana: Zakázána

28.8.2013 23:51:56
MBAM-log-2013-08-29 (00-11-52).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 192175
Uplynulý čas: 10 minut, 20 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Documents and Settings\Michala\Dokumenty\downloads\KeyLogger 1.5.5.rar (Trojan.KeyLogger) -> Nebyla provedena žádná instrukce.

(konec)

[Slegr]

# AdwCleaner v3.001 - Report created 29/08/2013 at 00:27:06
# Updated 24/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Michala - LENOVO-388D0B3C
# Running from : C:\Documents and Settings\Michala\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : DvmMDES

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\\invalidprefs.js
File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\bProtector_extensions.rdf
File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\Babylon.xml
File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\BrowserProtect.xml
File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin.xml
File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin-1.xml
File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin-2.xml
File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin-3.xml
File Found : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin-4.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Found C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
Folder Found C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Found C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found C:\Documents and Settings\Michala\Data aplikací\Babylon
Folder Found C:\Documents and Settings\Michala\Data aplikací\OpenCandy
Folder Found C:\Documents and Settings\Michala\Local Settings\Data aplikací\AskToolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\5c6dd8fe06ee512
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\DeviceVM
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\Software\PIP
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www1.delta-search.com/?babsrc=HP ... 4&tsp=4984
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.qip.ru/ie
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qip.ru/ie
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://www1.delta-search.com/?babsrc=NT ... 4&tsp=4984
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [] - Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\prefs.js ]

Line Found : user_pref("avg.install.userHPSettings", "hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=703F002682372B71");
Line Found : user_pref("avg.install.userSPSettings", "Delta Search");
Line Found : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=703F002682372B71&affID=121564&tsp=4984");
Line Found : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Line Found : user_pref("extensions.asktb.apn_dbr", "ff_12.0");
Line Found : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Line Found : user_pref("extensions.asktb.cbid", "^RY");
Line Found : user_pref("extensions.asktb.config-updated", true);
Line Found : user_pref("extensions.asktb.count", "43");
Line Found : user_pref("extensions.asktb.crumb", "2013.04.12+06.57.23-toolbar008iad-CZ-QnJubyxDemVjaCBSZXB1YmxpYw%3D%3D");
Line Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
Line Found : user_pref("extensions.asktb.displaybehavior", "1");
Line Found : user_pref("extensions.asktb.displaytext", "Listen%20to%20music");
Line Found : user_pref("extensions.asktb.dtid", "^YYYYYY^V2^CZ");
Line Found : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Line Found : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0014");
Line Found : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Line Found : user_pref("extensions.asktb.fresh-install", false);
Line Found : user_pref("extensions.asktb.guid", "70a4a4ad-0477-4e6b-b4f1-95b7e1e3bc0b");
Line Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Line Found : user_pref("extensions.asktb.if", "first");
Line Found : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Line Found : user_pref("extensions.asktb.l", "dis");
Line Found : user_pref("extensions.asktb.last-config-req", "1377680662533");
Line Found : user_pref("extensions.asktb.locale", "en_EU");
Line Found : user_pref("extensions.asktb.location", "Brno,Czech Republic");
Line Found : user_pref("extensions.asktb.lstation", "s106657");
Line Found : user_pref("extensions.asktb.new-tab-opt-out", true);
Line Found : user_pref("extensions.asktb.news-native-on", true);
Line Found : user_pref("extensions.asktb.o", "15184");
Line Found : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line Found : user_pref("extensions.asktb.pstate", "");
Line Found : user_pref("extensions.asktb.qsrc", "2871");
Line Found : user_pref("extensions.asktb.r", "3");
Line Found : user_pref("extensions.asktb.sa", "NO");
Line Found : user_pref("extensions.asktb.search-suggestions-enabled", true);
Line Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Line Found : user_pref("extensions.asktb.socialmini-first", true);
Line Found : user_pref("extensions.asktb.socialmini-interval", "1200000");
Line Found : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Line Found : user_pref("extensions.asktb.socialmini-max-items", "30");
Line Found : user_pref("extensions.asktb.socialmini-native-on", true);
Line Found : user_pref("extensions.asktb.socialmini-speed", "10000");
Line Found : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Line Found : user_pref("extensions.asktb.themeid", "");
Line Found : user_pref("extensions.asktb.to", "");
Line Found : user_pref("extensions.asktb.version", "5.17.6.42067");
Line Found : user_pref("extensions.asktb.volume", "");
Line Found : user_pref("extensions.crossrider.bic", "140b248803117fb151cd87bceeeafcf7");
Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.engineVerified", false);
Line Found : user_pref("icqtoolbar.geolastmodified", 1377721928);
Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Found : user_pref("icqtoolbar.icqgeo", 42);
Line Found : user_pref("icqtoolbar.installTime", "1365925478");
Line Found : user_pref("icqtoolbar.newtab_state", "1");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "23.0.1");
Line Found : user_pref("icqtoolbar.skip_default_search", "no");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uninstStatSent", true);
Line Found : user_pref("icqtoolbar.uniqueID", "105875182615147447321365925478699");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1377715441);
Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.6&q=");

-\\ Google Chrome v

[ File : C:\Documents and Settings\Michala\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11388 octets] - [29/08/2013 00:27:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11449 octets] ##########

[memphisto]

Tak v Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Slegr]

Prý když spustila potom znovu Mbam tak jí to našlo víc věcí-> tak to smazala všechno. Snad nesmazala něco co neměla. :-/ Přikládám log:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.29.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Michala :: LENOVO-388D0B3C [administrátor]

Ochrana: Povolena

29.8.2013 15:56:40
mbam-log-2013-08-29 (15-56-40).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 201571
Uplynulý čas: 12 minut, 26 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\CROSSRIDER (PUP.Optional.CrossRider.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 1
HKCU\Software\Crossrider|Verifier (PUP.Optional.CrossRider.A) -> Data: 93d2547c20cae6208b04eb454cbe621d -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Špatný: (http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4984) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 3
C:\Documents and Settings\Michala\Data aplikací\Babylon (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Michala\Data aplikací\OPENCANDY (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Michala\Data aplikací\OPENCANDY\E58E73D43840446185171E02DCB708E5 (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 3
C:\Documents and Settings\Michala\Data aplikací\OpenCandy\E58E73D43840446185171E02DCB708E5\DeltaTB.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Michala\Dokumenty\downloads\ADOBE_ILLUSTRATOR_CS6__[thethingy].exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Michala\Data aplikací\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.

(konec)

[Slegr]

# AdwCleaner v3.001 - Report created 29/08/2013 at 16:19:07
# Updated 24/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Michala - LENOVO-388D0B3C
# Running from : C:\Documents and Settings\Michala\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : DvmMDES

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
Folder Deleted : C:\Documents and Settings\Michala\Local Settings\Data aplikací\AskToolbar
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\bProtector_extensions.rdf
File Deleted : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\\invalidprefs.js
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\5c6dd8fe06ee512
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl []

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Documents and Settings\Michala\Data aplikací\Mozilla\Firefox\Profiles\h2ld46d0.default\prefs.js ]

Line Deleted : user_pref("avg.install.userHPSettings", "hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=703F002682372B71");
Line Deleted : user_pref("avg.install.userSPSettings", "Delta Search");
Line Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=703F002682372B71&affID=121564&tsp=4984");
Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Line Deleted : user_pref("extensions.asktb.apn_dbr", "ff_12.0");
Line Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Line Deleted : user_pref("extensions.asktb.cbid", "^RY");
Line Deleted : user_pref("extensions.asktb.config-updated", true);
Line Deleted : user_pref("extensions.asktb.count", "43");
Line Deleted : user_pref("extensions.asktb.crumb", "2013.04.12+06.57.23-toolbar008iad-CZ-QnJubyxDemVjaCBSZXB1YmxpYw%3D%3D");
Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
Line Deleted : user_pref("extensions.asktb.displaybehavior", "1");
Line Deleted : user_pref("extensions.asktb.displaytext", "Listen%20to%20music");
Line Deleted : user_pref("extensions.asktb.dtid", "^YYYYYY^V2^CZ");
Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Line Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0014");
Line Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Line Deleted : user_pref("extensions.asktb.fresh-install", false);
Line Deleted : user_pref("extensions.asktb.guid", "70a4a4ad-0477-4e6b-b4f1-95b7e1e3bc0b");
Line Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Line Deleted : user_pref("extensions.asktb.if", "first");
Line Deleted : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Line Deleted : user_pref("extensions.asktb.l", "dis");
Line Deleted : user_pref("extensions.asktb.last-config-req", "1377680662533");
Line Deleted : user_pref("extensions.asktb.locale", "en_EU");
Line Deleted : user_pref("extensions.asktb.location", "Brno,Czech Republic");
Line Deleted : user_pref("extensions.asktb.lstation", "s106657");
Line Deleted : user_pref("extensions.asktb.new-tab-opt-out", true);
Line Deleted : user_pref("extensions.asktb.news-native-on", true);
Line Deleted : user_pref("extensions.asktb.o", "15184");
Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line Deleted : user_pref("extensions.asktb.pstate", "");
Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
Line Deleted : user_pref("extensions.asktb.r", "3");
Line Deleted : user_pref("extensions.asktb.sa", "NO");
Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Line Deleted : user_pref("extensions.asktb.socialmini-first", true);
Line Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
Line Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Line Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
Line Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
Line Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
Line Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Line Deleted : user_pref("extensions.asktb.themeid", "");
Line Deleted : user_pref("extensions.asktb.to", "");
Line Deleted : user_pref("extensions.asktb.version", "5.17.6.42067");
Line Deleted : user_pref("extensions.asktb.volume", "");
Line Deleted : user_pref("extensions.crossrider.bic", "140b248803117fb151cd87bceeeafcf7");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1377721928);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1365925478");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "23.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
Line Deleted : user_pref("icqtoolbar.uniqueID", "105875182615147447321365925478699");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1377715441);
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.6&q=");

-\\ Google Chrome v

[ File : C:\Documents and Settings\Michala\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11530 octets] - [29/08/2013 00:27:06]
AdwCleaner[R1].txt - [10917 octets] - [29/08/2013 16:16:40]
AdwCleaner[S0].txt - [10710 octets] - [29/08/2013 16:19:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10771 octets] ##########

[Slegr]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Microsoft Windows XP x86
Ran by Michala on źt 29.08.2013 at 16:42:55,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"



~~~ FireFox

Emptied folder: C:\Documents and Settings\Michala\Data aplikacˇ\mozilla\firefox\profiles\h2ld46d0.default\minidumps [5 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 29.08.2013 at 16:58:40,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Slegr]

RogueKiller V8.6.7 [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Michala [Práva správce]
Mód : Kontrola -- Datum : 08/29/2013 17:13:50
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{8444E25C-9D12-4CAC-81C7-E127394AC5C9} : NameServer (213.194.204.126,85.132.148.70) -> NALEZENO
[DNS] HKLM\[...]\CS001\[...]\{8444E25C-9D12-4CAC-81C7-E127394AC5C9} : NameServer (213.194.204.126,85.132.148.70) -> NALEZENO
[DNS] HKLM\[...]\CS003\[...]\{8444E25C-9D12-4CAC-81C7-E127394AC5C9} : NameServer (213.194.204.126,85.132.148.70) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] Bluetooth.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk @C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: HITACHI HTS545016B9A300 +++++
--- User ---
[MBR] baf02402ef91ed2c493bede2bb3a8e42
[BSP] 59cbf74eefc93cfae8f0735ea70a98bb : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 107624 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 220416000 | Size: 29894 Mo
2 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 281638912 | Size: 15108 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_08292013_171350.txt >>

[memphisto]

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller


Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[Slegr]

RogueKiller V8.6.7 [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Michala [Práva správce]
Mód : Odebrat -- Datum : 08/29/2013 21:28:29
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NAHRAZENO (1)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] Bluetooth.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk @C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: HITACHI HTS545016B9A300 +++++
--- User ---
[MBR] baf02402ef91ed2c493bede2bb3a8e42
[BSP] 59cbf74eefc93cfae8f0735ea70a98bb : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 107624 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 220416000 | Size: 29894 Mo
2 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 281638912 | Size: 15108 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_08292013_212829.txt >>
RKreport[0]_S_08292013_171350.txt;RKreport[0]_S_08292013_212329.txt

[Slegr]

21:38:16.0296 0644 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:38:18.0312 0644 ============================================================
21:38:18.0312 0644 Current date / time: 2013/08/29 21:38:18.0312
21:38:18.0312 0644 SystemInfo:
21:38:18.0312 0644
21:38:18.0312 0644 OS Version: 5.1.2600 ServicePack: 3.0
21:38:18.0312 0644 Product type: Workstation
21:38:18.0312 0644 ComputerName: LENOVO-388D0B3C
21:38:18.0312 0644 UserName: Michala
21:38:18.0312 0644 Windows directory: C:\WINDOWS
21:38:18.0312 0644 System windows directory: C:\WINDOWS
21:38:18.0312 0644 Processor architecture: Intel x86
21:38:18.0312 0644 Number of processors: 2
21:38:18.0312 0644 Page size: 0x1000
21:38:18.0312 0644 Boot type: Normal boot
21:38:18.0312 0644 ============================================================
21:38:19.0578 0644 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:38:19.0640 0644 ============================================================
21:38:19.0640 0644 \Device\Harddisk0\DR0:
21:38:19.0640 0644 MBR partitions:
21:38:19.0640 0644 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xD234000
21:38:19.0656 0644 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xD235000, BlocksNum 0x3A62800
21:38:19.0656 0644 ============================================================
21:38:19.0734 0644 C: <-> \Device\Harddisk0\DR0\Partition1
21:38:19.0796 0644 D: <-> \Device\Harddisk0\DR0\Partition2
21:38:19.0828 0644 ============================================================
21:38:19.0828 0644 Initialize success
21:38:19.0828 0644 ============================================================
21:38:26.0015 3244 ============================================================
21:38:26.0015 3244 Scan started
21:38:26.0015 3244 Mode: Manual;
21:38:26.0015 3244 ============================================================
21:38:27.0453 3244 ================ Scan system memory ========================
21:38:27.0484 3244 System memory - ok
21:38:27.0484 3244 ================ Scan services =============================
21:38:27.0687 3244 [ D76E9F5A991458A9F7E28395479B3150 ] 6to4 C:\WINDOWS\System32\6to4svc.dll
21:38:27.0687 3244 6to4 - ok
21:38:27.0734 3244 Abiosdsk - ok
21:38:27.0796 3244 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:38:27.0796 3244 abp480n5 - ok
21:38:27.0859 3244 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:38:27.0859 3244 ACPI - ok
21:38:27.0875 3244 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:38:27.0875 3244 ACPIEC - ok
21:38:27.0968 3244 [ 5508E9F55799C6551D54DFBC4A068B68 ] ACPIVPC C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys
21:38:27.0968 3244 ACPIVPC - ok
21:38:28.0031 3244 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:38:28.0031 3244 adpu160m - ok
21:38:28.0093 3244 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:38:28.0093 3244 aec - ok
21:38:28.0156 3244 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:38:28.0156 3244 AFD - ok
21:38:28.0203 3244 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
21:38:28.0203 3244 agp440 - ok
21:38:28.0250 3244 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:38:28.0265 3244 agpCPQ - ok
21:38:28.0296 3244 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:38:28.0296 3244 Aha154x - ok
21:38:28.0375 3244 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:38:28.0375 3244 aic78u2 - ok
21:38:28.0421 3244 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:38:28.0437 3244 aic78xx - ok
21:38:28.0500 3244 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:38:28.0531 3244 Alerter - ok
21:38:28.0562 3244 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
21:38:28.0562 3244 ALG - ok
21:38:28.0625 3244 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
21:38:28.0625 3244 AliIde - ok
21:38:28.0671 3244 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:38:28.0671 3244 alim1541 - ok
21:38:28.0796 3244 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
21:38:28.0828 3244 Ambfilt - ok
21:38:28.0890 3244 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:38:28.0890 3244 amdagp - ok
21:38:28.0937 3244 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
21:38:28.0937 3244 amsint - ok
21:38:28.0953 3244 AppMgmt - ok
21:38:28.0984 3244 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
21:38:29.0000 3244 asc - ok
21:38:29.0031 3244 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:38:29.0031 3244 asc3350p - ok
21:38:29.0062 3244 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:38:29.0078 3244 asc3550 - ok
21:38:29.0250 3244 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:38:29.0250 3244 aspnet_state - ok
21:38:29.0296 3244 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:38:29.0296 3244 AsyncMac - ok
21:38:29.0359 3244 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:38:29.0359 3244 atapi - ok
21:38:29.0375 3244 Atdisk - ok
21:38:29.0421 3244 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:38:29.0437 3244 Atmarpc - ok
21:38:29.0468 3244 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:38:29.0484 3244 AudioSrv - ok
21:38:29.0531 3244 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:38:29.0531 3244 audstub - ok
21:38:29.0625 3244 [ CC03987EE5D0F956706B40D2F91F9E4F ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
21:38:29.0671 3244 BCM43XX - ok
21:38:29.0718 3244 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:38:29.0718 3244 Beep - ok
21:38:29.0812 3244 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
21:38:29.0843 3244 BITS - ok
21:38:29.0890 3244 [ A6D35FF84E024D6D3F12AAF6C9814314 ] BMLoad C:\WINDOWS\system32\drivers\BMLoad.sys
21:38:29.0890 3244 BMLoad - ok
21:38:29.0953 3244 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
21:38:29.0953 3244 Browser - ok
21:38:29.0968 3244 BTDriver - ok
21:38:29.0984 3244 BTWUSB - ok
21:38:30.0031 3244 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:38:30.0031 3244 cbidf - ok
21:38:30.0046 3244 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:38:30.0046 3244 cbidf2k - ok
21:38:30.0078 3244 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:38:30.0078 3244 CCDECODE - ok
21:38:30.0109 3244 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:38:30.0109 3244 cd20xrnt - ok
21:38:30.0140 3244 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:38:30.0140 3244 Cdaudio - ok
21:38:30.0203 3244 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:38:30.0203 3244 Cdfs - ok
21:38:30.0265 3244 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:38:30.0265 3244 Cdrom - ok
21:38:30.0281 3244 Changer - ok
21:38:30.0343 3244 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:38:30.0343 3244 CiSvc - ok
21:38:30.0359 3244 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:38:30.0375 3244 ClipSrv - ok
21:38:30.0437 3244 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:38:30.0453 3244 clr_optimization_v2.0.50727_32 - ok
21:38:30.0500 3244 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:38:30.0515 3244 clr_optimization_v4.0.30319_32 - ok
21:38:30.0531 3244 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:38:30.0531 3244 CmBatt - ok
21:38:30.0593 3244 [ 26F9E72754B2DBC53977E92B647A6ABA ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
21:38:30.0593 3244 cmderd - ok
21:38:30.0625 3244 [ 9181CC4D007ADBE21DB9A11BFECAFEF5 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
21:38:30.0640 3244 cmdGuard - ok
21:38:30.0656 3244 [ C5A9FB50E8CA7FD99F256255FEE71580 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
21:38:30.0656 3244 cmdHlp - ok
21:38:30.0718 3244 [ 964D0F042ACA51D5644779EB9D9EE40F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:38:30.0718 3244 CmdIde - ok
21:38:30.0734 3244 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:38:30.0734 3244 Compbatt - ok
21:38:30.0750 3244 COMSysApp - ok
21:38:30.0828 3244 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:38:30.0828 3244 Cpqarray - ok
21:38:30.0859 3244 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:38:30.0875 3244 CryptSvc - ok
21:38:30.0906 3244 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:38:30.0906 3244 dac2w2k - ok
21:38:30.0921 3244 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:38:30.0921 3244 dac960nt - ok
21:38:30.0984 3244 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:38:31.0000 3244 DcomLaunch - ok
21:38:31.0062 3244 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:38:31.0062 3244 Dhcp - ok
21:38:31.0125 3244 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:38:31.0125 3244 Disk - ok
21:38:31.0140 3244 dmadmin - ok
21:38:31.0234 3244 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:38:31.0250 3244 dmboot - ok
21:38:31.0281 3244 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:38:31.0296 3244 dmio - ok
21:38:31.0312 3244 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:38:31.0328 3244 dmload - ok
21:38:31.0375 3244 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:38:31.0375 3244 dmserver - ok
21:38:31.0406 3244 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:38:31.0406 3244 DMusic - ok
21:38:31.0453 3244 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:38:31.0468 3244 Dnscache - ok
21:38:31.0500 3244 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:38:31.0500 3244 Dot3svc - ok
21:38:31.0546 3244 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:38:31.0546 3244 dpti2o - ok
21:38:31.0578 3244 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:38:31.0578 3244 drmkaud - ok
21:38:31.0625 3244 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:38:31.0625 3244 EapHost - ok
21:38:31.0656 3244 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:38:31.0671 3244 ERSvc - ok
21:38:31.0718 3244 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
21:38:31.0718 3244 Eventlog - ok
21:38:31.0781 3244 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
21:38:31.0796 3244 EventSystem - ok
21:38:31.0859 3244 [ 3EF58F2EAE3AECAB45D682152DB2F67D ] exFat C:\WINDOWS\system32\drivers\exFat.sys
21:38:31.0859 3244 exFat - ok
21:38:31.0906 3244 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:38:31.0906 3244 Fastfat - ok
21:38:31.0968 3244 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:38:31.0984 3244 FastUserSwitchingCompatibility - ok
21:38:32.0031 3244 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:38:32.0031 3244 Fdc - ok
21:38:32.0046 3244 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:38:32.0046 3244 Fips - ok
21:38:32.0062 3244 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:38:32.0062 3244 Flpydisk - ok
21:38:32.0093 3244 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:38:32.0093 3244 FltMgr - ok
21:38:32.0218 3244 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:38:32.0218 3244 FontCache3.0.0.0 - ok
21:38:32.0281 3244 [ C865B83411D7347627A4BEEC22543FB1 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:38:32.0281 3244 Fs_Rec - ok
21:38:32.0328 3244 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:38:32.0328 3244 Ftdisk - ok
21:38:32.0390 3244 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:38:32.0390 3244 Gpc - ok
21:38:32.0437 3244 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:38:32.0453 3244 HDAudBus - ok
21:38:32.0531 3244 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:38:32.0531 3244 helpsvc - ok
21:38:32.0578 3244 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:38:32.0593 3244 HidServ - ok
21:38:32.0625 3244 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:38:32.0625 3244 HidUsb - ok
21:38:32.0671 3244 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:38:32.0671 3244 hkmsvc - ok
21:38:32.0718 3244 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
21:38:32.0734 3244 hpn - ok
21:38:32.0765 3244 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:38:32.0765 3244 HTTP - ok
21:38:32.0812 3244 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:38:32.0812 3244 HTTPFilter - ok
21:38:32.0859 3244 [ 033CF42B457366CFA1F8C669C5E30233 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
21:38:32.0875 3244 huawei_enumerator - ok
21:38:32.0890 3244 hwdatacard - ok
21:38:32.0921 3244 hwusbdev - ok
21:38:32.0953 3244 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
21:38:32.0953 3244 i2omgmt - ok
21:38:33.0000 3244 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:38:33.0000 3244 i2omp - ok
21:38:33.0062 3244 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:38:33.0062 3244 i8042prt - ok
21:38:33.0343 3244 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:38:33.0578 3244 ialm - ok
21:38:33.0656 3244 [ BAABB0301949774A66B955C65319635A ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
21:38:33.0656 3244 iaStor - ok
21:38:33.0750 3244 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:38:33.0765 3244 IDriverT - ok
21:38:33.0859 3244 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:38:33.0875 3244 idsvc - ok
21:38:33.0953 3244 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:38:33.0953 3244 Imapi - ok
21:38:34.0000 3244 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:38:34.0015 3244 ImapiService - ok
21:38:34.0062 3244 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:38:34.0062 3244 ini910u - ok
21:38:34.0125 3244 [ E1DF634BEC066B3D4FFE437BCB78C282 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
21:38:34.0125 3244 Inspect - ok
21:38:34.0406 3244 [ 3A3A539D7DB808FAD3B55740474A6D02 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:38:34.0656 3244 IntcAzAudAddService - ok
21:38:34.0703 3244 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
21:38:34.0703 3244 IntelIde - ok
21:38:34.0734 3244 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:38:34.0734 3244 intelppm - ok
21:38:34.0796 3244 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:38:34.0796 3244 Ip6Fw - ok
21:38:34.0828 3244 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:38:34.0828 3244 IpFilterDriver - ok
21:38:34.0859 3244 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:38:34.0859 3244 IpInIp - ok
21:38:34.0890 3244 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:38:34.0906 3244 IpNat - ok
21:38:34.0937 3244 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:38:34.0937 3244 IPSec - ok
21:38:34.0968 3244 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:38:34.0968 3244 IRENUM - ok
21:38:35.0031 3244 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:38:35.0046 3244 isapnp - ok
21:38:35.0093 3244 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:38:35.0093 3244 Kbdclass - ok
21:38:35.0140 3244 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:38:35.0140 3244 kbdhid - ok
21:38:35.0187 3244 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:38:35.0187 3244 kmixer - ok
21:38:35.0234 3244 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:38:35.0234 3244 KSecDD - ok
21:38:35.0296 3244 [ 21920AC69594AB021237054FA728FE46 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
21:38:35.0296 3244 LanmanServer - ok
21:38:35.0359 3244 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:38:35.0375 3244 lanmanworkstation - ok
21:38:35.0390 3244 lbrtfdc - ok
21:38:35.0468 3244 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:38:35.0468 3244 LmHosts - ok
21:38:35.0515 3244 [ F0435FE3C1EC2659D2BBF073CA0752EE ] massfilter C:\WINDOWS\system32\DRIVERS\massfilter.sys
21:38:35.0515 3244 massfilter - ok
21:38:35.0578 3244 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:38:35.0578 3244 MBAMProtector - ok
21:38:35.0687 3244 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\moje programy\malware\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:38:35.0703 3244 MBAMScheduler - ok
21:38:35.0750 3244 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\moje programy\malware\Malwarebytes' Anti-Malware\mbamservice.exe
21:38:35.0765 3244 MBAMService - ok
21:38:35.0828 3244 [ 981B34FFFD17153D16D0367A42A57D70 ] meddmrr C:\WINDOWS\system32\DRIVERS\meddmrr.sys
21:38:35.0828 3244 meddmrr - ok
21:38:35.0875 3244 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:38:35.0875 3244 Messenger - ok
21:38:35.0937 3244 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:38:35.0937 3244 mnmdd - ok
21:38:35.0968 3244 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:38:35.0968 3244 mnmsrvc - ok
21:38:36.0015 3244 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:38:36.0015 3244 Modem - ok
21:38:36.0093 3244 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
21:38:36.0125 3244 Monfilt - ok
21:38:36.0171 3244 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:38:36.0171 3244 Mouclass - ok
21:38:36.0218 3244 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:38:36.0218 3244 mouhid - ok
21:38:36.0281 3244 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:38:36.0281 3244 MountMgr - ok
21:38:36.0328 3244 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:38:36.0328 3244 MozillaMaintenance - ok
21:38:36.0390 3244 [ 24406D75B40F0F6B3C1AC7031D734565 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:38:36.0390 3244 MpFilter - ok
21:38:36.0421 3244 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:38:36.0437 3244 mraid35x - ok
21:38:36.0453 3244 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:38:36.0453 3244 MRxDAV - ok
21:38:36.0515 3244 [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:38:36.0531 3244 MRxSmb - ok
21:38:36.0578 3244 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:38:36.0593 3244 MSDTC - ok
21:38:36.0625 3244 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:38:36.0625 3244 Msfs - ok
21:38:36.0640 3244 MSIServer - ok
21:38:36.0671 3244 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:38:36.0671 3244 MSKSSRV - ok
21:38:36.0765 3244 [ 37F77AEBFF23A99D1BFB4F34CD2D07F2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:38:36.0781 3244 MsMpSvc - ok
21:38:36.0828 3244 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:38:36.0828 3244 MSPCLOCK - ok
21:38:36.0859 3244 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:38:36.0859 3244 MSPQM - ok
21:38:36.0890 3244 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:38:36.0890 3244 mssmbios - ok
21:38:36.0921 3244 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:38:36.0921 3244 MSTEE - ok
21:38:36.0968 3244 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:38:36.0984 3244 Mup - ok
21:38:37.0015 3244 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:38:37.0015 3244 NABTSFEC - ok
21:38:37.0078 3244 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:38:37.0078 3244 napagent - ok
21:38:37.0156 3244 NAVENG - ok
21:38:37.0171 3244 NAVEX15 - ok
21:38:37.0234 3244 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:38:37.0234 3244 NDIS - ok
21:38:37.0296 3244 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:38:37.0296 3244 NdisIP - ok
21:38:37.0359 3244 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:38:37.0359 3244 NdisTapi - ok
21:38:37.0375 3244 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:38:37.0375 3244 Ndisuio - ok
21:38:37.0390 3244 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:38:37.0406 3244 NdisWan - ok
21:38:37.0453 3244 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:38:37.0453 3244 NDProxy - ok
21:38:37.0484 3244 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:38:37.0484 3244 NetBIOS - ok
21:38:37.0515 3244 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:38:37.0515 3244 NetBT - ok
21:38:37.0562 3244 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
21:38:37.0578 3244 NetDDE - ok
21:38:37.0593 3244 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:38:37.0593 3244 NetDDEdsdm - ok
21:38:37.0640 3244 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:38:37.0640 3244 Netlogon - ok
21:38:37.0671 3244 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
21:38:37.0687 3244 Netman - ok
21:38:37.0734 3244 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:38:37.0734 3244 NetTcpPortSharing - ok
21:38:37.0781 3244 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
21:38:37.0796 3244 Nla - ok
21:38:37.0859 3244 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:38:37.0875 3244 Npfs - ok
21:38:37.0937 3244 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:38:37.0953 3244 Ntfs - ok
21:38:37.0984 3244 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:38:37.0984 3244 NtLmSsp - ok
21:38:38.0046 3244 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:38:38.0062 3244 NtmsSvc - ok
21:38:38.0109 3244 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:38:38.0109 3244 Null - ok
21:38:38.0140 3244 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:38:38.0156 3244 NwlnkFlt - ok
21:38:38.0171 3244 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:38:38.0187 3244 NwlnkFwd - ok
21:38:38.0234 3244 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:38:38.0234 3244 Parport - ok
21:38:38.0265 3244 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:38:38.0265 3244 PartMgr - ok
21:38:38.0296 3244 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:38:38.0312 3244 ParVdm - ok
21:38:38.0312 3244 PCASp50 - ok
21:38:38.0343 3244 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:38:38.0359 3244 PCI - ok
21:38:38.0359 3244 PCIDump - ok
21:38:38.0390 3244 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:38:38.0390 3244 PCIIde - ok
21:38:38.0421 3244 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:38:38.0421 3244 Pcmcia - ok
21:38:38.0437 3244 PDCOMP - ok
21:38:38.0468 3244 PDFRAME - ok
21:38:38.0484 3244 PDRELI - ok
21:38:38.0500 3244 PDRFRAME - ok
21:38:38.0546 3244 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
21:38:38.0562 3244 perc2 - ok
21:38:38.0593 3244 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:38:38.0593 3244 perc2hib - ok
21:38:38.0656 3244 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
21:38:38.0671 3244 PlugPlay - ok
21:38:38.0687 3244 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:38:38.0687 3244 PolicyAgent - ok
21:38:38.0750 3244 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:38:38.0750 3244 PptpMiniport - ok
21:38:38.0765 3244 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:38:38.0765 3244 ProtectedStorage - ok
21:38:38.0796 3244 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:38:38.0796 3244 PSched - ok
21:38:38.0812 3244 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:38:38.0812 3244 Ptilink - ok
21:38:38.0843 3244 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:38:38.0859 3244 ql1080 - ok
21:38:38.0875 3244 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:38:38.0890 3244 Ql10wnt - ok
21:38:38.0937 3244 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:38:38.0937 3244 ql12160 - ok
21:38:38.0968 3244 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:38:38.0968 3244 ql1240 - ok
21:38:38.0984 3244 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:38:39.0000 3244 ql1280 - ok
21:38:39.0031 3244 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:38:39.0031 3244 RasAcd - ok
21:38:39.0078 3244 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:38:39.0093 3244 RasAuto - ok
21:38:39.0125 3244 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:38:39.0125 3244 Rasl2tp - ok
21:38:39.0156 3244 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:38:39.0156 3244 RasMan - ok
21:38:39.0171 3244 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:38:39.0187 3244 RasPppoe - ok
21:38:39.0218 3244 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:38:39.0218 3244 Raspti - ok
21:38:39.0296 3244 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:38:39.0312 3244 Rdbss - ok
21:38:39.0328 3244 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:38:39.0328 3244 RDPCDD - ok
21:38:39.0375 3244 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:38:39.0390 3244 rdpdr - ok
21:38:39.0437 3244 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:38:39.0453 3244 RDPWD - ok
21:38:39.0484 3244 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:38:39.0500 3244 RDSessMgr - ok
21:38:39.0531 3244 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:38:39.0562 3244 redbook - ok
21:38:39.0625 3244 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:38:39.0640 3244 RemoteAccess - ok
21:38:39.0687 3244 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
21:38:39.0687 3244 ROOTMODEM - ok
21:38:39.0734 3244 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:38:39.0750 3244 RpcLocator - ok
21:38:39.0781 3244 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:38:39.0796 3244 RpcSs - ok
21:38:39.0859 3244 [ 4BE76679D800F95C26A23EF0D15A31B2 ] RSUSBSTOR C:\WINDOWS\system32\Drivers\RtsUStor.sys
21:38:39.0859 3244 RSUSBSTOR - ok
21:38:39.0906 3244 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:38:39.0921 3244 RSVP - ok
21:38:39.0968 3244 [ 832F27E6962A14EBF3B09AF0E65FD7B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:38:39.0968 3244 RTLE8023xp - ok
21:38:39.0984 3244 RtsUIR - ok
21:38:40.0000 3244 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
21:38:40.0015 3244 SamSs - ok
21:38:40.0046 3244 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:38:40.0046 3244 SCardSvr - ok
21:38:40.0078 3244 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:38:40.0093 3244 Schedule - ok
21:38:40.0140 3244 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:38:40.0140 3244 Secdrv - ok
21:38:40.0187 3244 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:38:40.0203 3244 seclogon - ok
21:38:40.0218 3244 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
21:38:40.0218 3244 SENS - ok
21:38:40.0250 3244 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
21:38:40.0250 3244 Serial - ok
21:38:40.0328 3244 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:38:40.0328 3244 Sfloppy - ok
21:38:40.0375 3244 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:38:40.0390 3244 SharedAccess - ok
21:38:40.0421 3244 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:38:40.0437 3244 ShellHWDetection - ok
21:38:40.0437 3244 Simbad - ok
21:38:40.0484 3244 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:38:40.0484 3244 sisagp - ok
21:38:40.0546 3244 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:38:40.0546 3244 SkypeUpdate - ok
21:38:40.0578 3244 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:38:40.0593 3244 SLIP - ok
21:38:40.0671 3244 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:38:40.0671 3244 Sparrow - ok
21:38:40.0718 3244 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:38:40.0718 3244 splitter - ok
21:38:40.0765 3244 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:38:40.0765 3244 Spooler - ok
21:38:40.0828 3244 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:38:40.0843 3244 sr - ok
21:38:40.0859 3244 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
21:38:40.0859 3244 srservice - ok
21:38:40.0875 3244 SRTSP - ok
21:38:40.0890 3244 SRTSPX - ok
21:38:40.0921 3244 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:38:40.0937 3244 Srv - ok
21:38:40.0968 3244 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:38:40.0984 3244 SSDPSRV - ok
21:38:41.0046 3244 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:38:41.0062 3244 stisvc - ok
21:38:41.0109 3244 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:38:41.0109 3244 streamip - ok
21:38:41.0156 3244 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:38:41.0156 3244 swenum - ok
21:38:41.0171 3244 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:38:41.0171 3244 swmidi - ok
21:38:41.0171 3244 SwPrv - ok
21:38:41.0234 3244 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
21:38:41.0234 3244 symc810 - ok
21:38:41.0265 3244 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:38:41.0265 3244 symc8xx - ok
21:38:41.0296 3244 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:38:41.0296 3244 sym_hi - ok
21:38:41.0328 3244 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:38:41.0328 3244 sym_u3 - ok
21:38:41.0359 3244 [ 8E25A1DBB8527B2074AF9B682F818768 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:38:41.0375 3244 SynTP - ok
21:38:41.0390 3244 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:38:41.0406 3244 sysaudio - ok
21:38:41.0453 3244 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:38:41.0453 3244 SysmonLog - ok
21:38:41.0531 3244 [ A1B6D369D6919304463565D77EA0F84E ] System_Repair_UpdateMonitor C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
21:38:41.0531 3244 System_Repair_UpdateMonitor - ok
21:38:41.0562 3244 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:38:41.0562 3244 TapiSrv - ok
21:38:41.0625 3244 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:38:41.0640 3244 Tcpip - ok
21:38:41.0671 3244 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
21:38:41.0671 3244 Tcpip6 - ok
21:38:41.0687 3244 [ FBF08035B75E52D99D81EA8EDDBA5F9C ] tcpipBM C:\WINDOWS\system32\drivers\tcpipBM.sys
21:38:41.0687 3244 tcpipBM - ok
21:38:41.0718 3244 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:38:41.0718 3244 TDPIPE - ok
21:38:41.0750 3244 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:38:41.0750 3244 TDTCP - ok
21:38:41.0812 3244 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:38:41.0812 3244 TermDD - ok
21:38:41.0875 3244 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
21:38:41.0890 3244 TermService - ok
21:38:41.0906 3244 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:38:41.0906 3244 Themes - ok
21:38:41.0953 3244 [ FD4FD7D6FDA5C019ED86025D7BE1510F ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
21:38:41.0953 3244 TosIde - ok
21:38:42.0000 3244 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:38:42.0000 3244 TrkWks - ok
21:38:42.0031 3244 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
21:38:42.0031 3244 tunmp - ok
21:38:42.0062 3244 [ 3385D48304443D0EE42AF5DBF89634B6 ] tvtumon C:\WINDOWS\system32\DRIVERS\tvtumon.sys
21:38:42.0078 3244 tvtumon - ok
21:38:42.0093 3244 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:38:42.0093 3244 Udfs - ok
21:38:42.0140 3244 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
21:38:42.0140 3244 ultra - ok
21:38:42.0187 3244 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:38:42.0218 3244 Update - ok
21:38:42.0250 3244 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
21:38:42.0265 3244 upnphost - ok
21:38:42.0296 3244 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
21:38:42.0296 3244 UPS - ok
21:38:42.0328 3244 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:38:42.0328 3244 usbccgp - ok
21:38:42.0343 3244 USBCCID - ok
21:38:42.0390 3244 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:38:42.0390 3244 usbehci - ok
21:38:42.0406 3244 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:38:42.0406 3244 usbhub - ok
21:38:42.0453 3244 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:38:42.0453 3244 usbscan - ok
21:38:42.0515 3244 [ 1D3395CB6226B2DD03645B074BD6CF4A ] usbsmi C:\WINDOWS\system32\DRIVERS\SMIksdrv.sys
21:38:42.0515 3244 usbsmi - ok
21:38:42.0562 3244 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:38:42.0562 3244 usbstor - ok
21:38:42.0593 3244 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:38:42.0593 3244 usbuhci - ok
21:38:42.0625 3244 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
21:38:42.0625 3244 usbvideo - ok
21:38:42.0671 3244 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:38:42.0687 3244 VgaSave - ok
21:38:42.0718 3244 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:38:42.0718 3244 viaagp - ok
21:38:42.0734 3244 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
21:38:42.0734 3244 ViaIde - ok
21:38:42.0828 3244 [ 26DC11428CE061766D00B7254547869B ] VmbService C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
21:38:42.0828 3244 VmbService - ok
21:38:42.0875 3244 [ 94623623B4E319ADF68C04448D4EDF30 ] vodafone_K3805-z_dc_enum C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
21:38:42.0875 3244 vodafone_K3805-z_dc_enum - ok
21:38:42.0906 3244 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:38:42.0906 3244 VolSnap - ok
21:38:42.0953 3244 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
21:38:42.0968 3244 VSS - ok
21:38:43.0000 3244 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
21:38:43.0015 3244 W32Time - ok
21:38:43.0062 3244 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:38:43.0062 3244 Wanarp - ok
21:38:43.0125 3244 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
21:38:43.0140 3244 Wdf01000 - ok
21:38:43.0140 3244 WDICA - ok
21:38:43.0187 3244 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:38:43.0203 3244 wdmaud - ok
21:38:43.0250 3244 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:38:43.0250 3244 WebClient - ok
21:38:43.0281 3244 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys
21:38:43.0296 3244 WimFltr - ok
21:38:43.0390 3244 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:38:43.0390 3244 winmgmt - ok
21:38:43.0468 3244 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
21:38:43.0468 3244 WmdmPmSN - ok
21:38:43.0515 3244 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:38:43.0515 3244 WmiApSrv - ok
21:38:43.0609 3244 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:38:43.0640 3244 WPFFontCache_v0400 - ok
21:38:43.0703 3244 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:38:43.0703 3244 wscsvc - ok
21:38:43.0750 3244 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:38:43.0750 3244 WSTCODEC - ok
21:38:43.0812 3244 [ 5D0A08EBF9660E07865907FB1AB022B5 ] WSVD C:\WINDOWS\system32\drivers\WSVD.sys
21:38:43.0812 3244 WSVD - ok
21:38:43.0843 3244 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:38:43.0859 3244 wuauserv - ok
21:38:43.0890 3244 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:38:43.0906 3244 WZCSVC - ok
21:38:43.0953 3244 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:38:43.0953 3244 xmlprov - ok
21:38:44.0000 3244 [ 2A6F72D2B6A549B1FC6A6522BC204159 ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
21:38:44.0000 3244 ZTEusbmdm6k - ok
21:38:44.0046 3244 [ 7DF32DC0267C91BACF7E2B4E38AC5DF1 ] ZTEusbnet C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys
21:38:44.0046 3244 ZTEusbnet - ok
21:38:44.0093 3244 [ 2A6F72D2B6A549B1FC6A6522BC204159 ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
21:38:44.0109 3244 ZTEusbnmea - ok
21:38:44.0140 3244 [ 2A6F72D2B6A549B1FC6A6522BC204159 ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
21:38:44.0140 3244 ZTEusbser6k - ok
21:38:44.0171 3244 ================ Scan global ===============================
21:38:44.0203 3244 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
21:38:44.0234 3244 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
21:38:44.0250 3244 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
21:38:44.0281 3244 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
21:38:44.0281 3244 [Global] - ok
21:38:44.0281 3244 ================ Scan MBR ==================================
21:38:44.0312 3244 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:38:44.0953 3244 \Device\Harddisk0\DR0 - ok
21:38:44.0953 3244 ================ Scan VBR ==================================
21:38:44.0968 3244 [ D1E500844B9B6ED039038194A62EE83E ] \Device\Harddisk0\DR0\Partition1
21:38:44.0968 3244 \Device\Harddisk0\DR0\Partition1 - ok
21:38:45.0046 3244 [ C83B522E2BDB260255A7464476418918 ] \Device\Harddisk0\DR0\Partition2
21:38:45.0046 3244 \Device\Harddisk0\DR0\Partition2 - ok
21:38:45.0046 3244 ============================================================
21:38:45.0046 3244 Scan finished
21:38:45.0046 3244 ============================================================
21:38:45.0078 1172 Detected object count: 0
21:38:45.0078 1172 Actual detected object count: 0
21:39:02.0906 2280 Deinitialize success