prosim o kotrolu logu Vyřešeno

[bariicek]

15:24:31.0008 5844 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
15:24:31.0010 5844 rismxdp - ok
15:24:31.0047 5844 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:24:31.0050 5844 RpcEptMapper - ok
15:24:31.0081 5844 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:24:31.0085 5844 RpcLocator - ok
15:24:31.0155 5844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:24:31.0161 5844 RpcSs - ok
15:24:31.0198 5844 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:24:31.0200 5844 rspndr - ok
15:24:31.0274 5844 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:24:31.0276 5844 s3cap - ok
15:24:31.0303 5844 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:24:31.0305 5844 SamSs - ok
15:24:31.0351 5844 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:24:31.0353 5844 sbp2port - ok
15:24:31.0406 5844 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:24:31.0411 5844 SCardSvr - ok
15:24:31.0469 5844 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:24:31.0471 5844 scfilter - ok
15:24:31.0556 5844 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:24:31.0592 5844 Schedule - ok
15:24:31.0641 5844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:24:31.0642 5844 SCPolicySvc - ok
15:24:31.0698 5844 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:24:31.0701 5844 sdbus - ok
15:24:31.0758 5844 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:24:31.0762 5844 SDRSVC - ok
15:24:31.0792 5844 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:24:31.0794 5844 secdrv - ok
15:24:31.0851 5844 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:24:31.0854 5844 seclogon - ok
15:24:31.0894 5844 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:24:31.0898 5844 SENS - ok
15:24:31.0923 5844 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:24:31.0927 5844 SensrSvc - ok
15:24:31.0945 5844 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:24:31.0947 5844 Serenum - ok
15:24:31.0976 5844 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:24:31.0979 5844 Serial - ok
15:24:32.0033 5844 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:24:32.0035 5844 sermouse - ok
15:24:32.0152 5844 [ 12B41D84A4D058ADC60853C365DBFCCA ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:24:32.0350 5844 ServiceLayer - ok
15:24:32.0434 5844 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:24:32.0438 5844 SessionEnv - ok
15:24:32.0500 5844 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:24:32.0502 5844 sffdisk - ok
15:24:32.0532 5844 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:24:32.0552 5844 sffp_mmc - ok
15:24:32.0572 5844 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:24:32.0574 5844 sffp_sd - ok
15:24:32.0614 5844 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:24:32.0616 5844 sfloppy - ok
15:24:32.0681 5844 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:24:32.0688 5844 SharedAccess - ok
15:24:32.0772 5844 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:24:32.0780 5844 ShellHWDetection - ok
15:24:32.0802 5844 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:24:32.0804 5844 SiSRaid2 - ok
15:24:32.0829 5844 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:24:32.0832 5844 SiSRaid4 - ok
15:24:32.0871 5844 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:24:32.0874 5844 SkypeUpdate - ok
15:24:32.0901 5844 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:24:32.0903 5844 Smb - ok
15:24:32.0963 5844 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:24:32.0967 5844 SNMPTRAP - ok
15:24:33.0029 5844 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:24:33.0030 5844 spldr - ok
15:24:33.0086 5844 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:24:33.0096 5844 Spooler - ok
15:24:33.0210 5844 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:24:33.0291 5844 sppsvc - ok
15:24:33.0334 5844 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:24:33.0338 5844 sppuinotify - ok
15:24:33.0449 5844 [ 20CC04B6DC942027B294415CC7689204 ] sp_rssrv C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
15:24:34.0187 5844 sp_rssrv - ok
15:24:34.0251 5844 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:24:34.0258 5844 srv - ok
15:24:34.0329 5844 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:24:34.0335 5844 srv2 - ok
15:24:34.0406 5844 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:24:34.0411 5844 SrvHsfHDA - ok
15:24:34.0461 5844 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:24:34.0494 5844 SrvHsfV92 - ok
15:24:34.0543 5844 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:24:34.0554 5844 SrvHsfWinac - ok
15:24:34.0623 5844 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:24:34.0626 5844 srvnet - ok
15:24:34.0667 5844 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:24:34.0672 5844 SSDPSRV - ok
15:24:34.0696 5844 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:24:34.0701 5844 SstpSvc - ok
15:24:34.0740 5844 Steam Client Service - ok
15:24:34.0795 5844 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:24:34.0796 5844 stexstor - ok
15:24:34.0852 5844 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:24:34.0853 5844 StillCam - ok
15:24:34.0924 5844 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:24:34.0935 5844 stisvc - ok
15:24:35.0004 5844 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:24:35.0006 5844 storflt - ok
15:24:35.0061 5844 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:24:35.0063 5844 storvsc - ok
15:24:35.0123 5844 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:24:35.0125 5844 swenum - ok
15:24:35.0178 5844 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:24:35.0187 5844 swprv - ok
15:24:35.0201 5844 Synth3dVsc - ok
15:24:35.0265 5844 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:24:35.0271 5844 SynTP - ok
15:24:35.0382 5844 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:24:35.0428 5844 SysMain - ok
15:24:35.0495 5844 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:24:35.0499 5844 TabletInputService - ok
15:24:35.0564 5844 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:24:35.0571 5844 TapiSrv - ok
15:24:35.0610 5844 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:24:35.0614 5844 TBS - ok
15:24:35.0758 5844 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:24:35.0814 5844 Tcpip - ok
15:24:35.0901 5844 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:24:35.0916 5844 TCPIP6 - ok
15:24:35.0980 5844 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:24:35.0997 5844 tcpipreg - ok
15:24:36.0067 5844 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:24:36.0069 5844 TDPIPE - ok
15:24:36.0120 5844 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:24:36.0122 5844 TDTCP - ok
15:24:36.0177 5844 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:24:36.0180 5844 tdx - ok
15:24:36.0244 5844 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:24:36.0246 5844 TermDD - ok
15:24:36.0329 5844 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:24:36.0340 5844 TermService - ok
15:24:36.0376 5844 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:24:36.0379 5844 Themes - ok
15:24:36.0418 5844 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:24:36.0421 5844 THREADORDER - ok
15:24:36.0456 5844 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:24:36.0461 5844 TrkWks - ok
15:24:36.0550 5844 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:24:36.0595 5844 TrustedInstaller - ok
15:24:36.0676 5844 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:36.0678 5844 tssecsrv - ok
15:24:36.0743 5844 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:24:36.0745 5844 TsUsbFlt - ok
15:24:36.0763 5844 tsusbhub - ok
15:24:36.0824 5844 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:24:36.0827 5844 tunnel - ok
15:24:36.0899 5844 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:24:36.0901 5844 uagp35 - ok
15:24:36.0975 5844 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:24:36.0980 5844 udfs - ok
15:24:37.0048 5844 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:24:37.0052 5844 UI0Detect - ok
15:24:37.0085 5844 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:24:37.0087 5844 uliagpkx - ok
15:24:37.0130 5844 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:24:37.0144 5844 umbus - ok
15:24:37.0201 5844 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:24:37.0202 5844 UmPass - ok
15:24:37.0264 5844 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:24:37.0269 5844 UmRdpService - ok
15:24:37.0310 5844 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:24:37.0317 5844 upnphost - ok
15:24:37.0379 5844 [ FBD861E69E1F583BEC906FCD04E4F84E ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:24:37.0381 5844 upperdev - ok
15:24:37.0447 5844 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:37.0463 5844 usbccgp - ok
15:24:37.0515 5844 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:24:37.0518 5844 usbcir - ok
15:24:37.0574 5844 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:24:37.0576 5844 usbehci - ok
15:24:37.0611 5844 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:24:37.0617 5844 usbhub - ok
15:24:37.0645 5844 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:24:37.0646 5844 usbohci - ok
15:24:37.0687 5844 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:24:37.0689 5844 usbprint - ok
15:24:37.0751 5844 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:24:37.0752 5844 usbscan - ok
15:24:37.0802 5844 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:24:37.0804 5844 usbser - ok
15:24:37.0879 5844 [ 0FBB0080B287BBCBF5C7076E3D74A35C ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:24:37.0890 5844 UsbserFilt - ok
15:24:37.0933 5844 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
15:24:37.0935 5844 USBSTOR - ok
15:24:37.0972 5844 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:24:37.0973 5844 usbuhci - ok
15:24:38.0032 5844 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:24:38.0035 5844 usbvideo - ok
15:24:38.0071 5844 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:24:38.0075 5844 UxSms - ok
15:24:38.0092 5844 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:24:38.0094 5844 VaultSvc - ok
15:24:38.0120 5844 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:24:38.0122 5844 vdrvroot - ok
15:24:38.0194 5844 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:24:38.0220 5844 vds - ok
15:24:38.0277 5844 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:38.0279 5844 vga - ok
15:24:38.0315 5844 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:24:38.0317 5844 VgaSave - ok
15:24:38.0357 5844 VGPU - ok
15:24:38.0418 5844 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:24:38.0422 5844 vhdmp - ok
15:24:38.0486 5844 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:24:38.0488 5844 viaide - ok
15:24:38.0559 5844 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:24:38.0562 5844 vmbus - ok
15:24:38.0595 5844 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:24:38.0597 5844 VMBusHID - ok
15:24:38.0623 5844 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:24:38.0625 5844 volmgr - ok
15:24:38.0691 5844 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:24:38.0697 5844 volmgrx - ok
15:24:38.0762 5844 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:24:38.0767 5844 volsnap - ok
15:24:38.0811 5844 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:24:38.0815 5844 vsmraid - ok
15:24:38.0911 5844 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:24:38.0958 5844 VSS - ok
15:24:39.0012 5844 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:24:39.0013 5844 vwifibus - ok
15:24:39.0037 5844 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:24:39.0039 5844 vwififlt - ok
15:24:39.0067 5844 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:24:39.0068 5844 vwifimp - ok
15:24:39.0122 5844 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:24:39.0130 5844 W32Time - ok
15:24:39.0174 5844 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:24:39.0176 5844 WacomPen - ok
15:24:39.0248 5844 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:24:39.0250 5844 WANARP - ok
15:24:39.0270 5844 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:24:39.0271 5844 Wanarpv6 - ok
15:24:39.0358 5844 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:24:39.0392 5844 WatAdminSvc - ok
15:24:39.0485 5844 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:24:39.0531 5844 wbengine - ok
15:24:39.0585 5844 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:24:39.0591 5844 WbioSrvc - ok
15:24:39.0661 5844 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:24:39.0668 5844 wcncsvc - ok
15:24:39.0701 5844 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:24:39.0705 5844 WcsPlugInService - ok
15:24:39.0740 5844 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:24:39.0742 5844 Wd - ok
15:24:39.0825 5844 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:24:39.0853 5844 Wdf01000 - ok
15:24:39.0902 5844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:24:39.0906 5844 WdiServiceHost - ok
15:24:39.0922 5844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:24:39.0925 5844 WdiSystemHost - ok
15:24:39.0996 5844 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:24:40.0002 5844 WebClient - ok
15:24:40.0059 5844 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:24:40.0181 5844 Wecsvc - ok
15:24:40.0239 5844 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:24:40.0243 5844 wercplsupport - ok
15:24:40.0277 5844 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:24:40.0281 5844 WerSvc - ok
15:24:40.0323 5844 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:24:40.0326 5844 WfpLwf - ok
15:24:40.0358 5844 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:24:40.0360 5844 WIMMount - ok
15:24:40.0386 5844 WinDefend - ok
15:24:40.0427 5844 WinHttpAutoProxySvc - ok
15:24:40.0519 5844 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:24:40.0569 5844 Winmgmt - ok
15:24:40.0689 5844 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
15:24:40.0864 5844 WinRM - ok
15:24:40.0959 5844 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:24:40.0961 5844 WinUsb - ok
15:24:41.0028 5844 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:24:41.0047 5844 Wlansvc - ok
15:24:41.0226 5844 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:24:41.0227 5844 wlcrasvc - ok
15:24:41.0340 5844 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:24:41.0399 5844 wlidsvc - ok
15:24:41.0461 5844 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:24:41.0462 5844 WmiAcpi - ok
15:24:41.0556 5844 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:24:41.0602 5844 wmiApSrv - ok
15:24:41.0643 5844 WMPNetworkSvc - ok
15:24:41.0686 5844 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:24:41.0689 5844 WPCSvc - ok
15:24:41.0756 5844 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:24:41.0760 5844 WPDBusEnum - ok
15:24:41.0804 5844 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:24:41.0805 5844 ws2ifsl - ok
15:24:41.0872 5844 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:24:41.0877 5844 wscsvc - ok
15:24:41.0940 5844 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:24:41.0947 5844 WSDPrintDevice - ok
15:24:41.0964 5844 WSearch - ok
15:24:42.0092 5844 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:24:42.0149 5844 wuauserv - ok
15:24:42.0212 5844 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:24:42.0231 5844 WudfPf - ok
15:24:42.0250 5844 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:42.0276 5844 WUDFRd - ok
15:24:42.0324 5844 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:24:42.0357 5844 wudfsvc - ok
15:24:42.0416 5844 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:24:42.0422 5844 WwanSvc - ok
15:24:42.0438 5844 XHASP - ok
15:24:42.0521 5844 ================ Scan global ===============================
15:24:42.0602 5844 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:24:42.0657 5844 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:24:42.0724 5844 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:24:42.0759 5844 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:24:42.0790 5844 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:24:42.0797 5844 [Global] - ok
15:24:42.0798 5844 ================ Scan MBR ==================================
15:24:42.0815 5844 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:24:43.0273 5844 \Device\Harddisk0\DR0 - ok
15:24:43.0274 5844 ================ Scan VBR ==================================
15:24:43.0279 5844 [ 32237BA5FEDCE02327813D70443B48B4 ] \Device\Harddisk0\DR0\Partition1
15:24:43.0281 5844 \Device\Harddisk0\DR0\Partition1 - ok
15:24:43.0283 5844 ============================================================
15:24:43.0283 5844 Scan finished
15:24:43.0283 5844 ============================================================
15:24:43.0300 1156 Detected object count: 0
15:24:43.0300 1156 Actual detected object count: 0

[Reklama]

[bariicek]

15:24:31.0008 5844 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
15:24:31.0010 5844 rismxdp - ok
15:24:31.0047 5844 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:24:31.0050 5844 RpcEptMapper - ok
15:24:31.0081 5844 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:24:31.0085 5844 RpcLocator - ok
15:24:31.0155 5844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:24:31.0161 5844 RpcSs - ok
15:24:31.0198 5844 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:24:31.0200 5844 rspndr - ok
15:24:31.0274 5844 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:24:31.0276 5844 s3cap - ok
15:24:31.0303 5844 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:24:31.0305 5844 SamSs - ok
15:24:31.0351 5844 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:24:31.0353 5844 sbp2port - ok
15:24:31.0406 5844 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:24:31.0411 5844 SCardSvr - ok
15:24:31.0469 5844 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:24:31.0471 5844 scfilter - ok
15:24:31.0556 5844 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:24:31.0592 5844 Schedule - ok
15:24:31.0641 5844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:24:31.0642 5844 SCPolicySvc - ok
15:24:31.0698 5844 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:24:31.0701 5844 sdbus - ok
15:24:31.0758 5844 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:24:31.0762 5844 SDRSVC - ok
15:24:31.0792 5844 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:24:31.0794 5844 secdrv - ok
15:24:31.0851 5844 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:24:31.0854 5844 seclogon - ok
15:24:31.0894 5844 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:24:31.0898 5844 SENS - ok
15:24:31.0923 5844 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:24:31.0927 5844 SensrSvc - ok
15:24:31.0945 5844 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:24:31.0947 5844 Serenum - ok
15:24:31.0976 5844 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:24:31.0979 5844 Serial - ok
15:24:32.0033 5844 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:24:32.0035 5844 sermouse - ok
15:24:32.0152 5844 [ 12B41D84A4D058ADC60853C365DBFCCA ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:24:32.0350 5844 ServiceLayer - ok
15:24:32.0434 5844 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:24:32.0438 5844 SessionEnv - ok
15:24:32.0500 5844 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:24:32.0502 5844 sffdisk - ok
15:24:32.0532 5844 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:24:32.0552 5844 sffp_mmc - ok
15:24:32.0572 5844 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:24:32.0574 5844 sffp_sd - ok
15:24:32.0614 5844 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:24:32.0616 5844 sfloppy - ok
15:24:32.0681 5844 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:24:32.0688 5844 SharedAccess - ok
15:24:32.0772 5844 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:24:32.0780 5844 ShellHWDetection - ok
15:24:32.0802 5844 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:24:32.0804 5844 SiSRaid2 - ok
15:24:32.0829 5844 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:24:32.0832 5844 SiSRaid4 - ok
15:24:32.0871 5844 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:24:32.0874 5844 SkypeUpdate - ok
15:24:32.0901 5844 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:24:32.0903 5844 Smb - ok
15:24:32.0963 5844 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:24:32.0967 5844 SNMPTRAP - ok
15:24:33.0029 5844 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:24:33.0030 5844 spldr - ok
15:24:33.0086 5844 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:24:33.0096 5844 Spooler - ok
15:24:33.0210 5844 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:24:33.0291 5844 sppsvc - ok
15:24:33.0334 5844 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:24:33.0338 5844 sppuinotify - ok
15:24:33.0449 5844 [ 20CC04B6DC942027B294415CC7689204 ] sp_rssrv C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
15:24:34.0187 5844 sp_rssrv - ok
15:24:34.0251 5844 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:24:34.0258 5844 srv - ok
15:24:34.0329 5844 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:24:34.0335 5844 srv2 - ok
15:24:34.0406 5844 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:24:34.0411 5844 SrvHsfHDA - ok
15:24:34.0461 5844 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:24:34.0494 5844 SrvHsfV92 - ok
15:24:34.0543 5844 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:24:34.0554 5844 SrvHsfWinac - ok
15:24:34.0623 5844 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:24:34.0626 5844 srvnet - ok
15:24:34.0667 5844 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:24:34.0672 5844 SSDPSRV - ok
15:24:34.0696 5844 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:24:34.0701 5844 SstpSvc - ok
15:24:34.0740 5844 Steam Client Service - ok
15:24:34.0795 5844 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:24:34.0796 5844 stexstor - ok
15:24:34.0852 5844 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:24:34.0853 5844 StillCam - ok
15:24:34.0924 5844 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:24:34.0935 5844 stisvc - ok
15:24:35.0004 5844 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:24:35.0006 5844 storflt - ok
15:24:35.0061 5844 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:24:35.0063 5844 storvsc - ok
15:24:35.0123 5844 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:24:35.0125 5844 swenum - ok
15:24:35.0178 5844 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:24:35.0187 5844 swprv - ok
15:24:35.0201 5844 Synth3dVsc - ok
15:24:35.0265 5844 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:24:35.0271 5844 SynTP - ok
15:24:35.0382 5844 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:24:35.0428 5844 SysMain - ok
15:24:35.0495 5844 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:24:35.0499 5844 TabletInputService - ok
15:24:35.0564 5844 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:24:35.0571 5844 TapiSrv - ok
15:24:35.0610 5844 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:24:35.0614 5844 TBS - ok
15:24:35.0758 5844 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:24:35.0814 5844 Tcpip - ok
15:24:35.0901 5844 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:24:35.0916 5844 TCPIP6 - ok
15:24:35.0980 5844 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:24:35.0997 5844 tcpipreg - ok
15:24:36.0067 5844 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:24:36.0069 5844 TDPIPE - ok
15:24:36.0120 5844 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:24:36.0122 5844 TDTCP - ok
15:24:36.0177 5844 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:24:36.0180 5844 tdx - ok
15:24:36.0244 5844 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:24:36.0246 5844 TermDD - ok
15:24:36.0329 5844 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:24:36.0340 5844 TermService - ok
15:24:36.0376 5844 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:24:36.0379 5844 Themes - ok
15:24:36.0418 5844 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:24:36.0421 5844 THREADORDER - ok
15:24:36.0456 5844 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:24:36.0461 5844 TrkWks - ok
15:24:36.0550 5844 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:24:36.0595 5844 TrustedInstaller - ok
15:24:36.0676 5844 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:36.0678 5844 tssecsrv - ok
15:24:36.0743 5844 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:24:36.0745 5844 TsUsbFlt - ok
15:24:36.0763 5844 tsusbhub - ok
15:24:36.0824 5844 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:24:36.0827 5844 tunnel - ok
15:24:36.0899 5844 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:24:36.0901 5844 uagp35 - ok
15:24:36.0975 5844 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:24:36.0980 5844 udfs - ok
15:24:37.0048 5844 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:24:37.0052 5844 UI0Detect - ok
15:24:37.0085 5844 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:24:37.0087 5844 uliagpkx - ok
15:24:37.0130 5844 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:24:37.0144 5844 umbus - ok
15:24:37.0201 5844 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:24:37.0202 5844 UmPass - ok
15:24:37.0264 5844 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:24:37.0269 5844 UmRdpService - ok
15:24:37.0310 5844 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:24:37.0317 5844 upnphost - ok
15:24:37.0379 5844 [ FBD861E69E1F583BEC906FCD04E4F84E ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:24:37.0381 5844 upperdev - ok
15:24:37.0447 5844 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:37.0463 5844 usbccgp - ok
15:24:37.0515 5844 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:24:37.0518 5844 usbcir - ok
15:24:37.0574 5844 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:24:37.0576 5844 usbehci - ok
15:24:37.0611 5844 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:24:37.0617 5844 usbhub - ok
15:24:37.0645 5844 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:24:37.0646 5844 usbohci - ok
15:24:37.0687 5844 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:24:37.0689 5844 usbprint - ok
15:24:37.0751 5844 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:24:37.0752 5844 usbscan - ok
15:24:37.0802 5844 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:24:37.0804 5844 usbser - ok
15:24:37.0879 5844 [ 0FBB0080B287BBCBF5C7076E3D74A35C ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:24:37.0890 5844 UsbserFilt - ok
15:24:37.0933 5844 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
15:24:37.0935 5844 USBSTOR - ok
15:24:37.0972 5844 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:24:37.0973 5844 usbuhci - ok
15:24:38.0032 5844 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:24:38.0035 5844 usbvideo - ok
15:24:38.0071 5844 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:24:38.0075 5844 UxSms - ok
15:24:38.0092 5844 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:24:38.0094 5844 VaultSvc - ok
15:24:38.0120 5844 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:24:38.0122 5844 vdrvroot - ok
15:24:38.0194 5844 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:24:38.0220 5844 vds - ok
15:24:38.0277 5844 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:38.0279 5844 vga - ok
15:24:38.0315 5844 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:24:38.0317 5844 VgaSave - ok
15:24:38.0357 5844 VGPU - ok
15:24:38.0418 5844 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:24:38.0422 5844 vhdmp - ok
15:24:38.0486 5844 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:24:38.0488 5844 viaide - ok
15:24:38.0559 5844 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:24:38.0562 5844 vmbus - ok
15:24:38.0595 5844 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:24:38.0597 5844 VMBusHID - ok
15:24:38.0623 5844 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:24:38.0625 5844 volmgr - ok
15:24:38.0691 5844 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:24:38.0697 5844 volmgrx - ok
15:24:38.0762 5844 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:24:38.0767 5844 volsnap - ok
15:24:38.0811 5844 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:24:38.0815 5844 vsmraid - ok
15:24:38.0911 5844 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:24:38.0958 5844 VSS - ok
15:24:39.0012 5844 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:24:39.0013 5844 vwifibus - ok
15:24:39.0037 5844 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:24:39.0039 5844 vwififlt - ok
15:24:39.0067 5844 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:24:39.0068 5844 vwifimp - ok
15:24:39.0122 5844 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:24:39.0130 5844 W32Time - ok
15:24:39.0174 5844 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:24:39.0176 5844 WacomPen - ok
15:24:39.0248 5844 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:24:39.0250 5844 WANARP - ok
15:24:39.0270 5844 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:24:39.0271 5844 Wanarpv6 - ok
15:24:39.0358 5844 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:24:39.0392 5844 WatAdminSvc - ok
15:24:39.0485 5844 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:24:39.0531 5844 wbengine - ok
15:24:39.0585 5844 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:24:39.0591 5844 WbioSrvc - ok
15:24:39.0661 5844 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:24:39.0668 5844 wcncsvc - ok
15:24:39.0701 5844 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:24:39.0705 5844 WcsPlugInService - ok
15:24:39.0740 5844 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:24:39.0742 5844 Wd - ok
15:24:39.0825 5844 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:24:39.0853 5844 Wdf01000 - ok
15:24:39.0902 5844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:24:39.0906 5844 WdiServiceHost - ok
15:24:39.0922 5844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:24:39.0925 5844 WdiSystemHost - ok
15:24:39.0996 5844 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:24:40.0002 5844 WebClient - ok
15:24:40.0059 5844 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:24:40.0181 5844 Wecsvc - ok
15:24:40.0239 5844 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:24:40.0243 5844 wercplsupport - ok
15:24:40.0277 5844 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:24:40.0281 5844 WerSvc - ok
15:24:40.0323 5844 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:24:40.0326 5844 WfpLwf - ok
15:24:40.0358 5844 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:24:40.0360 5844 WIMMount - ok
15:24:40.0386 5844 WinDefend - ok
15:24:40.0427 5844 WinHttpAutoProxySvc - ok
15:24:40.0519 5844 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:24:40.0569 5844 Winmgmt - ok
15:24:40.0689 5844 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
15:24:40.0864 5844 WinRM - ok
15:24:40.0959 5844 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:24:40.0961 5844 WinUsb - ok
15:24:41.0028 5844 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:24:41.0047 5844 Wlansvc - ok
15:24:41.0226 5844 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:24:41.0227 5844 wlcrasvc - ok
15:24:41.0340 5844 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:24:41.0399 5844 wlidsvc - ok
15:24:41.0461 5844 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:24:41.0462 5844 WmiAcpi - ok
15:24:41.0556 5844 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:24:41.0602 5844 wmiApSrv - ok
15:24:41.0643 5844 WMPNetworkSvc - ok
15:24:41.0686 5844 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:24:41.0689 5844 WPCSvc - ok
15:24:41.0756 5844 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:24:41.0760 5844 WPDBusEnum - ok
15:24:41.0804 5844 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:24:41.0805 5844 ws2ifsl - ok
15:24:41.0872 5844 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:24:41.0877 5844 wscsvc - ok
15:24:41.0940 5844 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:24:41.0947 5844 WSDPrintDevice - ok
15:24:41.0964 5844 WSearch - ok
15:24:42.0092 5844 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:24:42.0149 5844 wuauserv - ok
15:24:42.0212 5844 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:24:42.0231 5844 WudfPf - ok
15:24:42.0250 5844 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:42.0276 5844 WUDFRd - ok
15:24:42.0324 5844 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:24:42.0357 5844 wudfsvc - ok
15:24:42.0416 5844 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:24:42.0422 5844 WwanSvc - ok
15:24:42.0438 5844 XHASP - ok
15:24:42.0521 5844 ================ Scan global ===============================
15:24:42.0602 5844 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:24:42.0657 5844 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:24:42.0724 5844 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:24:42.0759 5844 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:24:42.0790 5844 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:24:42.0797 5844 [Global] - ok
15:24:42.0798 5844 ================ Scan MBR ==================================
15:24:42.0815 5844 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:24:43.0273 5844 \Device\Harddisk0\DR0 - ok
15:24:43.0274 5844 ================ Scan VBR ==================================
15:24:43.0279 5844 [ 32237BA5FEDCE02327813D70443B48B4 ] \Device\Harddisk0\DR0\Partition1
15:24:43.0281 5844 \Device\Harddisk0\DR0\Partition1 - ok
15:24:43.0283 5844 ============================================================
15:24:43.0283 5844 Scan finished
15:24:43.0283 5844 ============================================================
15:24:43.0300 1156 Detected object count: 0
15:24:43.0300 1156 Actual detected object count: 0

[bariicek]

ComboFix 13-01-02.01 - PC 02.01.2013 15:36:02.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3071.1807 [GMT 1:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-02 do 2013-01-02 )))))))))))))))))))))))))))))))
.
.
2013-01-02 14:49 . 2013-01-02 14:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-02 14:49 . 2013-01-02 14:49 -------- d-----w- c:\users\FIFAonline\AppData\Local\temp
2013-01-02 14:49 . 2013-01-02 14:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-02 13:41 . 2013-01-02 13:41 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12EBE4A7-CACD-47AE-BA4B-45E908709E64}\offreg.dll
2013-01-02 13:39 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12EBE4A7-CACD-47AE-BA4B-45E908709E64}\mpengine.dll
2013-01-02 12:33 . 2013-01-02 12:33 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-02 11:04 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-02 11:03 . 2013-01-02 11:03 -------- d-----w- c:\users\PC\AppData\Local\Programs
2013-01-01 16:08 . 2013-01-01 16:08 388096 ----a-r- c:\users\PC\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-01 16:08 . 2013-01-01 16:08 -------- d-----w- c:\program files (x86)\Trend Micro
2012-12-18 12:31 . 2012-12-18 12:31 -------- d-----w- c:\users\PC\AppData\Roaming\ParetoLogic
2012-12-18 12:31 . 2012-12-18 12:31 -------- d-----w- c:\users\PC\AppData\Roaming\DriverCure
2012-12-18 12:31 . 2012-12-18 12:31 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2012-12-18 12:31 . 2012-12-18 13:41 -------- d-----w- c:\program files (x86)\ParetoLogic
2012-12-18 12:31 . 2012-12-18 12:31 -------- d-----w- c:\programdata\ParetoLogic
2012-12-16 18:47 . 2012-12-16 18:47 -------- d-----w- c:\windows\Migration
2012-12-16 18:33 . 2012-08-21 14:20 46080 ----a-w- c:\windows\SysWow64\ncobjapi.dll
2012-12-16 18:33 . 2012-08-21 13:49 58368 ----a-w- c:\windows\system32\ncobjapi.dll
2012-12-16 18:33 . 2012-08-21 13:12 74240 ----a-w- c:\windows\system32\wbem\NCProv.dll
2012-12-16 18:32 . 2012-08-21 14:01 12800 ----a-w- c:\windows\SysWow64\Register-CimProvider.exe
2012-12-16 18:32 . 2012-08-21 13:32 13824 ----a-w- c:\windows\system32\Register-CimProvider.exe
2012-12-16 18:32 . 2012-08-21 14:59 1536 ----a-w- c:\windows\SysWow64\winrsmgr.dll
2012-12-16 18:32 . 2012-08-21 14:20 1536 ----a-w- c:\windows\system32\winrsmgr.dll
2012-12-16 18:32 . 2012-08-21 13:14 22528 ----a-w- c:\windows\system32\wbem\mofcomp.exe
2012-12-16 18:32 . 2012-08-21 12:47 23040 ----a-w- c:\windows\system32\winrshost.exe
2012-12-16 18:32 . 2012-07-23 18:16 204105 ----a-w- c:\windows\SysWow64\winrm.vbs
2012-12-16 18:32 . 2012-08-21 13:41 18944 ----a-w- c:\windows\SysWow64\wbem\mofcomp.exe
2012-12-16 18:30 . 2012-08-21 13:43 154112 ----a-w- c:\windows\SysWow64\wmitomi.dll
2012-12-16 18:26 . 2012-11-05 21:35 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 18:26 . 2012-11-05 20:41 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 18:26 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 18:26 . 2012-11-05 20:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 19:39 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-12-14 19:39 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-12-14 19:39 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-12-14 19:39 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-12-14 19:38 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-14 19:38 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-14 19:37 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-14 19:30 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-14 19:30 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-14 19:10 . 2012-11-20 16:31 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-12-14 19:10 . 2012-12-14 19:05 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{54E83F8C-8D7C-4118-ADB9-73413DF8A64A}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-02 10:44 . 2011-05-23 11:12 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-14 19:52 . 2011-04-26 11:01 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-19 20:51 . 2012-11-19 20:51 53248 ----a-r- c:\users\PC\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-11-08 17:24 . 2012-11-20 16:15 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2012-11-08 17:24 . 2012-10-22 16:11 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-05 18:23 . 2012-11-05 18:23 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2012-11-05 18:23 . 2012-11-05 18:23 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-05 18:23 . 2012-11-05 18:23 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-11-05 18:23 . 2012-11-05 18:23 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-11-05 18:23 . 2012-11-05 18:23 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-05 18:23 . 2012-11-05 18:23 384000 ----a-w- c:\windows\system32\wksprt.exe
2012-11-05 18:23 . 2012-11-05 18:23 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2012-11-05 18:23 . 2012-11-05 18:23 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-05 18:23 . 2012-11-05 18:23 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2012-11-05 18:23 . 2012-11-05 18:23 243200 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-05 18:23 . 2012-11-05 18:23 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2012-11-05 18:23 . 2012-11-05 18:23 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-05 18:23 . 2012-11-05 18:23 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2012-11-05 18:23 . 2012-11-05 18:23 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-05 18:23 . 2012-11-05 18:23 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-05 18:23 . 2012-11-05 18:23 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-05 18:23 . 2012-11-05 18:23 1123840 ----a-w- c:\windows\system32\mstsc.exe
2012-11-05 18:23 . 2012-11-05 18:23 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2012-11-05 18:23 . 2012-11-05 18:23 322560 ----a-w- c:\windows\system32\aaclient.dll
2012-11-05 18:23 . 2012-11-05 18:23 5773824 ----a-w- c:\windows\system32\mstscax.dll
2012-11-05 18:23 . 2012-11-05 18:23 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2012-11-05 18:23 . 2012-11-05 18:23 44032 ----a-w- c:\windows\system32\tsgqec.dll
2012-11-05 18:23 . 2012-11-05 18:23 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2012-11-05 18:23 . 2012-11-05 18:23 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2012-11-05 18:19 . 2012-11-05 18:19 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-05 18:19 . 2012-11-05 18:19 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-05 18:19 . 2012-11-05 18:19 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-05 18:19 . 2012-11-05 18:19 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-05 18:19 . 2012-11-05 18:19 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-05 18:19 . 2012-11-05 18:19 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-05 18:19 . 2012-11-05 18:19 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-05 18:19 . 2012-11-05 18:19 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-05 18:19 . 2012-11-05 18:19 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-05 18:15 . 2012-11-05 18:15 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-11-05 18:15 . 2012-11-05 18:15 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-10-21 11:01 . 2012-10-21 11:01 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DEFF3497-EA65-4856-B9BC-37AB518DBBC0}\offreg.dll
2012-10-16 08:38 . 2012-12-14 19:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-14 19:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-14 19:24 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-12 18:09 . 2012-11-05 18:13 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-10-12 07:19 . 2012-10-21 10:57 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DEFF3497-EA65-4856-B9BC-37AB518DBBC0}\mpengine.dll
2012-10-09 20:16 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-10-09 20:16 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-10-09 17:54 . 2012-10-09 17:54 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-10-09 17:54 . 2012-10-09 17:54 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-10-09 17:54 . 2012-10-09 17:54 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-10-09 17:54 . 2012-10-09 17:54 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-10-09 17:54 . 2012-10-09 17:54 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-10-09 17:54 . 2012-10-09 17:54 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-10-09 17:54 . 2012-10-09 17:54 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-10-09 17:54 . 2012-10-09 17:54 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-10-09 17:53 . 2012-10-09 17:53 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-10-09 17:53 . 2012-10-09 17:53 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-09 17:53 . 2012-10-09 17:53 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-10-09 17:53 . 2012-10-09 17:53 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-10-09 17:53 . 2012-10-09 17:53 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-10-09 17:53 . 2012-10-09 17:53 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-10-09 17:53 . 2012-10-09 17:53 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-10-09 17:53 . 2012-10-09 17:53 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-10-09 17:53 . 2012-10-09 17:53 222208 ----a-w- c:\windows\system32\msls31.dll
2012-10-09 17:53 . 2012-10-09 17:53 197120 ----a-w- c:\windows\system32\msrating.dll
2012-10-09 17:53 . 2012-10-09 17:53 149504 ----a-w- c:\windows\system32\occache.dll
2012-10-09 17:53 . 2012-10-09 17:53 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-10-09 17:53 . 2012-10-09 17:53 12288 ----a-w- c:\windows\system32\mshta.exe
2012-10-09 17:53 . 2012-10-09 17:53 114176 ----a-w- c:\windows\system32\admparse.dll
2012-10-09 17:53 . 2012-10-09 17:53 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-10-09 17:53 . 2012-10-09 17:53 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-10-09 17:53 . 2012-10-09 17:53 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-10-09 17:53 . 2012-10-09 17:53 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-10-09 17:53 . 2012-10-09 17:53 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-10-09 17:53 . 2012-10-09 17:53 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-10-09 17:53 . 2012-10-09 17:53 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-10-09 17:53 . 2012-10-09 17:53 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-10-09 17:53 . 2012-10-09 17:53 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-10-09 17:53 . 2012-10-09 17:53 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-10-09 17:53 . 2012-10-09 17:53 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-10-09 17:53 . 2012-10-09 17:53 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-10-09 17:53 . 2012-10-09 17:53 448512 ----a-w- c:\windows\system32\html.iec
2012-10-09 17:53 . 2012-10-09 17:53 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-10-09 17:53 . 2012-10-09 17:53 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-10-09 17:53 . 2012-10-09 17:53 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-10-09 17:53 . 2012-10-09 17:53 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-10-09 17:53 . 2012-10-09 17:53 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-10-09 17:53 . 2012-10-09 17:53 82432 ----a-w- c:\windows\system32\icardie.dll
2012-10-09 17:53 . 2012-10-09 17:53 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-10-09 17:53 . 2012-10-09 17:53 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-10-09 17:53 . 2012-10-09 17:53 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-10-09 17:53 . 2012-10-09 17:53 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-10-09 17:53 . 2012-10-09 17:53 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-09 17:53 . 2012-10-09 17:53 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-10-09 17:53 . 2012-10-09 17:53 160256 ----a-w- c:\windows\system32\wextract.exe
2012-10-09 17:53 . 2012-10-09 17:53 103936 ----a-w- c:\windows\system32\inseng.dll
2012-10-04 16:40 . 2012-12-14 19:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2003-02-21 03:42 . 2003-02-21 03:42 348160 ----a-w- c:\program files (x86)\msvcr71.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-10 218032]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-08 1255736]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-08-25 89640]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2012-10-28 427976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-05 19456]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-05 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
S2 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S2 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2012-04-01 594472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-08-31 10752]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 08468514
*Deregistered* - 08468514
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1829341061-3459830233-383611035-1000Core.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 17:00]
.
2013-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1829341061-3459830233-383611035-1000UA.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 17:00]
.
2013-01-01 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-01-02 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07]
.
2012-12-28 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07]
.
2012-12-18 c:\windows\Tasks\RegCure Pro.job
- c:\program files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2012-11-02 20:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2010-03-26 11:53 5947656 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2010-03-26 11:53 5947656 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DpTsClnt"="c:\program files\DigitalPersona\Bin\DpTsClnt.dll" [2009-08-10 280640]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube to iPod Converter - c:\users\PC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-Driver Genius - (no file)
SafeBoot-02079437.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-Hardlock Device Driver - c:\windows\system32\UNWISE.EXE
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Bitmap"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cs1"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dib"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.emf"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.erf"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fff"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Gif"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.hdr"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ico"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iff"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2k"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jp2"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpc"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpg"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mef"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcd"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcx"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pgm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Png"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ppm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psd"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psp"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pspimage"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rle"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tga"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.thm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbmp"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wmf"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b8,89,a7,fa,09,aa,83,d9,57,c3,86,85,e6,a9,f0,43,13,6f,68,75,55,e3,50,
e9,4b,72,ab,ba,22,6b,d7,86,59,02,ab,f6,5c,da,45,d9,2b,87,fc,db,84,5f,8f,57,\
"??"=hex:5c,4e,c7,62,af,dd,bf,c4,e8,54,38,05,61,74,79,a0
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\SecuROM\License information*]
"datasecu"=hex:1d,40,39,e7,e9,3c,c8,a1,c1,21,e3,ec,97,27,d6,a3,52,8f,2f,9c,94,
f9,3b,a9,5e,75,e8,9e,8f,e8,78,fc,c4,c4,32,c3,fa,9e,a7,9c,db,66,4d,93,46,3b,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-02 15:55:51
ComboFix-quarantined-files.txt 2013-01-02 14:55
.
Před spuštěním: Volných bajtů: 80 666 189 824
Po spuštění: Volných bajtů: 79 802 224 640
.
- - End Of File - - 6C9DC5E086E1DD3AE3AD66C0B711CC32

[jaro3]

V TDSSKilleru je vidět C:\Program Files (x86)\Spyware Terminator--zkus odinstalovat.

Pak:
Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe

ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.

+
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[bariicek]

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware verze 1.70.0.1100
Java(TM) 6 Update 21
Java 7 Update 7
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
Windows Defender MSMpEng.exe
Microsoft Security Client Antimalware MsMpEng.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Microsoft Security Client Antimalware NisSrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

[bariicek]

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-02 17:53:33
-----------------------------
17:53:33.328 OS Version: Windows x64 6.1.7601 Service Pack 1
17:53:33.328 Number of processors: 2 586 0x6802
17:53:33.330 ComputerName: PC-PC UserName: PC
17:53:39.313 Initialize success
17:53:45.023 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
17:53:45.054 Disk 0 Vendor: WDC_WD5000BEVT-00A0RT0 01.01A01 Size: 476940MB BusType: 3
17:53:45.085 Disk 0 MBR read successfully
17:53:45.085 Disk 0 MBR scan
17:53:45.085 Disk 0 Windows 7 default MBR code
17:53:45.085 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476937 MB offset 63
17:53:45.101 Disk 0 scanning C:\Windows\system32\drivers
17:53:56.645 Service scanning
17:54:12.619 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
17:54:35.239 Modules scanning
17:54:35.239 Disk 0 trace - called modules:
17:54:35.286 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
17:54:35.286 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800302a060]
17:54:35.286 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8002ed0520]
17:54:35.301 5 ACPI.sys[fffff88000f627a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa8002ed9060]
17:54:35.317 Scan finished successfully
17:54:49.014 Disk 0 MBR has been saved successfully to "C:\Users\PC\Desktop\MBR.dat"
17:54:49.029 The log file has been saved successfully to "C:\Users\PC\Desktop\aswMBR.txt"

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1829341061-3459830233-383611035-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1829341061-3459830233-383611035-1000UA.job

Folder::
C:\TDSSKiller_Quarantine
c:\program files (x86)\Skype\Updater
c:\users\PC\AppData\Local\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[bariicek]

ComboFix 13-01-03.02 - PC 03.01.2013 13:06:22.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3071.1508 [GMT 1:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1829341061-3459830233-383611035-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1829341061-3459830233-383611035-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
C:\TDSSKiller_Quarantine
c:\tdsskiller_quarantine\02.01.2013_13.31.58\susp0000\object.ini
c:\tdsskiller_quarantine\02.01.2013_13.31.58\susp0000\svc0000\object.ini
c:\tdsskiller_quarantine\02.01.2013_13.31.58\susp0000\svc0000\tsk0000.dta
c:\tdsskiller_quarantine\02.01.2013_13.31.58\susp0000\svc0000\tsk0000.ini
c:\users\PC\AppData\Local\Google\Update
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_am.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_da.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_de.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_el.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_es.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_et.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_id.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_is.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_it.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_no.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_te.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_th.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\psmachine.dll
c:\users\PC\AppData\Local\Google\Update\1.3.21.123\psuser.dll
c:\users\PC\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\users\PC\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\23.0.1271.97\23.0.1271.97_23.0.1271.64_chrome_updater.exe
c:\users\PC\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\23.0.1271.97\23.0.1271.97_chrome_installer.exe
c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1829341061-3459830233-383611035-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1829341061-3459830233-383611035-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-03 do 2013-01-03 )))))))))))))))))))))))))))))))
.
.
2013-01-03 13:13 . 2013-01-03 13:13 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-03 13:13 . 2013-01-03 13:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-03 13:13 . 2013-01-03 13:13 -------- d-----w- c:\users\FIFAonline\AppData\Local\temp
2013-01-03 10:55 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{76B39EE1-1FCE-4CC3-A30F-C953C820F09B}\mpengine.dll
2013-01-02 11:04 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-02 11:03 . 2013-01-02 11:03 -------- d-----w- c:\users\PC\AppData\Local\Programs
2013-01-01 16:08 . 2013-01-01 16:08 388096 ----a-r- c:\users\PC\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-01 16:08 . 2013-01-01 16:08 -------- d-----w- c:\program files (x86)\Trend Micro
2012-12-18 12:31 . 2012-12-18 12:31 -------- d-----w- c:\users\PC\AppData\Roaming\ParetoLogic
2012-12-18 12:31 . 2012-12-18 12:31 -------- d-----w- c:\users\PC\AppData\Roaming\DriverCure
2012-12-18 12:31 . 2012-12-18 12:31 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2012-12-18 12:31 . 2012-12-18 13:41 -------- d-----w- c:\program files (x86)\ParetoLogic
2012-12-18 12:31 . 2012-12-18 12:31 -------- d-----w- c:\programdata\ParetoLogic
2012-12-16 18:47 . 2012-12-16 18:47 -------- d-----w- c:\windows\Migration
2012-12-16 18:33 . 2012-08-21 14:20 46080 ----a-w- c:\windows\SysWow64\ncobjapi.dll
2012-12-16 18:33 . 2012-08-21 13:49 58368 ----a-w- c:\windows\system32\ncobjapi.dll
2012-12-16 18:33 . 2012-08-21 13:12 74240 ----a-w- c:\windows\system32\wbem\NCProv.dll
2012-12-16 18:32 . 2012-08-21 14:01 12800 ----a-w- c:\windows\SysWow64\Register-CimProvider.exe
2012-12-16 18:32 . 2012-08-21 13:32 13824 ----a-w- c:\windows\system32\Register-CimProvider.exe
2012-12-16 18:32 . 2012-08-21 14:59 1536 ----a-w- c:\windows\SysWow64\winrsmgr.dll
2012-12-16 18:32 . 2012-08-21 14:20 1536 ----a-w- c:\windows\system32\winrsmgr.dll
2012-12-16 18:32 . 2012-08-21 13:14 22528 ----a-w- c:\windows\system32\wbem\mofcomp.exe
2012-12-16 18:32 . 2012-08-21 12:47 23040 ----a-w- c:\windows\system32\winrshost.exe
2012-12-16 18:32 . 2012-07-23 18:16 204105 ----a-w- c:\windows\SysWow64\winrm.vbs
2012-12-16 18:32 . 2012-08-21 13:41 18944 ----a-w- c:\windows\SysWow64\wbem\mofcomp.exe
2012-12-16 18:30 . 2012-08-21 13:43 154112 ----a-w- c:\windows\SysWow64\wmitomi.dll
2012-12-16 18:26 . 2012-11-05 21:35 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 18:26 . 2012-11-05 20:41 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 18:26 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 18:26 . 2012-11-05 20:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 19:39 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-12-14 19:39 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-12-14 19:39 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-12-14 19:39 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-12-14 19:38 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-14 19:38 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-14 19:37 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-14 19:30 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-14 19:30 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-14 19:10 . 2012-11-20 16:31 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-12-14 19:10 . 2012-12-14 19:05 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{54E83F8C-8D7C-4118-ADB9-73413DF8A64A}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-02 10:44 . 2011-05-23 11:12 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-14 19:52 . 2011-04-26 11:01 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-19 20:51 . 2012-11-19 20:51 53248 ----a-r- c:\users\PC\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-11-08 17:24 . 2012-11-20 16:15 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2012-11-08 17:24 . 2012-10-22 16:11 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-05 18:23 . 2012-11-05 18:23 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2012-11-05 18:23 . 2012-11-05 18:23 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-05 18:23 . 2012-11-05 18:23 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-11-05 18:23 . 2012-11-05 18:23 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-11-05 18:23 . 2012-11-05 18:23 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-05 18:23 . 2012-11-05 18:23 384000 ----a-w- c:\windows\system32\wksprt.exe
2012-11-05 18:23 . 2012-11-05 18:23 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2012-11-05 18:23 . 2012-11-05 18:23 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-05 18:23 . 2012-11-05 18:23 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2012-11-05 18:23 . 2012-11-05 18:23 243200 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-05 18:23 . 2012-11-05 18:23 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2012-11-05 18:23 . 2012-11-05 18:23 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-05 18:23 . 2012-11-05 18:23 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2012-11-05 18:23 . 2012-11-05 18:23 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-05 18:23 . 2012-11-05 18:23 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-05 18:23 . 2012-11-05 18:23 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-05 18:23 . 2012-11-05 18:23 1123840 ----a-w- c:\windows\system32\mstsc.exe
2012-11-05 18:23 . 2012-11-05 18:23 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2012-11-05 18:23 . 2012-11-05 18:23 322560 ----a-w- c:\windows\system32\aaclient.dll
2012-11-05 18:23 . 2012-11-05 18:23 5773824 ----a-w- c:\windows\system32\mstscax.dll
2012-11-05 18:23 . 2012-11-05 18:23 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2012-11-05 18:23 . 2012-11-05 18:23 44032 ----a-w- c:\windows\system32\tsgqec.dll
2012-11-05 18:23 . 2012-11-05 18:23 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2012-11-05 18:23 . 2012-11-05 18:23 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2012-11-05 18:19 . 2012-11-05 18:19 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-05 18:19 . 2012-11-05 18:19 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-05 18:19 . 2012-11-05 18:19 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-05 18:19 . 2012-11-05 18:19 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-05 18:19 . 2012-11-05 18:19 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-05 18:19 . 2012-11-05 18:19 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-05 18:19 . 2012-11-05 18:19 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-05 18:19 . 2012-11-05 18:19 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-05 18:19 . 2012-11-05 18:19 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-05 18:15 . 2012-11-05 18:15 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-11-05 18:15 . 2012-11-05 18:15 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-10-21 11:01 . 2012-10-21 11:01 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DEFF3497-EA65-4856-B9BC-37AB518DBBC0}\offreg.dll
2012-10-16 08:38 . 2012-12-14 19:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-14 19:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-14 19:24 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-12 18:09 . 2012-11-05 18:13 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-10-12 07:19 . 2012-10-21 10:57 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DEFF3497-EA65-4856-B9BC-37AB518DBBC0}\mpengine.dll
2012-10-09 20:16 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-10-09 20:16 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-10-09 17:54 . 2012-10-09 17:54 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-10-09 17:54 . 2012-10-09 17:54 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-10-09 17:54 . 2012-10-09 17:54 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-10-09 17:54 . 2012-10-09 17:54 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-10-09 17:54 . 2012-10-09 17:54 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-10-09 17:54 . 2012-10-09 17:54 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-10-09 17:54 . 2012-10-09 17:54 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-10-09 17:54 . 2012-10-09 17:54 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-10-09 17:53 . 2012-10-09 17:53 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-10-09 17:53 . 2012-10-09 17:53 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-09 17:53 . 2012-10-09 17:53 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-10-09 17:53 . 2012-10-09 17:53 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-10-09 17:53 . 2012-10-09 17:53 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-10-09 17:53 . 2012-10-09 17:53 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-10-09 17:53 . 2012-10-09 17:53 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-10-09 17:53 . 2012-10-09 17:53 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-10-09 17:53 . 2012-10-09 17:53 222208 ----a-w- c:\windows\system32\msls31.dll
2012-10-09 17:53 . 2012-10-09 17:53 197120 ----a-w- c:\windows\system32\msrating.dll
2012-10-09 17:53 . 2012-10-09 17:53 149504 ----a-w- c:\windows\system32\occache.dll
2012-10-09 17:53 . 2012-10-09 17:53 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-10-09 17:53 . 2012-10-09 17:53 12288 ----a-w- c:\windows\system32\mshta.exe
2012-10-09 17:53 . 2012-10-09 17:53 114176 ----a-w- c:\windows\system32\admparse.dll
2012-10-09 17:53 . 2012-10-09 17:53 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-10-09 17:53 . 2012-10-09 17:53 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-10-09 17:53 . 2012-10-09 17:53 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-10-09 17:53 . 2012-10-09 17:53 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-10-09 17:53 . 2012-10-09 17:53 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-10-09 17:53 . 2012-10-09 17:53 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-10-09 17:53 . 2012-10-09 17:53 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-10-09 17:53 . 2012-10-09 17:53 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-10-09 17:53 . 2012-10-09 17:53 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-10-09 17:53 . 2012-10-09 17:53 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-10-09 17:53 . 2012-10-09 17:53 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-10-09 17:53 . 2012-10-09 17:53 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-10-09 17:53 . 2012-10-09 17:53 448512 ----a-w- c:\windows\system32\html.iec
2012-10-09 17:53 . 2012-10-09 17:53 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-10-09 17:53 . 2012-10-09 17:53 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-10-09 17:53 . 2012-10-09 17:53 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-10-09 17:53 . 2012-10-09 17:53 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-10-09 17:53 . 2012-10-09 17:53 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-10-09 17:53 . 2012-10-09 17:53 82432 ----a-w- c:\windows\system32\icardie.dll
2012-10-09 17:53 . 2012-10-09 17:53 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-10-09 17:53 . 2012-10-09 17:53 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-10-09 17:53 . 2012-10-09 17:53 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-10-09 17:53 . 2012-10-09 17:53 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-10-09 17:53 . 2012-10-09 17:53 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-09 17:53 . 2012-10-09 17:53 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-10-09 17:53 . 2012-10-09 17:53 160256 ----a-w- c:\windows\system32\wextract.exe
2012-10-09 17:53 . 2012-10-09 17:53 103936 ----a-w- c:\windows\system32\inseng.dll
2003-02-21 03:42 . 2003-02-21 03:42 348160 ----a-w- c:\program files (x86)\msvcr71.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-10 218032]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-08 1255736]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-08-25 89640]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2012-10-28 427976]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-05 19456]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-05 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
S2 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S2 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2012-04-01 594472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-08-31 10752]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-03 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-01-03 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07]
.
2012-12-28 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2012-06-27 21:07]
.
2012-12-18 c:\windows\Tasks\RegCure Pro.job
- c:\program files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2012-11-02 20:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2010-03-26 11:53 5947656 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2010-03-26 11:53 5947656 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"DpTsClnt"="c:\program files\DigitalPersona\Bin\DpTsClnt.dll" [2009-08-10 280640]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube to iPod Converter - c:\users\PC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-Hardlock Device Driver - c:\windows\system32\UNWISE.EXE
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Bitmap"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cs1"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dib"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.emf"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.erf"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fff"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Gif"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.hdr"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ico"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iff"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2k"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jp2"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpc"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpg"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mef"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcd"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcx"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pgm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Png"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ppm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psd"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psp"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pspimage"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rle"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tga"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.thm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-1829341061-3459830233-383611035-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbmp"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wmf"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b8,89,a7,fa,09,aa,83,d9,57,c3,86,85,e6,a9,f0,43,13,6f,68,75,55,e3,50,
e9,4b,72,ab,ba,22,6b,d7,86,59,02,ab,f6,5c,da,45,d9,2b,87,fc,db,84,5f,8f,57,\
"??"=hex:5c,4e,c7,62,af,dd,bf,c4,e8,54,38,05,61,74,79,a0
.
[HKEY_USERS\S-1-5-21-1829341061-3459830233-383611035-1000\Software\SecuROM\License information*]
"datasecu"=hex:1d,40,39,e7,e9,3c,c8,a1,c1,21,e3,ec,97,27,d6,a3,52,8f,2f,9c,94,
f9,3b,a9,5e,75,e8,9e,8f,e8,78,fc,c4,c4,32,c3,fa,9e,a7,9c,db,66,4d,93,46,3b,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\windows\SysWow64\perfhost.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\windows\syswow64\MsiExec.exe
c:\progra~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe
c:\windows\syswow64\MsiExec.exe
.
**************************************************************************
.
Celkový čas: 2013-01-03 18:20:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-03 17:20
ComboFix2.txt 2013-01-02 14:55
.
Před spuštěním: Volných bajtů: 79 494 475 776
Po spuštění: Volných bajtů: 78 538 838 016
.
- - End Of File - - 9FA697D5F0B9FB32F30603E02FBCC771

[bariicek]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:32:36, on 3.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [] (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [QIP Internet Guardian] C:\Users\UpdatusUser\AppData\Roaming\QipGuard\QipGuard.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1829341061-3459830233-383611035-1007\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\PC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Brána aplikační vrstvy (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Systém souborů EFS (Encrypting File System) (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Fax - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Izolace klíče CNG (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Služba DTC (Distributed Transaction Coordinator) (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Služba Netlogon (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Chráněné úložiště (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lokátor vzdáleného volání procedur (RPC) (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Správce zabezpečení účtů (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Zachytávání pro službu SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Zjišťování interaktivních služeb (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Správce pověření (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Virtuální disk (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Stínová kopie svazku (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Služba Technologie aktivace Windows (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Služba jádra pro zálohování dat na úrovni bloků (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WMI Performance Adapter (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13006 bytes

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Zaktualizuj.


Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[bariicek]

zahtualizovano, OTC i Ccleanerem vycisteno a zadna zmena....svchost mi bezi neustale na hodnote 120 tis. kB kdyz nic nebezi

[memphisto]

Máš verzi W7 Ultimate. Není to úplně standardní verze pro domácí uživatele. Jedná se spíše o firemní sféru, práce v síti, bezpečnost, apod., takže se vyšší využití paměti předpokládá. Mně žere svchost při nečinnosti 108 MB paměti... verze Professional