prosím o kontrolu logu

[Peter-turb]

včera jsem si vlastní blbosti zaviroval počítač. Teď mi Avast každých 5 min hlásí že svchost.exe se snaží stáhnout nějaký sajrat z web (např. superstoragemy.cz/ .../agup.exe). Co jsem našel to jsem zlikvidoval ale stále to pokračuje. Toto je stav po aplikaci MBAM .

děkuji


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-07-2014
Ran by Peter (administrator) on PETER-TURB-PC on 05-07-2014 01:54:25
Running from C:\Users\Peter\Downloads
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\SmartDiskMounter\sdfs.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
HKLM\...\Run: [] => [X]
AppInit_DLLs: c:\progra~1\so_boo~1\assist~1.dll => c:\progra~1\so_boo~1\assist~1.dll File Not Found
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\9.4\iobitappsToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKCU - DefaultScope {D56751BC-A89F-450B-823C-8D6D0FF74265} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
SearchScopes: HKCU - {D56751BC-A89F-450B-823C-8D6D0FF74265} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\9.4\iobitappsToolbarIE.dll (Spigot, Inc.)
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\9.4\iobitappsToolbarIE.dll (Spigot, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default
FF Homepage: hxxp://search.gboxapp.com/
FF DefaultSearchEngine: Google
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Peter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\Extensions\ascsurfingprotection@iobit.com [2014-07-05]
FF Extension: No Name - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\Extensions\staged [2014-06-20]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-30]
FF HKLM\...\Firefox\Extensions: [bonjour4firefox@apple.com] - C:\Program Files\Bonjour SDK\Bin\FirefoxExtension
FF Extension: Bonjour Extension for Firefox - C:\Program Files\Bonjour SDK\Bin\FirefoxExtension [2014-06-04]
FF Extension: IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\FF [2014-07-04]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Chrome NaCl) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\gears.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Search by Image (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-10-30]
CHR Extension: (Post To Tumblr) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpicbbcpanckagpdjflgojlknomoiah [2013-11-01]
CHR Extension: (Multilingual TTS Engine) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\megclklaoidjbomplbhbdgbelkoebbdl [2013-11-03]
CHR Extension: (Peněženka Google) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (SEO for Chrome) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj [2013-10-30]
CHR Extension: (LogMeIn) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-10-31]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe [224176 2010-11-18] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-22] (AVAST Software)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 SmartDiskMounter; C:\Program Files\SmartDiskMounter\sdfs.exe [31896 2014-05-30] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-03-29] (VIA Technologies, Inc.)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [101352 2011-06-02] (ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [317416 2011-06-02] (ASMedia Technology Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-06-22] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-06-22] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-22] ()
S3 silabenm; C:\Windows\System32\DRIVERS\silabenm.sys [47176 2014-03-25] (Silicon Laboratories)
S3 silabser; C:\Windows\System32\DRIVERS\silabser.sys [63104 2014-03-25] (Silicon Laboratories)
R2 SmartDisk; C:\Program Files\SmartDiskMounter\sdfs.sys [74392 2014-05-30] (Windows (R) Win 7 DDK provider)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1804400 2011-03-29] (VIA Technologies, Inc.)
U2 FWebDrv;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 01:45 - 2014-07-05 01:46 - 00025910 _____ () C:\Users\Peter\Downloads\Addition.txt
2014-07-05 01:44 - 2014-07-05 01:54 - 00012345 _____ () C:\Users\Peter\Downloads\FRST.txt
2014-07-05 01:44 - 2014-07-05 01:54 - 00000000 ____D () C:\FRST
2014-07-05 01:43 - 2014-07-05 01:43 - 01074688 _____ (Farbar) C:\Users\Peter\Downloads\FRST.exe
2014-07-05 01:37 - 2014-07-05 01:51 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-05 01:36 - 2014-07-05 01:37 - 10278752 _____ (SurfRight B.V.) C:\Users\Peter\Downloads\HitmanPro.exe
2014-07-05 01:33 - 2014-07-05 01:35 - 00006647 _____ () C:\Users\Peter\Downloads\hijackthis.log
2014-07-05 01:32 - 2014-07-05 01:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Peter\Downloads\hijackthis.exe
2014-07-05 01:21 - 2014-07-05 01:21 - 00000000 ____D () C:\Windows\pss
2014-07-05 00:17 - 2014-07-05 00:17 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-07-04 23:59 - 2014-07-05 00:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 23:59 - 2014-07-04 23:59 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-04 23:59 - 2014-07-04 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 23:58 - 2014-07-04 23:59 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-04 23:58 - 2014-07-04 23:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 23:58 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-04 23:58 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-04 23:58 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-04 23:57 - 2014-07-04 23:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Peter\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 23:31 - 2014-07-04 23:31 - 00000000 ____D () C:\Users\Peter\AppData\Local\Apple Computer
2014-07-04 23:10 - 2014-07-04 23:10 - 43286528 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-07-04 23:10 - 2014-07-04 23:10 - 00290816 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-07-04 23:10 - 2014-07-04 23:10 - 00028672 _____ () C:\Windows\system32\config\SAM.iobit
2014-07-04 23:10 - 2014-07-04 23:10 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-07-04 22:56 - 2014-07-05 00:13 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Slick Savings
2014-07-04 22:56 - 2014-07-04 22:56 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\ProductData
2014-07-04 22:56 - 2014-07-04 22:56 - 00000000 ____D () C:\Users\Peter\AppData\Local\Slick Savings
2014-07-04 22:55 - 2014-07-05 00:15 - 00000000 ____D () C:\Program Files\Common Files\Spigot
2014-07-04 22:55 - 2014-07-05 00:15 - 00000000 ____D () C:\Program Files\Application Updater
2014-07-04 22:55 - 2014-07-04 22:56 - 00000000 ____D () C:\ProgramData\IObit
2014-07-04 22:55 - 2014-07-04 22:55 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-04 22:55 - 2014-07-04 22:55 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-07-04 22:55 - 2014-07-04 22:55 - 00000000 ____D () C:\Program Files\IObit Apps Toolbar
2014-07-04 22:54 - 2014-07-05 00:18 - 00000000 ____D () C:\Program Files\IObit
2014-07-04 22:54 - 2014-07-04 23:13 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\IObit
2014-07-04 22:52 - 2014-07-04 22:52 - 38672200 _____ (IObit ) C:\Users\Peter\Downloads\Nepotvrzeno 418308.exe
2014-07-04 22:52 - 2014-07-04 22:52 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-07-04 22:49 - 2014-07-04 22:49 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-07-04 22:41 - 2014-07-04 22:41 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Peter\Downloads\SpyHunter-Installer.exe
2014-07-04 22:15 - 2014-07-04 22:55 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Apple Computer
2014-07-04 22:05 - 2014-07-04 22:06 - 00000000 ____D () C:\Program Files\FreeRapid-0.9u4
2014-07-04 22:04 - 2014-07-04 22:05 - 17403694 _____ () C:\Users\Peter\Downloads\FreeRapid-0.9u4.zip
2014-07-04 21:38 - 2014-07-04 21:48 - 466139595 _____ () C:\Users\Peter\Downloads\(1-6)-Andělé-v-Americe-(2003)-CZ.mp4
2014-07-04 21:38 - 2014-07-04 21:48 - 413842911 _____ () C:\Users\Peter\Downloads\(2-6)-Andělé-v-Americe-(2003)-CZ.mp4
2014-07-03 21:02 - 2014-07-03 21:02 - 00004352 _____ () C:\Users\Peter\Downloads\356172060277_20140701_20140702.csv
2014-07-02 19:46 - 2014-07-02 19:46 - 00001815 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-02 19:46 - 2014-07-02 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-02 19:46 - 2014-07-02 19:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-02 19:46 - 2014-07-02 19:46 - 00000000 ____D () C:\Program Files\QuickTime
2014-07-02 19:44 - 2014-07-02 19:44 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\Peter\AppData\Local\Apple
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-07-02 19:43 - 2014-07-02 19:43 - 39401336 _____ (Apple Inc.) C:\Users\Peter\Downloads\QuickTimeInstaller.exe
2014-07-02 19:41 - 2014-07-02 19:41 - 00000000 ____D () C:\Users\Peter\Documents\ethogram_agonistic_behaviours
2014-07-02 19:40 - 2014-06-28 17:09 - 424728533 _____ () C:\Users\Peter\Documents\ethogram_agonistic_behaviours.zip
2014-07-01 23:00 - 2014-07-01 23:00 - 00000105 ____H () C:\Users\Peter\Documents\.~lock.Attendance_List_template.xls#
2014-07-01 21:02 - 2014-07-01 21:02 - 00133632 _____ () C:\Users\Peter\Documents\Attendance_List_template.xls
2014-07-01 08:17 - 2014-07-01 08:17 - 00005499 _____ () C:\Users\Peter\Downloads\356172060277_20140625_20140630.csv
2014-06-30 13:57 - 2014-06-30 13:57 - 00177152 _____ () C:\Users\Peter\Downloads\prikrmy_tabulky (1).xls
2014-06-29 06:57 - 2014-06-29 06:57 - 00400193 _____ () C:\Users\Peter\Downloads\free_stani_01.zip
2014-06-25 23:22 - 2014-06-25 23:22 - 00000000 ____D () C:\Users\Peter\Downloads\Aspire_mod_kompilace_v1.2_pro0.9.1
2014-06-25 19:46 - 2014-06-25 19:46 - 00004621 _____ () C:\Users\Peter\Downloads\356172060277_20140619_20140624.csv
2014-06-23 20:24 - 2014-06-23 20:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-23 20:24 - 2014-06-23 20:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\DropboxMaster
2014-06-23 20:23 - 2014-06-23 20:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Dropbox
2014-06-23 10:42 - 2014-06-23 10:42 - 00177152 _____ () C:\Users\Peter\Downloads\prikrmy_tabulky.xls
2014-06-22 20:38 - 2014-06-22 20:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-22 20:38 - 2014-06-22 20:38 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-21 02:04 - 2014-06-21 02:05 - 00000000 ____D () C:\Users\Peter\Desktop\FreeRapid-0.9u4
2014-06-20 20:19 - 2014-07-05 00:13 - 00000000 ____D () C:\ProgramData\AppSnow
2014-06-20 20:19 - 2014-06-20 20:25 - 17403694 _____ () C:\Users\Peter\Desktop\FreeRapid-0.9u4.zip
2014-06-20 20:18 - 2014-07-04 22:13 - 00000000 ____D () C:\ProgramData\4d66ec623310361d
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Peter\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Peter\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Peter\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator
2014-06-20 20:17 - 2014-06-20 20:25 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-20 20:17 - 2014-06-20 20:17 - 05481930 _____ () C:\Users\Peter\Downloads\Sherlock_S03E02_The-Sign-of-Three.+cz-titulky.mp4.crdownload
2014-06-20 20:10 - 2014-06-20 20:15 - 684732753 _____ () C:\Users\Peter\Downloads\Sherlock-S03E01---The-Empty-Hearse-cz-titulky-vlozeny.mp4
2014-06-20 19:55 - 2014-06-20 20:01 - 866732396 _____ () C:\Users\Peter\Downloads\Sherlock_S03E01_CZdab.avi
2014-06-20 01:02 - 2014-06-20 01:04 - 166513266 _____ () C:\Users\Peter\Downloads\Brooklyn.Nine.Nine.S01E01.HDTV.x264-LOL.mp4
2014-06-20 01:02 - 2014-06-20 01:02 - 00039673 _____ () C:\Users\Peter\Downloads\Brooklyn-Nine-Nine-S01E01(0000224135).srt
2014-06-19 18:13 - 2014-06-19 18:13 - 00004963 _____ () C:\Users\Peter\Downloads\356172060277_20140616_20140618.csv
2014-06-18 18:37 - 2014-06-18 18:37 - 07049659 _____ () C:\Users\Peter\Downloads\wp_posts (1).sql
2014-06-16 23:56 - 2014-06-16 23:56 - 00028556 _____ () C:\Users\Peter\Downloads\export_1402955771_utf8.csv
2014-06-16 23:56 - 2014-06-16 23:56 - 00003954 _____ () C:\Users\Peter\Downloads\export_1402955816_utf8.csv
2014-06-16 23:55 - 2014-06-16 23:55 - 00000107 _____ () C:\Users\Peter\Documents\kontakty - PK.txt
2014-06-16 22:18 - 2014-06-16 22:18 - 00004173 _____ () C:\Users\Peter\Downloads\RodP140102101 (2).xml
2014-06-15 17:59 - 2014-06-15 17:59 - 00001663 _____ () C:\Users\Peter\anatomie 1.cards
2014-06-15 17:43 - 2014-06-15 17:43 - 00001404 _____ () C:\Users\Peter\svaly.cards
2014-06-15 17:17 - 2014-06-15 17:44 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Mnemosyne
2014-06-15 17:16 - 2014-06-15 17:51 - 00000000 ____D () C:\Users\Peter\.matplotlib
2014-06-15 17:14 - 2014-06-15 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mnemosyne
2014-06-15 17:14 - 2014-06-15 17:14 - 00000000 ____D () C:\Program Files\Mnemosyne
2014-06-15 17:11 - 2014-06-15 17:11 - 25784542 _____ ( ) C:\Users\Peter\Downloads\mnemosyne-2.3-setup.exe
2014-06-15 13:54 - 2014-06-15 13:54 - 00003668 _____ () C:\Users\Peter\Downloads\356172060277_20140610_20140613.csv
2014-06-14 21:45 - 2014-06-14 21:45 - 00286810 _____ () C:\Users\Peter\Downloads\Popreni.epub
2014-06-14 21:45 - 2014-06-14 21:45 - 00286810 _____ () C:\Users\Peter\Downloads\Popreni (1).epub
2014-06-13 22:56 - 2014-06-13 22:56 - 01685336 _____ () C:\Users\Peter\Downloads\emocni_inteligence.zip
2014-06-13 22:27 - 2014-06-13 22:28 - 09307654 _____ () C:\Users\Peter\Downloads\Haruki-Mrakami.rar
2014-06-12 20:04 - 2014-06-12 20:04 - 00000000 ____D () C:\Users\Peter\Downloads\Aspire_mod_kompilace_v1.0_pro0.9.1
2014-06-11 22:45 - 2014-06-11 22:45 - 00000105 ____H () C:\Users\Peter\Documents\.~lock.O140695 Končula Klasik 3D.RTF#
2014-06-11 22:40 - 2014-06-11 22:40 - 00000105 ____H () C:\Users\Peter\Documents\.~lock.EQ0061-.rtf#
2014-06-11 05:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 05:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 05:57 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 05:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 05:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 05:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 05:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 05:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 05:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 05:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 05:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 05:57 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 05:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 05:57 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 05:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 05:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 05:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 05:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 05:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 05:57 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 05:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 05:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 05:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 05:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 05:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 05:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 05:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 05:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 05:56 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 05:56 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 05:56 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 05:56 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 05:56 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 05:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 05:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 05:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 05:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-10 21:24 - 2014-06-10 21:24 - 00002745 _____ () C:\Users\Peter\Downloads\356172060277_20140609.csv
2014-06-07 23:44 - 2014-06-07 23:44 - 00245868 _____ () C:\Users\Peter\Documents\dlažba balkon.cdr
2014-06-07 23:08 - 2014-06-07 23:15 - 00046245 _____ () C:\Users\Peter\Documents\kuchyně - želkovice.cdr
2014-06-07 23:08 - 2014-06-07 23:08 - 00040043 _____ () C:\Users\Peter\Documents\Záloha_kuchyně - želkovice.cdr
2014-06-07 20:14 - 2014-06-07 20:14 - 05835350 _____ () C:\Users\Peter\Downloads\wp_posts.sql
2014-06-06 20:40 - 2014-06-06 20:40 - 04996210 _____ (Tim Kosse) C:\Users\Peter\Downloads\FileZilla_3.8.1_win32-setup.exe
2014-06-06 18:00 - 2014-06-06 18:00 - 04398333 _____ () C:\Users\Peter\Downloads\WD_Quick_View_Setup_for_Windows.zip
2014-06-05 23:52 - 2014-06-05 23:52 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\WDC
2014-06-05 23:47 - 2014-06-05 23:47 - 00000000 ____H () C:\Users\Peter\Documents\Default.rdp
2014-06-05 23:41 - 2014-06-05 23:56 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\com.wd.WDMyCloud
2014-06-05 23:41 - 2014-06-05 23:41 - 00001111 _____ () C:\Users\Public\Desktop\WD My Cloud.lnk
2014-06-05 23:41 - 2014-06-05 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-06-05 23:41 - 2014-06-05 23:41 - 00000000 ____D () C:\Program Files\Western Digital
2014-06-05 23:40 - 2014-06-05 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour Print Services
2014-06-05 23:40 - 2014-06-05 23:40 - 00000000 ____D () C:\Program Files\Bonjour Print Services
2014-06-05 23:39 - 2014-06-05 23:39 - 00000204 _____ () C:\Users\Peter\Desktop\Školicí středisko k úložišti WD My Cloud.url
2014-06-05 23:39 - 2014-06-05 23:39 - 00000153 _____ () C:\Users\Peter\Desktop\Veřejná složka úložiště WD My Cloud.url
2014-06-05 23:39 - 2014-06-05 23:39 - 00000149 _____ () C:\Users\Peter\Desktop\Ovládací panel úložiště WD My Cloud.url
2014-06-05 23:39 - 2014-06-05 23:39 - 00000000 ____D () C:\ProgramData\Western Digital
2014-06-05 23:35 - 2014-06-05 23:40 - 00000000 ____D () C:\Users\Peter\AppData\Local\Western Digital
2014-06-05 23:34 - 2014-06-05 23:35 - 71601392 _____ () C:\Users\Peter\Downloads\mc_windows_setup.exe

==================== One Month Modified Files and Folders =======

2014-07-05 01:54 - 2014-07-05 01:44 - 00012345 _____ () C:\Users\Peter\Downloads\FRST.txt
2014-07-05 01:54 - 2014-07-05 01:44 - 00000000 ____D () C:\FRST
2014-07-05 01:51 - 2014-07-05 01:37 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-05 01:46 - 2014-07-05 01:45 - 00025910 _____ () C:\Users\Peter\Downloads\Addition.txt
2014-07-05 01:43 - 2014-07-05 01:43 - 01074688 _____ (Farbar) C:\Users\Peter\Downloads\FRST.exe
2014-07-05 01:37 - 2014-07-05 01:36 - 10278752 _____ (SurfRight B.V.) C:\Users\Peter\Downloads\HitmanPro.exe
2014-07-05 01:35 - 2014-07-05 01:33 - 00006647 _____ () C:\Users\Peter\Downloads\hijackthis.log
2014-07-05 01:33 - 2014-07-05 01:32 - 00388608 _____ (Trend Micro Inc.) C:\Users\Peter\Downloads\hijackthis.exe
2014-07-05 01:33 - 2013-10-30 14:43 - 00000000 ____D () C:\Users\Peter\AppData\Local\VirtualStore
2014-07-05 01:29 - 2009-07-14 06:34 - 00022224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-05 01:29 - 2009-07-14 06:34 - 00022224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-05 01:25 - 2013-10-30 12:35 - 01798061 _____ () C:\Windows\WindowsUpdate.log
2014-07-05 01:22 - 2014-01-10 10:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-05 01:22 - 2010-11-20 23:48 - 00168696 _____ () C:\Windows\PFRO.log
2014-07-05 01:22 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-05 01:22 - 2009-07-14 06:39 - 00045170 _____ () C:\Windows\setupact.log
2014-07-05 01:21 - 2014-07-05 01:21 - 00000000 ____D () C:\Windows\pss
2014-07-05 00:21 - 2014-07-04 23:59 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 00:18 - 2014-07-04 22:54 - 00000000 ____D () C:\Program Files\IObit
2014-07-05 00:17 - 2014-07-05 00:17 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-07-05 00:15 - 2014-07-04 22:55 - 00000000 ____D () C:\Program Files\Common Files\Spigot
2014-07-05 00:15 - 2014-07-04 22:55 - 00000000 ____D () C:\Program Files\Application Updater
2014-07-05 00:15 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\addins
2014-07-05 00:13 - 2014-07-04 22:56 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Slick Savings
2014-07-05 00:13 - 2014-06-20 20:19 - 00000000 ____D () C:\ProgramData\AppSnow
2014-07-04 23:59 - 2014-07-04 23:59 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-04 23:59 - 2014-07-04 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 23:59 - 2014-07-04 23:58 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-04 23:58 - 2014-07-04 23:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 23:58 - 2014-07-04 23:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Peter\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 23:31 - 2014-07-04 23:31 - 00000000 ____D () C:\Users\Peter\AppData\Local\Apple Computer
2014-07-04 23:31 - 2013-10-30 14:51 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\eM Client
2014-07-04 23:13 - 2014-07-04 22:54 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\IObit
2014-07-04 23:10 - 2014-07-04 23:10 - 43286528 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-07-04 23:10 - 2014-07-04 23:10 - 00290816 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-07-04 23:10 - 2014-07-04 23:10 - 00028672 _____ () C:\Windows\system32\config\SAM.iobit
2014-07-04 23:10 - 2014-07-04 23:10 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-07-04 23:10 - 2013-10-30 14:43 - 00000000 ____D () C:\Users\Peter
2014-07-04 23:04 - 2013-11-01 22:12 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\AIMP3
2014-07-04 22:56 - 2014-07-04 22:56 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\ProductData
2014-07-04 22:56 - 2014-07-04 22:56 - 00000000 ____D () C:\Users\Peter\AppData\Local\Slick Savings
2014-07-04 22:56 - 2014-07-04 22:55 - 00000000 ____D () C:\ProgramData\IObit
2014-07-04 22:55 - 2014-07-04 22:55 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-04 22:55 - 2014-07-04 22:55 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-07-04 22:55 - 2014-07-04 22:55 - 00000000 ____D () C:\Program Files\IObit Apps Toolbar
2014-07-04 22:55 - 2014-07-04 22:15 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Apple Computer
2014-07-04 22:52 - 2014-07-04 22:52 - 38672200 _____ (IObit ) C:\Users\Peter\Downloads\Nepotvrzeno 418308.exe
2014-07-04 22:52 - 2014-07-04 22:52 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-07-04 22:49 - 2014-07-04 22:49 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-07-04 22:41 - 2014-07-04 22:41 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Peter\Downloads\SpyHunter-Installer.exe
2014-07-04 22:13 - 2014-06-20 20:18 - 00000000 ____D () C:\ProgramData\4d66ec623310361d
2014-07-04 22:13 - 2014-03-25 14:47 - 00000546 __RSH () C:\ProgramData\ntuser.pol
2014-07-04 22:06 - 2014-07-04 22:05 - 00000000 ____D () C:\Program Files\FreeRapid-0.9u4
2014-07-04 22:05 - 2014-07-04 22:04 - 17403694 _____ () C:\Users\Peter\Downloads\FreeRapid-0.9u4.zip
2014-07-04 21:48 - 2014-07-04 21:38 - 466139595 _____ () C:\Users\Peter\Downloads\(1-6)-Andělé-v-Americe-(2003)-CZ.mp4
2014-07-04 21:48 - 2014-07-04 21:38 - 413842911 _____ () C:\Users\Peter\Downloads\(2-6)-Andělé-v-Americe-(2003)-CZ.mp4
2014-07-03 21:02 - 2014-07-03 21:02 - 00004352 _____ () C:\Users\Peter\Downloads\356172060277_20140701_20140702.csv
2014-07-02 19:46 - 2014-07-02 19:46 - 00001815 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-02 19:46 - 2014-07-02 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-02 19:46 - 2014-07-02 19:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-02 19:46 - 2014-07-02 19:46 - 00000000 ____D () C:\Program Files\QuickTime
2014-07-02 19:44 - 2014-07-02 19:44 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Users\Peter\AppData\Local\Apple
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-02 19:44 - 2014-07-02 19:44 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-07-02 19:43 - 2014-07-02 19:43 - 39401336 _____ (Apple Inc.) C:\Users\Peter\Downloads\QuickTimeInstaller.exe
2014-07-02 19:41 - 2014-07-02 19:41 - 00000000 ____D () C:\Users\Peter\Documents\ethogram_agonistic_behaviours
2014-07-01 23:00 - 2014-07-01 23:00 - 00000105 ____H () C:\Users\Peter\Documents\.~lock.Attendance_List_template.xls#
2014-07-01 23:00 - 2013-10-31 14:18 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\FileZilla
2014-07-01 21:02 - 2014-07-01 21:02 - 00133632 _____ () C:\Users\Peter\Documents\Attendance_List_template.xls
2014-07-01 08:17 - 2014-07-01 08:17 - 00005499 _____ () C:\Users\Peter\Downloads\356172060277_20140625_20140630.csv
2014-06-30 13:57 - 2014-06-30 13:57 - 00177152 _____ () C:\Users\Peter\Downloads\prikrmy_tabulky (1).xls
2014-06-29 06:57 - 2014-06-29 06:57 - 00400193 _____ () C:\Users\Peter\Downloads\free_stani_01.zip
2014-06-29 04:48 - 2012-10-10 18:06 - 00000000 ____D () C:\Oslava života
2014-06-28 17:09 - 2014-07-02 19:40 - 424728533 _____ () C:\Users\Peter\Documents\ethogram_agonistic_behaviours.zip
2014-06-25 23:22 - 2014-06-25 23:22 - 00000000 ____D () C:\Users\Peter\Downloads\Aspire_mod_kompilace_v1.2_pro0.9.1
2014-06-25 19:46 - 2014-06-25 19:46 - 00004621 _____ () C:\Users\Peter\Downloads\356172060277_20140619_20140624.csv
2014-06-23 20:24 - 2014-06-23 20:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-23 20:24 - 2014-06-23 20:24 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\DropboxMaster
2014-06-23 20:24 - 2014-06-23 20:23 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Dropbox
2014-06-23 10:42 - 2014-06-23 10:42 - 00177152 _____ () C:\Users\Peter\Downloads\prikrmy_tabulky.xls
2014-06-22 22:32 - 2010-11-20 23:01 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-22 20:39 - 2013-10-30 15:07 - 00002047 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-22 20:38 - 2014-06-22 20:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-22 20:38 - 2014-06-22 20:38 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-22 20:38 - 2014-01-10 10:50 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-22 20:38 - 2013-10-30 15:06 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-22 20:38 - 2013-10-30 15:06 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-22 20:38 - 2013-10-30 15:06 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-22 20:38 - 2013-10-30 15:06 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-22 20:38 - 2013-10-30 15:06 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-22 20:38 - 2013-10-30 15:06 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-22 20:38 - 2013-10-30 15:06 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-21 02:05 - 2014-06-21 02:04 - 00000000 ____D () C:\Users\Peter\Desktop\FreeRapid-0.9u4
2014-06-20 20:25 - 2014-06-20 20:19 - 17403694 _____ () C:\Users\Peter\Desktop\FreeRapid-0.9u4.zip
2014-06-20 20:25 - 2014-06-20 20:17 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Peter\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Peter\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Peter\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Guest
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 20:18 - 2014-06-20 20:18 - 00000000 ____D () C:\Users\Administrator
2014-06-20 20:18 - 2013-10-30 15:04 - 00000000 ____D () C:\Users\Peter\AppData\Local\Google
2014-06-20 20:18 - 2013-10-30 15:04 - 00000000 ____D () C:\Program Files\Google
2014-06-20 20:17 - 2014-06-20 20:17 - 05481930 _____ () C:\Users\Peter\Downloads\Sherlock_S03E02_The-Sign-of-Three.+cz-titulky.mp4.crdownload
2014-06-20 20:15 - 2014-06-20 20:10 - 684732753 _____ () C:\Users\Peter\Downloads\Sherlock-S03E01---The-Empty-Hearse-cz-titulky-vlozeny.mp4
2014-06-20 20:01 - 2014-06-20 19:55 - 866732396 _____ () C:\Users\Peter\Downloads\Sherlock_S03E01_CZdab.avi
2014-06-20 01:04 - 2014-06-20 01:02 - 166513266 _____ () C:\Users\Peter\Downloads\Brooklyn.Nine.Nine.S01E01.HDTV.x264-LOL.mp4
2014-06-20 01:02 - 2014-06-20 01:02 - 00039673 _____ () C:\Users\Peter\Downloads\Brooklyn-Nine-Nine-S01E01(0000224135).srt
2014-06-19 18:13 - 2014-06-19 18:13 - 00004963 _____ () C:\Users\Peter\Downloads\356172060277_20140616_20140618.csv
2014-06-18 18:37 - 2014-06-18 18:37 - 07049659 _____ () C:\Users\Peter\Downloads\wp_posts (1).sql
2014-06-16 23:56 - 2014-06-16 23:56 - 00028556 _____ () C:\Users\Peter\Downloads\export_1402955771_utf8.csv
2014-06-16 23:56 - 2014-06-16 23:56 - 00003954 _____ () C:\Users\Peter\Downloads\export_1402955816_utf8.csv
2014-06-16 23:55 - 2014-06-16 23:55 - 00000107 _____ () C:\Users\Peter\Documents\kontakty - PK.txt
2014-06-16 22:18 - 2014-06-16 22:18 - 00004173 _____ () C:\Users\Peter\Downloads\RodP140102101 (2).xml
2014-06-15 17:59 - 2014-06-15 17:59 - 00001663 _____ () C:\Users\Peter\anatomie 1.cards
2014-06-15 17:51 - 2014-06-15 17:16 - 00000000 ____D () C:\Users\Peter\.matplotlib
2014-06-15 17:44 - 2014-06-15 17:17 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Mnemosyne
2014-06-15 17:43 - 2014-06-15 17:43 - 00001404 _____ () C:\Users\Peter\svaly.cards
2014-06-15 17:14 - 2014-06-15 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mnemosyne
2014-06-15 17:14 - 2014-06-15 17:14 - 00000000 ____D () C:\Program Files\Mnemosyne
2014-06-15 17:11 - 2014-06-15 17:11 - 25784542 _____ ( ) C:\Users\Peter\Downloads\mnemosyne-2.3-setup.exe
2014-06-15 13:54 - 2014-06-15 13:54 - 00003668 _____ () C:\Users\Peter\Downloads\356172060277_20140610_20140613.csv
2014-06-14 21:45 - 2014-06-14 21:45 - 00286810 _____ () C:\Users\Peter\Downloads\Popreni.epub
2014-06-14 21:45 - 2014-06-14 21:45 - 00286810 _____ () C:\Users\Peter\Downloads\Popreni (1).epub
2014-06-13 22:56 - 2014-06-13 22:56 - 01685336 _____ () C:\Users\Peter\Downloads\emocni_inteligence.zip
2014-06-13 22:28 - 2014-06-13 22:27 - 09307654 _____ () C:\Users\Peter\Downloads\Haruki-Mrakami.rar
2014-06-12 20:04 - 2014-06-12 20:04 - 00000000 ____D () C:\Users\Peter\Downloads\Aspire_mod_kompilace_v1.0_pro0.9.1
2014-06-12 04:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-12 03:19 - 2014-05-05 01:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 03:03 - 2013-11-19 03:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:01 - 2013-11-19 03:13 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 22:45 - 2014-06-11 22:45 - 00000105 ____H () C:\Users\Peter\Documents\.~lock.O140695 Končula Klasik 3D.RTF#
2014-06-11 22:40 - 2014-06-11 22:40 - 00000105 ____H () C:\Users\Peter\Documents\.~lock.EQ0061-.rtf#
2014-06-10 22:18 - 2013-10-30 15:04 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 21:24 - 2014-06-10 21:24 - 00002745 _____ () C:\Users\Peter\Downloads\356172060277_20140609.csv
2014-06-09 23:45 - 2014-05-28 20:50 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Skype
2014-06-08 22:48 - 2014-02-16 14:52 - 00000000 ____D () C:\Users\Peter\Documents\SoulMate
2014-06-08 10:48 - 2014-06-11 05:56 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-11 05:56 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 23:44 - 2014-06-07 23:44 - 00245868 _____ () C:\Users\Peter\Documents\dlažba balkon.cdr
2014-06-07 23:15 - 2014-06-07 23:08 - 00046245 _____ () C:\Users\Peter\Documents\kuchyně - želkovice.cdr
2014-06-07 23:08 - 2014-06-07 23:08 - 00040043 _____ () C:\Users\Peter\Documents\Záloha_kuchyně - želkovice.cdr
2014-06-07 20:14 - 2014-06-07 20:14 - 05835350 _____ () C:\Users\Peter\Downloads\wp_posts.sql
2014-06-06 20:40 - 2014-06-06 20:40 - 04996210 _____ (Tim Kosse) C:\Users\Peter\Downloads\FileZilla_3.8.1_win32-setup.exe
2014-06-06 18:00 - 2014-06-06 18:00 - 04398333 _____ () C:\Users\Peter\Downloads\WD_Quick_View_Setup_for_Windows.zip
2014-06-05 23:56 - 2014-06-05 23:41 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\com.wd.WDMyCloud
2014-06-05 23:52 - 2014-06-05 23:52 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\WDC
2014-06-05 23:47 - 2014-06-05 23:47 - 00000000 ____H () C:\Users\Peter\Documents\Default.rdp
2014-06-05 23:41 - 2014-06-05 23:41 - 00001111 _____ () C:\Users\Public\Desktop\WD My Cloud.lnk
2014-06-05 23:41 - 2014-06-05 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-06-05 23:41 - 2014-06-05 23:41 - 00000000 ____D () C:\Program Files\Western Digital
2014-06-05 23:40 - 2014-06-05 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour Print Services
2014-06-05 23:40 - 2014-06-05 23:40 - 00000000 ____D () C:\Program Files\Bonjour Print Services
2014-06-05 23:40 - 2014-06-05 23:35 - 00000000 ____D () C:\Users\Peter\AppData\Local\Western Digital
2014-06-05 23:39 - 2014-06-05 23:39 - 00000204 _____ () C:\Users\Peter\Desktop\Školicí středisko k úložišti WD My Cloud.url
2014-06-05 23:39 - 2014-06-05 23:39 - 00000153 _____ () C:\Users\Peter\Desktop\Veřejná složka úložiště WD My Cloud.url
2014-06-05 23:39 - 2014-06-05 23:39 - 00000149 _____ () C:\Users\Peter\Desktop\Ovládací panel úložiště WD My Cloud.url
2014-06-05 23:39 - 2014-06-05 23:39 - 00000000 ____D () C:\ProgramData\Western Digital
2014-06-05 23:35 - 2014-06-05 23:34 - 71601392 _____ () C:\Users\Peter\Downloads\mc_windows_setup.exe

Some content of TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\exthelper.exe
C:\Users\Peter\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-02 01:16

==================== End Of Log ============================

[Márty84]

Zdravim

Dejte mi sem log z MBAM. Potrebuju videt co a kde nasel.

Odinstalujte vse od IObit. Umi to nadelat vic skody nez uzitku.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[Peter-turb]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 5.7.2014
Čas skenování: 0:02:21
Protokol:
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.07.04.11
Databáze rootkitů: v2014.07.03.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Peter

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 306595
Uplynulý čas: 10 min, 12 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 2
PUP.Optional.Spigot.A, C:\Program Files\Application Updater\ApplicationUpdater.exe, 548, Smazat při restartu, [a1ea8714e49732041cf64840d72acd33]
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe, 3340, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5]

Moduly: 11
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],

Klíče registru: 10
PUP.Optional.Spigot.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Application Updater, Do karantény, [a1ea8714e49732041cf64840d72acd33],
PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Do karantény, [0d7e2873c1ba2214726a034fa75b18e8],
PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, Do karantény, [0d7e2873c1ba2214726a034fa75b18e8],
PUP.Optional.Spigot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Do karantény, [0d7e2873c1ba2214726a034fa75b18e8],
PUP.Optional.GreatSaver.A, HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}, Do karantény, [2b60acef522926107ec2e1709969a060],
PUP.Optional.Booster.A, HKLM\SOFTWARE\SO_Booster, Do karantény, [5c2fd6c5b4c73ef821321a9eff036e92],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, Do karantény, [abe01c7f8bf043f3400a9d24da2811ef],
PUP.Optional.Booster.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{3f17c95f}, Do karantény, [cbc0f0aba6d525115a072e85679b718f],
PUP.Optional.Spigot.A, HKU\S-1-5-21-3108534364-2438718461-1887123822-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Do karantény, [deaddfbc275494a2f3b31ef0b252639d],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3108534364-2438718461-1887123822-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Do karantény, [a7e47e1daccf3df9e92addea7d851be5],

Hodnoty registru: 5
PUP.Optional.Spigot.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE, 1, Do karantény, [a1ea8714e49732041cf64840d72acd33]
PUP.Optional.Spigot.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE, 1, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5]
PUP.Optional.Spigot.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SearchSettings, "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe", Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5]
PUP.Optional.Spigot.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\{58D2A791-6199-482F-A9AA-9B725EC61362}.XPI, 1, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5]
PUP.Optional.Spigot.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\COMMON FILES\SPIGOT\GC\EXTHELPER.EXE, 1, Do karantény, [e5a60992106bae881fe6e2caf30f738d]

Data registru: 0
(No malicious items detected)

Složky: 16
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\icons, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\chrome, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\chrome\content, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Res, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\GC, Do karantény, [e5a60992106bae881fe6e2caf30f738d],
PUP.Optional.Booster.A, C:\ProgramData\AppSnow\SO_Booster, Do karantény, [2e5df2a9ea91ab8b4c71f2bd37cbb24e],
PUP.Optional.Booster.A, C:\ProgramData\AppSnow\SO_Booster\2355932470, Do karantény, [2e5df2a9ea91ab8b4c71f2bd37cbb24e],

Soubory: 64
PUP.Optional.Spigot.A, C:\Program Files\Application Updater\ApplicationUpdater.exe, Smazat při restartu, [a1ea8714e49732041cf64840d72acd33],
PUP.Optional.Spigot, C:\Users\Peter\AppData\Roaming\Slick Savings\Coupons.dll, Do karantény, [0d7e2873c1ba2214726a034fa75b18e8],
PUP.Optional.MultiPlug.A, C:\$Recycle.Bin\S-1-5-21-3108534364-2438718461-1887123822-1000\$REZ8RBJ\aKWlQ.exe, Do karantény, [e0ab3368e19acf6710992625a060a060],
PUP.Optional.MultiPlug.A, C:\Windows\System32\setup.exe, Do karantény, [1279aeed6f0cdc5a248689c2ab5537c9],
Trojan.SProtector, C:\Users\Peter\AppData\Local\Temp\0cfc5829\temp\putfu.exe, Do karantény, [4e3d7f1cfd7e33034f2ad1854cb5e51b],
PUP.Optional.MultiPlug.A, C:\Users\Peter\AppData\Local\Temp\0cfc5829\temp\setupespl.exe, Do karantény, [e3a883182358092dcbdfb39822ded030],
PUP.Optional.Softonic.A, C:\Users\Peter\Downloads\SoftonicDownloader_for_driver-sweeper.exe, Do karantény, [6c1f623985f600360949899dc43d2bd5],
PUP.Optional.Cgminer, C:\Users\Peter\Downloads\cgminer-3.7.2-windows.zip, Do karantény, [fc8fd1caabd0b680aab589c041c07d83],
Adware.Agent, C:\Users\Peter\Downloads\FreeRapid-0.9u4.zip (1).exe, Do karantény, [8b0035667605e551b9344153f01114ec],
PUP.Optional.InstalleRex, C:\Users\Peter\Downloads\FreeRapid-0.9u4.zip.exe, Do karantény, [127927744d2eb5818ed9335ed13010f0],
PUP.Optional.OpenCandy, C:\Users\Peter\Downloads\GOMPLAYERENSETUP (1).EXE, Do karantény, [58335447ef8ccb6bed347c3ca4607d83],
PUP.Optional.OpenCandy, C:\Users\Peter\Downloads\GOMPLAYERENSETUP.EXE, Do karantény, [0487adee0c6fb284c55cf1c77193a25e],
PUP.Optional.Cgminer, C:\Users\Peter\Downloads\guiminer-scrypt_win32_binaries_v0.04.zip, Do karantény, [a0ebf7a447348bab38273b0e7889fe02],
PUP.Optional.Spigot.A, C:\Windows\Installer\1716fe.msi, Do karantény, [90fbf8a3f18a36005bb85a2e867b2ed2],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\background.html, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\config.json, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\manifest.json, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\icons\ss-128.png, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\icons\ss-48.png, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts\background.js, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts\loader_1036.js, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SlickSavings.A, C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts\utils.js, Do karantény, [701bebb0b1ca85b12f1ea4f9e220f808],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\chrome.manifest, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\icon.png, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\install.rdf, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\chrome\content\config.json, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\chrome\content\main.js, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\chrome\content\savingsslider.js, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\chrome\content\savingsslider.xul, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.SavingsSlider.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\savingsslider@mybrowserbar.com\chrome\content\spigot.js, Do karantény, [bccf0b90de9d6ec8c0b1039b48ba26da],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\baidu_ff.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\baidu_ie.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\config.ini, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\searchcom_ff.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\searchcom_ie.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wth184.dll, Smazat při restartu, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\wthx184.dll, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ff.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ie.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yandextr_ff.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yandextr_ie.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yandex_ff.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yandex_ie.xml, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1031.ini, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1033.ini, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1034.ini, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1036.ini, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1040.ini, Do karantény, [b5d6504bfb800e282b3d0a99f9093bc5],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome.manifest, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\icon.png, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\install.rdf, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\config.json, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\main.js, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\main.xul, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\newtab.xul, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\prefs.txt, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\redirects.js, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\spigot.js, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\startpage.js, Do karantény, [86057c1f99e22d09f673cbd8ca388080],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\GC\exthelper.exe, Do karantény, [e5a60992106bae881fe6e2caf30f738d],
PUP.Optional.Booster.A, C:\ProgramData\AppSnow\SO_Booster\2355932470.ini, Do karantény, [2e5df2a9ea91ab8b4c71f2bd37cbb24e],

Fyzické sektory: 0
(No malicious items detected)


(end)

[Peter-turb]

# AdwCleaner v3.214 - Report created 05/07/2014 at 20:27:09
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Peter - PETER-TURB-PC
# Running from : C:\Users\Peter\Downloads\adwcleaner_3.214.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\IObit Apps Toolbar
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Peter\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Peter\AppData\Local\Slick Savings
Folder Deleted : C:\Users\Peter\AppData\Local\torch
Folder Deleted : C:\Users\Peter\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Peter\AppData\Roaming\Slick Savings
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\torch
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmofpmanalabomacbhbmkkgjlclieo
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmofpmanalabomacbhbmkkgjlclieo
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmofpmanalabomacbhbmkkgjlclieo
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmofpmanalabomacbhbmkkgjlclieo
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpohkdgedecgbelhmnjjjbjbbijmidc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpohkdgedecgbelhmnjjjbjbbijmidc
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpohkdgedecgbelhmnjjjbjbbijmidc
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpohkdgedecgbelhmnjjjbjbbijmidc

***** [ Shortcuts ] *****


***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\so_boo~1\assist~1.dll
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");

-\\ Google Chrome v35.0.1916.153

a Tady je log z AdwCleaner. problém stále přetrvává


[ File : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={91B506FA-17E7-46AD-A1AC-986BEC8EDE0F}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://www.elan.cz/?page=websearch&srchtext={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Extension] : algmofpmanalabomacbhbmkkgjlclieo

*************************

AdwCleaner[R0].txt - [4935 octets] - [05/07/2014 20:25:41]
AdwCleaner[S0].txt - [5127 octets] - [05/07/2014 20:27:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5187 octets] ##########

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Peter-turb]

Tak vy padá to že se zadařilo

ComboFix 14-07-03.01 - Peter 05.07.2014 22:07:22.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3578.2637 [GMT 2:00]
Spuštěný z: c:\users\Peter\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\WinPCap
c:\program files (x86)\WinPCap\daemon_mgm.exe
c:\program files (x86)\WinPCap\INSTALL.LOG
c:\program files (x86)\WinPCap\NetMonInstaller.exe
c:\program files (x86)\WinPCap\npf_mgm.exe
c:\program files (x86)\WinPCap\rpcapd.exe
c:\program files (x86)\WinPCap\Uninstall.exe
c:\users\Peter\AppData\Roaming\Local
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ar\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\bg\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\bn\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ca\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\cs\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\da\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\de\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\el\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\en_GB\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\en_US\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\es\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\es_419\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\et\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\fa\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\fi\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\fr\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\gu\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\he\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\hi\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\hr\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\hu\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\id\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\it\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ja\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\kn\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ko\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\lt\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\lv\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ml\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\mr\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ms\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\nb\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\nl\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\pl\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\pt_BR\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\pt_PT\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ro\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ru\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\sk\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\sl\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\sr\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\sv\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\ta\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\th\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\tr\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\uk\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\vi\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\zh_CN\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\_locales\zh_TW\messages.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\about.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\about1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\arrow.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\arrowon.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\backarrow.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\backbg.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\backbgover.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\background.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\background.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\background2.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\bg.jpg
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\bg2.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\blank.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\cc.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\close.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\cmenu-vista-bg.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\cmenu-vista-menu-item-hover.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\combobox.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\combobox.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\combobox_small.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\configure_formfill.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\configure_formfill_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\configure_formfill6.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\congratulations.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\congratulations_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\congratulations4.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\context.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\copypassword.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\copyurl.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\copyusername.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\create_account.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\create_account_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\create_account14.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\create_account4.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\create_icon_mobile.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\csp.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\db.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\deletelocallowlastpass.txt
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\deleteprogramfiles.txt
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\disk.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\dot_for_ie.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\dropdown.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\enabletoolbar.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\export.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\export_choose.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\export_choose_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\export_choose1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\export_choose3.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\export1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\favicon.ico
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\fftranslations.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\FileBroker.exe
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\fill.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\formfill.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\formfill.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\formfill_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\formfill1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\formfill2.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\fromcs.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\gauth.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\gauthlastpass.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\general.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\general_small.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\generate.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ghettoslider.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ghettoslider.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\home.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\home.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\home_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\home1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\homelocal2.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\homelocal2.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\homelocal2_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\changemasterpw.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\changemasterpw_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\changemasterpw5.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\changemasterpw7.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\changepw.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\chooseprofilecc.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\chooser.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\Icon-32.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\Icon-48.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\Icon-64.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\Icon.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_alert.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_alert.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_gray.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_gray2.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_gray2.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_green2.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_off.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_on.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_whitebg2.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon_yellow2.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon2.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon2.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icon2_blue.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\icons.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\iehome.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\iehome2.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_delcache.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_export.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_help.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_ident.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_import.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_prefs.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_print.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_refresh.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_seccheck.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ad_sess.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\add.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\addgroup.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_delcache.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_export.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_help.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_ident.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_import.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_prefs.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_print.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_refresh.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_seccheck.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\adroll_sess.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\asterisk.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\bw_question.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\cog.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\collapseoff.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\collapseon.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\computer_delete.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\create_small.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\down.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\edu_languages.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\emoticon_smile.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\excel.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\exclamation.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\expandoff.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\expandon.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\export.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\Eyerect40x26.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\Eyerect40x26_glow.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\Eyerect40x26_never.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\Eyerect40x26_never_glow.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\generic.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ghettoslider-bg.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ghettoslider-knob.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ghettoslider-left.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ghettoslider-right.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\gradient.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\group_key.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\help_128.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\checkmark.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_applications.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_autofill.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_autologin.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_bell.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_deleted.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_favorite.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_favorites.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_formfill.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_gray128.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_gray16.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_gray32.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_gray48.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_gray64.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_help.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_identities.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_lock.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_note.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_notes.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_preferences.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_premium.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_protected.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_recent.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_saveall.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_settings_small.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_sites.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_tools.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_up-red.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon_vault.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon128.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon16.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon32.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon48.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icon64.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\icons.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\import.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\key_small.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\keyboard.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\left.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\book_open.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\creditcards.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\export.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\folder-blue.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\folder-blue.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\help.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\import.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\kcontrol.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\key.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\note_add.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\popular.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\popular.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lib\remove-user-red.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lock.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\logouticon.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lpdropdown_off.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lpdropdown_on.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lpwhite_small.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\lpwhitelogo.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_advanced.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_arrow.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_bg.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_formfill.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_generate.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_logoff.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_navbg.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_notes.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_search.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_sep.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_titlebg.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_vault.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menu_x.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuarrow.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuarrowback.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuarrowbackover.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuarrowup.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuarrowupover.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menucog.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menucogover.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuglow_advanced.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuglow_formfill.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuglow_generate.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuglow_notes.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuglow_vault.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menulogoff.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menulogoffover.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuroll_advanced.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuroll_formfill.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuroll_generate.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuroll_notes.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menuroll_vault.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menusave.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\menusearch.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\note_add.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\overlayclose.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\page_gear.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\paperclip.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\paperclip_hover.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\passwordmeter_back.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\passwordmeter_front.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\pdf.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\power_off.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\powerpoint.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\printer.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\pwdrop.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\recording.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\reload.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\right.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\screenkeyboard.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\search-icon-blue.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\search-icon.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\seccheck.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\site_add.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\text.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\th_off.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\th_on.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\th_over.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\tick.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\time.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-anim_basic_16x16.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-bg_flat_0_eeeeee_40x100.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-bg_flat_55_c0402a_40x100.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-bg_flat_55_eeeeee_40x100.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-bg_glass_100_f8f8f8_1x400.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-bg_glass_35_dddddd_1x400.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-bg_glass_60_eeeeee_1x400.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-bg_inset-hard_75_999999_1x100.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-bg_inset-soft_50_c9c9c9_1x100.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-icons_3383bb_256x240.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-icons_70b2e1_256x240.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-icons_999999_256x240.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\ui-icons_fbc856_256x240.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\unlock.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\up-red.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vault.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultaccept.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultalert.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultcopy.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultcreditmonitor.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultdelete.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultedit.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultff.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultidentity.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultreject.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultshare.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\vaultshares.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\word.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\xsmall.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\images\xsmallroll.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\img.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\img1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import_other.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import_other_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import_other1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import_other4.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import_your_data.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import_your_data_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import_your_data6.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\import3.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\iscrollc.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery-1.7.2.min.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery-ui.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery-ui.min.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery.contextmenu.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery.contextmenu.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery.hotkeys-0.7.9.min.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery.tree.hotkeys.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery.tree.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\jquery.watermark.min.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\json2c.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\kb.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\key.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\af-ZA.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ar-EG.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ar-SA.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\az-AZ.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\be-BY.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\bg-BG.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\bn-BD.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\bs-BA.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ca-ES.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\cs-CZ.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\da-DK.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\de-DE.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\el-GR.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\en-AU.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\en-GB.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\en-US.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\eo-US.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\es-ES.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\es-MX.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\et-EE.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\fa-IR.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\fi-FI.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\fo-FO.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\fr-CA.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\fr-FR.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ga-IE.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\gl-ES.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\gu-IN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\he-IL.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\hi-IN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\hr-HR.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\hu-HU.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\id-ID.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\is-IS.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\it-IT.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ja-JP.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ka-GE.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\kn-IN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ko-KR.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\lt-LT.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\lv-LV.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\mg-MG.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\mk-MK.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ml-IN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\mr-IN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ms-MY.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\nb-NO.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ne-NP.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\nl-NL.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\nn-NO.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\pa-IN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\pl-PL.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\pt-BR.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\pt-PT.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ro-RO.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ru-RU.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\si-LK.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\sk-SK.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\sl-SI.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\sq-AL.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\sr-RS.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\sv-SE.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ta-IN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\th-TH.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\tl-PH.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\tr-TR.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\tzm-MA.regexp.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\uk-UA.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ur-PK.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\ver
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\vi-VN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\zh-CN.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lang\zh-TW.dat
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\af_ZA\af_ZA.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\af_ZA\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ar_EG\ar_EG.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ar_EG\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ar_SA\ar_SA.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ar_SA\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\az_AZ\az_AZ.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\az_AZ\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\be_BY\be_BY.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\be_BY\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\bg_BG\bg_BG.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\bg_BG\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\bn_BD\bn_BD.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\bn_BD\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\bs_BA\bs_BA.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\bs_BA\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ca_ES\ca_ES.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ca_ES\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\cs_CZ\cs_CZ.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\cs_CZ\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\da_DK\da_DK.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\da_DK\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\de_DE\de_DE.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\de_DE\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\de_DE\messages.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\de_DE\wxstd.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\el_GR\el_GR.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\el_GR\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\en_AU\en_AU.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\en_AU\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\en_GB\en_GB.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\en_GB\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\en_US\en_US.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\en_US\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\eo_US\eo_US.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\eo_US\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\es_ES\es_ES.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\es_ES\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\es_MX\es_MX.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\es_MX\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\et_EE\et_EE.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\et_EE\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fa_IR\fa_IR.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fa_IR\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fa_IR\messages.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fi_FI\fi_FI.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fi_FI\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fr_CA\fr_CA.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fr_CA\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fr_FR\fr_FR.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fr_FR\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\fr_FR\messages.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ga_IE\ga_IE.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ga_IE\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\gl_ES\gl_ES.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\gl_ES\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\gu_IN\gu_IN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\gu_IN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\he_IL\he_IL.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\he_IL\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\he_IL\messages.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\hi_IN\hi_IN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\hi_IN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\hr_HR\hr_HR.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\hr_HR\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\hu_HU\hu_HU.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\hu_HU\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\id_ID\id_ID.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\id_ID\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\is_IS\is_IS.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\is_IS\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\it_IT\it_IT.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\it_IT\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ja_JP\ja_JP.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ja_JP\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ka_GE\ka_GE.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ka_GE\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\kn_IN\kn_IN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\kn_IN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ko_KR\ko_KR.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ko_KR\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\lt_LT\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\lt_LT\lt_LT.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\lv_LV\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\lv_LV\lv_LV.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\mg_MG\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\mg_MG\mg_MG.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\mk_MK\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\mk_MK\mk_MK.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ml_IN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ml_IN\ml_IN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\mr_IN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\mr_IN\mr_IN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ms_MY\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ms_MY\ms_MY.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\nb_NO\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\nb_NO\nb_NO.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\nl_NL\junk.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\nl_NL\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\nl_NL\messages.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\nl_NL\nl_NL.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\nn_NO\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\nn_NO\nn_NO.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\pa_IN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\pa_IN\pa_IN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\pl_PL\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\pl_PL\pl_PL.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\pt_BR\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\pt_BR\pt_BR.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\pt_PT\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\pt_PT\pt_PT.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ro_RO\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ro_RO\ro_RO.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ru_RU\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ru_RU\ru_RU.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\si_LK\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\si_LK\si_LK.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sk_SK\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sk_SK\sk_SK.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sl_SI\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sl_SI\sl_SI.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sq_AL\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sq_AL\sq_AL.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sr_RS\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sr_RS\sr_RS.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sv_SE\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sv_SE\messages.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\sv_SE\sv_SE.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ta_IN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ta_IN\ta_IN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\th_TH\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\th_TH\th_TH.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\tl_PH\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\tl_PH\tl_PH.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\tr_TR\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\tr_TR\tr_TR.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\uk_UA\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\uk_UA\uk_UA.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ur_PK\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\ur_PK\ur_PK.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\vi_VN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\vi_VN\vi_VN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\zh_CN\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\zh_CN\zh_CN.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\zh_TW\lastpass.mo
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\languages\zh_TW\zh_TW.xpm
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\login.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\login.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\login_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\login_small.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\login_small_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\login_small24.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\login1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\login23.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\logo.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\logo_big.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_ie.zip
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_languages.zip
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip17.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip18.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip22.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip25.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip3.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip4.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip46.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip5.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip52.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lp_toolstrip6.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\lpfulllib.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\LPIEHome.ocx
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\LPPlugin.dll
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\LPToolbar.dll
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\manifest.json
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\mathfail.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\menu.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\menu.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\menu.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\menu1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\menuheader.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\menuscript.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\min.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\namedpipes.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\newvault.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\notification.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\notify.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\nplastpass.dll
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\omnikey.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\omnikey_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\omnikey1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\omnikey3.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\onloadwff.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\orangealert.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\otp.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\overlay.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\overlay.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\overlay1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\partner.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popover.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popover.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popover_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popover1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popover29.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popover7.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popupfilltab.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popupfilltab.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popupfilltab.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popupfilltab_common.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\popupfilltab_cs.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\prefs.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\prefs.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\prefs.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\prefs_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\prefs1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\print_choose.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\print_choose_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\print_choose1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\print_choose3.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\programfiles.txt
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\push_client.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\q3Jrp.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\reenter_password.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\reenter_password_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\reenter_password14.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\reenter_password15.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\rsakeys.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\server.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\site.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\site.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\site_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\site1.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\site11.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\site21.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\sites.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\sorttable.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\spreadsheet.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\step2.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\styles.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\teststyle.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\textboxes.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\textboxes_small.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\throbber.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\toolstrip.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\trbg.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\treestyle.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\treestyle2.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ui-bg_flat_0_aaaaaa_40x100.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ui-bg_flat_75_ffffff_40x100.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ui-bg_glass_75_dadada_1x400.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ui-bg_glass_75_e6e6e6_1x400.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ui-bg_highlight-soft_75_cccccc_1x100.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ui-icons_222222_256x240.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\ui-icons_454545_256x240.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\vault.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\vault2.css
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\vaultcommonc.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\welcome.html
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\welcome_end.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\welcome4.js
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\WinBioStandalone.exe
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\x.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\x3.gif
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\xlarge.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\xlarge2.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\xlarge3.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\yubicoring16.png
c:\users\Peter\AppData\Roaming\Local\Temp\lptmp134677200\yubikeyicon2.jpg
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\staged\oyaynsno@taatm.edu
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\staged\oyaynsno@taatm.edu\bootstrap.js
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\staged\oyaynsno@taatm.edu\content\bg.js
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\staged\oyaynsno@taatm.edu\chrome.manifest
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\extensions\staged\oyaynsno@taatm.edu\install.rdf
c:\users\Peter\AppData\Roaming\poclbm
c:\users\Peter\AppData\Roaming\poclbm\poclbm.ini
c:\windows\SysWow64\64dlls.exe
c:\windows\SysWow64\intel64.exe
c:\windows\SysWow64\localsys64.exe
c:\windows\SysWow64\lsjdfh.exe
c:\windows\SysWow64\ntos.exe
c:\windows\SysWow64\oembios.exe
c:\windows\SysWow64\sdra64.exe
c:\windows\SysWow64\sdra73.exe
c:\windows\SysWow64\swin32.exe
c:\windows\SysWow64\twex.exe
c:\windows\SysWow64\twext.exe
c:\windows\SysWow64\win32avs.exe
c:\windows\SysWow64\wsnpoema.exe
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\userinit.exe
.
Nakažená kopie c:\windows\SysWow64\hid.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\hid.dll
.
Nakažená kopie c:\windows\SysWow64\midimap.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\midimap.dll
.
Nakažená kopie c:\windows\SysWow64\dsound.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\dsound.dll
.
Nakažená kopie c:\windows\SysWow64\netlogon.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\netlogon.dll
.
Nakažená kopie c:\windows\SysWow64\scecli.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\scecli.dll
.
Nakažená kopie c:\windows\SysWow64\comres.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\System32\comres.dll
.
Nakažená kopie c:\windows\SysWow64\lpk.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-05 do 2014-07-05 )))))))))))))))))))))))))))))))
.
.
2014-07-05 20:16 . 2014-07-05 20:18 -------- d-----w- c:\users\Peter\AppData\Local\temp
2014-07-05 20:16 . 2014-07-05 20:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-05 20:16 . 2014-07-05 20:16 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34C10EF9-4EDE-4DDE-AF47-00444F98C704}\offreg.dll
2014-07-05 20:11 . 2014-07-05 20:16 -------- d-----w- c:\windows\SysWow64
2014-07-05 18:25 . 2014-07-05 18:27 -------- d-----w- C:\AdwCleaner
2014-07-04 23:44 . 2014-07-04 23:55 -------- d-----w- C:\FRST
2014-07-04 23:37 . 2014-07-04 23:51 -------- d-----w- c:\programdata\HitmanPro
2014-07-04 21:58 . 2014-07-04 21:59 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-07-04 21:58 . 2014-07-04 21:58 -------- d-----w- c:\programdata\Malwarebytes
2014-07-04 21:31 . 2014-07-04 21:31 -------- d-----w- c:\users\Peter\AppData\Local\Apple Computer
2014-07-04 20:56 . 2014-07-04 20:56 -------- d-----w- c:\users\Peter\AppData\Roaming\ProductData
2014-07-04 20:55 . 2014-07-04 20:55 -------- d-----w- c:\programdata\ProductData
2014-07-04 20:55 . 2014-07-04 20:55 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-07-04 20:55 . 2014-07-04 20:56 -------- d-----w- c:\programdata\IObit
2014-07-04 20:54 . 2014-07-04 22:18 -------- d-----w- c:\program files\IObit
2014-07-04 20:54 . 2014-07-04 21:13 -------- d-----w- c:\users\Peter\AppData\Roaming\IObit
2014-07-04 20:52 . 2014-07-04 20:52 -------- d-----w- c:\windows\455F074C814E4520B69B5584BD90400C.TMP
2014-07-04 20:49 . 2014-07-04 20:49 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2014-07-04 20:15 . 2014-07-04 20:55 -------- d-----w- c:\users\Peter\AppData\Roaming\Apple Computer
2014-07-04 20:05 . 2014-07-04 20:06 -------- d-----w- c:\program files\FreeRapid-0.9u4
2014-07-04 13:47 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34C10EF9-4EDE-4DDE-AF47-00444F98C704}\mpengine.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-07-02 17:46 . 2014-07-02 17:46 -------- d-----w- c:\program files\QuickTime
2014-07-02 17:46 . 2014-07-02 17:46 -------- d-----w- c:\programdata\Apple Computer
2014-07-02 17:44 . 2014-07-02 17:44 -------- d-----w- c:\program files\Common Files\Apple
2014-07-02 17:44 . 2014-07-02 17:44 -------- d-----w- c:\users\Peter\AppData\Local\Apple
2014-07-02 17:44 . 2014-07-02 17:44 -------- d-----w- c:\program files\Apple Software Update
2014-06-23 18:23 . 2014-06-23 18:24 -------- d-----w- c:\users\Peter\AppData\Roaming\Dropbox
2014-06-22 18:38 . 2014-06-22 18:38 43152 ----a-w- c:\windows\avastSS.scr
2014-06-20 18:19 . 2014-07-04 22:13 -------- d-----w- c:\programdata\AppSnow
2014-06-20 18:18 . 2014-07-04 20:13 -------- d-----w- c:\programdata\4d66ec623310361d
2014-06-20 18:18 . 2014-06-20 18:18 -------- d-----w- c:\users\Peter\AppData\Local\Comodo
2014-06-20 18:18 . 2014-06-20 18:18 -------- d-----w- c:\users\HomeGroupUser$
2014-06-20 18:18 . 2014-06-20 18:18 -------- d-----w- c:\users\Guest
2014-06-20 18:18 . 2014-06-20 18:18 -------- d-----w- c:\users\Administrator
2014-06-20 18:17 . 2014-06-20 18:25 -------- d-----w- c:\programdata\InstallMate
2014-06-15 15:17 . 2014-06-15 15:44 -------- d-----w- c:\users\Peter\AppData\Roaming\Mnemosyne
2014-06-15 15:16 . 2014-06-15 15:51 -------- d-----w- c:\users\Peter\.matplotlib
2014-06-15 15:14 . 2014-06-15 15:14 -------- d-----w- c:\program files\Mnemosyne
2014-06-05 21:52 . 2014-06-05 21:52 -------- d-----w- c:\users\Peter\AppData\Roaming\WDC
2014-06-05 21:41 . 2014-06-05 21:56 -------- d-----w- c:\users\Peter\AppData\Roaming\com.wd.WDMyCloud
2014-06-05 21:41 . 2014-06-05 21:41 -------- d-----w- c:\program files\Western Digital
2014-06-05 21:40 . 2014-06-05 21:40 -------- d-----w- c:\program files\Bonjour Print Services
2014-06-05 21:39 . 2014-06-05 21:39 -------- d-----w- c:\programdata\Western Digital
2014-06-05 21:35 . 2014-06-05 21:40 -------- d-----w- c:\users\Peter\AppData\Local\Western Digital
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-22 18:38 260976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-04 3890208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 05:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMProbíhá stahování aktualizace...1338924290338]
2012-02-23 09:50 179576 ----a-w- c:\program files\Corel\CorelDRAW Graphics Suite X6\PHOTO-PAINT\DIM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2014-05-22 10:18 138096 ----atw- c:\users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2011-04-06 10:20 2154096 ----a-r- c:\program files\VIA\VIAudioi\VDeck\VDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 12:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 21:29 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Disk Mounter]
2014-06-04 19:25 279192 ----a-w- c:\program files\SmartDiskMounter\Smart Disk Mounter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 08:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-06-22 68312]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-04-03 315008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-05-30 108032]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-07-05 110296]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [2014-03-25 47176]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys [2014-03-25 63104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-11-01 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-06-22 777488]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-06-22 411680]
S2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;c:\program files\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 291840]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-06-22 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-06-22 67824]
S2 SmartDisk;SmartDisk;c:\program files\SmartDiskMounter\sdfs.sys [2014-05-30 74392]
S2 SmartDiskMounter;Smart Disk Mounter Service;c:\program files\SmartDiskMounter\sdfs.exe [2014-05-30 31896]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-03-29 27760]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 101352]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 317416]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-08-23 414824]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 1804400]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
2014-05-30 07:57 595968 ----a-w- c:\windows\System32\ie4uinit.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
2010-11-20 21:29 80720 ----a-w- c:\windows\System32\mscories.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-10 20:14 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\System32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Slick Savings - c:\users\Peter\AppData\Roaming\Slick Savings\CouponsHelper.exe
HKLM_ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
"ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.]
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\smss.exe
c:\windows\system32\csrss.exe
c:\windows\system32\wininit.exe
c:\windows\system32\csrss.exe
c:\windows\system32\services.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\lsass.exe
c:\windows\system32\lsm.exe
c:\windows\system32\svchost.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\svchost.exe
c:\windows\System32\svchost.exe
c:\windows\System32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\atieclxx.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\svchost.exe
c:\windows\System32\svchost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\Dwm.exe
c:\windows\system32\wbem\wmiprvse.exe
c:\windows\system32\wbem\wmiprvse.exe
c:\windows\system32\conhost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\ctfmon.exe
c:\windows\system32\taskeng.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-07-05 22:21:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-05 20:21
ComboFix2.txt 2012-11-05 11:35
.
Před spuštěním: Volných bajtů: 23 535 919 104
Po spuštění: Volných bajtů: 23 566 188 544
.
- - End Of File - - 249DD1301DF2F6618A82B89A8E0CF0D7
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Ale ale, nakazene systemove procesy...


Postupujte podle navodu kolegy

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Postupujte podle navodu kolegy

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[Peter-turb]

22:48:46.0363 0x15b0 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
22:48:51.0351 0x15b0 ============================================================
22:48:51.0351 0x15b0 Current date / time: 2014/07/05 22:48:51.0351
22:48:51.0351 0x15b0 SystemInfo:
22:48:51.0352 0x15b0
22:48:51.0352 0x15b0 OS Version: 6.1.7601 ServicePack: 1.0
22:48:51.0352 0x15b0 Product type: Workstation
22:48:51.0352 0x15b0 ComputerName: PETER-TURB-PC
22:48:51.0352 0x15b0 UserName: Peter
22:48:51.0352 0x15b0 Windows directory: C:\Windows
22:48:51.0352 0x15b0 System windows directory: C:\Windows
22:48:51.0352 0x15b0 Processor architecture: Intel x86
22:48:51.0352 0x15b0 Number of processors: 2
22:48:51.0352 0x15b0 Page size: 0x1000
22:48:51.0352 0x15b0 Boot type: Normal boot
22:48:51.0352 0x15b0 ============================================================
22:48:53.0501 0x15b0 KLMD registered as C:\Windows\system32\drivers\57639120.sys
22:48:53.0956 0x15b0 System UUID: {A87A9B28-A096-D76F-AD59-2434F58349CA}
22:48:54.0467 0x15b0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:48:54.0474 0x15b0 Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:49:03.0276 0x15b0 Drive \Device\Harddisk2\DR2 - Size: 0x1E7800000 ( 7.62 Gb ), SectorSize: 0x200, Cylinders: 0x3E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:49:03.0278 0x15b0 ============================================================
22:49:03.0278 0x15b0 \Device\Harddisk0\DR0:
22:49:03.0300 0x15b0 MBR partitions:
22:49:03.0300 0x15b0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:49:03.0301 0x15b0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31D800
22:49:03.0301 0x15b0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x249F0000
22:49:03.0301 0x15b0 \Device\Harddisk1\DR1:
22:49:03.0302 0x15b0 MBR partitions:
22:49:03.0302 0x15b0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xAEA86702
22:49:03.0302 0x15b0 \Device\Harddisk2\DR2:
22:49:03.0303 0x15b0 MBR partitions:
22:49:03.0304 0x15b0 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x610, BlocksNum 0xF3B9F0
22:49:03.0304 0x15b0 ============================================================
22:49:03.0330 0x15b0 C: <-> \Device\Harddisk0\DR0\Partition2
22:49:03.0390 0x15b0 D: <-> \Device\Harddisk0\DR0\Partition3
22:49:03.0392 0x15b0 F: <-> \Device\Harddisk1\DR1\Partition1
22:49:03.0436 0x15b0 H: <-> \Device\Harddisk0\DR0\Partition1
22:49:03.0437 0x15b0 ============================================================
22:49:03.0437 0x15b0 Initialize success
22:49:03.0437 0x15b0 ============================================================
22:49:54.0123 0x10b0 ============================================================
22:49:54.0123 0x10b0 Scan started
22:49:54.0123 0x10b0 Mode: Manual; SigCheck; TDLFS;
22:49:54.0123 0x10b0 ============================================================
22:49:54.0123 0x10b0 KSN ping started
22:49:56.0922 0x10b0 KSN ping finished: true
22:49:58.0448 0x10b0 ================ Scan system memory ========================
22:49:58.0448 0x10b0 System memory - ok
22:49:58.0449 0x10b0 ================ Scan services =============================
22:49:58.0640 0x10b0 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:49:58.0705 0x10b0 1394ohci - ok
22:49:58.0808 0x10b0 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - ok
22:49:58.0847 0x10b0 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:49:58.0869 0x10b0 ACPI - ok
22:49:58.0899 0x10b0 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:49:58.0923 0x10b0 AcpiPmi - ok
22:49:59.0023 0x10b0 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:49:59.0055 0x10b0 AdobeARMservice - ok
22:49:59.0098 0x10b0 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:49:59.0122 0x10b0 adp94xx - ok
22:49:59.0158 0x10b0 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:49:59.0177 0x10b0 adpahci - ok
22:49:59.0211 0x10b0 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:49:59.0225 0x10b0 adpu320 - ok
22:49:59.0257 0x10b0 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:49:59.0291 0x10b0 AeLookupSvc - ok
22:49:59.0339 0x10b0 [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD C:\Windows\system32\drivers\afd.sys
22:49:59.0365 0x10b0 AFD - ok
22:49:59.0399 0x10b0 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
22:49:59.0411 0x10b0 agp440 - ok
22:49:59.0447 0x10b0 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:49:59.0478 0x10b0 aic78xx - ok
22:49:59.0530 0x10b0 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
22:49:59.0608 0x10b0 ALG - ok
22:49:59.0665 0x10b0 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
22:49:59.0689 0x10b0 aliide - ok
22:49:59.0732 0x10b0 [ FF794EC143F166349B49CF13507311D2, 663BD2FB83235185BE918DEAB9FDA5D7DD526BE4447E1496262B009972F8945B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:49:59.0769 0x10b0 AMD External Events Utility - ok
22:49:59.0852 0x10b0 AMD FUEL Service - ok
22:49:59.0884 0x10b0 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:49:59.0911 0x10b0 amdagp - ok
22:49:59.0941 0x10b0 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
22:49:59.0953 0x10b0 amdide - ok
22:49:59.0964 0x10b0 [ FF258424F0B2EF25EB98F04EE386E6E3, 09DC3854BF0D52FB80AB08DC4E0DD4A9E37ACAA500083A56F9836C837EBCFA82 ] amdiox86 C:\Windows\system32\DRIVERS\amdiox86.sys
22:49:59.0981 0x10b0 amdiox86 - ok
22:49:59.0996 0x10b0 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:50:00.0019 0x10b0 AmdK8 - ok
22:50:00.0051 0x10b0 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:50:00.0065 0x10b0 AmdPPM - ok
22:50:00.0110 0x10b0 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:50:00.0124 0x10b0 amdsata - ok
22:50:00.0147 0x10b0 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:50:00.0164 0x10b0 amdsbs - ok
22:50:00.0184 0x10b0 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:50:00.0196 0x10b0 amdxata - ok
22:50:00.0220 0x10b0 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
22:50:00.0260 0x10b0 AppID - ok
22:50:00.0323 0x10b0 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:50:00.0360 0x10b0 AppIDSvc - ok
22:50:00.0395 0x10b0 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
22:50:00.0420 0x10b0 Appinfo - ok
22:50:00.0451 0x10b0 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:50:00.0467 0x10b0 AppMgmt - ok
22:50:00.0491 0x10b0 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
22:50:00.0504 0x10b0 arc - ok
22:50:00.0549 0x10b0 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:50:00.0565 0x10b0 arcsas - ok
22:50:00.0612 0x10b0 [ A3938D491EAEE2B83D3A3631C3273182, E36FAE3399436170DC61C1D81372AEF655937DFABF10853410B5119A7706CA69 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
22:50:00.0646 0x10b0 asmthub3 - ok
22:50:00.0697 0x10b0 [ FE5FFED1DBA8DA0C9064202207301BA4, F6836A6500B5AF0BC21E73AF4FAB0D2CE1957ED567C3240FE96F3B0289F27DC6 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
22:50:00.0747 0x10b0 asmtxhci - ok
22:50:00.0954 0x10b0 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:50:00.0981 0x10b0 aspnet_state - ok
22:50:01.0053 0x10b0 [ 4D6C6E0505A8E5A0656DCB223497D37C, 7F9457AF4B6E4FC6C4F77BD39DB5EB5520C44D22974B9781EA0F984D6830637C ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
22:50:01.0069 0x10b0 aswHwid - ok
22:50:01.0117 0x10b0 [ 1A2CC93BBD77C2D95A7567938D7D7239, DD082ACA011DA63CC1A69BAD8C42B9DA3A9975194D87B5584A39C91ED92341E3 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:50:01.0135 0x10b0 aswMonFlt - ok
22:50:01.0169 0x10b0 [ 9A646294396BBCDF29CF1CB4B1B0D68B, 7529E19DC637CF5FF6E12A7D82F971F0BF6BB3930B72118C6B0FED76EF9CED98 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
22:50:01.0183 0x10b0 aswRdr - ok
22:50:01.0200 0x10b0 [ 24B3BDA01DB3A704E33A5266C7B52DAF, FB2555504570E8FD6AA251BE9D05EDC2B73596EF830384130556EC64E518FE65 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
22:50:01.0213 0x10b0 aswRvrt - ok
22:50:01.0258 0x10b0 [ D13182758BAC9B4996D592E7684C9267, 8CDF8F3962659A6F3AE77AD9A4982E2D754E0DE3610BE26985444A4DCCDF181A ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:50:01.0300 0x10b0 aswSnx - ok
22:50:01.0361 0x10b0 [ D1A68A33B082FA1C7087CE54A7923D90, 9B776122078044A1336D0E7C5F3F016BC7196571DBF379F804AF70C49D642714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:50:01.0389 0x10b0 aswSP - ok
22:50:01.0438 0x10b0 [ 8B54399E3EC1150FA461837E60816812, F03E7C3BED19F2069910D4214066051E0D2269D48271B03955B746F41F128CE0 ] aswStm C:\Windows\system32\drivers\aswStm.sys
22:50:01.0451 0x10b0 aswStm - ok
22:50:01.0490 0x10b0 [ B2D7EE52633CA8831DDAFCA81C2D46C3, 017C6C376520380F29AF465F1464C3652D421C4B873B7AC2647498F356032361 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
22:50:01.0512 0x10b0 aswVmm - ok
22:50:01.0526 0x10b0 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:50:01.0550 0x10b0 AsyncMac - ok
22:50:01.0585 0x10b0 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
22:50:01.0596 0x10b0 atapi - ok
22:50:01.0646 0x10b0 [ 84FAF3D287D56D210F84DB7C1349D43B, BF5660AFCA58D853179BCF7CAAC469C525AEE07F60DA7F030D0AB585593FAAA5 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
22:50:01.0661 0x10b0 AtiHDAudioService - ok
22:50:01.0707 0x10b0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:50:01.0758 0x10b0 AudioEndpointBuilder - ok
22:50:01.0772 0x10b0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:50:01.0807 0x10b0 Audiosrv - ok
22:50:01.0851 0x10b0 [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:50:01.0862 0x10b0 avast! Antivirus - ok
22:50:01.0903 0x10b0 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:50:01.0932 0x10b0 AxInstSV - ok
22:50:01.0980 0x10b0 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
22:50:02.0013 0x10b0 b06bdrv - ok
22:50:02.0055 0x10b0 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:50:02.0074 0x10b0 b57nd60x - ok
22:50:02.0108 0x10b0 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
22:50:02.0141 0x10b0 BDESVC - ok
22:50:02.0183 0x10b0 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
22:50:02.0212 0x10b0 Beep - ok
22:50:02.0257 0x10b0 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
22:50:02.0303 0x10b0 BFE - ok
22:50:02.0354 0x10b0 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
22:50:02.0398 0x10b0 BITS - ok
22:50:02.0416 0x10b0 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:50:02.0445 0x10b0 blbdrive - ok
22:50:02.0519 0x10b0 [ F832F1505AD8B83474BD9A5B1B985E01, 205D9F237DD50FDF84F57CC53476B5ADB218A03A8B68B017AFF7CBD0DCAC71C4 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:50:02.0540 0x10b0 Bonjour Service - ok
22:50:02.0642 0x10b0 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:50:02.0677 0x10b0 bowser - ok
22:50:02.0709 0x10b0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:50:02.0770 0x10b0 BrFiltLo - ok
22:50:02.0782 0x10b0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:50:02.0798 0x10b0 BrFiltUp - ok
22:50:02.0867 0x10b0 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:50:02.0922 0x10b0 BridgeMP - ok
22:50:02.0964 0x10b0 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
22:50:02.0979 0x10b0 Browser - ok
22:50:03.0007 0x10b0 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:50:03.0034 0x10b0 Brserid - ok
22:50:03.0072 0x10b0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:50:03.0122 0x10b0 BrSerWdm - ok
22:50:03.0139 0x10b0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:50:03.0154 0x10b0 BrUsbMdm - ok
22:50:03.0166 0x10b0 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:50:03.0189 0x10b0 BrUsbSer - ok
22:50:03.0201 0x10b0 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:50:03.0225 0x10b0 BTHMODEM - ok
22:50:03.0266 0x10b0 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
22:50:03.0303 0x10b0 bthserv - ok
22:50:03.0392 0x10b0 catchme - ok
22:50:03.0429 0x10b0 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:50:03.0470 0x10b0 cdfs - ok
22:50:03.0509 0x10b0 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:50:03.0540 0x10b0 cdrom - ok
22:50:03.0604 0x10b0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
22:50:03.0656 0x10b0 CertPropSvc - ok
22:50:03.0682 0x10b0 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
22:50:03.0700 0x10b0 circlass - ok
22:50:03.0723 0x10b0 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
22:50:03.0740 0x10b0 CLFS - ok
22:50:03.0894 0x10b0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:50:03.0923 0x10b0 clr_optimization_v2.0.50727_32 - ok
22:50:03.0966 0x10b0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:50:03.0987 0x10b0 clr_optimization_v4.0.30319_32 - ok
22:50:04.0013 0x10b0 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:50:04.0050 0x10b0 CmBatt - ok
22:50:04.0089 0x10b0 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:50:04.0119 0x10b0 cmdide - ok
22:50:04.0152 0x10b0 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
22:50:04.0183 0x10b0 CNG - ok
22:50:04.0207 0x10b0 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:50:04.0218 0x10b0 Compbatt - ok
22:50:04.0248 0x10b0 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:50:04.0277 0x10b0 CompositeBus - ok
22:50:04.0289 0x10b0 COMSysApp - ok
22:50:04.0324 0x10b0 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:50:04.0338 0x10b0 crcdisk - ok
22:50:04.0374 0x10b0 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:50:04.0395 0x10b0 CryptSvc - ok
22:50:04.0424 0x10b0 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
22:50:04.0459 0x10b0 CSC - ok
22:50:04.0504 0x10b0 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
22:50:04.0546 0x10b0 CscService - ok
22:50:04.0583 0x10b0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
22:50:04.0618 0x10b0 DcomLaunch - ok
22:50:04.0653 0x10b0 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
22:50:04.0697 0x10b0 defragsvc - ok
22:50:04.0720 0x10b0 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:50:04.0758 0x10b0 DfsC - ok
22:50:04.0827 0x10b0 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:50:04.0863 0x10b0 Dhcp - ok
22:50:04.0878 0x10b0 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
22:50:04.0912 0x10b0 discache - ok
22:50:04.0956 0x10b0 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys
22:50:04.0972 0x10b0 Disk - ok
22:50:04.0989 0x10b0 [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:50:05.0019 0x10b0 dmvsc - ok
22:50:05.0048 0x10b0 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:50:05.0078 0x10b0 Dnscache - ok
22:50:05.0107 0x10b0 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
22:50:05.0148 0x10b0 dot3svc - ok
22:50:05.0182 0x10b0 [ B5E479EB83707DD698F66953E922042C, 82891A4699F180A20EB25A0EC49A7E008B007A374BAA3279483AC1C95D125FE8 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
22:50:05.0211 0x10b0 dot4 - ok
22:50:05.0231 0x10b0 [ CAEFD09B6A6249C53A67D55A9A9FCABF, A76C951EA8A830E5BA22D8D393A946BBAEEDB76478539F647E58199B383F786B ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:50:05.0266 0x10b0 Dot4Print - ok
22:50:05.0287 0x10b0 [ CF491FF38D62143203C065260567E2F7, 4315FD8FC88CF627EBE469A2DF0F280B17C95D3004FC7A93D6F8E47F0D91A037 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
22:50:05.0317 0x10b0 dot4usb - ok
22:50:05.0389 0x10b0 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
22:50:05.0434 0x10b0 DPS - ok
22:50:05.0474 0x10b0 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:50:05.0498 0x10b0 drmkaud - ok
22:50:05.0582 0x10b0 [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:50:05.0627 0x10b0 DXGKrnl - ok
22:50:05.0686 0x10b0 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
22:50:05.0726 0x10b0 EapHost - ok
22:50:05.0866 0x10b0 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
22:50:06.0004 0x10b0 ebdrv - ok
22:50:06.0043 0x10b0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe
22:50:06.0056 0x10b0 EFS - ok
22:50:06.0128 0x10b0 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:50:06.0159 0x10b0 ehRecvr - ok
22:50:06.0169 0x10b0 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
22:50:06.0193 0x10b0 ehSched - ok
22:50:06.0246 0x10b0 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:50:06.0268 0x10b0 elxstor - ok
22:50:06.0280 0x10b0 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:50:06.0302 0x10b0 ErrDev - ok
22:50:06.0347 0x10b0 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
22:50:06.0378 0x10b0 EventSystem - ok
22:50:06.0398 0x10b0 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
22:50:06.0425 0x10b0 exfat - ok
22:50:06.0463 0x10b0 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:50:06.0512 0x10b0 fastfat - ok
22:50:06.0569 0x10b0 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
22:50:06.0614 0x10b0 Fax - ok
22:50:06.0630 0x10b0 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys
22:50:06.0644 0x10b0 fdc - ok
22:50:06.0679 0x10b0 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
22:50:06.0762 0x10b0 fdPHost - ok
22:50:06.0786 0x10b0 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
22:50:06.0852 0x10b0 FDResPub - ok
22:50:06.0881 0x10b0 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:50:06.0895 0x10b0 FileInfo - ok
22:50:06.0904 0x10b0 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:50:06.0929 0x10b0 Filetrace - ok
22:50:06.0942 0x10b0 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:50:06.0955 0x10b0 flpydisk - ok
22:50:06.0980 0x10b0 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:50:06.0996 0x10b0 FltMgr - ok
22:50:07.0057 0x10b0 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
22:50:07.0109 0x10b0 FontCache - ok
22:50:07.0207 0x10b0 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:50:07.0225 0x10b0 FontCache3.0.0.0 - ok
22:50:07.0240 0x10b0 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:50:07.0252 0x10b0 FsDepends - ok
22:50:07.0288 0x10b0 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:50:07.0300 0x10b0 Fs_Rec - ok
22:50:07.0347 0x10b0 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:50:07.0368 0x10b0 fvevol - ok
22:50:07.0428 0x10b0 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:50:07.0443 0x10b0 gagp30kx - ok
22:50:07.0497 0x10b0 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
22:50:07.0554 0x10b0 gpsvc - ok
22:50:07.0627 0x10b0 gupdate - ok
22:50:07.0638 0x10b0 gupdatem - ok
22:50:07.0679 0x10b0 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:50:07.0694 0x10b0 gusvc - ok
22:50:07.0718 0x10b0 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:50:07.0733 0x10b0 hcw85cir - ok
22:50:07.0785 0x10b0 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:50:07.0819 0x10b0 HdAudAddService - ok
22:50:07.0846 0x10b0 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:50:07.0872 0x10b0 HDAudBus - ok
22:50:07.0891 0x10b0 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:50:07.0915 0x10b0 HidBatt - ok
22:50:07.0953 0x10b0 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:50:07.0981 0x10b0 HidBth - ok
22:50:08.0011 0x10b0 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
22:50:08.0037 0x10b0 HidIr - ok
22:50:08.0061 0x10b0 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
22:50:08.0106 0x10b0 hidserv - ok
22:50:08.0174 0x10b0 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:50:08.0203 0x10b0 HidUsb - ok
22:50:08.0230 0x10b0 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
22:50:08.0259 0x10b0 hkmsvc - ok
22:50:08.0279 0x10b0 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:50:08.0322 0x10b0 HomeGroupListener - ok
22:50:08.0382 0x10b0 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:50:08.0414 0x10b0 HomeGroupProvider - ok
22:50:08.0453 0x10b0 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:50:08.0465 0x10b0 HpSAMD - ok
22:50:08.0494 0x10b0 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:50:08.0532 0x10b0 HTTP - ok
22:50:08.0564 0x10b0 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:50:08.0586 0x10b0 hwpolicy - ok
22:50:08.0637 0x10b0 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:50:08.0678 0x10b0 i8042prt - ok
22:50:08.0731 0x10b0 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:50:08.0754 0x10b0 iaStorV - ok
22:50:08.0850 0x10b0 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:50:08.0884 0x10b0 idsvc - ok
22:50:08.0910 0x10b0 IEEtwCollectorService - ok
22:50:08.0946 0x10b0 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:50:08.0959 0x10b0 iirsp - ok
22:50:09.0009 0x10b0 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
22:50:09.0043 0x10b0 IKEEXT - ok
22:50:09.0064 0x10b0 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
22:50:09.0076 0x10b0 intelide - ok
22:50:09.0116 0x10b0 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\drivers\intelppm.sys
22:50:09.0131 0x10b0 intelppm - ok
22:50:09.0166 0x10b0 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:50:09.0193 0x10b0 IPBusEnum - ok
22:50:09.0208 0x10b0 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:50:09.0242 0x10b0 IpFilterDriver - ok
22:50:09.0302 0x10b0 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:50:09.0330 0x10b0 iphlpsvc - ok
22:50:09.0346 0x10b0 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:50:09.0362 0x10b0 IPMIDRV - ok
22:50:09.0391 0x10b0 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:50:09.0423 0x10b0 IPNAT - ok
22:50:09.0451 0x10b0 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:50:09.0476 0x10b0 IRENUM - ok
22:50:09.0503 0x10b0 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:50:09.0514 0x10b0 isapnp - ok
22:50:09.0552 0x10b0 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:50:09.0569 0x10b0 iScsiPrt - ok
22:50:09.0592 0x10b0 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:50:09.0603 0x10b0 kbdclass - ok
22:50:09.0640 0x10b0 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:50:09.0660 0x10b0 kbdhid - ok
22:50:09.0698 0x10b0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe
22:50:09.0712 0x10b0 KeyIso - ok
22:50:09.0737 0x10b0 [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:50:09.0770 0x10b0 KSecDD - ok
22:50:09.0790 0x10b0 [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:50:09.0804 0x10b0 KSecPkg - ok
22:50:09.0837 0x10b0 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:50:09.0872 0x10b0 KtmRm - ok
22:50:09.0921 0x10b0 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:50:09.0963 0x10b0 LanmanServer - ok
22:50:09.0995 0x10b0 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:50:10.0037 0x10b0 LanmanWorkstation - ok
22:50:10.0188 0x10b0 [ FA149A9A6DDDCC222865077D07DD1C51, 4E70A024E4A2D5862425DD8A227EF0AE9B562099CDDC40FA7E15E19AA6CC8E47 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
22:50:10.0244 0x10b0 LiveUpdateSvc - ok
22:50:10.0293 0x10b0 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:50:10.0335 0x10b0 lltdio - ok
22:50:10.0358 0x10b0 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:50:10.0406 0x10b0 lltdsvc - ok
22:50:10.0420 0x10b0 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:50:10.0450 0x10b0 lmhosts - ok
22:50:10.0470 0x10b0 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:50:10.0483 0x10b0 LSI_FC - ok
22:50:10.0523 0x10b0 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:50:10.0536 0x10b0 LSI_SAS - ok
22:50:10.0551 0x10b0 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:50:10.0563 0x10b0 LSI_SAS2 - ok
22:50:10.0577 0x10b0 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:50:10.0591 0x10b0 LSI_SCSI - ok
22:50:10.0615 0x10b0 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
22:50:10.0657 0x10b0 luafv - ok
22:50:10.0693 0x10b0 [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:50:10.0708 0x10b0 MBAMSwissArmy - ok
22:50:10.0740 0x10b0 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:50:10.0757 0x10b0 Mcx2Svc - ok
22:50:10.0792 0x10b0 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
22:50:10.0805 0x10b0 megasas - ok
22:50:10.0837 0x10b0 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:50:10.0857 0x10b0 MegaSR - ok
22:50:10.0882 0x10b0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
22:50:10.0927 0x10b0 MMCSS - ok
22:50:10.0958 0x10b0 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
22:50:11.0003 0x10b0 Modem - ok
22:50:11.0024 0x10b0 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:50:11.0048 0x10b0 monitor - ok
22:50:11.0076 0x10b0 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:50:11.0088 0x10b0 mouclass - ok
22:50:11.0120 0x10b0 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:50:11.0146 0x10b0 mouhid - ok
22:50:11.0168 0x10b0 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:50:11.0182 0x10b0 mountmgr - ok
22:50:11.0258 0x10b0 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:50:11.0272 0x10b0 MozillaMaintenance - ok
22:50:11.0286 0x10b0 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
22:50:11.0300 0x10b0 mpio - ok
22:50:11.0324 0x10b0 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:50:11.0348 0x10b0 mpsdrv - ok
22:50:11.0389 0x10b0 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:50:11.0446 0x10b0 MpsSvc - ok
22:50:11.0472 0x10b0 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:50:11.0489 0x10b0 MRxDAV - ok
22:50:11.0536 0x10b0 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:50:11.0621 0x10b0 mrxsmb - ok
22:50:11.0665 0x10b0 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:50:11.0699 0x10b0 mrxsmb10 - ok
22:50:11.0715 0x10b0 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:50:11.0730 0x10b0 mrxsmb20 - ok
22:50:11.0738 0x10b0 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
22:50:11.0750 0x10b0 msahci - ok
22:50:11.0778 0x10b0 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:50:11.0793 0x10b0 msdsm - ok
22:50:11.0817 0x10b0 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
22:50:11.0851 0x10b0 MSDTC - ok
22:50:11.0880 0x10b0 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:50:11.0905 0x10b0 Msfs - ok
22:50:11.0939 0x10b0 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:50:11.0965 0x10b0 mshidkmdf - ok
22:50:11.0972 0x10b0 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:50:11.0983 0x10b0 msisadrv - ok
22:50:12.0014 0x10b0 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:50:12.0042 0x10b0 MSiSCSI - ok
22:50:12.0046 0x10b0 msiserver - ok
22:50:12.0068 0x10b0 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:50:12.0104 0x10b0 MSKSSRV - ok
22:50:12.0145 0x10b0 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:50:12.0183 0x10b0 MSPCLOCK - ok
22:50:12.0187 0x10b0 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:50:12.0210 0x10b0 MSPQM - ok
22:50:12.0234 0x10b0 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:50:12.0249 0x10b0 MsRPC - ok
22:50:12.0262 0x10b0 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:50:12.0273 0x10b0 mssmbios - ok
22:50:12.0292 0x10b0 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:50:12.0316 0x10b0 MSTEE - ok
22:50:12.0346 0x10b0 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:50:12.0365 0x10b0 MTConfig - ok
22:50:12.0386 0x10b0 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
22:50:12.0398 0x10b0 Mup - ok
22:50:12.0436 0x10b0 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
22:50:12.0478 0x10b0 napagent - ok
22:50:12.0521 0x10b0 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:50:12.0548 0x10b0 NativeWifiP - ok
22:50:12.0602 0x10b0 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:50:12.0628 0x10b0 NDIS - ok
22:50:12.0673 0x10b0 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:50:12.0709 0x10b0 NdisCap - ok
22:50:12.0733 0x10b0 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:50:12.0766 0x10b0 NdisTapi - ok
22:50:12.0811 0x10b0 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:50:12.0845 0x10b0 Ndisuio - ok
22:50:12.0867 0x10b0 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:50:12.0904 0x10b0 NdisWan - ok
22:50:12.0926 0x10b0 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:50:12.0948 0x10b0 NDProxy - ok
22:50:12.0980 0x10b0 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:50:13.0018 0x10b0 NetBIOS - ok
22:50:13.0038 0x10b0 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:50:13.0066 0x10b0 NetBT - ok
22:50:13.0076 0x10b0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe
22:50:13.0089 0x10b0 Netlogon - ok
22:50:13.0128 0x10b0 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
22:50:13.0162 0x10b0 Netman - ok
22:50:13.0224 0x10b0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:50:13.0253 0x10b0 NetMsmqActivator - ok
22:50:13.0285 0x10b0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:50:13.0301 0x10b0 NetPipeActivator - ok
22:50:13.0341 0x10b0 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
22:50:13.0387 0x10b0 netprofm - ok
22:50:13.0418 0x10b0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:50:13.0434 0x10b0 NetTcpActivator - ok
22:50:13.0441 0x10b0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:50:13.0458 0x10b0 NetTcpPortSharing - ok
22:50:13.0488 0x10b0 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:50:13.0500 0x10b0 nfrd960 - ok
22:50:13.0535 0x10b0 [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:50:13.0597 0x10b0 NlaSvc - ok
22:50:13.0626 0x10b0 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:50:13.0678 0x10b0 Npfs - ok
22:50:13.0720 0x10b0 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
22:50:13.0788 0x10b0 nsi - ok
22:50:13.0803 0x10b0 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:50:13.0837 0x10b0 nsiproxy - ok
22:50:13.0903 0x10b0 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:50:13.0941 0x10b0 Ntfs - ok
22:50:13.0964 0x10b0 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
22:50:13.0987 0x10b0 Null - ok
22:50:14.0027 0x10b0 [ A103F2A100B091809A120A1463BC9EB5, DB9219AAD43C3FE3EFBB70F213568DA87B4F9D89FA0F80AD73611C6A72BACC0E ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
22:50:14.0043 0x10b0 NVHDA - ok
22:50:14.0386 0x10b0 [ 0B2E7B39411FAA44EBDA76FB38673964, 8842012A77FACBE7E9D5A3CF6675E55D4CF10022B5F9F4D6B570BB62AC1940B2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:50:14.0740 0x10b0 nvlddmkm - ok
22:50:14.0788 0x10b0 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:50:14.0801 0x10b0 nvraid - ok
22:50:14.0815 0x10b0 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:50:14.0829 0x10b0 nvstor - ok
22:50:14.0874 0x10b0 [ 439FD6A5A34113388C51C48D0E5092AA, 4C25AB4788AEFDEDBD4B9DD351AE6AA0AC816633F81FF5EBEA9067497E39D843 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:50:14.0903 0x10b0 nvsvc - ok
22:50:14.0994 0x10b0 [ E3C7676582502C5E4BB9288C3617AB59, 0FCFB480FF4F1C005AE6DC4F9D32907A7BAD22EB5477680965A84E9DF817483B ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:50:15.0039 0x10b0 nvUpdatusService - ok
22:50:15.0061 0x10b0 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:50:15.0074 0x10b0 nv_agp - ok
22:50:15.0101 0x10b0 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:50:15.0127 0x10b0 ohci1394 - ok
22:50:15.0168 0x10b0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:50:15.0190 0x10b0 p2pimsvc - ok
22:50:15.0228 0x10b0 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
22:50:15.0252 0x10b0 p2psvc - ok
22:50:15.0280 0x10b0 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys
22:50:15.0295 0x10b0 Parport - ok
22:50:15.0323 0x10b0 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:50:15.0335 0x10b0 partmgr - ok
22:50:15.0371 0x10b0 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:50:15.0385 0x10b0 Parvdm - ok
22:50:15.0423 0x10b0 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:50:15.0447 0x10b0 PcaSvc - ok
22:50:15.0468 0x10b0 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
22:50:15.0482 0x10b0 pci - ok
22:50:15.0507 0x10b0 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
22:50:15.0519 0x10b0 pciide - ok
22:50:15.0561 0x10b0 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:50:15.0593 0x10b0 pcmcia - ok
22:50:15.0607 0x10b0 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
22:50:15.0619 0x10b0 pcw - ok
22:50:15.0732 0x10b0 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:50:15.0804 0x10b0 PEAUTH - ok
22:50:15.0862 0x10b0 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:50:15.0921 0x10b0 PeerDistSvc - ok
22:50:16.0010 0x10b0 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
22:50:16.0093 0x10b0 pla - ok
22:50:16.0164 0x10b0 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:50:16.0214 0x10b0 PlugPlay - ok
22:50:16.0243 0x10b0 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:50:16.0273 0x10b0 PNRPAutoReg - ok
22:50:16.0301 0x10b0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:50:16.0322 0x10b0 PNRPsvc - ok
22:50:16.0379 0x10b0 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:50:16.0429 0x10b0 PolicyAgent - ok
22:50:16.0465 0x10b0 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
22:50:16.0505 0x10b0 Power - ok
22:50:16.0549 0x10b0 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:50:16.0603 0x10b0 PptpMiniport - ok
22:50:16.0625 0x10b0 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
22:50:16.0651 0x10b0 Processor - ok
22:50:16.0700 0x10b0 [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:50:16.0732 0x10b0 ProfSvc - ok
22:50:16.0754 0x10b0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:50:16.0767 0x10b0 ProtectedStorage - ok
22:50:16.0790 0x10b0 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:50:16.0832 0x10b0 Psched - ok
22:50:16.0921 0x10b0 [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
22:50:16.0942 0x10b0 PSI_SVC_2 - ok
22:50:17.0006 0x10b0 [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:50:17.0022 0x10b0 PxHelp20 - ok
22:50:17.0085 0x10b0 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:50:17.0138 0x10b0 ql2300 - ok
22:50:17.0159 0x10b0 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:50:17.0172 0x10b0 ql40xx - ok
22:50:17.0207 0x10b0 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
22:50:17.0244 0x10b0 QWAVE - ok
22:50:17.0259 0x10b0 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:50:17.0275 0x10b0 QWAVEdrv - ok
22:50:17.0308 0x10b0 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:50:17.0335 0x10b0 RasAcd - ok
22:50:17.0369 0x10b0 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:50:17.0393 0x10b0 RasAgileVpn - ok
22:50:17.0425 0x10b0 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
22:50:17.0454 0x10b0 RasAuto - ok
22:50:17.0472 0x10b0 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:50:17.0506 0x10b0 Rasl2tp - ok
22:50:17.0545 0x10b0 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
22:50:17.0599 0x10b0 RasMan - ok
22:50:17.0646 0x10b0 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:50:17.0685 0x10b0 RasPppoe - ok
22:50:17.0729 0x10b0 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:50:17.0772 0x10b0 RasSstp - ok
22:50:17.0790 0x10b0 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:50:17.0819 0x10b0 rdbss - ok
22:50:17.0852 0x10b0 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:50:17.0868 0x10b0 rdpbus - ok
22:50:17.0879 0x10b0 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:50:17.0902 0x10b0 RDPCDD - ok
22:50:17.0926 0x10b0 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:50:17.0942 0x10b0 RDPDR - ok
22:50:17.0967 0x10b0 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:50:18.0012 0x10b0 RDPENCDD - ok
22:50:18.0042 0x10b0 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:50:18.0076 0x10b0 RDPREFMP - ok
22:50:18.0101 0x10b0 [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:50:18.0133 0x10b0 RDPWD - ok
22:50:18.0164 0x10b0 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:50:18.0179 0x10b0 rdyboost - ok
22:50:18.0207 0x10b0 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:50:18.0233 0x10b0 RemoteAccess - ok
22:50:18.0256 0x10b0 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:50:18.0285 0x10b0 RemoteRegistry - ok
22:50:18.0314 0x10b0 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:50:18.0361 0x10b0 RpcEptMapper - ok
22:50:18.0389 0x10b0 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
22:50:18.0412 0x10b0 RpcLocator - ok
22:50:18.0440 0x10b0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
22:50:18.0477 0x10b0 RpcSs - ok
22:50:18.0525 0x10b0 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:50:18.0561 0x10b0 rspndr - ok
22:50:18.0690 0x10b0 [ 3849D5D73BDD9B7BC4E3305DDC345B2C, CCB81EB36DB8A7027EAB0C5BA28D77694AD25BD11A222B4B6BF3932E284F77A1 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
22:50:18.0739 0x10b0 RTL8167 - ok
22:50:18.0782 0x10b0 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:50:18.0796 0x10b0 s3cap - ok
22:50:18.0810 0x10b0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe
22:50:18.0831 0x10b0 SamSs - ok
22:50:18.0853 0x10b0 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:50:18.0865 0x10b0 sbp2port - ok
22:50:18.0902 0x10b0 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:50:18.0950 0x10b0 SCardSvr - ok
22:50:18.0970 0x10b0 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:50:18.0994 0x10b0 scfilter - ok
22:50:19.0063 0x10b0 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
22:50:19.0111 0x10b0 Schedule - ok
22:50:19.0125 0x10b0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:50:19.0150 0x10b0 SCPolicySvc - ok
22:50:19.0158 0x10b0 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:50:19.0184 0x10b0 SDRSVC - ok
22:50:19.0219 0x10b0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:50:19.0243 0x10b0 secdrv - ok
22:50:19.0275 0x10b0 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
22:50:19.0314 0x10b0 seclogon - ok
22:50:19.0336 0x10b0 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
22:50:19.0365 0x10b0 SENS - ok
22:50:19.0376 0x10b0 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:50:19.0402 0x10b0 SensrSvc - ok
22:50:19.0421 0x10b0 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:50:19.0448 0x10b0 Serenum - ok
22:50:19.0475 0x10b0 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:50:19.0506 0x10b0 Serial - ok
22:50:19.0524 0x10b0 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:50:19.0537 0x10b0 sermouse - ok
22:50:19.0575 0x10b0 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
22:50:19.0616 0x10b0 SessionEnv - ok
22:50:19.0637 0x10b0 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:50:19.0669 0x10b0 sffdisk - ok
22:50:19.0679 0x10b0 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:50:19.0702 0x10b0 sffp_mmc - ok
22:50:19.0723 0x10b0 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:50:19.0749 0x10b0 sffp_sd - ok
22:50:19.0760 0x10b0 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:50:19.0775 0x10b0 sfloppy - ok
22:50:19.0817 0x10b0 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:50:19.0859 0x10b0 SharedAccess - ok
22:50:19.0888 0x10b0 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:50:19.0922 0x10b0 ShellHWDetection - ok
22:50:19.0961 0x10b0 [ 3EAD8E1668CE42A0AFE41D56E7157BCF, 90A1AA6372356046B28C079954458F42849779FFC48C93AF0549A7673B276EB3 ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
22:50:19.0990 0x10b0 silabenm - ok
22:50:20.0022 0x10b0 [ 688F8D8A147F04169139A681A1AA0035, 4857A353D5A3A390A134999268CF05F09C82E5E881822A43984F8BC74E7D00B1 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
22:50:20.0049 0x10b0 silabser - ok
22:50:20.0080 0x10b0 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:50:20.0095 0x10b0 sisagp - ok
22:50:20.0121 0x10b0 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:50:20.0135 0x10b0 SiSRaid2 - ok
22:50:20.0154 0x10b0 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:50:20.0168 0x10b0 SiSRaid4 - ok
22:50:20.0221 0x10b0 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:50:20.0243 0x10b0 SkypeUpdate - ok
22:50:20.0276 0x10b0 [ 53F95A6E13D99BE8669F1BEABCD3D0E2, AEA529D533487DD00014CF3C03155C4F43C4776FCE80354E826028B1604AE693 ] SmartDisk C:\Program Files\SmartDiskMounter\sdfs.sys
22:50:20.0290 0x10b0 SmartDisk - ok
22:50:20.0326 0x10b0 [ 18FCAEA521E3CFC1659F6C22875D22CE, 60B3BF6AA97AFFDBC618E6E9B8F798CD73805E781613BDEB85E2B7891885148A ] SmartDiskMounter C:\Program Files\SmartDiskMounter\sdfs.exe
22:50:20.0338 0x10b0 SmartDiskMounter - ok
22:50:20.0365 0x10b0 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:50:20.0400 0x10b0 Smb - ok
22:50:20.0454 0x10b0 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:50:20.0469 0x10b0 SNMPTRAP - ok
22:50:20.0507 0x10b0 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
22:50:20.0518 0x10b0 spldr - ok
22:50:20.0574 0x10b0 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
22:50:20.0597 0x10b0 Spooler - ok
22:50:20.0804 0x10b0 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
22:50:20.0966 0x10b0 sppsvc - ok
22:50:21.0013 0x10b0 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:50:21.0040 0x10b0 sppuinotify - ok
22:50:21.0077 0x10b0 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:50:21.0099 0x10b0 srv - ok
22:50:21.0117 0x10b0 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:50:21.0138 0x10b0 srv2 - ok
22:50:21.0165 0x10b0 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:50:21.0180 0x10b0 srvnet - ok
22:50:21.0210 0x10b0 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:50:21.0241 0x10b0 SSDPSRV - ok
22:50:21.0258 0x10b0 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:50:21.0298 0x10b0 SstpSvc - ok
22:50:21.0387 0x10b0 [ 81F177C1954453AF407604160BD149CB, D6B05F7E399690233C71C1E4B88F95D566BC6A14D145715A8A8C0FFD591147F0 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:50:21.0412 0x10b0 Stereo Service - ok
22:50:21.0433 0x10b0 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:50:21.0444 0x10b0 stexstor - ok
22:50:21.0498 0x10b0 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
22:50:21.0536 0x10b0 StiSvc - ok
22:50:21.0559 0x10b0 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:50:21.0571 0x10b0 storflt - ok
22:50:21.0603 0x10b0 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
22:50:21.0620 0x10b0 StorSvc - ok
22:50:21.0661 0x10b0 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:50:21.0673 0x10b0 storvsc - ok
22:50:21.0688 0x10b0 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:50:21.0700 0x10b0 swenum - ok
22:50:21.0744 0x10b0 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
22:50:21.0786 0x10b0 swprv - ok
22:50:21.0838 0x10b0 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
22:50:21.0891 0x10b0 SysMain - ok
22:50:21.0927 0x10b0 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
22:50:21.0961 0x10b0 TabletInputService - ok
22:50:21.0981 0x10b0 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
22:50:22.0014 0x10b0 TapiSrv - ok
22:50:22.0039 0x10b0 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
22:50:22.0067 0x10b0 TBS - ok
22:50:22.0137 0x10b0 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:50:22.0183 0x10b0 Tcpip - ok
22:50:22.0244 0x10b0 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:50:22.0283 0x10b0 TCPIP6 - ok
22:50:22.0322 0x10b0 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:50:22.0343 0x10b0 tcpipreg - ok
22:50:22.0371 0x10b0 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:50:22.0391 0x10b0 TDPIPE - ok
22:50:22.0428 0x10b0 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:50:22.0455 0x10b0 TDTCP - ok
22:50:22.0487 0x10b0 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:50:22.0511 0x10b0 tdx - ok
22:50:22.0525 0x10b0 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:50:22.0537 0x10b0 TermDD - ok
22:50:22.0689 0x10b0 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll
22:50:22.0762 0x10b0 TermService - ok
22:50:22.0808 0x10b0 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
22:50:22.0862 0x10b0 Themes - ok
22:50:22.0883 0x10b0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
22:50:22.0914 0x10b0 THREADORDER - ok
22:50:22.0951 0x10b0 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
22:50:22.0992 0x10b0 TrkWks - ok
22:50:23.0039 0x10b0 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:50:23.0084 0x10b0 TrustedInstaller - ok
22:50:23.0105 0x10b0 [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:50:23.0130 0x10b0 tssecsrv - ok
22:50:23.0151 0x10b0 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:50:23.0163 0x10b0 TsUsbFlt - ok
22:50:23.0199 0x10b0 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:50:23.0211 0x10b0 TsUsbGD - ok
22:50:23.0238 0x10b0 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:50:23.0263 0x10b0 tunnel - ok
22:50:23.0280 0x10b0 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:50:23.0292 0x10b0 uagp35 - ok
22:50:23.0308 0x10b0 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:50:23.0349 0x10b0 udfs - ok
22:50:23.0388 0x10b0 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:50:23.0411 0x10b0 UI0Detect - ok
22:50:23.0439 0x10b0 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:50:23.0452 0x10b0 uliagpkx - ok
22:50:23.0465 0x10b0 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:50:23.0487 0x10b0 umbus - ok
22:50:23.0509 0x10b0 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:50:23.0535 0x10b0 UmPass - ok
22:50:23.0554 0x10b0 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
22:50:23.0576 0x10b0 UmRdpService - ok
22:50:23.0617 0x10b0 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
22:50:23.0653 0x10b0 upnphost - ok
22:50:23.0684 0x10b0 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:50:23.0707 0x10b0 usbccgp - ok
22:50:23.0764 0x10b0 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:50:23.0796 0x10b0 usbcir - ok
22:50:23.0828 0x10b0 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:50:23.0864 0x10b0 usbehci - ok
22:50:23.0909 0x10b0 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:50:23.0947 0x10b0 usbhub - ok
22:50:23.0963 0x10b0 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:50:23.0984 0x10b0 usbohci - ok
22:50:24.0020 0x10b0 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:50:24.0047 0x10b0 usbprint - ok
22:50:24.0077 0x10b0 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:50:24.0104 0x10b0 USBSTOR - ok
22:50:24.0124 0x10b0 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:50:24.0156 0x10b0 usbuhci - ok
22:50:24.0189 0x10b0 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
22:50:24.0230 0x10b0 UxSms - ok
22:50:24.0244 0x10b0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe
22:50:24.0258 0x10b0 VaultSvc - ok
22:50:24.0304 0x10b0 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:50:24.0317 0x10b0 vdrvroot - ok
22:50:24.0342 0x10b0 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
22:50:24.0393 0x10b0 vds - ok
22:50:24.0424 0x10b0 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:50:24.0441 0x10b0 vga - ok
22:50:24.0461 0x10b0 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:50:24.0494 0x10b0 VgaSave - ok
22:50:24.0507 0x10b0 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:50:24.0524 0x10b0 vhdmp - ok
22:50:24.0590 0x10b0 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:50:24.0622 0x10b0 viaagp - ok
22:50:24.0665 0x10b0 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:50:24.0731 0x10b0 ViaC7 - ok
22:50:24.0851 0x10b0 [ 035F2F7CA447056C27DAE74538DE90D5, 670C4B4AF016CFAF8C47389DB8E6509DC0974505E659E735816522B871D25C8F ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
22:50:24.0910 0x10b0 VIAHdAudAddService - ok
22:50:24.0944 0x10b0 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
22:50:24.0955 0x10b0 viaide - ok
22:50:24.0996 0x10b0 [ DCA32F7079C1F9E99E16D47CF4D8D436, E3E815A767F9344F8243EEACF21364E47EB9D9EED3D717F56B072A0F01D8CADB ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
22:50:25.0009 0x10b0 VIAKaraokeService - ok
22:50:25.0039 0x10b0 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:50:25.0054 0x10b0 vmbus - ok
22:50:25.0065 0x10b0 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:50:25.0087 0x10b0 VMBusHID - ok
22:50:25.0107 0x10b0 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:50:25.0119 0x10b0 volmgr - ok
22:50:25.0158 0x10b0 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:50:25.0176 0x10b0 volmgrx - ok
22:50:25.0197 0x10b0 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:50:25.0215 0x10b0 volsnap - ok
22:50:25.0255 0x10b0 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:50:25.0269 0x10b0 vsmraid - ok
22:50:25.0331 0x10b0 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
22:50:25.0397 0x10b0 VSS - ok
22:50:25.0417 0x10b0 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:50:25.0438 0x10b0 vwifibus - ok
22:50:25.0463 0x10b0 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
22:50:25.0498 0x10b0 W32Time - ok
22:50:25.0530 0x10b0 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:50:25.0557 0x10b0 WacomPen - ok
22:50:25.0579 0x10b0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:50:25.0607 0x10b0 WANARP - ok
22:50:25.0611 0x10b0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:50:25.0636 0x10b0 Wanarpv6 - ok
22:50:25.0740 0x10b0 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:50:25.0789 0x10b0 WatAdminSvc - ok
22:50:25.0858 0x10b0 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
22:50:25.0910 0x10b0 wbengine - ok
22:50:25.0926 0x10b0 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:50:25.0963 0x10b0 WbioSrvc - ok
22:50:25.0991 0x10b0 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:50:26.0032 0x10b0 wcncsvc - ok
22:50:26.0052 0x10b0 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:50:26.0082 0x10b0 WcsPlugInService - ok
22:50:26.0110 0x10b0 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
22:50:26.0122 0x10b0 Wd - ok
22:50:26.0170 0x10b0 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:50:26.0198 0x10b0 Wdf01000 - ok
22:50:26.0209 0x10b0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:50:26.0245 0x10b0 WdiServiceHost - ok
22:50:26.0251 0x10b0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:50:26.0270 0x10b0 WdiSystemHost - ok
22:50:26.0299 0x10b0 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
22:50:26.0338 0x10b0 WebClient - ok
22:50:26.0372 0x10b0 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:50:26.0407 0x10b0 Wecsvc - ok
22:50:26.0415 0x10b0 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:50:26.0445 0x10b0 wercplsupport - ok
22:50:26.0456 0x10b0 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
22:50:26.0485 0x10b0 WerSvc - ok
22:50:26.0494 0x10b0 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:50:26.0519 0x10b0 WfpLwf - ok
22:50:26.0553 0x10b0 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:50:26.0565 0x10b0 WIMMount - ok
22:50:26.0685 0x10b0 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:50:26.0749 0x10b0 WinDefend - ok
22:50:26.0757 0x10b0 WinHttpAutoProxySvc - ok
22:50:26.0821 0x10b0 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:50:26.0864 0x10b0 Winmgmt - ok
22:50:26.0929 0x10b0 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
22:50:27.0004 0x10b0 WinRM - ok
22:50:27.0051 0x10b0 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
22:50:27.0099 0x10b0 WinUSB - ok
22:50:27.0152 0x10b0 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:50:27.0212 0x10b0 Wlansvc - ok
22:50:27.0252 0x10b0 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:50:27.0274 0x10b0 WmiAcpi - ok
22:50:27.0303 0x10b0 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:50:27.0329 0x10b0 wmiApSrv - ok
22:50:27.0424 0x10b0 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:50:27.0472 0x10b0 WMPNetworkSvc - ok
22:50:27.0503 0x10b0 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:50:27.0534 0x10b0 WPCSvc - ok
22:50:27.0549 0x10b0 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:50:27.0597 0x10b0 WPDBusEnum - ok
22:50:27.0639 0x10b0 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:50:27.0677 0x10b0 ws2ifsl - ok
22:50:27.0701 0x10b0 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
22:50:27.0722 0x10b0 wscsvc - ok
22:50:27.0725 0x10b0 WSearch - ok
22:50:27.0949 0x10b0 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
22:50:28.0032 0x10b0 wuauserv - ok
22:50:28.0059 0x10b0 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:50:28.0074 0x10b0 WudfPf - ok
22:50:28.0119 0x10b0 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:50:28.0144 0x10b0 WUDFRd - ok
22:50:28.0173 0x10b0 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:50:28.0204 0x10b0 wudfsvc - ok
22:50:28.0239 0x10b0 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
22:50:28.0263 0x10b0 WwanSvc - ok
22:50:28.0273 0x10b0 ================ Scan global ===============================
22:50:28.0302 0x10b0 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
22:50:28.0333 0x10b0 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
22:50:28.0348 0x10b0 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
22:50:28.0388 0x10b0 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
22:50:28.0421 0x10b0 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
22:50:28.0432 0x10b0 [ Global ] - ok
22:50:28.0433 0x10b0 ================ Scan MBR ==================================
22:50:28.0440 0x10b0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:50:28.0885 0x10b0 \Device\Harddisk0\DR0 - ok
22:50:28.0896 0x10b0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:50:29.0013 0x10b0 \Device\Harddisk1\DR1 - ok
22:50:29.0024 0x10b0 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR2
22:50:29.0234 0x10b0 \Device\Harddisk2\DR2 - ok
22:50:29.0234 0x10b0 ================ Scan VBR ==================================
22:50:29.0238 0x10b0 [ 894B14F01E836CD69AB25F71C3263DA4 ] \Device\Harddisk0\DR0\Partition1
22:50:29.0240 0x10b0 \Device\Harddisk0\DR0\Partition1 - ok
22:50:29.0277 0x10b0 [ CE6386A0C0C0BE2307793D67D8752A64 ] \Device\Harddisk0\DR0\Partition2
22:50:29.0288 0x10b0 \Device\Harddisk0\DR0\Partition2 - ok
22:50:29.0312 0x10b0 [ B4A560864B418D8D3204732938B6A291 ] \Device\Harddisk0\DR0\Partition3
22:50:29.0330 0x10b0 \Device\Harddisk0\DR0\Partition3 - ok
22:50:29.0338 0x10b0 [ 8954A131D3A0104092163BA600548DD2 ] \Device\Harddisk1\DR1\Partition1
22:50:29.0341 0x10b0 \Device\Harddisk1\DR1\Partition1 - ok
22:50:29.0359 0x10b0 [ F94C12256E147EDAFCDCD0ABF98FD3AC ] \Device\Harddisk2\DR2\Partition1
22:50:29.0365 0x10b0 \Device\Harddisk2\DR2\Partition1 - ok
22:50:29.0366 0x10b0 ================ Scan generic autorun ======================
22:50:29.0554 0x10b0 [ 2218928CF528D7BC295B1B4C69E9846C, FCC23BF7FACFC911CD7090B8E12E6ECC7716514FD7CA1D73B2CA351AA41499BD ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:50:29.0723 0x10b0 AvastUI.exe - ok
22:50:29.0807 0x10b0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:50:29.0853 0x10b0 Sidebar - ok
22:50:29.0886 0x10b0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
22:50:29.0907 0x10b0 mctadmin - ok
22:50:29.0908 0x10b0 Waiting for KSN requests completion. In queue: 62
22:50:30.0908 0x10b0 Waiting for KSN requests completion. In queue: 62
22:50:31.0908 0x10b0 Waiting for KSN requests completion. In queue: 62
22:50:32.0986 0x10b0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
22:50:32.0992 0x10b0 Win FW state via NFP2: enabled
22:50:35.0707 0x10b0 ============================================================
22:50:35.0707 0x10b0 Scan finished
22:50:35.0707 0x10b0 ============================================================
22:50:35.0724 0x06fc Detected object count: 0
22:50:35.0724 0x06fc Actual detected object count: 0
22:51:02.0092 0x1564 Deinitialize success

[Márty84]

Fajn, toto je OK, tak jeste ten MBAR

[Peter-turb]

vypadá že vše čisté . Děkuji za pomoc

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.17126

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 2.699000 GHz
Memory total: 3752247296, free: 2060341248

Downloaded database version: v2014.07.05.10
Downloaded database version: v2014.07.03.01
=======================================
Initializing...
------------ Kernel report ------------
07/05/2014 22:54:27
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\amdiox86.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda32v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\viahduaa.sys
\SystemRoot\system32\DRIVERS\dot4usb.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\Dot4.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\system32\DRIVERS\Dot4Prt.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\??\C:\Program Files\SmartDiskMounter\sdfs.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\Drivers\PROCEXP113.SYS
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\msctf.dll
\Windows\System32\comdlg32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\user32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\shell32.dll
\Windows\System32\difxapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\gdi32.dll
\Windows\System32\iertutil.dll
\Windows\System32\setupapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\ole32.dll
\Windows\System32\usp10.dll
\Windows\System32\clbcatq.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\imagehlp.dll
\Windows\System32\sechost.dll
\Windows\System32\psapi.dll
\Windows\System32\nsi.dll
\Windows\System32\kernel32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\wininet.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff8778da48
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000077\
Lower Device Object: 0xffffffff877913a8
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff87788ac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000076\
Lower Device Object: 0xffffffff8765d848
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86518ac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff8573b908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86518ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86518700, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86518ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8609c918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8573b908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E3FCFF5D

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 204593152

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 204800000 Numsec = 614400000

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff87788ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff877887a8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87788ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8765d848, DeviceName: \Device\00000076\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: CCC67988

Partition information:

Partition 0 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 2930272002

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1500301910016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xffffffff8778da48, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87791020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8778da48, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff877913a8, DeviceName: \Device\00000077\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: AC957567

Partition information:

Partition 0 type is Other (0xb)
Partition is NOT ACTIVE.
Partition starts at LBA: 1552 Numsec = 15972848

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 8178892800 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished

[Márty84]

Cisto jeste neni


Odinstalujte vse od IObit, pokud tam neco takoveho mate.


Presunte ComboFix na plochu, jinak to nebude fungovat.
Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\455F074C814E4520B69B5584BD90400C.TMP

Folder::
c:\programdata\IObit
c:\program files\IObit
c:\users\Peter\AppData\Roaming\IObit

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Peter-turb]

tak to nefunguje...
kdy že spustí Combofix tak po nějaká době vyskočí hláška "Systém bude restartován z důvodu neočekávaného ukončení služby Napájení." Pak za nějakou chvíli se pc restartne a po naběhnutí už se nic neděje (žádny log)....

[Márty84]

Restartujte pc donouzoveho rezimu a provedte krok s CF v nem.

[Peter-turb]

ComboFix 14-07-03.01 - Peter 06.07.2014 9:02.4.2 - x86 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3578.2693 [GMT 2:00]
Spuštěný z: c:\users\Peter\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Peter\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\455F074C814E4520B69B5584BD90400C.TMP"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 7\ASCInit.log
c:\program files\IObit\Advanced SystemCare 7\ASCService.log
c:\program files\IObit\Advanced SystemCare 7\AutoUpdate.log
c:\program files\IObit\Advanced SystemCare 7\Database\bing.xml
c:\program files\IObit\Advanced SystemCare 7\Database\google.xml
c:\program files\IObit\Advanced SystemCare 7\Database\HomepageBlack.dbd
c:\program files\IObit\Advanced SystemCare 7\Database\HomepageIgnore.dbd
c:\program files\IObit\Advanced SystemCare 7\Database\HomepageWhite.dbd
c:\program files\IObit\Advanced SystemCare 7\Database\yahoo.xml
c:\program files\IObit\Advanced SystemCare 7\Display_log.txt
c:\program files\IObit\Advanced SystemCare 7\LatestNews\imagenews.png
c:\program files\IObit\Advanced SystemCare 7\LatestNews\imagenews_B.png
c:\program files\IObit\Advanced SystemCare 7\LatestNews\LatestNews.ini
c:\program files\IObit\Advanced SystemCare 7\LiveUpdate.log
c:\program files\IObit\Advanced SystemCare 7\SecurityHoleScan.log
c:\program files\IObit\IObit Malware Fighter\license.dat
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2014-07-04-23-13 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2014-07-04-23-35 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2014-07-05-00-17 .txt
c:\program files\IObit\IObit Malware Fighter\log\scan\scan_2014-07-04-23-20 .txt
c:\program files\IObit\IObit Malware Fighter\log\scan\scan_2014-07-04-23-44 .txt
c:\program files\IObit\IObit Malware Fighter\Quarantine Zone\info.db
c:\program files\IObit\IObit Uninstaller\taskmgr.dll
c:\program files\IObit\LiveUpdate\Language\Arabic.lng
c:\program files\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files\IObit\LiveUpdate\Language\Czech.lng
c:\program files\IObit\LiveUpdate\Language\Danish.lng
c:\program files\IObit\LiveUpdate\Language\Dinka.lng
c:\program files\IObit\LiveUpdate\Language\Dutch.lng
c:\program files\IObit\LiveUpdate\Language\English.lng
c:\program files\IObit\LiveUpdate\Language\Finnish.lng
c:\program files\IObit\LiveUpdate\Language\Flemish.lng
c:\program files\IObit\LiveUpdate\Language\French.lng
c:\program files\IObit\LiveUpdate\Language\German.lng
c:\program files\IObit\LiveUpdate\Language\Greek.lng
c:\program files\IObit\LiveUpdate\Language\Hebrew.lng
c:\program files\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files\IObit\LiveUpdate\Language\Indonesia.lng
c:\program files\IObit\LiveUpdate\Language\Italian.lng
c:\program files\IObit\LiveUpdate\Language\Japanese.lng
c:\program files\IObit\LiveUpdate\Language\Korean.lng
c:\program files\IObit\LiveUpdate\Language\Latvian.lng
c:\program files\IObit\LiveUpdate\Language\Malayalam.lng
c:\program files\IObit\LiveUpdate\Language\Polish.lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng
c:\program files\IObit\LiveUpdate\Language\Romanian.lng
c:\program files\IObit\LiveUpdate\Language\Russian.lng
c:\program files\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files\IObit\LiveUpdate\Language\Slovak.lng
c:\program files\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files\IObit\LiveUpdate\Language\Spanish.lng
c:\program files\IObit\LiveUpdate\Language\Swedish.lng
c:\program files\IObit\LiveUpdate\Language\Turkish.lng
c:\program files\IObit\LiveUpdate\Language\Ukrainian.lng
c:\program files\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files\IObit\LiveUpdate\LiveUpdate.exe
c:\program files\IObit\LiveUpdate\LiveUpdate.log
c:\program files\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files\IObit\LiveUpdate\ProductStatistics.dll
c:\program files\IObit\LiveUpdate\system.ini
c:\program files\IObit\LiveUpdate\update\timer.db
c:\program files\IObit\LiveUpdate\update\update.spt
c:\program files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCBrowserProtection.safariextz
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome.manifest
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\imagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\languagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\popbox.css
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\protectpage.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\urlbaricon.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\icon.png
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\install.rdf
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\manifest.json
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\background.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\background.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Ex.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\popup.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\popup.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\tips.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\warning.bak
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\warning.js
c:\program files\IObit\Surfing Protection\BrowerProtect\BrowserProtect.oex
c:\program files\IObit\Surfing Protection\BrowerProtect\errorpage.html
c:\program files\IObit\Surfing Protection\BrowerProtect\images\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\icon_gray.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_tip_details.gif
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\NPASCSafariPluginProtect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\SPAD_script.js
c:\program files\IObit\Surfing Protection\Database\ASCSpecialUrl.db
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0429
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0603
c:\program files\IObit\Surfing Protection\Database\base_upt_add
c:\program files\IObit\Surfing Protection\Database\spupdate.utp
c:\program files\IObit\Surfing Protection\Extensions.plist
c:\program files\IObit\Surfing Protection\Language\Arabic.lng
c:\program files\IObit\Surfing Protection\Language\Belarusian.lng
c:\program files\IObit\Surfing Protection\Language\Czech.lng
c:\program files\IObit\Surfing Protection\Language\Dutch.lng
c:\program files\IObit\Surfing Protection\Language\English.lng
c:\program files\IObit\Surfing Protection\Language\Finnish.lng
c:\program files\IObit\Surfing Protection\Language\Hungarian.lng
c:\program files\IObit\Surfing Protection\Language\ChineseSimp.lng
c:\program files\IObit\Surfing Protection\Language\ChineseTrad.lng
c:\program files\IObit\Surfing Protection\Language\Japanese.lng
c:\program files\IObit\Surfing Protection\Language\Korean.lng
c:\program files\IObit\Surfing Protection\Language\Polish.lng
c:\program files\IObit\Surfing Protection\Language\Portuguese(PT-BR).lng
c:\program files\IObit\Surfing Protection\Language\Romanian.lng
c:\program files\IObit\Surfing Protection\Language\Russian.lng
c:\program files\IObit\Surfing Protection\Language\Serbian (cyrillic).lng
c:\program files\IObit\Surfing Protection\Language\Serbian (latin).lng
c:\program files\IObit\Surfing Protection\Language\Slovenian.lng
c:\program files\IObit\Surfing Protection\Language\Spanish.lng
c:\program files\IObit\Surfing Protection\Language\Swedish.lng
c:\program files\IObit\Surfing Protection\Language\Turkish.lng
c:\program files\IObit\Surfing Protection\Language\Vietnamese.lng
c:\program files\IObit\Surfing Protection\PluginInstall.exe
c:\program files\IObit\Surfing Protection\Preferences
c:\program files\IObit\Surfing Protection\SPInit.log
c:\program files\IObit\Surfing Protection\SPUpdate.exe
c:\program files\IObit\Surfing Protection\sqlite3.dll
c:\program files\IObit\Surfing Protection\unins000.dat
c:\program files\IObit\Surfing Protection\unins000.exe
c:\program files\IObit\Surfing Protection\unins000.msg
c:\program files\IObit\Surfing Protection\Update\Update.ini
c:\programdata\IObit
c:\programdata\IObit\Advanced SystemCare V7\AntivirusConfig.ini
c:\programdata\IObit\Advanced SystemCare V7\AscService.ini
c:\programdata\IObit\Advanced SystemCare V7\HealthLevel.ini
c:\programdata\IObit\Advanced SystemCare V7\Homepage Protection\ASCService.log
c:\programdata\IObit\Advanced SystemCare V7\Homepage Protection\homepage.log
c:\programdata\IObit\Advanced SystemCare V7\ReinforceData.ini
c:\programdata\IObit\Advanced SystemCare V7\User_UndeleteReg.dat
c:\programdata\IObit\ASCDownloader\Advanced SystemCare.exe
c:\programdata\IObit\ASCDownloader\Advanced SystemCare.exe.dat
c:\programdata\IObit\ASCDownloader\Downloader.log
c:\programdata\IObit\Install.ini
c:\users\Peter\AppData\Roaming\IObit
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\ASCTray.log
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Backup\ASCBackup32-2014-07-04(23-10-02).reg
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Boottime\AscTray_Delay.Log
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Boottime\Boottime.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Boottime\LastAutoRunList.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\google.xml
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\Preferences.2014-07-04(22-55-44-629).old
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\Preferences.2014-07-04(22-55-44-720).new
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\Preferences.2014-07-05(00-18-53-694).new
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\Preferences.2014-07-05(00-18-53-694).old
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\prefs.js.2014-07-04(22-55-44-573).old
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\prefs.js.2014-07-04(22-55-44-577).new
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\prefs.js.2014-07-04(23-33-53-301).old
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\prefs.js.2014-07-04(23-33-53-332).new
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\prefs.js.2014-07-05(00-16-05-020).old
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\prefs.js.2014-07-05(00-16-05-036).new
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Ignore.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Internet Booster\ASCInternetBak.dat
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Internet Booster\Config.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\JFilterkey.dbd
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\License.log
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Log\ASCLog-2014-07-04(23-10-02).txt
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\Main.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\PFilterkey.dbd
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myAutoDisable.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myIdleDisable.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myIFEO.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myinifile.ini
c:\users\Peter\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myThreadControl.ini
c:\users\Peter\AppData\Roaming\IObit\IObit Malware Fighter\config.ini
c:\users\Peter\AppData\Roaming\IObit\IObit Malware Fighter\ignore.ini
c:\users\Peter\AppData\Roaming\IObit\IObit Malware Fighter\remember.ini
c:\users\Peter\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
c:\users\Peter\AppData\Roaming\IObit\IObit Uninstaller\Main.ini
c:\users\Peter\AppData\Roaming\IObit\IObit Uninstaller\MenuRight.dat
c:\users\Peter\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
c:\users\Peter\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_LiveUpdateSvc
-------\Service_LiveUpdateSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-06 do 2014-07-06 )))))))))))))))))))))))))))))))
.
.
2014-07-06 07:08 . 2014-07-06 07:23 -------- d-----w- c:\users\Peter\AppData\Local\temp
2014-07-06 07:08 . 2014-07-06 07:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-05 20:54 . 2014-07-05 21:15 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-07-05 20:21 . 2014-07-05 20:21 -------- d-----w- c:\users\Anetka
2014-07-05 20:11 . 2014-07-06 07:06 -------- d-----w- c:\windows\SysWow64
2014-07-05 18:25 . 2014-07-05 18:27 -------- d-----w- C:\AdwCleaner
2014-07-04 23:44 . 2014-07-04 23:55 -------- d-----w- C:\FRST
2014-07-04 23:37 . 2014-07-04 23:51 -------- d-----w- c:\programdata\HitmanPro
2014-07-04 21:58 . 2014-07-04 21:59 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-07-04 21:58 . 2014-07-04 21:58 -------- d-----w- c:\programdata\Malwarebytes
2014-07-04 21:31 . 2014-07-04 21:31 -------- d-----w- c:\users\Peter\AppData\Local\Apple Computer
2014-07-04 20:56 . 2014-07-04 20:56 -------- d-----w- c:\users\Peter\AppData\Roaming\ProductData
2014-07-04 20:55 . 2014-07-04 20:55 -------- d-----w- c:\programdata\ProductData
2014-07-04 20:55 . 2014-07-04 20:55 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-07-04 20:52 . 2014-07-04 20:52 -------- d-----w- c:\windows\455F074C814E4520B69B5584BD90400C.TMP
2014-07-04 20:49 . 2014-07-04 20:49 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2014-07-04 20:15 . 2014-07-04 20:55 -------- d-----w- c:\users\Peter\AppData\Roaming\Apple Computer
2014-07-04 20:05 . 2014-07-04 20:06 -------- d-----w- c:\program files\FreeRapid-0.9u4
2014-07-04 13:47 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34C10EF9-4EDE-4DDE-AF47-00444F98C704}\mpengine.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-07-02 17:46 . 2014-07-02 17:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-07-02 17:46 . 2014-07-02 17:46 -------- d-----w- c:\program files\QuickTime
2014-07-02 17:46 . 2014-07-02 17:46 -------- d-----w- c:\programdata\Apple Computer
2014-07-02 17:44 . 2014-07-02 17:44 -------- d-----w- c:\program files\Common Files\Apple
2014-07-02 17:44 . 2014-07-02 17:44 -------- d-----w- c:\users\Peter\AppData\Local\Apple
2014-07-02 17:44 . 2014-07-02 17:44 -------- d-----w- c:\program files\Apple Software Update
2014-06-23 18:23 . 2014-06-23 18:24 -------- d-----w- c:\users\Peter\AppData\Roaming\Dropbox
2014-06-22 18:38 . 2014-06-22 18:38 43152 ----a-w- c:\windows\avastSS.scr
2014-06-20 18:19 . 2014-07-04 22:13 -------- d-----w- c:\programdata\AppSnow
2014-06-20 18:18 . 2014-07-04 20:13 -------- d-----w- c:\programdata\4d66ec623310361d
2014-06-20 18:18 . 2014-06-20 18:18 -------- d-----w- c:\users\Peter\AppData\Local\Comodo
2014-06-20 18:18 . 2014-06-20 18:18 -------- d-----w- c:\users\HomeGroupUser$
2014-06-20 18:18 . 2014-06-20 18:18 -------- d-----w- c:\users\Guest
2014-06-20 18:18 . 2014-06-20 18:18 -------- d-----w- c:\users\Administrator
2014-06-20 18:17 . 2014-06-20 18:25 -------- d-----w- c:\programdata\InstallMate
2014-06-15 15:17 . 2014-06-15 15:44 -------- d-----w- c:\users\Peter\AppData\Roaming\Mnemosyne
2014-06-15 15:16 . 2014-06-15 15:51 -------- d-----w- c:\users\Peter\.matplotlib
2014-06-15 15:14 . 2014-06-15 15:14 -------- d-----w- c:\program files\Mnemosyne
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-22 18:38 260976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-04 3890208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 05:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMProbíhá stahování aktualizace...1338924290338]
2012-02-23 09:50 179576 ----a-w- c:\program files\Corel\CorelDRAW Graphics Suite X6\PHOTO-PAINT\DIM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2011-04-06 10:20 2154096 ----a-r- c:\program files\VIA\VIAudioi\VDeck\VDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 21:29 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Disk Mounter]
2014-06-04 19:25 279192 ----a-w- c:\program files\SmartDiskMounter\Smart Disk Mounter.exe
.
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-05-30 108032]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [2014-03-25 47176]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys [2014-03-25 63104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-11-01 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-06-22 777488]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-06-22 411680]
S2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;c:\program files\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 291840]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-06-22 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-06-22 67824]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-06-22 68312]
S2 SmartDisk;SmartDisk;c:\program files\SmartDiskMounter\sdfs.sys [2014-05-30 74392]
S2 SmartDiskMounter;Smart Disk Mounter Service;c:\program files\SmartDiskMounter\sdfs.exe [2014-05-30 31896]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-03-29 27760]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 101352]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 317416]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-08-23 414824]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 1804400]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
2014-05-30 07:57 595968 ----a-w- c:\windows\System32\ie4uinit.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
2010-11-20 21:29 80720 ----a-w- c:\windows\System32\mscories.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-10 20:14 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\System32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\p3burv9g.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-IObit Surfing Protection_is1 - c:\program files\IObit\Surfing Protection\unins000.exe
.
.
"ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.]
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\smss.exe
c:\windows\system32\csrss.exe
c:\windows\system32\wininit.exe
c:\windows\system32\csrss.exe
c:\windows\system32\services.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\lsass.exe
c:\windows\system32\lsm.exe
c:\windows\system32\svchost.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\svchost.exe
c:\windows\System32\svchost.exe
c:\windows\System32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\atieclxx.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\System32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\Dwm.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiprvse.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\System32\svchost.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Celkový čas: 2014-07-06 09:24:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-06 07:24
ComboFix2.txt 2014-07-05 20:21
ComboFix3.txt 2012-11-05 11:35
.
Před spuštěním: Volných bajtů: 23 522 832 384
Po spuštění: Volných bajtů: 23 161 135 104
.
- - End Of File - - A6EB4E57913BC792ED5E9CC1B21DE433
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Vypnete trvale Windows Defender


Dejte mi sem log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786