Chcem poprosit o kontrolu logu

[kamelko]

Ked si zapnem prehliadač vyskocia mi iba reklamy a dlho trvá kým sa načíta stránka. Niekedy sa nenačíta vôbec.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:40:27, on 28. 9. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\YourFileDownloader\YourFileUpdater.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\MultiScreen\MultiScreen.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Users\Mišo\AppData\Roaming\BrowserCompanion\tcbhn.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Windows\system32\notepad.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\RomeXoft\Screen Notes\ScreenNotes.exe
C:\Program Files\RomeXoft\Screen Notes\ScreenNotes.exe
C:\Windows.old\Program Files\IrfanView\i_view32.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Users\Mišo\Desktop\utorrent.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://blekko.com/ws/?source=c3348dd4&t ... p=homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Mišo\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Search Fairy - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - C:\Program Files\Search Fairy\SearchFairy.dll
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files\blekkotb_031\blekkotb_019X.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O3 - Toolbar: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files\blekkotb_031\blekkotb_019X.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKCU\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKCU\..\Run: [MultiScreen] C:\Program Files\MultiScreen\MultiScreen.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mišo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Screen Notes] "C:\Program Files\RomeXoft\Screen Notes\ScreenNotes.exe"
O4 - HKCU\..\RunOnce: [blekkotb] reg.exe delete "HKCU\Software\AppDataLow\Software\blekkotb" /f
O4 - HKCU\..\RunOnce: [blekkotb_XP] reg.exe delete "HKCU\Software\blekkotb" /f
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: tcbhn.lnk = ?
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Search Fairy - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files\Search Fairy\SearchFairy.dll
O9 - Extra 'Tools' menuitem: Search Fairy options - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files\Search Fairy\SearchFairy.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe

--
End of file - 13315 bytes

[Reklama]

[Orcus]

Odinstaluj Spyware terminator, Anti-phishing Domain, PC Tools Security . Už tam máš Eset. 4 AV programy se můžou bít. Stejně ten Skype nemusí nabíhat hned po startu ne? Dále odinstaluj taky:

Winamp Toolbar
StartNow Toolbar
Babylon toolbar
Winamp Toolbar
Search Fairy
SweetIM Toolba
Blekko search bar
Crawler Toolbar

Vidíš přes ty toolbary aspoň nějakou část webu?

Na Virustotal otestuj tento soubor:
C:\Program Files\YourFileDownloader\YourFileUpdater.exe

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://blekko.com/ws/?source=c3348dd4&t ... p=homepage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Search Fairy - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - C:\Program Files\Search Fairy\SearchFairy.dll
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll
O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll
O2 - BHO: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files\blekkotb_031\blekkotb_019X.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O3 - Toolbar: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files\blekkotb_031\blekkotb_019X.dll
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mišo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [blekkotb] reg.exe delete "HKCU\Software\AppDataLow\Software\blekkotb" /f
O4 - HKCU\..\RunOnce: [blekkotb_XP] reg.exe delete "HKCU\Software\blekkotb" /f
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Search Fairy - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files\Search Fairy\SearchFairy.dll
O9 - Extra 'Tools' menuitem: Search Fairy options - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files\Search Fairy\SearchFairy.dll

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[kamelko]

Virus total mi vyhodil dva riadky:

TrendMicro-HouseCall TROJ_GEN.F47V0816 20120818

VIPRE Via Advertising (fs) 20120818


Malwarebytes Anti-Malware (Skúšobná verzia) 1.65.0.1400
www.malwarebytes.org

Verzia databázy: v2012.09.28.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Mišo :: MIŠO-PC [administrátor]

Ochrana: Zapnuté

28. 9. 2012 21:20:31
mbam-log-2012-09-28 (21-29-00).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 205113
Uplynutý čas: 8 min, 18 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 1
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Žiadna úloha nevykonaná.

Detegované registračné kľúče: 25
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Žiadna úloha nevykonaná.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Dáta: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Žiadna úloha nevykonaná.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Dáta: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Žiadna úloha nevykonaná.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Dáta: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Žiadna úloha nevykonaná.

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 1
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Žiadna úloha nevykonaná.

Detegované súbory: 17
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Users\Mišo\AppData\Local\Temp\W_Ptp0Y6.exe.part (PUP.Adware.Gotclip.ScamLotto) -> Žiadna úloha nevykonaná.
C:\Users\Mišo\Downloads\FastDownload (1).exe (Affiliate.Downloader) -> Žiadna úloha nevykonaná.
C:\Users\Mišo\Downloads\FastDownload (2).exe (Affiliate.Downloader) -> Žiadna úloha nevykonaná.
C:\Users\Mišo\Downloads\FastDownload (3).exe (Affiliate.Downloader) -> Žiadna úloha nevykonaná.
C:\Users\Mišo\Downloads\FastDownload (4).exe (Affiliate.Downloader) -> Žiadna úloha nevykonaná.
C:\Users\Mišo\Downloads\FastDownload (5).exe (Affiliate.Downloader) -> Žiadna úloha nevykonaná.
C:\Users\Mišo\Downloads\FastDownload.exe (Affiliate.Downloader) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Žiadna úloha nevykonaná.
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Žiadna úloha nevykonaná.

(koniec)

[Orcus]

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[kamelko]

Malwarebytes Anti-Malware (Skúšobná verzia) 1.65.0.1400
www.malwarebytes.org

Verzia databázy: v2012.09.29.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Mišo :: MIŠO-PC [administrátor]

Ochrana: Zapnuté

30. 9. 2012 8:42:41
mbam-log-2012-09-30 (08-42-41).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 205788
Uplynutý čas: 29 min, 42 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 1
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Bude odstránený po reštartovaní.

Detegované registračné kľúče: 25
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Pridanie do karantény a zmazanie úspešné.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.

Detegované registračné hodnoty: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Dáta: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Pridanie do karantény a zmazanie úspešné.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Dáta: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Pridanie do karantény a zmazanie úspešné.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Dáta: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Pridanie do karantény a zmazanie úspešné.

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 1
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Bude odstránený po reštartovaní.

Detegované súbory: 17
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Bude odstránený po reštartovaní.
C:\Users\Mišo\AppData\Local\Temp\W_Ptp0Y6.exe.part (PUP.Adware.Gotclip.ScamLotto) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Mišo\Downloads\FastDownload (1).exe (Affiliate.Downloader) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Mišo\Downloads\FastDownload (2).exe (Affiliate.Downloader) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Mišo\Downloads\FastDownload (3).exe (Affiliate.Downloader) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Mišo\Downloads\FastDownload (4).exe (Affiliate.Downloader) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Mišo\Downloads\FastDownload (5).exe (Affiliate.Downloader) -> Pridanie do karantény a zmazanie úspešné.
C:\Users\Mišo\Downloads\FastDownload.exe (Affiliate.Downloader) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Pridanie do karantény a zmazanie úspešné.

(koniec)

[kamelko]

20:11:37.0579 2936 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:11:38.0265 2936 ============================================================
20:11:38.0265 2936 Current date / time: 2012/09/30 20:11:38.0265
20:11:38.0265 2936 SystemInfo:
20:11:38.0265 2936
20:11:38.0265 2936 OS Version: 6.1.7601 ServicePack: 1.0
20:11:38.0265 2936 Product type: Workstation
20:11:38.0265 2936 ComputerName: MIŠO-PC
20:11:38.0265 2936 UserName: Mišo
20:11:38.0265 2936 Windows directory: C:\Windows
20:11:38.0265 2936 System windows directory: C:\Windows
20:11:38.0265 2936 Processor architecture: Intel x86
20:11:38.0265 2936 Number of processors: 2
20:11:38.0265 2936 Page size: 0x1000
20:11:38.0265 2936 Boot type: Normal boot
20:11:38.0265 2936 ============================================================
20:11:39.0435 2936 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0x31694, SectorsPerTrack: 0x21, TracksPerCylinder: 0x75, Type 'K0', Flags 0x00000050
20:11:39.0451 2936 ============================================================
20:11:39.0451 2936 \Device\Harddisk0\DR0:
20:11:39.0451 2936 MBR partitions:
20:11:39.0451 2936 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x21, BlocksNum 0xFFFE3EE
20:11:39.0451 2936 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFFFE40F, BlocksNum 0x1E93A215
20:11:39.0451 2936 ============================================================
20:11:39.0498 2936 C: <-> \Device\Harddisk0\DR0\Partition1
20:11:39.0591 2936 E: <-> \Device\Harddisk0\DR0\Partition2
20:11:39.0591 2936 ============================================================
20:11:39.0591 2936 Initialize success
20:11:39.0591 2936 ============================================================
20:11:43.0444 10224 ============================================================
20:11:43.0444 10224 Scan started
20:11:43.0444 10224 Mode: Manual;
20:11:43.0444 10224 ============================================================
20:11:43.0912 10224 ================ Scan system memory ========================
20:11:43.0912 10224 System memory - ok
20:11:43.0912 10224 ================ Scan services =============================
20:11:44.0100 10224 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:11:44.0100 10224 1394ohci - ok
20:11:44.0131 10224 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:11:44.0146 10224 ACPI - ok
20:11:44.0162 10224 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:11:44.0162 10224 AcpiPmi - ok
20:11:44.0209 10224 [ B01A51996A3251023A5FD19FC88F5057 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
20:11:44.0209 10224 ADIHdAudAddService - ok
20:11:44.0287 10224 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:11:44.0287 10224 AdobeARMservice - ok
20:11:44.0380 10224 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:11:44.0412 10224 AdobeFlashPlayerUpdateSvc - ok
20:11:44.0443 10224 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:11:44.0490 10224 adp94xx - ok
20:11:44.0505 10224 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:11:44.0505 10224 adpahci - ok
20:11:44.0521 10224 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:11:44.0536 10224 adpu320 - ok
20:11:44.0568 10224 [ 30BB1BDE595CA65FD5549462080D94E5 ] AegisP C:\Windows\system32\DRIVERS\AegisP.sys
20:11:44.0568 10224 AegisP - ok
20:11:44.0599 10224 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:11:44.0599 10224 AeLookupSvc - ok
20:11:44.0646 10224 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:11:44.0646 10224 AFD - ok
20:11:44.0677 10224 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:11:44.0677 10224 agp440 - ok
20:11:44.0724 10224 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:11:44.0724 10224 aic78xx - ok
20:11:44.0739 10224 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:11:44.0755 10224 ALG - ok
20:11:44.0770 10224 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:11:44.0770 10224 aliide - ok
20:11:44.0786 10224 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:11:44.0786 10224 amdagp - ok
20:11:44.0802 10224 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:11:44.0802 10224 amdide - ok
20:11:44.0833 10224 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:11:44.0833 10224 AmdK8 - ok
20:11:44.0848 10224 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:11:44.0848 10224 AmdPPM - ok
20:11:44.0895 10224 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:11:44.0895 10224 amdsata - ok
20:11:44.0926 10224 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:11:44.0926 10224 amdsbs - ok
20:11:44.0942 10224 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:11:44.0942 10224 amdxata - ok
20:11:45.0004 10224 [ D1AF38FBAC0DC7E6D796B0ED01707EE0 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
20:11:45.0004 10224 AppHostSvc - ok
20:11:45.0036 10224 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:11:45.0036 10224 AppID - ok
20:11:45.0082 10224 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:11:45.0082 10224 AppIDSvc - ok
20:11:45.0098 10224 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:11:45.0098 10224 Appinfo - ok
20:11:45.0114 10224 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
20:11:45.0114 10224 arc - ok
20:11:45.0129 10224 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:11:45.0129 10224 arcsas - ok
20:11:45.0160 10224 [ AD93549F1CDCA539BAAF9AC7219B5F94 ] asusgsb C:\Windows\system32\drivers\asusgsb.sys
20:11:45.0160 10224 asusgsb - ok
20:11:45.0192 10224 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:11:45.0207 10224 AsyncMac - ok
20:11:45.0223 10224 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:11:45.0223 10224 atapi - ok
20:11:45.0254 10224 [ 02527ED94669541ACAEE2D8215405910 ] atkdisplf C:\Windows\system32\Drivers\atkdisplowfilter.sys
20:11:45.0270 10224 atkdisplf - ok
20:11:45.0301 10224 [ 946CB16EB9EDDA369153C2EF96937C64 ] ATKFUSService C:\Windows\system32\ATKFUSService.exe
20:11:45.0316 10224 ATKFUSService - ok
20:11:45.0332 10224 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:11:45.0348 10224 AudioEndpointBuilder - ok
20:11:45.0363 10224 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:11:45.0363 10224 Audiosrv - ok
20:11:45.0379 10224 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:11:45.0394 10224 AxInstSV - ok
20:11:45.0426 10224 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:11:45.0426 10224 b57nd60x - ok
20:11:45.0472 10224 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:11:45.0472 10224 Beep - ok
20:11:45.0519 10224 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:11:45.0535 10224 BFE - ok
20:11:45.0566 10224 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:11:45.0613 10224 BITS - ok
20:11:45.0628 10224 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:11:45.0628 10224 blbdrive - ok
20:11:45.0660 10224 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:11:45.0675 10224 bowser - ok
20:11:45.0691 10224 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:11:45.0691 10224 BrFiltLo - ok
20:11:45.0691 10224 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:11:45.0706 10224 BrFiltUp - ok
20:11:45.0738 10224 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:11:45.0753 10224 Browser - ok
20:11:45.0831 10224 [ 7EFFCCD7B6EA4D3428F5B3ACE8DE8F5A ] Browser Defender Update Service C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
20:11:45.0847 10224 Browser Defender Update Service - ok
20:11:45.0862 10224 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:11:45.0862 10224 Brserid - ok
20:11:45.0878 10224 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:11:45.0878 10224 BrSerWdm - ok
20:11:45.0894 10224 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:11:45.0894 10224 BrUsbMdm - ok
20:11:45.0909 10224 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:11:45.0909 10224 BrUsbSer - ok
20:11:45.0925 10224 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:11:45.0925 10224 BTHMODEM - ok
20:11:45.0956 10224 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:11:45.0956 10224 bthserv - ok
20:11:45.0972 10224 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:11:45.0972 10224 cdfs - ok
20:11:46.0003 10224 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:11:46.0003 10224 cdrom - ok
20:11:46.0034 10224 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:11:46.0034 10224 CertPropSvc - ok
20:11:46.0065 10224 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
20:11:46.0065 10224 circlass - ok
20:11:46.0081 10224 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:11:46.0081 10224 CLFS - ok
20:11:46.0190 10224 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:11:46.0206 10224 clr_optimization_v2.0.50727_32 - ok
20:11:46.0284 10224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:11:46.0284 10224 clr_optimization_v4.0.30319_32 - ok
20:11:46.0299 10224 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:11:46.0299 10224 CmBatt - ok
20:11:46.0315 10224 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:11:46.0315 10224 cmdide - ok
20:11:46.0346 10224 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:11:46.0377 10224 CNG - ok
20:11:46.0408 10224 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:11:46.0408 10224 Compbatt - ok
20:11:46.0440 10224 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:11:46.0440 10224 CompositeBus - ok
20:11:46.0455 10224 COMSysApp - ok
20:11:46.0471 10224 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:11:46.0471 10224 crcdisk - ok
20:11:46.0502 10224 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:11:46.0533 10224 CryptSvc - ok
20:11:46.0580 10224 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:11:46.0596 10224 CSC - ok
20:11:46.0627 10224 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:11:46.0642 10224 CscService - ok
20:11:46.0674 10224 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:11:46.0689 10224 DcomLaunch - ok
20:11:46.0720 10224 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:11:46.0736 10224 defragsvc - ok
20:11:46.0752 10224 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:11:46.0752 10224 DfsC - ok
20:11:46.0783 10224 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:11:46.0783 10224 Dhcp - ok
20:11:46.0814 10224 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:11:46.0814 10224 discache - ok
20:11:46.0845 10224 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
20:11:46.0845 10224 Disk - ok
20:11:46.0876 10224 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:11:46.0892 10224 Dnscache - ok
20:11:46.0923 10224 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:11:46.0923 10224 dot3svc - ok
20:11:46.0939 10224 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:11:46.0939 10224 DPS - ok
20:11:46.0986 10224 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:11:46.0986 10224 drmkaud - ok
20:11:47.0032 10224 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:11:47.0048 10224 dtsoftbus01 - ok
20:11:47.0095 10224 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:11:47.0110 10224 DXGKrnl - ok
20:11:47.0173 10224 [ 8A45015E85A4DCE0086B9973F0FD9A20 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
20:11:47.0173 10224 eamonm - ok
20:11:47.0220 10224 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:11:47.0220 10224 EapHost - ok
20:11:47.0266 10224 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:11:47.0266 10224 EFS - ok
20:11:47.0313 10224 [ 5412ED24FFFCA64E2F0168399B86C952 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
20:11:47.0329 10224 ehdrv - ok
20:11:47.0376 10224 [ 0DAF3544804650526751C478AECCCE63 ] EIO C:\Windows\system32\Drivers\eio.sys
20:11:47.0376 10224 EIO - ok
20:11:47.0454 10224 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
20:11:47.0485 10224 ekrn - ok
20:11:47.0516 10224 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:11:47.0516 10224 elxstor - ok
20:11:47.0578 10224 [ 774BABCB1144513DC86992003740B774 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
20:11:47.0594 10224 epfw - ok
20:11:47.0672 10224 [ 2C22CC39309EE06AE870C183BF2A769D ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
20:11:47.0703 10224 EpfwLWF - ok
20:11:47.0719 10224 [ 2B4E5F01A4E786B422F4D617B51FA7D9 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
20:11:47.0719 10224 epfwwfp - ok
20:11:47.0734 10224 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:11:47.0734 10224 ErrDev - ok
20:11:47.0766 10224 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:11:47.0766 10224 EventSystem - ok
20:11:47.0781 10224 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:11:47.0797 10224 exfat - ok
20:11:47.0812 10224 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:11:47.0812 10224 fastfat - ok
20:11:47.0859 10224 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:11:47.0875 10224 Fax - ok
20:11:47.0890 10224 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:11:47.0890 10224 fdc - ok
20:11:47.0906 10224 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:11:47.0922 10224 fdPHost - ok
20:11:47.0922 10224 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:11:47.0922 10224 FDResPub - ok
20:11:47.0937 10224 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:11:47.0937 10224 FileInfo - ok
20:11:47.0953 10224 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:11:47.0953 10224 Filetrace - ok
20:11:47.0968 10224 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:11:47.0968 10224 flpydisk - ok
20:11:48.0000 10224 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:11:48.0000 10224 FltMgr - ok
20:11:48.0078 10224 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:11:48.0124 10224 FontCache - ok
20:11:48.0156 10224 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:11:48.0156 10224 FsDepends - ok
20:11:48.0187 10224 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:11:48.0187 10224 Fs_Rec - ok
20:11:48.0218 10224 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:11:48.0218 10224 gagp30kx - ok
20:11:48.0249 10224 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:11:48.0265 10224 gpsvc - ok
20:11:48.0312 10224 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:11:48.0327 10224 HdAudAddService - ok
20:11:48.0358 10224 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:11:48.0374 10224 HDAudBus - ok
20:11:48.0374 10224 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:11:48.0390 10224 HidBatt - ok
20:11:48.0390 10224 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:11:48.0405 10224 HidBth - ok
20:11:48.0421 10224 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:11:48.0421 10224 HidIr - ok
20:11:48.0436 10224 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:11:48.0436 10224 hidserv - ok
20:11:48.0468 10224 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:11:48.0468 10224 HidUsb - ok
20:11:48.0499 10224 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:11:48.0499 10224 hkmsvc - ok
20:11:48.0514 10224 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:11:48.0530 10224 HomeGroupListener - ok
20:11:48.0561 10224 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:11:48.0577 10224 HomeGroupProvider - ok
20:11:48.0592 10224 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:11:48.0592 10224 HpSAMD - ok
20:11:48.0624 10224 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:11:48.0624 10224 HTTP - ok
20:11:48.0639 10224 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:11:48.0639 10224 hwpolicy - ok
20:11:48.0670 10224 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:11:48.0670 10224 i8042prt - ok
20:11:48.0717 10224 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:11:48.0717 10224 iaStorV - ok
20:11:48.0764 10224 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:11:48.0780 10224 IDriverT - ok
20:11:48.0795 10224 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:11:48.0795 10224 iirsp - ok
20:11:48.0842 10224 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:11:48.0873 10224 IKEEXT - ok
20:11:48.0904 10224 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:11:48.0920 10224 intelide - ok
20:11:48.0936 10224 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:11:48.0951 10224 intelppm - ok
20:11:48.0951 10224 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:11:48.0967 10224 IPBusEnum - ok
20:11:48.0967 10224 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:11:48.0982 10224 IpFilterDriver - ok
20:11:48.0998 10224 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:11:49.0014 10224 iphlpsvc - ok
20:11:49.0029 10224 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:11:49.0029 10224 IPMIDRV - ok
20:11:49.0060 10224 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:11:49.0060 10224 IPNAT - ok
20:11:49.0076 10224 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:11:49.0092 10224 IRENUM - ok
20:11:49.0092 10224 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:11:49.0092 10224 isapnp - ok
20:11:49.0123 10224 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:11:49.0123 10224 iScsiPrt - ok
20:11:49.0154 10224 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:11:49.0154 10224 kbdclass - ok
20:11:49.0185 10224 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:11:49.0185 10224 kbdhid - ok
20:11:49.0201 10224 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:11:49.0201 10224 KeyIso - ok
20:11:49.0232 10224 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:11:49.0232 10224 KSecDD - ok
20:11:49.0248 10224 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:11:49.0279 10224 KSecPkg - ok
20:11:49.0310 10224 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:11:49.0326 10224 KtmRm - ok
20:11:49.0357 10224 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:11:49.0372 10224 LanmanServer - ok
20:11:49.0404 10224 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:11:49.0419 10224 LanmanWorkstation - ok
20:11:49.0435 10224 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:11:49.0435 10224 lltdio - ok
20:11:49.0482 10224 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:11:49.0482 10224 lltdsvc - ok
20:11:49.0497 10224 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:11:49.0497 10224 lmhosts - ok
20:11:49.0513 10224 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:11:49.0528 10224 LSI_FC - ok
20:11:49.0544 10224 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:11:49.0544 10224 LSI_SAS - ok
20:11:49.0560 10224 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:11:49.0560 10224 LSI_SAS2 - ok
20:11:49.0575 10224 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:11:49.0575 10224 LSI_SCSI - ok
20:11:49.0591 10224 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:11:49.0591 10224 luafv - ok
20:11:49.0669 10224 [ D261641E17CC3DE990BA785EFC0AAD3E ] Macromedia Licensing Service C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
20:11:49.0669 10224 Macromedia Licensing Service - ok
20:11:49.0716 10224 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:11:49.0716 10224 MBAMProtector - ok
20:11:49.0778 10224 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:11:49.0809 10224 MBAMScheduler - ok
20:11:49.0856 10224 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:11:49.0887 10224 MBAMService - ok
20:11:49.0903 10224 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
20:11:49.0903 10224 megasas - ok
20:11:49.0934 10224 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:11:49.0934 10224 MegaSR - ok
20:11:49.0996 10224 Microsoft SharePoint Workspace Audit Service - ok
20:11:50.0028 10224 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:11:50.0028 10224 MMCSS - ok
20:11:50.0043 10224 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:11:50.0043 10224 Modem - ok
20:11:50.0074 10224 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:11:50.0074 10224 monitor - ok
20:11:50.0090 10224 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:11:50.0106 10224 mouclass - ok
20:11:50.0121 10224 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:11:50.0121 10224 mouhid - ok
20:11:50.0152 10224 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:11:50.0152 10224 mountmgr - ok
20:11:50.0184 10224 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:11:50.0199 10224 MozillaMaintenance - ok
20:11:50.0230 10224 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:11:50.0230 10224 mpio - ok
20:11:50.0246 10224 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:11:50.0246 10224 mpsdrv - ok
20:11:50.0277 10224 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:11:50.0308 10224 MpsSvc - ok
20:11:50.0324 10224 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:11:50.0324 10224 MRxDAV - ok
20:11:50.0355 10224 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:11:50.0355 10224 mrxsmb - ok
20:11:50.0371 10224 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:11:50.0386 10224 mrxsmb10 - ok
20:11:50.0402 10224 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:11:50.0402 10224 mrxsmb20 - ok
20:11:50.0418 10224 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:11:50.0418 10224 msahci - ok
20:11:50.0433 10224 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:11:50.0449 10224 msdsm - ok
20:11:50.0464 10224 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:11:50.0464 10224 MSDTC - ok
20:11:50.0480 10224 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:11:50.0496 10224 Msfs - ok
20:11:50.0511 10224 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:11:50.0511 10224 mshidkmdf - ok
20:11:50.0527 10224 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:11:50.0527 10224 msisadrv - ok
20:11:50.0558 10224 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:11:50.0574 10224 MSiSCSI - ok
20:11:50.0574 10224 msiserver - ok
20:11:50.0620 10224 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:11:50.0620 10224 MSKSSRV - ok
20:11:50.0636 10224 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:11:50.0636 10224 MSPCLOCK - ok
20:11:50.0652 10224 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:11:50.0652 10224 MSPQM - ok
20:11:50.0683 10224 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:11:50.0683 10224 MsRPC - ok
20:11:50.0714 10224 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:11:50.0714 10224 mssmbios - ok
20:11:50.0730 10224 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:11:50.0730 10224 MSTEE - ok
20:11:50.0745 10224 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:11:50.0745 10224 MTConfig - ok
20:11:50.0776 10224 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
20:11:50.0808 10224 MTsensor - ok
20:11:50.0823 10224 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:11:50.0823 10224 Mup - ok
20:11:50.0854 10224 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:11:50.0854 10224 napagent - ok
20:11:50.0901 10224 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:11:50.0901 10224 NativeWifiP - ok
20:11:51.0010 10224 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
20:11:51.0057 10224 NBService - ok
20:11:51.0104 10224 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:11:51.0135 10224 NDIS - ok
20:11:51.0151 10224 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:11:51.0166 10224 NdisCap - ok
20:11:51.0182 10224 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:11:51.0182 10224 NdisTapi - ok
20:11:51.0213 10224 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:11:51.0229 10224 Ndisuio - ok
20:11:51.0229 10224 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:11:51.0244 10224 NdisWan - ok
20:11:51.0260 10224 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:11:51.0260 10224 NDProxy - ok
20:11:51.0276 10224 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:11:51.0276 10224 NetBIOS - ok
20:11:51.0291 10224 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:11:51.0307 10224 NetBT - ok
20:11:51.0322 10224 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:11:51.0322 10224 Netlogon - ok
20:11:51.0369 10224 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:11:51.0369 10224 Netman - ok
20:11:51.0400 10224 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:11:51.0400 10224 netprofm - ok
20:11:51.0416 10224 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:11:51.0432 10224 nfrd960 - ok
20:11:51.0478 10224 [ 6676071F33AE0A2FB59207BBC01EE03A ] NitroReaderDriverReadSpool2 C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
20:11:51.0494 10224 NitroReaderDriverReadSpool2 - ok
20:11:51.0510 10224 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:11:51.0525 10224 NlaSvc - ok
20:11:51.0541 10224 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:11:51.0541 10224 Npfs - ok
20:11:51.0572 10224 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:11:51.0572 10224 nsi - ok
20:11:51.0588 10224 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:11:51.0603 10224 nsiproxy - ok
20:11:51.0650 10224 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:11:51.0697 10224 Ntfs - ok
20:11:51.0712 10224 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:11:51.0712 10224 Null - ok
20:11:51.0962 10224 [ F3F2B0FD5FCDA396F2F317A90A195E06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:11:52.0118 10224 nvlddmkm - ok
20:11:52.0134 10224 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:11:52.0149 10224 nvraid - ok
20:11:52.0180 10224 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:11:52.0180 10224 nvstor - ok
20:11:52.0196 10224 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:11:52.0196 10224 nv_agp - ok
20:11:52.0196 10224 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:11:52.0212 10224 ohci1394 - ok
20:11:52.0258 10224 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:11:52.0274 10224 ose - ok
20:11:52.0414 10224 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:11:52.0539 10224 osppsvc - ok
20:11:52.0602 10224 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:11:52.0617 10224 p2pimsvc - ok
20:11:52.0648 10224 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:11:52.0648 10224 p2psvc - ok
20:11:52.0680 10224 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:11:52.0680 10224 Parport - ok
20:11:52.0726 10224 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:11:52.0742 10224 partmgr - ok
20:11:52.0758 10224 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:11:52.0758 10224 Parvdm - ok
20:11:52.0773 10224 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:11:52.0789 10224 PcaSvc - ok
20:11:52.0804 10224 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:11:52.0820 10224 pci - ok
20:11:52.0820 10224 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:11:52.0836 10224 pciide - ok
20:11:52.0851 10224 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:11:52.0851 10224 pcmcia - ok
20:11:52.0882 10224 [ 6C9E2F69D99C025FD5CAB2228E495FA1 ] PCTBD C:\Windows\system32\Drivers\PCTBD.sys
20:11:52.0898 10224 PCTBD - ok
20:11:52.0914 10224 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:11:52.0914 10224 pcw - ok
20:11:52.0960 10224 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:11:52.0976 10224 PEAUTH - ok
20:11:53.0023 10224 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:11:53.0070 10224 pla - ok
20:11:53.0101 10224 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:11:53.0116 10224 PlugPlay - ok
20:11:53.0179 10224 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
20:11:53.0194 10224 PnkBstrA - ok
20:11:53.0210 10224 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:11:53.0210 10224 PNRPAutoReg - ok
20:11:53.0226 10224 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:11:53.0226 10224 PNRPsvc - ok
20:11:53.0272 10224 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:11:53.0272 10224 PolicyAgent - ok
20:11:53.0319 10224 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:11:53.0319 10224 Power - ok
20:11:53.0366 10224 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:11:53.0366 10224 PptpMiniport - ok
20:11:53.0382 10224 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
20:11:53.0382 10224 Processor - ok
20:11:53.0413 10224 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:11:53.0428 10224 ProfSvc - ok
20:11:53.0428 10224 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:11:53.0444 10224 ProtectedStorage - ok
20:11:53.0460 10224 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:11:53.0460 10224 Psched - ok
20:11:53.0506 10224 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:11:53.0538 10224 ql2300 - ok
20:11:53.0569 10224 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:11:53.0569 10224 ql40xx - ok
20:11:53.0600 10224 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:11:53.0616 10224 QWAVE - ok
20:11:53.0631 10224 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:11:53.0631 10224 QWAVEdrv - ok
20:11:53.0662 10224 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:11:53.0662 10224 RasAcd - ok
20:11:53.0709 10224 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:11:53.0709 10224 RasAgileVpn - ok
20:11:53.0725 10224 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:11:53.0725 10224 RasAuto - ok
20:11:53.0740 10224 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:11:53.0740 10224 Rasl2tp - ok
20:11:53.0772 10224 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:11:53.0772 10224 RasMan - ok
20:11:53.0787 10224 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:11:53.0787 10224 RasPppoe - ok
20:11:53.0818 10224 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:11:53.0834 10224 RasSstp - ok
20:11:53.0850 10224 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:11:53.0850 10224 rdbss - ok
20:11:53.0865 10224 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:11:53.0865 10224 rdpbus - ok
20:11:53.0881 10224 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:11:53.0881 10224 RDPCDD - ok
20:11:53.0928 10224 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:11:53.0928 10224 RDPDR - ok
20:11:53.0959 10224 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:11:53.0974 10224 RDPENCDD - ok
20:11:53.0990 10224 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:11:53.0990 10224 RDPREFMP - ok
20:11:54.0037 10224 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:11:54.0037 10224 RdpVideoMiniport - ok
20:11:54.0084 10224 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:11:54.0084 10224 RDPWD - ok
20:11:54.0115 10224 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:11:54.0115 10224 rdyboost - ok
20:11:54.0146 10224 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:11:54.0146 10224 RemoteAccess - ok
20:11:54.0162 10224 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:11:54.0162 10224 RemoteRegistry - ok
20:11:54.0208 10224 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:11:54.0208 10224 RpcEptMapper - ok
20:11:54.0240 10224 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:11:54.0240 10224 RpcLocator - ok
20:11:54.0271 10224 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:11:54.0271 10224 RpcSs - ok
20:11:54.0286 10224 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:11:54.0286 10224 rspndr - ok
20:11:54.0318 10224 [ 25BE98C05808C57E4D8D26477DC12D39 ] RTLE8023xp C:\Windows\system32\DRIVERS\Rtenicxp.sys
20:11:54.0333 10224 RTLE8023xp - ok
20:11:54.0349 10224 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:11:54.0349 10224 SamSs - ok
20:11:54.0380 10224 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:11:54.0380 10224 sbp2port - ok
20:11:54.0380 10224 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:11:54.0396 10224 SCardSvr - ok
20:11:54.0411 10224 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:11:54.0411 10224 scfilter - ok
20:11:54.0427 10224 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:11:54.0442 10224 Schedule - ok
20:11:54.0458 10224 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:11:54.0458 10224 SCPolicySvc - ok
20:11:54.0489 10224 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:11:54.0505 10224 SDRSVC - ok
20:11:54.0536 10224 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:11:54.0536 10224 secdrv - ok
20:11:54.0536 10224 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:11:54.0552 10224 seclogon - ok
20:11:54.0567 10224 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:11:54.0583 10224 SENS - ok
20:11:54.0598 10224 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:11:54.0598 10224 Serenum - ok
20:11:54.0598 10224 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:11:54.0614 10224 Serial - ok
20:11:54.0614 10224 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:11:54.0614 10224 sermouse - ok
20:11:54.0645 10224 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:11:54.0645 10224 SessionEnv - ok
20:11:54.0661 10224 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:11:54.0661 10224 sffdisk - ok
20:11:54.0676 10224 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:11:54.0676 10224 sffp_mmc - ok
20:11:54.0692 10224 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:11:54.0692 10224 sffp_sd - ok
20:11:54.0708 10224 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:11:54.0708 10224 sfloppy - ok
20:11:54.0739 10224 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:11:54.0739 10224 SharedAccess - ok
20:11:54.0786 10224 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:11:54.0801 10224 ShellHWDetection - ok
20:11:54.0848 10224 [ F5AAA8CDDA25B6387AF590D676D25BAD ] simptcp C:\Windows\System32\tcpsvcs.exe
20:11:54.0848 10224 simptcp - ok
20:11:54.0864 10224 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:11:54.0864 10224 sisagp - ok
20:11:54.0895 10224 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:11:54.0895 10224 SiSRaid2 - ok
20:11:54.0910 10224 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:11:54.0926 10224 SiSRaid4 - ok
20:11:55.0051 10224 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:11:55.0144 10224 Skype C2C Service - ok
20:11:55.0191 10224 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:11:55.0207 10224 SkypeUpdate - ok
20:11:55.0222 10224 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:11:55.0222 10224 Smb - ok
20:11:55.0254 10224 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:11:55.0269 10224 SNMPTRAP - ok
20:11:55.0347 10224 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
20:11:55.0363 10224 Sony PC Companion - ok
20:11:55.0378 10224 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:11:55.0378 10224 spldr - ok
20:11:55.0425 10224 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:11:55.0441 10224 Spooler - ok
20:11:55.0534 10224 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:11:55.0612 10224 sppsvc - ok
20:11:55.0628 10224 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:11:55.0628 10224 sppuinotify - ok
20:11:55.0659 10224 [ 7B426B8E809EDF081D771EF429345528 ] sp_rsdrv2 C:\Windows\system32\drivers\sp_rsdrv2.sys
20:11:55.0675 10224 sp_rsdrv2 - ok
20:11:55.0722 10224 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:11:55.0722 10224 srv - ok
20:11:55.0737 10224 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:11:55.0737 10224 srv2 - ok
20:11:55.0768 10224 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:11:55.0768 10224 srvnet - ok
20:11:55.0784 10224 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:11:55.0800 10224 SSDPSRV - ok
20:11:55.0831 10224 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:11:55.0831 10224 SstpSvc - ok
20:11:55.0893 10224 [ 6BF6E5FAD331DF37728A234DAC17FE34 ] ST2012_Svc C:\Program Files\Spyware Terminator\st_rsser.exe
20:11:55.0924 10224 ST2012_Svc - ok
20:11:55.0956 10224 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:11:55.0956 10224 stexstor - ok
20:11:56.0002 10224 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:11:56.0034 10224 StiSvc - ok
20:11:56.0065 10224 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:11:56.0065 10224 swenum - ok
20:11:56.0080 10224 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:11:56.0096 10224 swprv - ok
20:11:56.0127 10224 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
20:11:56.0127 10224 Synth3dVsc - ok
20:11:56.0158 10224 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:11:56.0221 10224 SysMain - ok
20:11:56.0252 10224 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:11:56.0252 10224 TabletInputService - ok
20:11:56.0268 10224 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:11:56.0268 10224 TapiSrv - ok
20:11:56.0299 10224 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:11:56.0299 10224 TBS - ok
20:11:56.0361 10224 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:11:56.0392 10224 Tcpip - ok
20:11:56.0439 10224 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:11:56.0439 10224 TCPIP6 - ok
20:11:56.0470 10224 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:11:56.0470 10224 tcpipreg - ok
20:11:56.0486 10224 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:11:56.0486 10224 TDPIPE - ok
20:11:56.0502 10224 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:11:56.0517 10224 TDTCP - ok
20:11:56.0533 10224 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:11:56.0533 10224 tdx - ok
20:11:56.0548 10224 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:11:56.0548 10224 TermDD - ok
20:11:56.0564 10224 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
20:11:56.0564 10224 terminpt - ok
20:11:56.0611 10224 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:11:56.0626 10224 TermService - ok
20:11:56.0658 10224 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:11:56.0658 10224 Themes - ok
20:11:56.0673 10224 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:11:56.0673 10224 THREADORDER - ok
20:11:56.0689 10224 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:11:56.0689 10224 TrkWks - ok
20:11:56.0751 10224 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:11:56.0751 10224 TrustedInstaller - ok
20:11:56.0767 10224 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:11:56.0782 10224 tssecsrv - ok
20:11:56.0782 10224 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:11:56.0798 10224 TsUsbFlt - ok
20:11:56.0798 10224 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:11:56.0798 10224 TsUsbGD - ok
20:11:56.0814 10224 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
20:11:56.0814 10224 tsusbhub - ok
20:11:56.0829 10224 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:11:56.0829 10224 tunnel - ok
20:11:56.0845 10224 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:11:56.0860 10224 uagp35 - ok
20:11:56.0876 10224 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:11:56.0876 10224 udfs - ok
20:11:56.0892 10224 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:11:56.0907 10224 UI0Detect - ok
20:11:56.0938 10224 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:11:56.0938 10224 uliagpkx - ok
20:11:56.0954 10224 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:11:56.0954 10224 umbus - ok
20:11:56.0970 10224 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
20:11:56.0985 10224 UmPass - ok
20:11:57.0001 10224 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:11:57.0016 10224 UmRdpService - ok
20:11:57.0032 10224 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:11:57.0032 10224 upnphost - ok
20:11:57.0063 10224 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:11:57.0079 10224 usbccgp - ok
20:11:57.0094 10224 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:11:57.0094 10224 usbcir - ok
20:11:57.0126 10224 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:11:57.0126 10224 usbehci - ok
20:11:57.0157 10224 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:11:57.0172 10224 usbhub - ok
20:11:57.0188 10224 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:11:57.0188 10224 usbohci - ok
20:11:57.0219 10224 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:11:57.0219 10224 usbprint - ok
20:11:57.0235 10224 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:11:57.0250 10224 USBSTOR - ok

[kamelko]

20:11:57.0266 10224 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:11:57.0266 10224 usbuhci - ok
20:11:57.0297 10224 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:11:57.0297 10224 UxSms - ok
20:11:57.0313 10224 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:11:57.0313 10224 VaultSvc - ok
20:11:57.0328 10224 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:11:57.0328 10224 vdrvroot - ok
20:11:57.0344 10224 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:11:57.0360 10224 vds - ok
20:11:57.0391 10224 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:11:57.0391 10224 vga - ok
20:11:57.0406 10224 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:11:57.0406 10224 VgaSave - ok
20:11:57.0422 10224 VGPU - ok
20:11:57.0438 10224 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:11:57.0438 10224 vhdmp - ok
20:11:57.0453 10224 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:11:57.0453 10224 viaagp - ok
20:11:57.0469 10224 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:11:57.0469 10224 ViaC7 - ok
20:11:57.0484 10224 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:11:57.0484 10224 viaide - ok
20:11:57.0500 10224 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:11:57.0500 10224 volmgr - ok
20:11:57.0531 10224 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:11:57.0531 10224 volmgrx - ok
20:11:57.0547 10224 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:11:57.0547 10224 volsnap - ok
20:11:57.0562 10224 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:11:57.0578 10224 vsmraid - ok
20:11:57.0625 10224 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:11:57.0656 10224 VSS - ok
20:11:57.0672 10224 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:11:57.0672 10224 vwifibus - ok
20:11:57.0703 10224 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:11:57.0703 10224 W32Time - ok
20:11:57.0718 10224 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:11:57.0718 10224 WacomPen - ok
20:11:57.0750 10224 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:11:57.0750 10224 WANARP - ok
20:11:57.0750 10224 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:11:57.0750 10224 Wanarpv6 - ok
20:11:57.0828 10224 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
20:11:57.0843 10224 WAS - ok
20:11:57.0921 10224 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:11:57.0952 10224 WatAdminSvc - ok
20:11:57.0999 10224 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:11:58.0030 10224 wbengine - ok
20:11:58.0062 10224 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:11:58.0062 10224 WbioSrvc - ok
20:11:58.0108 10224 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:11:58.0108 10224 wcncsvc - ok
20:11:58.0124 10224 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:11:58.0140 10224 WcsPlugInService - ok
20:11:58.0155 10224 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
20:11:58.0155 10224 Wd - ok
20:11:58.0171 10224 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:11:58.0186 10224 Wdf01000 - ok
20:11:58.0202 10224 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:11:58.0202 10224 WdiServiceHost - ok
20:11:58.0202 10224 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:11:58.0218 10224 WdiSystemHost - ok
20:11:58.0233 10224 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:11:58.0233 10224 WebClient - ok
20:11:58.0249 10224 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:11:58.0249 10224 Wecsvc - ok
20:11:58.0264 10224 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:11:58.0264 10224 wercplsupport - ok
20:11:58.0311 10224 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:11:58.0311 10224 WerSvc - ok
20:11:58.0342 10224 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:11:58.0342 10224 WfpLwf - ok
20:11:58.0358 10224 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:11:58.0358 10224 WIMMount - ok
20:11:58.0405 10224 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:11:58.0452 10224 WinDefend - ok
20:11:58.0467 10224 WinHttpAutoProxySvc - ok
20:11:58.0514 10224 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:11:58.0530 10224 Winmgmt - ok
20:11:58.0576 10224 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:11:58.0623 10224 WinRM - ok
20:11:58.0670 10224 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
20:11:58.0670 10224 WinUSB - ok
20:11:58.0717 10224 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:11:58.0748 10224 Wlansvc - ok
20:11:58.0764 10224 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:11:58.0764 10224 WmiAcpi - ok
20:11:58.0810 10224 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:11:58.0810 10224 wmiApSrv - ok
20:11:58.0826 10224 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:11:58.0842 10224 ws2ifsl - ok
20:11:58.0842 10224 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:11:58.0857 10224 wscsvc - ok
20:11:58.0857 10224 WSearch - ok
20:11:58.0935 10224 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:11:58.0998 10224 wuauserv - ok
20:11:59.0013 10224 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:11:59.0013 10224 WudfPf - ok
20:11:59.0044 10224 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:11:59.0044 10224 wudfsvc - ok
20:11:59.0060 10224 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:11:59.0091 10224 WwanSvc - ok
20:11:59.0107 10224 ================ Scan global ===============================
20:11:59.0138 10224 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:11:59.0169 10224 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
20:11:59.0185 10224 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
20:11:59.0232 10224 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:11:59.0263 10224 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:11:59.0278 10224 [Global] - ok
20:11:59.0278 10224 ================ Scan MBR ==================================
20:11:59.0294 10224 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:11:59.0746 10224 \Device\Harddisk0\DR0 - ok
20:11:59.0746 10224 ================ Scan VBR ==================================
20:11:59.0762 10224 [ 451A863BBC5B7F77573813CFDA12118F ] \Device\Harddisk0\DR0\Partition1
20:11:59.0762 10224 \Device\Harddisk0\DR0\Partition1 - ok
20:11:59.0778 10224 [ C714D098CC1B89FFF0AC453961EC3FD5 ] \Device\Harddisk0\DR0\Partition2
20:11:59.0778 10224 \Device\Harddisk0\DR0\Partition2 - ok
20:11:59.0778 10224 ============================================================
20:11:59.0778 10224 Scan finished
20:11:59.0778 10224 ============================================================
20:11:59.0778 9208 Detected object count: 0
20:11:59.0778 9208 Actual detected object count: 0
20:12:25.0564 9932 Deinitialize success


ComboFix 12-09-30.01 - Mišo . 09. 2012 21:13:05.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.2047.1109 [GMT 2:00]
Running from: c:\users\MiÜo\Desktop\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\BasicScan
c:\program files\BasicScan\uninstall.exe
c:\program files\Complitly
c:\program files\Complitly\FireFoxExtensionWithFF8Fix.exe
c:\program files\Complitly\FireFoxUninstaller.exe
c:\program files\Complitly\chrome\ComplitlyChrome.crx
c:\program files\Complitly\InstTracker.exe
c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files\Complitly\support@Complitly.com\chrome.manifest
c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files\Complitly\support@Complitly.com\install.rdf
c:\program files\Complitly\System.Data.SQLite.dll
c:\program files\Complitly\unins000.dat
c:\program files\Complitly\unins000.exe
c:\programdata\7fd8f67c59dac6f07543b78887fa786d_c
C:\readme.txt
C:\setup.exe
C:\Thumbs.db
c:\windows\PFRO.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\system32\roboot.exe
c:\windows\system32\tmp2016.tmp
c:\windows\system32\tmp2036.tmp
c:\windows\system32\tmpC469.tmp
c:\windows\system32\tmpC4B8.tmp
c:\windows\system32\tmpCF97.tmp
c:\windows\system32\tmpCFE6.tmp
c:\windows\system32\tmpD4DE.tmp
c:\windows\system32\tmpD4EE.tmp
c:\windows\system32\tmpDCD.tmp
c:\windows\system32\tmpDFD.tmp
E:\autorun.inf
E:\install.exe
E:\setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-28 to 2012-09-30 )))))))))))))))))))))))))))))))
.
.
2012-09-30 19:37 . 2012-09-30 19:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-30 06:46 . 2012-09-30 06:46 -------- d-----w- c:\program files\GOG.com
2012-09-28 17:30 . 2012-09-28 17:30 -------- d-----w- c:\users\Mišo\AppData\Roaming\Malwarebytes
2012-09-28 17:29 . 2012-09-28 17:29 -------- d-----w- c:\programdata\Malwarebytes
2012-09-28 17:29 . 2012-09-28 17:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-28 17:29 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-28 07:06 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5294FCF-2442-47DC-875F-E73AECCF122D}\mpengine.dll
2012-09-27 17:42 . 2012-09-27 17:42 388096 ----a-r- c:\users\Mišo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-27 17:42 . 2012-09-27 17:42 -------- d-----w- c:\program files\Trend Micro
2012-09-26 14:42 . 2012-09-26 14:42 -------- d-----w- c:\program files\RomeXoft
2012-09-26 14:42 . 2012-09-28 19:15 -------- d-----w- c:\programdata\blekko toolbars
2012-09-26 14:42 . 2012-09-26 14:42 -------- d-----w- c:\users\Mišo\AppData\Local\blekkotb_031
2012-09-25 18:19 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-24 20:51 . 2012-09-24 20:51 -------- d-----w- c:\programdata\YTD Video Downloader
2012-09-23 17:42 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-09-23 17:42 . 2012-09-27 14:40 -------- d-----w- c:\programdata\Spyware Terminator
2012-09-23 17:42 . 2012-09-23 17:42 -------- d-----w- c:\users\Mišo\AppData\Roaming\Spyware Terminator
2012-09-23 16:49 . 2012-09-23 17:43 -------- d-----w- c:\program files\Spyware Terminator
2012-09-17 13:30 . 2012-09-17 13:30 -------- d-----w- c:\users\Mišo\AppData\Local\Sony
2012-09-17 13:27 . 2012-09-17 13:27 -------- d-----w- c:\programdata\Sony
2012-09-17 13:27 . 2012-09-17 13:27 -------- d-----w- c:\program files\Sony
2012-09-12 12:31 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 12:31 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 12:31 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 12:31 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 12:31 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 12:31 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-09 19:21 . 2012-09-09 19:21 -------- d-----w- c:\programdata\XoftSpySE
2012-09-08 14:22 . 2012-06-22 09:39 70768 ----a-w- c:\windows\system32\drivers\PCTBD.sys
2012-09-08 14:22 . 2012-06-22 09:38 767960 ----a-w- c:\windows\BDTSupport.dll
2012-09-08 14:22 . 2012-06-22 09:39 149464 ----a-w- c:\windows\SGDetectionTool.dll
2012-09-08 14:22 . 2012-06-22 09:39 2267096 ----a-w- c:\windows\PCTBDCore.dll
2012-09-08 14:22 . 2012-06-22 09:39 1689560 ----a-w- c:\windows\PCTBDRes.dll
2012-09-08 14:20 . 2012-09-08 14:20 -------- d-----w- c:\program files\PC Tools
2012-09-08 14:13 . 2012-06-22 13:34 203120 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-09-08 14:13 . 2012-09-28 19:09 -------- d-----w- c:\program files\Common Files\PC Tools
2012-09-08 14:11 . 2012-09-28 17:09 -------- d-----w- c:\programdata\PC Tools
2012-09-08 14:11 . 2012-09-08 14:11 -------- d-----w- c:\users\Mišo\AppData\Roaming\TestApp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-27 17:42 . 2012-09-27 17:42 388096 ----a-r- c:\users\Mišo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-27 17:42 . 2012-09-27 17:42 388096 ----a-r- c:\users\Mišo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-22 21:02 . 2012-08-19 12:22 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-22 21:02 . 2012-08-19 12:22 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-20 17:25 . 2011-10-29 11:13 1374624 ----a-w- C:\eset_smart_security_live_installer.exe
2012-08-23 08:36 . 2012-08-23 08:11 15823872 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2012-08-23 08:36 . 2012-08-23 08:11 15823872 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2012-08-23 08:36 . 2012-08-23 08:11 786492 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2012-08-23 08:36 . 2012-08-23 08:11 786492 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2012-08-23 08:36 . 2012-08-23 08:11 107008 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2012-08-23 08:36 . 2012-08-23 08:11 107008 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2012-08-12 19:09 . 2012-08-12 19:09 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-08-12 19:09 . 2012-08-12 19:09 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-07-18 17:47 . 2012-08-15 23:55 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-04 21:14 . 2012-08-15 23:55 41984 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 21:14 . 2012-08-15 23:55 102912 ----a-w- c:\windows\system32\browser.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\Sidebar.exe" [2010-11-20 1174016]
"MultiScreen"="c:\program files\MultiScreen\MultiScreen.exe" [2009-08-11 303104]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
"Screen Notes"="c:\program files\RomeXoft\Screen Notes\ScreenNotes.exe" [2007-01-19 621568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-04-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-12 81920]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-04-26 380928]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-12-09 74752]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-19 868352]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 3117344]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
.
c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
tcbhn.lnk - c:\users\Mišo\AppData\Roaming\BrowserCompanion\tcbhn.exe [2012-3-27 692888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ASUS WiFi-AP Solo.lnk - c:\program files\ASUS WiFi-AP Solo\RtWLan.exe [2012-1-10 987136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 46098424
*Deregistered* - 46098424
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 21:02]
.
.
------- Supplementary Scan -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{81727BE7-50E7-48ed-A547-F0274756E2DD} - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} -
TCP: DhcpNameServer = 192.168.1.1
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-1ClickDownload - c:\program files\1ClickDownload\uninst.exe
AddRemove-Advanced System Protector_is1 - c:\program files\Advanced System Protector\unins000.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-30 21:39:09
ComboFix-quarantined-files.txt 2012-09-30 19:39
.
Pre-Run: 9 442 775 040 bytes free
Post-Run: 30 658 379 776 bytes free
.
- - End Of File - - 90781B6DB4571A0F1C5DBA093091D4F7

[Žbeky]

Znáš c:\users\Mišo\AppData\Roaming\TestApp?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
c:\windows\system32\drivers\sp_rsdrv2.sys
c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe

Folder::
c:\programdata\Spyware Terminator
c:\users\Mišo\AppData\Roaming\Spyware Terminator
c:\program files\Spyware Terminator
c:\programdata\blekko toolbars
c:\program files\Skype\Updater

Driver::
SkypeUpdate
ST2012_Svc

DDS::
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu


Toto otestuj na Virustotal
c:\users\Mišo\AppData\Roaming\BrowserCompanion\tcbhn.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[kamelko]

ComboFix 12-09-30.01 - Mišo . 10. 2012 23:04:11.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.2047.1241 [GMT 2:00]
Running from: c:\users\MiÜo\Desktop\ComboFix.exe
Command switches used :: c:\users\MiÜo\Desktop\CFScript.txt
AV: ESET Smart Security 5.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infected copy of c:\windows\system32\kernel32.dll was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_960c0dc1cdddb3a2\kernel32.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-09-01 to 2012-10-01 )))))))))))))))))))))))))))))))
.
.
2012-10-01 21:22 . 2012-10-01 21:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-30 06:46 . 2012-09-30 06:46 -------- d-----w- c:\program files\GOG.com
2012-09-28 17:30 . 2012-09-28 17:30 -------- d-----w- c:\users\Mišo\AppData\Roaming\Malwarebytes
2012-09-28 17:29 . 2012-09-28 17:29 -------- d-----w- c:\programdata\Malwarebytes
2012-09-28 17:29 . 2012-09-28 17:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-28 17:29 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-28 07:06 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5294FCF-2442-47DC-875F-E73AECCF122D}\mpengine.dll
2012-09-27 17:42 . 2012-09-27 17:42 388096 ----a-r- c:\users\Mišo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-27 17:42 . 2012-09-27 17:42 -------- d-----w- c:\program files\Trend Micro
2012-09-26 14:42 . 2012-09-26 14:42 -------- d-----w- c:\program files\RomeXoft
2012-09-26 14:42 . 2012-09-28 19:15 -------- d-----w- c:\programdata\blekko toolbars
2012-09-26 14:42 . 2012-09-26 14:42 -------- d-----w- c:\users\Mišo\AppData\Local\blekkotb_031
2012-09-25 18:19 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-24 20:51 . 2012-09-24 20:51 -------- d-----w- c:\programdata\YTD Video Downloader
2012-09-23 17:42 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-09-23 17:42 . 2012-09-27 14:40 -------- d-----w- c:\programdata\Spyware Terminator
2012-09-23 17:42 . 2012-09-23 17:42 -------- d-----w- c:\users\Mišo\AppData\Roaming\Spyware Terminator
2012-09-23 16:49 . 2012-09-23 17:43 -------- d-----w- c:\program files\Spyware Terminator
2012-09-17 13:30 . 2012-09-17 13:30 -------- d-----w- c:\users\Mišo\AppData\Local\Sony
2012-09-17 13:27 . 2012-09-17 13:27 -------- d-----w- c:\programdata\Sony
2012-09-17 13:27 . 2012-09-17 13:27 -------- d-----w- c:\program files\Sony
2012-09-12 12:31 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 12:31 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 12:31 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 12:31 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 12:31 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 12:31 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-09 19:21 . 2012-09-09 19:21 -------- d-----w- c:\programdata\XoftSpySE
2012-09-08 14:22 . 2012-06-22 09:39 70768 ----a-w- c:\windows\system32\drivers\PCTBD.sys
2012-09-08 14:22 . 2012-06-22 09:38 767960 ----a-w- c:\windows\BDTSupport.dll
2012-09-08 14:22 . 2012-06-22 09:39 149464 ----a-w- c:\windows\SGDetectionTool.dll
2012-09-08 14:22 . 2012-06-22 09:39 2267096 ----a-w- c:\windows\PCTBDCore.dll
2012-09-08 14:22 . 2012-06-22 09:39 1689560 ----a-w- c:\windows\PCTBDRes.dll
2012-09-08 14:20 . 2012-09-08 14:20 -------- d-----w- c:\program files\PC Tools
2012-09-08 14:13 . 2012-06-22 13:34 203120 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-09-08 14:13 . 2012-09-28 19:09 -------- d-----w- c:\program files\Common Files\PC Tools
2012-09-08 14:11 . 2012-09-28 17:09 -------- d-----w- c:\programdata\PC Tools
2012-09-08 14:11 . 2012-09-08 14:11 -------- d-----w- c:\users\Mišo\AppData\Roaming\TestApp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-27 17:42 . 2012-09-27 17:42 388096 ----a-r- c:\users\Mišo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-27 17:42 . 2012-09-27 17:42 388096 ----a-r- c:\users\Mišo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-22 21:02 . 2012-08-19 12:22 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-22 21:02 . 2012-08-19 12:22 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-20 17:25 . 2011-10-29 11:13 1374624 ----a-w- C:\eset_smart_security_live_installer.exe
2012-08-23 08:36 . 2012-08-23 08:11 15823872 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2012-08-23 08:36 . 2012-08-23 08:11 15823872 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2012-08-23 08:36 . 2012-08-23 08:11 786492 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2012-08-23 08:36 . 2012-08-23 08:11 786492 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2012-08-23 08:36 . 2012-08-23 08:11 107008 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2012-08-23 08:36 . 2012-08-23 08:11 107008 ----a-w- c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2012-08-12 19:09 . 2012-08-12 19:09 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-08-12 19:09 . 2012-08-12 19:09 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-07-18 17:47 . 2012-08-15 23:55 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-04 21:14 . 2012-08-15 23:55 41984 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 21:14 . 2012-08-15 23:55 102912 ----a-w- c:\windows\system32\browser.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\Sidebar.exe" [2010-11-20 1174016]
"MultiScreen"="c:\program files\MultiScreen\MultiScreen.exe" [2009-08-11 303104]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
"Screen Notes"="c:\program files\RomeXoft\Screen Notes\ScreenNotes.exe" [2007-01-19 621568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-04-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-12 81920]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-04-26 380928]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-12-09 74752]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-19 868352]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 3117344]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
.
c:\users\Mišo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
tcbhn.lnk - c:\users\Mišo\AppData\Roaming\BrowserCompanion\tcbhn.exe [2012-3-27 692888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ASUS WiFi-AP Solo.lnk - c:\program files\ASUS WiFi-AP Solo\RtWLan.exe [2012-1-10 987136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 21:02]
.
.
------- Supplementary Scan -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{81727BE7-50E7-48ed-A547-F0274756E2DD} - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} -
TCP: DhcpNameServer = 192.168.1.1
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5268)
c:\program files\MultiScreen\TitleBar.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\ASUS\GamerOSD\ATKFastUserSwitching.exe
c:\windows\system32\taskhost.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\system32\conhost.exe
c:\program files\YourFileDownloader\YourFileUpdater.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\users\Mic:\program files\Sony\Sony PC Companion\PCCompanionInfo.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2012-10-01 23:27:27 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-01 21:27
ComboFix2.txt 2012-09-30 19:39
.
Pre-Run: 29 658 087 424 bytes free
Post-Run: 29 610 287 104 bytes free
.
- - End Of File - - 24FFEE4D5F7123A3B68B205143D692B1

Virustotal:

https://www.virustotal.com/file/45e52a5 ... 349129491/

[Orcus]

Soubor c:\users\Mišo\AppData\Roaming\BrowserCompanion\tcbhn.exe přejmenuj na c:\users\Mišo\AppData\Roaming\BrowserCompanion\tcbhn.vir

Poté restartuj PC a ověř jak se chová PC. Ještě pořád se zobrazují reklamy?
+ nový log z HJT.

[kamelko]

Ano este stale sa mi zobrazuju iba reklamy. Ako ten subor prepíšem na tcbhn.vir?

[Orcus]

Klikneš pravým a dáš "Přejmenovat". Pokud to nevidíš .exe koncovku, je potřeba je neprve zobrazit.
http://support.microsoft.com/kb/865219/cs