Prosím o kontrolu logu - pomalý notebook

TGVNeer · Příspěvekod **TGVNeer** » 02 úno 2013 09:31

Zdravím, můj notebook je hrozbě pomalý, vyskakují mi tu různé nepotřebné věci, antivir furt něco nahlašuje ale přitom nic nenajde..
Log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:30:49, on 2.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\ProgramData\adob\rundll32.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (file missing)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files (x86)\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 149.5.18.172 www.google-analytics.com.
O1 - Hosts: 149.5.18.172 ad-emea.doubleclick.net.
O1 - Hosts: 149.5.18.172 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files (x86)\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe] C:\ProgramData\adob\color.vbs
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3498029293-1549083434-3070060937-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3498029293-1549083434-3070060937-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth Manager.lnk = C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~2\MYWEBS~1\bar\2.bin\mwssvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16280 bytes

Reklama

Příspěvekod **Žbeky** » 02 úno 2013 10:20

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (file missing)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files (x86)\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 149.5.18.172 www.google-analytics.com.
O1 - Hosts: 149.5.18.172 ad-emea.doubleclick.net.
O1 - Hosts: 149.5.18.172 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files (x86)\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3498029293-1549083434-3070060937-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

TGVNeer · Příspěvekod **TGVNeer** » 02 úno 2013 11:49

Malwarebytes:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2012.12.14.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Petr :: PETR-PC [administrátor]

Ochrana: Povolena

2.2.2013 11:40:26
MBAM-log-2013-02-02 (11-49-03).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 232718
Uplynulý čas: 5 minut, 11 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 106
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.MultipleButton (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.MultipleButton.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.ThirdPartyInstaller (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.UrlAlertButton (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearch.UrlAlertButton.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\Software\MyWebSearch (PUP.MyWebsearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 6
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#ĄaI¶»
äG\Ę -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Adobe (Trojan.Banker) -> Data: C:\ProgramData\adob\color.vbs -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCRCTR.DLL -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\2.bin -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 17
C:\Program Files (x86)\FunWebProducts (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\History (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\icons (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Message (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Overlay (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 73
C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3HTML.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3MSG.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Users\Petr\AppData\Roaming\Realtek\intel\usft_ext.dll (PUP.BCMiner.H) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\000000cb.@ (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1563.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2EFA.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz44D1.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4776.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz485E.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5744.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6581.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7235.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7BF3.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz801E.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz80C3.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz96D7.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzABEB.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBDAF.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD63C.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDBE4.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzEFD6.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzFEC9.tmp (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
C:\Users\Petr\AppData\Roaming\logs.dat (Bifrose.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\ProgramData\adob\color.vbs (Trojan.Banker) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3IMSTUB.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3REGHK.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\INSTALL.RDF (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Nebyla provedena žádná instrukce.

(konec)

Příspěvekod **Žbeky** » 02 úno 2013 12:09

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

TGVNeer · Příspěvekod **TGVNeer** » 02 úno 2013 12:22

mbam:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.02.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Petr :: PETR-PC [administrátor]

Ochrana: Povolena

2.2.2013 12:14:46
mbam-log-2013-02-02 (12-14-46).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 232746
Uplynulý čas: 2 minut, 54 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 104
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Typelib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Typelib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Typelib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Typelib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.MultipleButton (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.MultipleButton.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.ThirdPartyInstaller (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.UrlAlertButton (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearch.UrlAlertButton.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\AppDataLow\Software\MyWebSearch (PUP.MyWebsearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#ĄaI¶»
äG\Ę -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCRCTR.DLL -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\2.bin -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 17
C:\Program Files (x86)\FunWebProducts (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> Bude smazán při restartu.
C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> Bude smazán při restartu.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin (PUP.MyWebSearch) -> Bude smazán při restartu.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\History (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\icons (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Message (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Overlay (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 48
C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Bude smazán při restartu.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3HTML.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3MSG.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Petr\AppData\Roaming\Realtek\intel\usft_ext.dll (PUP.BCMiner.H) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3IMSTUB.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3REGHK.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\INSTALL.RDF (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Přesun do karantény a smazání se zdařilo.

(konec)

TGVNeer · Příspěvekod **TGVNeer** » 02 úno 2013 12:23

adwcleaner:
# AdwCleaner v2.109 - Logfile created 02/02/2013 at 12:23:11
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Petr - PETR-PC
# Boot Mode : Normal
# Running from : C:\Users\Petr\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

Found : MyWebSearchService
Found : Web Assistant Updater

***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
Folder Found : C:\Program Files (x86)\AskTBar
Folder Found : C:\Program Files (x86)\BabylonToolbar
Folder Found : C:\Program Files (x86)\MyWebSearch
Folder Found : C:\Program Files\Web Assistant
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Users\Petr\AppData\Local\Babylon
Folder Found : C:\Users\Petr\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Petr\AppData\LocalLow\MyWebSearch
Folder Found : C:\Users\Petr\AppData\Roaming\Babylon
Folder Found : C:\Users\Petr\AppData\Roaming\BabylonToolbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Babylon
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Found : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Found : HKLM\Software\OpenCandy
Key Found : HKLM\Software\Web Assistant
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Found : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Found : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Found : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKLM\SOFTWARE\Web Assistant
Key Found : HKU\S-1-5-21-3498029293-1549083434-3070060937-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3498029293-1549083434-3070060937-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKU\S-1-5-21-3498029293-1549083434-3070060937-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-3498029293-1549083434-3070060937-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16448

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [15983 octets] - [02/02/2013 12:23:11]

########## EOF - C:\AdwCleaner[R1].txt - [16044 octets] ##########

TGVNeer · Příspěvekod **TGVNeer** » 02 úno 2013 12:34

tdsskiller část 1:

12:25:11.0083 5812 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:25:11.0270 5812 ============================================================
12:25:11.0270 5812 Current date / time: 2013/02/02 12:25:11.0270
12:25:11.0270 5812 SystemInfo:
12:25:11.0270 5812
12:25:11.0270 5812 OS Version: 6.1.7601 ServicePack: 1.0
12:25:11.0270 5812 Product type: Workstation
12:25:11.0270 5812 ComputerName: PETR-PC
12:25:11.0270 5812 UserName: Petr
12:25:11.0270 5812 Windows directory: C:\Windows
12:25:11.0270 5812 System windows directory: C:\Windows
12:25:11.0270 5812 Running under WOW64
12:25:11.0270 5812 Processor architecture: Intel x64
12:25:11.0270 5812 Number of processors: 4
12:25:11.0270 5812 Page size: 0x1000
12:25:11.0270 5812 Boot type: Normal boot
12:25:11.0270 5812 ============================================================
12:25:11.0848 5812 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:25:11.0848 5812 ============================================================
12:25:11.0848 5812 \Device\Harddisk0\DR0:
12:25:11.0848 5812 MBR partitions:
12:25:11.0848 5812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x37C73968
12:25:11.0848 5812 ============================================================
12:25:11.0894 5812 C: <-> \Device\Harddisk0\DR0\Partition1
12:25:11.0894 5812 ============================================================
12:25:11.0894 5812 Initialize success
12:25:11.0894 5812 ============================================================
12:25:14.0359 5416 ============================================================
12:25:14.0359 5416 Scan started
12:25:14.0359 5416 Mode: Manual;
12:25:14.0359 5416 ============================================================
12:25:15.0326 5416 ================ Scan system memory ========================
12:25:15.0326 5416 System memory - ok
12:25:15.0326 5416 ================ Scan services =============================
12:25:15.0451 5416 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:25:15.0467 5416 1394ohci - ok
12:25:15.0514 5416 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:25:15.0514 5416 ACPI - ok
12:25:15.0560 5416 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:25:15.0560 5416 AcpiPmi - ok
12:25:15.0685 5416 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:25:15.0685 5416 AdobeFlashPlayerUpdateSvc - ok
12:25:15.0732 5416 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:25:15.0748 5416 adp94xx - ok
12:25:15.0779 5416 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:25:15.0794 5416 adpahci - ok
12:25:15.0810 5416 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:25:15.0810 5416 adpu320 - ok
12:25:15.0841 5416 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:25:15.0841 5416 AeLookupSvc - ok
12:25:15.0888 5416 [ FB2BE0BAE9B3F248080CDBF91EF16C7F ] AFBAgent C:\Windows\system32\FBAgent.exe
12:25:15.0888 5416 AFBAgent - ok
12:25:15.0935 5416 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:25:15.0950 5416 AFD - ok
12:25:15.0982 5416 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:25:15.0982 5416 agp440 - ok
12:25:16.0028 5416 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:25:16.0028 5416 ALG - ok
12:25:16.0060 5416 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:25:16.0060 5416 aliide - ok
12:25:16.0075 5416 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:25:16.0075 5416 amdide - ok
12:25:16.0122 5416 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:25:16.0122 5416 AmdK8 - ok
12:25:16.0138 5416 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:25:16.0138 5416 AmdPPM - ok
12:25:16.0169 5416 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:25:16.0184 5416 amdsata - ok
12:25:16.0200 5416 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:25:16.0200 5416 amdsbs - ok
12:25:16.0216 5416 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:25:16.0216 5416 amdxata - ok
12:25:16.0262 5416 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:25:16.0278 5416 AppID - ok
12:25:16.0294 5416 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:25:16.0294 5416 AppIDSvc - ok
12:25:16.0325 5416 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:25:16.0325 5416 Appinfo - ok
12:25:16.0356 5416 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:25:16.0372 5416 arc - ok
12:25:16.0372 5416 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:25:16.0387 5416 arcsas - ok
12:25:16.0465 5416 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
12:25:16.0465 5416 ASLDRService - ok
12:25:16.0481 5416 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
12:25:16.0481 5416 ASMMAP64 - ok
12:25:16.0574 5416 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
12:25:16.0574 5416 aswFsBlk - ok
12:25:16.0684 5416 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
12:25:16.0699 5416 aswMonFlt - ok
12:25:16.0762 5416 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
12:25:16.0777 5416 aswRdr - ok
12:25:16.0824 5416 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
12:25:16.0871 5416 aswSnx - ok
12:25:16.0918 5416 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
12:25:16.0918 5416 aswSP - ok
12:25:16.0980 5416 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
12:25:16.0980 5416 aswTdi - ok
12:25:17.0011 5416 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:25:17.0011 5416 AsyncMac - ok
12:25:17.0058 5416 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:25:17.0058 5416 atapi - ok
12:25:17.0120 5416 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:25:17.0152 5416 athr - ok
12:25:17.0183 5416 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
12:25:17.0183 5416 ATKGFNEXSrv - ok
12:25:17.0510 5416 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
12:25:17.0510 5416 atksgt - ok
12:25:17.0573 5416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:25:17.0588 5416 AudioEndpointBuilder - ok
12:25:17.0620 5416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:25:17.0620 5416 AudioSrv - ok
12:25:17.0698 5416 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
12:25:17.0698 5416 avast! Antivirus - ok
12:25:17.0713 5416 avast! Firewall - ok
12:25:17.0791 5416 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:25:17.0791 5416 AxInstSV - ok
12:25:17.0854 5416 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:25:17.0869 5416 b06bdrv - ok
12:25:17.0932 5416 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:25:17.0932 5416 b57nd60a - ok
12:25:17.0963 5416 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:25:17.0963 5416 BDESVC - ok
12:25:17.0978 5416 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:25:17.0994 5416 Beep - ok
12:25:18.0041 5416 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:25:18.0072 5416 BFE - ok
12:25:18.0088 5416 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:25:18.0088 5416 blbdrive - ok
12:25:18.0103 5416 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:25:18.0119 5416 bowser - ok
12:25:18.0150 5416 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:25:18.0150 5416 BrFiltLo - ok
12:25:18.0166 5416 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:25:18.0166 5416 BrFiltUp - ok
12:25:18.0197 5416 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:25:18.0197 5416 Browser - ok
12:25:18.0228 5416 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:25:18.0228 5416 Brserid - ok
12:25:18.0259 5416 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:25:18.0259 5416 BrSerWdm - ok
12:25:18.0275 5416 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:25:18.0275 5416 BrUsbMdm - ok
12:25:18.0290 5416 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:25:18.0290 5416 BrUsbSer - ok
12:25:18.0337 5416 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:25:18.0337 5416 BthEnum - ok
12:25:18.0353 5416 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:25:18.0353 5416 BTHMODEM - ok
12:25:18.0353 5416 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:25:18.0353 5416 BthPan - ok
12:25:18.0400 5416 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:25:18.0415 5416 BTHPORT - ok
12:25:18.0446 5416 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:25:18.0462 5416 bthserv - ok
12:25:18.0493 5416 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:25:18.0493 5416 BTHUSB - ok
12:25:18.0540 5416 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:25:18.0540 5416 cdfs - ok
12:25:18.0602 5416 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:25:18.0602 5416 cdrom - ok
12:25:18.0649 5416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:25:18.0649 5416 CertPropSvc - ok
12:25:18.0680 5416 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:25:18.0680 5416 circlass - ok
12:25:18.0712 5416 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:25:18.0727 5416 CLFS - ok
12:25:18.0790 5416 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:25:18.0790 5416 clr_optimization_v2.0.50727_32 - ok
12:25:18.0821 5416 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:25:18.0836 5416 clr_optimization_v2.0.50727_64 - ok
12:25:18.0899 5416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:25:18.0899 5416 clr_optimization_v4.0.30319_32 - ok
12:25:18.0946 5416 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:25:18.0946 5416 clr_optimization_v4.0.30319_64 - ok
12:25:18.0977 5416 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:25:18.0977 5416 CmBatt - ok
12:25:19.0008 5416 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:25:19.0024 5416 cmdide - ok
12:25:19.0102 5416 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:25:19.0102 5416 CNG - ok
12:25:19.0164 5416 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:25:19.0164 5416 Compbatt - ok
12:25:19.0211 5416 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:25:19.0211 5416 CompositeBus - ok
12:25:19.0226 5416 COMSysApp - ok
12:25:19.0242 5416 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:25:19.0242 5416 crcdisk - ok
12:25:19.0289 5416 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:25:19.0289 5416 CryptSvc - ok
12:25:19.0351 5416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:25:19.0351 5416 DcomLaunch - ok
12:25:19.0382 5416 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:25:19.0398 5416 defragsvc - ok
12:25:19.0429 5416 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:25:19.0429 5416 DfsC - ok
12:25:19.0507 5416 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:25:19.0507 5416 Dhcp - ok
12:25:19.0523 5416 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:25:19.0538 5416 discache - ok
12:25:19.0554 5416 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:25:19.0554 5416 Disk - ok
12:25:19.0585 5416 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:25:19.0585 5416 Dnscache - ok
12:25:19.0632 5416 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:25:19.0648 5416 dot3svc - ok
12:25:19.0679 5416 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:25:19.0679 5416 DPS - ok
12:25:19.0710 5416 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:25:19.0710 5416 drmkaud - ok
12:25:19.0772 5416 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:25:19.0788 5416 DXGKrnl - ok
12:25:19.0804 5416 EagleX64 - ok
12:25:19.0835 5416 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:25:19.0835 5416 EapHost - ok
12:25:20.0006 5416 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:25:20.0069 5416 ebdrv - ok
12:25:20.0131 5416 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:25:20.0131 5416 EFS - ok
12:25:20.0209 5416 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:25:20.0209 5416 ehRecvr - ok
12:25:20.0225 5416 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:25:20.0225 5416 ehSched - ok
12:25:20.0272 5416 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:25:20.0272 5416 elxstor - ok
12:25:20.0287 5416 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:25:20.0303 5416 ErrDev - ok
12:25:20.0350 5416 [ 3C38648375B7F3988691F53A7AAE10A9 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
12:25:20.0350 5416 ETD - ok
12:25:20.0381 5416 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:25:20.0396 5416 EventSystem - ok
12:25:20.0412 5416 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:25:20.0412 5416 exfat - ok
12:25:20.0428 5416 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:25:20.0443 5416 fastfat - ok
12:25:20.0506 5416 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:25:20.0521 5416 Fax - ok
12:25:20.0552 5416 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:25:20.0552 5416 fdc - ok
12:25:20.0584 5416 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:25:20.0584 5416 fdPHost - ok
12:25:20.0599 5416 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:25:20.0615 5416 FDResPub - ok
12:25:20.0615 5416 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:25:20.0630 5416 FileInfo - ok
12:25:20.0646 5416 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:25:20.0646 5416 Filetrace - ok
12:25:20.0662 5416 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:25:20.0662 5416 flpydisk - ok
12:25:20.0693 5416 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:25:20.0708 5416 FltMgr - ok
12:25:20.0740 5416 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:25:20.0755 5416 FontCache - ok
12:25:20.0802 5416 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:25:20.0802 5416 FontCache3.0.0.0 - ok
12:25:20.0833 5416 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:25:20.0833 5416 FsDepends - ok
12:25:20.0880 5416 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:25:20.0880 5416 fssfltr - ok
12:25:20.0974 5416 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:25:21.0020 5416 fsssvc - ok
12:25:21.0052 5416 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:25:21.0052 5416 Fs_Rec - ok
12:25:21.0098 5416 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:25:21.0114 5416 fvevol - ok
12:25:21.0130 5416 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:25:21.0145 5416 gagp30kx - ok
12:25:21.0176 5416 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:25:21.0208 5416 gpsvc - ok
12:25:21.0254 5416 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:25:21.0254 5416 gusvc - ok
12:25:21.0301 5416 [ F8F0851D336C3B88DBD7232B6348E09A ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:25:21.0301 5416 hamachi - ok
12:25:21.0332 5416 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:25:21.0332 5416 hcw85cir - ok
12:25:21.0364 5416 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:25:21.0379 5416 HdAudAddService - ok
12:25:21.0395 5416 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:25:21.0410 5416 HDAudBus - ok
12:25:21.0426 5416 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:25:21.0426 5416 HECIx64 - ok
12:25:21.0426 5416 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:25:21.0442 5416 HidBatt - ok
12:25:21.0457 5416 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:25:21.0457 5416 HidBth - ok
12:25:21.0473 5416 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:25:21.0473 5416 HidIr - ok
12:25:21.0504 5416 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:25:21.0504 5416 hidserv - ok
12:25:21.0566 5416 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:25:21.0566 5416 HidUsb - ok
12:25:21.0598 5416 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:25:21.0598 5416 hkmsvc - ok
12:25:21.0644 5416 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:25:21.0644 5416 HomeGroupListener - ok
12:25:21.0691 5416 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:25:21.0691 5416 HomeGroupProvider - ok
12:25:21.0722 5416 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:25:21.0722 5416 HpSAMD - ok
12:25:21.0785 5416 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:25:21.0816 5416 HTTP - ok
12:25:21.0847 5416 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:25:21.0847 5416 hwpolicy - ok
12:25:21.0894 5416 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:25:21.0894 5416 i8042prt - ok
12:25:21.0925 5416 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:25:21.0941 5416 iaStor - ok
12:25:21.0972 5416 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:25:21.0972 5416 iaStorV - ok
12:25:22.0050 5416 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:25:22.0050 5416 IDriverT - ok
12:25:22.0128 5416 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:25:22.0144 5416 idsvc - ok
12:25:22.0362 5416 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:25:22.0565 5416 igfx - ok
12:25:22.0612 5416 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:25:22.0612 5416 iirsp - ok
12:25:22.0658 5416 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:25:22.0690 5416 IKEEXT - ok
12:25:22.0721 5416 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:25:22.0721 5416 Impcd - ok
12:25:22.0799 5416 [ 53019327813FF5AB2964B33B2C61307C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:25:22.0877 5416 IntcAzAudAddService - ok
12:25:22.0924 5416 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:25:22.0924 5416 IntcDAud - ok
12:25:22.0939 5416 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:25:22.0939 5416 intelide - ok
12:25:22.0970 5416 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:25:22.0986 5416 intelppm - ok
12:25:23.0002 5416 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:25:23.0002 5416 IPBusEnum - ok
12:25:23.0033 5416 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:25:23.0033 5416 IpFilterDriver - ok
12:25:23.0080 5416 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:25:23.0080 5416 IPMIDRV - ok
12:25:23.0095 5416 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:25:23.0095 5416 IPNAT - ok
12:25:23.0126 5416 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:25:23.0126 5416 IRENUM - ok
12:25:23.0142 5416 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:25:23.0142 5416 isapnp - ok
12:25:23.0173 5416 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:25:23.0189 5416 iScsiPrt - ok
12:25:23.0236 5416 [ 74FB083B2C5FA0E9545EF211E5A01B1D ] ithsgt C:\Windows\system32\DRIVERS\ithsgt.sys
12:25:23.0251 5416 ithsgt - ok
12:25:23.0267 5416 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:25:23.0282 5416 kbdclass - ok
12:25:23.0329 5416 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:25:23.0329 5416 kbdhid - ok
12:25:23.0376 5416 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
12:25:23.0376 5416 kbfiltr - ok
12:25:23.0392 5416 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:25:23.0392 5416 KeyIso - ok
12:25:23.0423 5416 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:25:23.0423 5416 KSecDD - ok
12:25:23.0470 5416 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:25:23.0470 5416 KSecPkg - ok
12:25:23.0501 5416 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:25:23.0516 5416 ksthunk - ok
12:25:23.0548 5416 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:25:23.0563 5416 KtmRm - ok
12:25:23.0594 5416 [ B4A3A05B0F9C81D098B96AB6AA915042 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
12:25:23.0594 5416 L1C - ok
12:25:23.0641 5416 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:25:23.0657 5416 LanmanServer - ok
12:25:23.0688 5416 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:25:23.0704 5416 LanmanWorkstation - ok
12:25:23.0750 5416 [ E94E1002BD96578AE63F5F70D4457F3E ] lilsgt C:\Windows\system32\DRIVERS\lilsgt.sys
12:25:23.0750 5416 lilsgt - ok
12:25:23.0782 5416 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
12:25:23.0797 5416 lirsgt - ok
12:25:23.0813 5416 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:25:23.0813 5416 lltdio - ok
12:25:23.0844 5416 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:25:23.0860 5416 lltdsvc - ok
12:25:23.0875 5416 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:25:23.0875 5416 lmhosts - ok
12:25:23.0969 5416 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:25:23.0969 5416 LMS - ok
12:25:24.0000 5416 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:25:24.0000 5416 LSI_FC - ok
12:25:24.0031 5416 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:25:24.0031 5416 LSI_SAS - ok
12:25:24.0047 5416 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:25:24.0047 5416 LSI_SAS2 - ok
12:25:24.0062 5416 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:25:24.0062 5416 LSI_SCSI - ok
12:25:24.0094 5416 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:25:24.0094 5416 luafv - ok
12:25:24.0125 5416 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
12:25:24.0125 5416 lullaby - ok
12:25:24.0187 5416 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:25:24.0187 5416 MBAMProtector - ok
12:25:24.0234 5416 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:25:24.0250 5416 MBAMScheduler - ok
12:25:24.0265 5416 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:25:24.0281 5416 MBAMService - ok
12:25:24.0328 5416 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:25:24.0328 5416 Mcx2Svc - ok
12:25:24.0343 5416 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:25:24.0359 5416 megasas - ok
12:25:24.0374 5416 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:25:24.0374 5416 MegaSR - ok
12:25:24.0468 5416 Microsoft SharePoint Workspace Audit Service - ok
12:25:24.0484 5416 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:25:24.0484 5416 MMCSS - ok
12:25:24.0499 5416 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:25:24.0499 5416 Modem - ok
12:25:24.0530 5416 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:25:24.0530 5416 monitor - ok
12:25:24.0577 5416 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:25:24.0577 5416 mouclass - ok
12:25:24.0608 5416 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:25:24.0608 5416 mouhid - ok
12:25:24.0640 5416 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:25:24.0640 5416 mountmgr - ok
12:25:24.0671 5416 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:25:24.0686 5416 mpio - ok
12:25:24.0702 5416 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:25:24.0702 5416 mpsdrv - ok
12:25:24.0749 5416 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:25:24.0749 5416 MRxDAV - ok
12:25:24.0780 5416 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:25:24.0780 5416 mrxsmb - ok
12:25:24.0811 5416 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:25:24.0827 5416 mrxsmb10 - ok
12:25:24.0842 5416 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:25:24.0842 5416 mrxsmb20 - ok
12:25:24.0874 5416 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:25:24.0874 5416 msahci - ok
12:25:24.0889 5416 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:25:24.0889 5416 msdsm - ok
12:25:24.0920 5416 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:25:24.0920 5416 MSDTC - ok
12:25:24.0967 5416 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:25:24.0967 5416 Msfs - ok
12:25:25.0108 5416 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:25:25.0108 5416 mshidkmdf - ok
12:25:25.0139 5416 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:25:25.0139 5416 msisadrv - ok
12:25:25.0170 5416 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:25:25.0170 5416 MSiSCSI - ok
12:25:25.0186 5416 msiserver - ok
12:25:25.0201 5416 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:25:25.0201 5416 MSKSSRV - ok
12:25:25.0217 5416 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:25:25.0217 5416 MSPCLOCK - ok
12:25:25.0232 5416 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:25:25.0232 5416 MSPQM - ok
12:25:25.0279 5416 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:25:25.0279 5416 MsRPC - ok
12:25:25.0295 5416 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:25:25.0295 5416 mssmbios - ok
12:25:25.0310 5416 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:25:25.0310 5416 MSTEE - ok
12:25:25.0326 5416 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:25:25.0326 5416 MTConfig - ok
12:25:25.0357 5416 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
12:25:25.0357 5416 MTsensor - ok
12:25:25.0373 5416 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:25:25.0388 5416 Mup - ok
12:25:25.0435 5416 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:25:25.0435 5416 napagent - ok
12:25:25.0466 5416 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:25:25.0482 5416 NativeWifiP - ok
12:25:25.0513 5416 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
12:25:25.0544 5416 NDIS - ok
12:25:25.0560 5416 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:25:25.0560 5416 NdisCap - ok
12:25:25.0576 5416 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:25:25.0576 5416 NdisTapi - ok
12:25:25.0607 5416 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:25:25.0622 5416 Ndisuio - ok
12:25:25.0654 5416 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:25:25.0669 5416 NdisWan - ok
12:25:25.0685 5416 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:25:25.0700 5416 NDProxy - ok
12:25:25.0810 5416 [ A0101E836D2A39682E134C47B1565256 ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
12:25:25.0841 5416 Nero BackItUp Scheduler 3 - ok
12:25:25.0872 5416 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:25:25.0872 5416 NetBIOS - ok
12:25:25.0903 5416 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:25:25.0919 5416 NetBT - ok
12:25:25.0934 5416 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:25:25.0934 5416 Netlogon - ok
12:25:25.0981 5416 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:25:25.0981 5416 Netman - ok
12:25:25.0997 5416 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:25:26.0012 5416 netprofm - ok
12:25:26.0028 5416 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:25:26.0028 5416 NetTcpPortSharing - ok

TGVNeer · Příspěvekod **TGVNeer** » 02 úno 2013 12:35

část 2:
12:25:26.0059 5416 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:25:26.0059 5416 nfrd960 - ok
12:25:26.0106 5416 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:25:26.0122 5416 NlaSvc - ok
12:25:26.0200 5416 [ 6EF0506CE1F553E9BD085645933C8686 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
12:25:26.0200 5416 NMIndexingService - ok
12:25:26.0231 5416 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
12:25:26.0231 5416 nmwcd - ok
12:25:26.0278 5416 [ 2C761CC067ACF0FB4EA13930B09BFEEA ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys
12:25:26.0278 5416 nmwcdcx64 - ok
12:25:26.0278 5416 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
12:25:26.0293 5416 nmwcdx64 - ok
12:25:26.0309 5416 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:25:26.0309 5416 Npfs - ok
12:25:26.0356 5416 npggsvc - ok
12:25:26.0356 5416 NPPTNT2 - ok
12:25:26.0387 5416 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:25:26.0387 5416 nsi - ok
12:25:26.0418 5416 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:25:26.0418 5416 nsiproxy - ok
12:25:26.0480 5416 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:25:26.0512 5416 Ntfs - ok
12:25:26.0527 5416 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:25:26.0527 5416 Null - ok
12:25:26.0824 5416 [ 70E89A21827B2669AF906B703C7C48B5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:25:27.0089 5416 nvlddmkm - ok
12:25:27.0182 5416 [ 4B9C0C2BF78289513101EB0D44834701 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
12:25:27.0182 5416 nvpciflt - ok
12:25:27.0229 5416 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:25:27.0229 5416 nvraid - ok
12:25:27.0245 5416 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:25:27.0260 5416 nvstor - ok
12:25:27.0307 5416 [ E04FCE1D149CF05C3449E3171F9C3E41 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:25:27.0338 5416 nvsvc - ok
12:25:27.0463 5416 [ D96DDEA6C699A99832E0186057801971 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:25:27.0479 5416 nvUpdatusService - ok
12:25:27.0510 5416 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:25:27.0526 5416 nv_agp - ok
12:25:27.0541 5416 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:25:27.0541 5416 ohci1394 - ok
12:25:27.0619 5416 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:25:27.0619 5416 ose64 - ok
12:25:27.0775 5416 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:25:27.0869 5416 osppsvc - ok
12:25:27.0916 5416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:25:27.0931 5416 p2pimsvc - ok
12:25:27.0962 5416 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:25:27.0978 5416 p2psvc - ok
12:25:28.0009 5416 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:25:28.0009 5416 Parport - ok
12:25:28.0040 5416 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:25:28.0040 5416 partmgr - ok
12:25:28.0056 5416 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:25:28.0072 5416 PcaSvc - ok
12:25:28.0103 5416 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
12:25:28.0103 5416 pccsmcfd - ok
12:25:28.0118 5416 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:25:28.0134 5416 pci - ok
12:25:28.0150 5416 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:25:28.0165 5416 pciide - ok
12:25:28.0181 5416 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:25:28.0196 5416 pcmcia - ok
12:25:28.0212 5416 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:25:28.0212 5416 pcw - ok
12:25:28.0243 5416 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:25:28.0243 5416 PEAUTH - ok
12:25:28.0306 5416 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:25:28.0306 5416 PerfHost - ok
12:25:28.0384 5416 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:25:28.0415 5416 pla - ok
12:25:28.0446 5416 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:25:28.0462 5416 PlugPlay - ok
12:25:28.0477 5416 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:25:28.0493 5416 PNRPAutoReg - ok
12:25:28.0508 5416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:25:28.0508 5416 PNRPsvc - ok
12:25:28.0524 5416 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:25:28.0540 5416 PolicyAgent - ok
12:25:28.0555 5416 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:25:28.0571 5416 Power - ok
12:25:28.0618 5416 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:25:28.0618 5416 PptpMiniport - ok
12:25:28.0649 5416 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:25:28.0649 5416 Processor - ok
12:25:28.0680 5416 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:25:28.0696 5416 ProfSvc - ok
12:25:28.0711 5416 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:25:28.0711 5416 ProtectedStorage - ok
12:25:28.0742 5416 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:25:28.0758 5416 Psched - ok
12:25:28.0820 5416 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:25:28.0852 5416 ql2300 - ok
12:25:28.0867 5416 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:25:28.0867 5416 ql40xx - ok
12:25:28.0898 5416 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:25:28.0914 5416 QWAVE - ok
12:25:28.0930 5416 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:25:28.0945 5416 QWAVEdrv - ok
12:25:28.0945 5416 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:25:28.0961 5416 RasAcd - ok
12:25:28.0992 5416 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:25:28.0992 5416 RasAgileVpn - ok
12:25:29.0023 5416 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll12:25:29.0023 5416 RasAuto - ok
12:25:29.0070 5416 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:25:29.0070 5416 Rasl2tp - ok
12:25:29.0101 5416 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:25:29.0101 5416 RasMan - ok
12:25:29.0132 5416 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:25:29.0132 5416 RasPppoe - ok
12:25:29.0148 5416 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:25:29.0148 5416 RasSstp - ok
12:25:29.0164 5416 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:25:29.0179 5416 rdbss - ok
12:25:29.0179 5416 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:25:29.0195 5416 rdpbus - ok
12:25:29.0210 5416 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:25:29.0210 5416 RDPCDD - ok
12:25:29.0242 5416 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:25:29.0242 5416 RDPENCDD - ok
12:25:29.0257 5416 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:25:29.0257 5416 RDPREFMP - ok
12:25:29.0288 5416 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:25:29.0288 5416 RDPWD - ok
12:25:29.0351 5416 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:25:29.0351 5416 rdyboost - ok
12:25:29.0382 5416 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:25:29.0382 5416 RemoteAccess - ok
12:25:29.0398 5416 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:25:29.0413 5416 RemoteRegistry - ok
12:25:29.0444 5416 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:25:29.0444 5416 RFCOMM - ok
12:25:29.0522 5416 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
12:25:29.0538 5416 RichVideo - ok
12:25:29.0569 5416 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:25:29.0569 5416 ROOTMODEM - ok
12:25:29.0600 5416 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:25:29.0600 5416 RpcEptMapper - ok
12:25:29.0632 5416 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:25:29.0632 5416 RpcLocator - ok
12:25:29.0663 5416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:25:29.0678 5416 RpcSs - ok
12:25:29.0710 5416 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:25:29.0710 5416 rspndr - ok
12:25:29.0710 5416 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:25:29.0725 5416 SamSs - ok
12:25:29.0756 5416 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:25:29.0756 5416 sbp2port - ok
12:25:29.0788 5416 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:25:29.0788 5416 SCardSvr - ok
12:25:29.0834 5416 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:25:29.0834 5416 scfilter - ok
12:25:29.0897 5416 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:25:29.0928 5416 Schedule - ok
12:25:29.0959 5416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:25:29.0975 5416 SCPolicySvc - ok
12:25:29.0990 5416 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:25:29.0990 5416 SDRSVC - ok
12:25:30.0022 5416 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:25:30.0022 5416 secdrv - ok
12:25:30.0037 5416 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:25:30.0037 5416 seclogon - ok
12:25:30.0068 5416 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:25:30.0068 5416 SENS - ok
12:25:30.0100 5416 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:25:30.0100 5416 SensrSvc - ok
12:25:30.0115 5416 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:25:30.0115 5416 Serenum - ok
12:25:30.0146 5416 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:25:30.0146 5416 Serial - ok
12:25:30.0162 5416 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:25:30.0162 5416 sermouse - ok
12:25:30.0224 5416 [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
12:25:30.0224 5416 ServiceLayer - ok
12:25:30.0271 5416 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:25:30.0271 5416 SessionEnv - ok
12:25:30.0318 5416 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:25:30.0318 5416 sffdisk - ok
12:25:30.0334 5416 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:25:30.0334 5416 sffp_mmc - ok
12:25:30.0349 5416 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:25:30.0365 5416 sffp_sd - ok
12:25:30.0396 5416 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:25:30.0396 5416 sfloppy - ok
12:25:30.0427 5416 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:25:30.0427 5416 ShellHWDetection - ok
12:25:30.0458 5416 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
12:25:30.0458 5416 SiSGbeLH - ok
12:25:30.0474 5416 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:25:30.0474 5416 SiSRaid2 - ok
12:25:30.0490 5416 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:25:30.0505 5416 SiSRaid4 - ok
12:25:30.0505 5416 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:25:30.0505 5416 Smb - ok
12:25:30.0568 5416 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:25:30.0568 5416 SNMPTRAP - ok
12:25:30.0630 5416 [ 2114518E55B380A3ACC28B2C27FD499A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
12:25:30.0677 5416 SNP2UVC - ok
12:25:30.0692 5416 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:25:30.0692 5416 spldr - ok
12:25:30.0724 5416 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:25:30.0755 5416 Spooler - ok
12:25:30.0848 5416 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:25:30.0942 5416 sppsvc - ok
12:25:30.0958 5416 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:25:30.0973 5416 sppuinotify - ok
12:25:31.0036 5416 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
12:25:31.0036 5416 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
12:25:31.0036 5416 sptd ( LockedFile.Multi.Generic ) - warning
12:25:31.0036 5416 sptd - detected LockedFile.Multi.Generic (1)
12:25:31.0082 5416 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:25:31.0082 5416 srv - ok
12:25:31.0098 5416 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:25:31.0114 5416 srv2 - ok
12:25:31.0129 5416 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:25:31.0129 5416 srvnet - ok
12:25:31.0192 5416 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:25:31.0192 5416 SSDPSRV - ok
12:25:31.0207 5416 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:25:31.0207 5416 SstpSvc - ok
12:25:31.0238 5416 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:25:31.0238 5416 stexstor - ok
12:25:31.0285 5416 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:25:31.0316 5416 stisvc - ok
12:25:31.0348 5416 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:25:31.0348 5416 swenum - ok
12:25:31.0379 5416 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:25:31.0410 5416 swprv - ok
12:25:31.0488 5416 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:25:31.0535 5416 SysMain - ok
12:25:31.0566 5416 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:25:31.0582 5416 TabletInputService - ok
12:25:31.0613 5416 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:25:31.0613 5416 TapiSrv - ok
12:25:31.0644 5416 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:25:31.0644 5416 TBS - ok
12:25:31.0706 5416 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:25:31.0753 5416 Tcpip - ok
12:25:31.0816 5416 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:25:31.0816 5416 TCPIP6 - ok
12:25:31.0878 5416 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:25:31.0878 5416 tcpipreg - ok
12:25:31.0894 5416 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:25:31.0894 5416 TDPIPE - ok
12:25:31.0940 5416 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:25:31.0940 5416 TDTCP - ok
12:25:31.0972 5416 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:25:31.0972 5416 tdx - ok
12:25:32.0018 5416 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:25:32.0018 5416 TermDD - ok
12:25:32.0050 5416 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:25:32.0065 5416 TermService - ok
12:25:32.0081 5416 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:25:32.0096 5416 Themes - ok
12:25:32.0112 5416 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:25:32.0112 5416 THREADORDER - ok
12:25:32.0190 5416 [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
12:25:32.0190 5416 TOSHIBA Bluetooth Service - ok
12:25:32.0206 5416 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
12:25:32.0206 5416 tosporte - ok
12:25:32.0221 5416 [ 71BB669BFCADE1580FDCE010ABC76310 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
12:25:32.0237 5416 tosrfbd - ok
12:25:32.0252 5416 [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
12:25:32.0252 5416 tosrfbnp - ok
12:25:32.0284 5416 [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
12:25:32.0284 5416 Tosrfcom - ok
12:25:32.0299 5416 [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
12:25:32.0299 5416 Tosrfhid - ok
12:25:32.0315 5416 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
12:25:32.0315 5416 tosrfnds - ok
12:25:32.0330 5416 [ 463785C39F247580E16DAEF760E7EA86 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
12:25:32.0330 5416 Tosrfusb - ok
12:25:32.0362 5416 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:25:32.0362 5416 TrkWks - ok
12:25:32.0424 5416 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:25:32.0424 5416 TrustedInstaller - ok
12:25:32.0471 5416 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:25:32.0471 5416 tssecsrv - ok
12:25:32.0518 5416 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:25:32.0533 5416 TsUsbFlt - ok
12:25:32.0580 5416 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:25:32.0580 5416 tunnel - ok
12:25:32.0611 5416 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:25:32.0611 5416 uagp35 - ok
12:25:32.0658 5416 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:25:32.0658 5416 udfs - ok
12:25:32.0705 5416 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:25:32.0705 5416 UI0Detect - ok
12:25:32.0720 5416 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:25:32.0720 5416 uliagpkx - ok
12:25:32.0767 5416 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:25:32.0767 5416 umbus - ok
12:25:32.0798 5416 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:25:32.0798 5416 UmPass - ok
12:25:32.0908 5416 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:25:32.0923 5416 UNS - ok
12:25:33.0001 5416 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:25:33.0001 5416 upnphost - ok
12:25:33.0048 5416 [ BCD611D240604CEEE7F90805361FAB50 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
12:25:33.0048 5416 upperdev - ok
12:25:33.0079 5416 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:25:33.0079 5416 usbccgp - ok
12:25:33.0126 5416 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:25:33.0126 5416 usbcir - ok
12:25:33.0142 5416 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:25:33.0142 5416 usbehci - ok
12:25:33.0173 5416 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:25:33.0173 5416 usbhub - ok
12:25:33.0188 5416 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:25:33.0188 5416 usbohci - ok
12:25:33.0220 5416 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:25:33.0220 5416 usbprint - ok
12:25:33.0251 5416 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
12:25:33.0251 5416 usbser - ok
12:25:33.0266 5416 [ D91BE2644B18B4E3C69982FE0E1E97D6 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
12:25:33.0282 5416 UsbserFilt - ok
12:25:33.0282 5416 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:25:33.0282 5416 USBSTOR - ok
12:25:33.0298 5416 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:25:33.0298 5416 usbuhci - ok
12:25:33.0360 5416 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:25:33.0360 5416 usbvideo - ok
12:25:33.0391 5416 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:25:33.0391 5416 UxSms - ok
12:25:33.0407 5416 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:25:33.0407 5416 VaultSvc - ok
12:25:33.0438 5416 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:25:33.0438 5416 vdrvroot - ok
12:25:33.0485 5416 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:25:33.0516 5416 vds - ok
12:25:33.0547 5416 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:25:33.0547 5416 vga - ok
12:25:33.0547 5416 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:25:33.0563 5416 VgaSave - ok
12:25:33.0578 5416 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:25:33.0578 5416 vhdmp - ok
12:25:33.0625 5416 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:25:33.0625 5416 viaide - ok
12:25:33.0641 5416 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:25:33.0641 5416 volmgr - ok
12:25:33.0688 5416 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:25:33.0688 5416 volmgrx - ok
12:25:33.0703 5416 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:25:33.0719 5416 volsnap - ok
12:25:33.0734 5416 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:25:33.0734 5416 vsmraid - ok
12:25:33.0797 5416 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:25:33.0844 5416 VSS - ok
12:25:33.0859 5416 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:25:33.0859 5416 vwifibus - ok
12:25:33.0875 5416 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:25:33.0875 5416 vwififlt - ok
12:25:33.0890 5416 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:25:33.0906 5416 vwifimp - ok
12:25:33.0922 5416 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:25:33.0937 5416 W32Time - ok
12:25:33.0953 5416 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:25:33.0953 5416 WacomPen - ok
12:25:34.0000 5416 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:25:34.0000 5416 WANARP - ok
12:25:34.0015 5416 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:25:34.0015 5416 Wanarpv6 - ok
12:25:34.0093 5416 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:25:34.0140 5416 WatAdminSvc - ok
12:25:34.0187 5416 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:25:34.0234 5416 wbengine - ok
12:25:34.0265 5416 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:25:34.0280 5416 WbioSrvc - ok
12:25:34.0312 5416 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:25:34.0327 5416 wcncsvc - ok
12:25:34.0343 5416 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:25:34.0358 5416 WcsPlugInService - ok
12:25:34.0374 5416 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:25:34.0390 5416 Wd - ok
12:25:34.0405 5416 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:25:34.0421 5416 Wdf01000 - ok
12:25:34.0421 5416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:25:34.0436 5416 WdiServiceHost - ok
12:25:34.0436 5416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:25:34.0436 5416 WdiSystemHost - ok
12:25:34.0514 5416 [ CC86D2867EB393F1360BEB6E7E1BF9DC ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
12:25:34.0514 5416 Web Assistant Updater - ok
12:25:34.0561 5416 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:25:34.0561 5416 WebClient - ok
12:25:34.0592 5416 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:25:34.0608 5416 Wecsvc - ok
12:25:34.0624 5416 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:25:34.0639 5416 wercplsupport - ok
12:25:34.0655 5416 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:25:34.0670 5416 WerSvc - ok
12:25:34.0686 5416 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:25:34.0686 5416 WfpLwf - ok
12:25:34.0717 5416 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:25:34.0717 5416 WimFltr - ok
12:25:34.0748 5416 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:25:34.0748 5416 WIMMount - ok
12:25:34.0748 5416 WinHttpAutoProxySvc - ok
12:25:34.0795 5416 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:25:34.0795 5416 Winmgmt - ok
12:25:34.0873 5416 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:25:34.0936 5416 WinRM - ok
12:25:34.0982 5416 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:25:34.0998 5416 WinUsb - ok
12:25:35.0029 5416 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:25:35.0060 5416 Wlansvc - ok
12:25:35.0138 5416 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:25:35.0138 5416 wlcrasvc - ok
12:25:35.0279 5416 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:25:35.0341 5416 wlidsvc - ok
12:25:35.0372 5416 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:25:35.0372 5416 WmiAcpi - ok
12:25:35.0404 5416 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:25:35.0419 5416 wmiApSrv - ok
12:25:35.0435 5416 WMPNetworkSvc - ok
12:25:35.0466 5416 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:25:35.0466 5416 WPCSvc - ok
12:25:35.0497 5416 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:25:35.0513 5416 WPDBusEnum - ok
12:25:35.0544 5416 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:25:35.0544 5416 ws2ifsl - ok
12:25:35.0544 5416 WSearch - ok
12:25:35.0591 5416 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:25:35.0591 5416 WudfPf - ok
12:25:35.0638 5416 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:25:35.0653 5416 WUDFRd - ok
12:25:35.0684 5416 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:25:35.0684 5416 wudfsvc - ok
12:25:35.0700 5416 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:25:35.0716 5416 WwanSvc - ok
12:25:35.0747 5416 ================ Scan global ===============================
12:25:35.0762 5416 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:25:35.0778 5416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:25:35.0794 5416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:25:35.0825 5416 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:25:35.0856 5416 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
12:25:35.0856 5416 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
12:25:35.0856 5416 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
12:25:35.0856 5416 ================ Scan MBR ==================================
12:25:35.0872 5416 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:25:43.0734 5416 \Device\Harddisk0\DR0 - ok
12:25:43.0734 5416 ================ Scan VBR ==================================
12:25:43.0750 5416 [ BE4DFA9CB63CD527F46D1153AB3B3E28 ] \Device\Harddisk0\DR0\Partition1
12:25:43.0812 5416 \Device\Harddisk0\DR0\Partition1 - ok
12:25:43.0812 5416 ============================================================
12:25:43.0812 5416 Scan finished
12:25:43.0812 5416 ============================================================
12:25:43.0828 5580 Detected object count: 2
12:25:43.0828 5580 Actual detected object count: 2
12:26:54.0052 5580 sptd ( LockedFile.Multi.Generic ) - skipped by user
12:26:54.0052 5580 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
12:26:54.0130 5580 C:\Windows\system32\services.exe - copied to quarantine
12:27:01.0743 5580 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
12:27:08.0170 5580 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
12:27:08.0373 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\@ - copied to quarantine
12:27:08.0373 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\00000004.@ - copied to quarantine
12:27:08.0467 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\80000000.@ - copied to quarantine
12:27:08.0529 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1076.tmp - copied to quarantine
12:27:08.0576 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1081.tmp - copied to quarantine
12:27:08.0592 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz10A5.tmp - copied to quarantine
12:27:08.0607 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz110E.tmp - copied to quarantine
12:27:08.0623 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz113F.tmp - copied to quarantine
12:27:08.0638 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz116B.tmp - copied to quarantine
12:27:08.0654 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz117F.tmp - copied to quarantine
12:27:08.0670 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz11CF.tmp - copied to quarantine
12:27:08.0685 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz126E.tmp - copied to quarantine
12:27:08.0701 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1303.tmp - copied to quarantine
12:27:08.0716 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1498.tmp - copied to quarantine
12:27:08.0732 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1526.tmp - copied to quarantine
12:27:08.0748 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1543.tmp - copied to quarantine
12:27:08.0748 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz182D.tmp - copied to quarantine
12:27:08.0779 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz190D.tmp - copied to quarantine
12:27:08.0779 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz196C.tmp - copied to quarantine
12:27:08.0810 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz198E.tmp - copied to quarantine
12:27:08.0826 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz198F.tmp - copied to quarantine
12:27:08.0857 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1AA8.tmp - copied to quarantine
12:27:08.0872 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1AA9.tmp - copied to quarantine
12:27:08.0888 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1BD9.tmp - copied to quarantine
12:27:08.0904 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1BFA.tmp - copied to quarantine
12:27:08.0919 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1D0D.tmp - copied to quarantine
12:27:09.0169 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1DBE.tmp - copied to quarantine
12:27:09.0200 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1DD8.tmp - copied to quarantine
12:27:09.0231 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1E65.tmp - copied to quarantine
12:27:09.0247 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1EF4.tmp - copied to quarantine
12:27:09.0262 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1F6.tmp - copied to quarantine
12:27:09.0278 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz206F.tmp - copied to quarantine
12:27:09.0294 5580 C:\Windows\installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2112.tmp - copied to quarantine
12:29:35.0544 5580 Backup copy not found, trying to cure infected file..
12:29:35.0544 5580 C:\Windows\system32\services.exe - Cure failed (FFFFFFFF)
12:29:35.0544 5580 C:\Windows\system32\services.exe - processing error
12:29:35.0544 5580 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure

TGVNeer · Příspěvekod **TGVNeer** » 02 úno 2013 13:26

combofix:

ComboFix 13-02-01.04 - Petr 02.02.2013 12:47:18.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3886.2439 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\program files (x86)\MyWebSearch
c:\program files\Web Assistant\ExTEnsion32.dll
c:\programdata\adob
c:\programdata\adob\123.reg
c:\programdata\adob\libcurl-4.dll
c:\programdata\adob\libpdcurses.dll
c:\programdata\adob\libpthread-2.dll
c:\programdata\adob\phatk110722.cl
c:\programdata\adob\phatk110722GeForce GT 325Mv1w256long4.bin
c:\programdata\adob\phatk110722Redwoodbitalignv2w128long4.bin
c:\programdata\adob\poclbm110717.cl
c:\programdata\adob\rundll32.exe
c:\programdata\adob\start.bat
c:\programdata\FullRemove.exe
c:\users\Petr\AppData\Roaming\chrtmp
c:\users\Petr\AppData\Roaming\InstallDir
c:\users\Petr\AppData\Roaming\Love
c:\users\Petr\AppData\Roaming\Love\mari0\options.txt
c:\users\Petr\AppData\Roaming\Microsoft\Windows\62WLru.cfg
c:\users\Petr\AppData\Roaming\Microsoft\Windows\62WLru.dat
c:\users\Petr\AppData\Roaming\Microsoft\Windows\62WLru.xtr
c:\users\Petr\AppData\Roaming\Microsoft\Windows\Templates\explorer.exe
c:\users\Petr\AppData\Roaming\Microsoft\Windows\Templates\InteliTrace.exe
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\@
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\00000004.@
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\80000000.@
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1076.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1081.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz10A5.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz110E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz113F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz116B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz117F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz11CF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz126E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1303.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1498.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1526.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1543.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz182D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz190D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz196C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz198E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz198F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1AA8.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1AA9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1BD9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1BFA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1D0D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1DBE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1DD8.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1E65.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1EF4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz1F6.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz206F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2112.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2142.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz225F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2541.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz25AC.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz25BF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2678.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz27CA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz27FA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz29EB.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2A5A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2AB8.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2B47.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2C32.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2E29.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2E2A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2E89.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2EE9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz2FA2.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz30F3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3208.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz324B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz330E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz33C7.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz33F3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3520.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3544.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3603.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz361D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3662.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz37C4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3849.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3857.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3878.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3AF9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3B14.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3B92.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3BB6.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3D1E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3E56.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3E59.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz3E94.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz40BF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz41BD.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz41CD.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz44A1.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz46D4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4796.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz47CC.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4827.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz48DA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4920.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4A49.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4A9C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4B66.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4B70.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4BD1.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4CB0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4D29.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz4D92.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz504F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5061.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz50CD.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz50E3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz513E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz51B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz51C7.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz520.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz521.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5237.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz528.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz52D1.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5447.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz55A1.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz56A0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz56A2.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz56CA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5710.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5733.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5A63.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5B72.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5BB8.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5BD7.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5C17.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5C86.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5C8C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5CE8.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5D29.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5D4C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5D93.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz5EF2.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz602.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6090.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz614C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz619B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz61B1.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6343.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz65CF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz676D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz67CC.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz683.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6AE1.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6AE2.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6BBC.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6CE5.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6D53.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6D5B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6D7C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6E5A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6EAE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6F46.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz6F66.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7036.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz710.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7225.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz735C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7427.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7457.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz75C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz78C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz78D4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7904.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7938.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7982.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz79DF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7A73.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7BB.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7BD3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7CDB.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz7D88.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8036.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8037.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz805E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8079.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz80C4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8113.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8143.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz81BE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz820D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz848A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz851B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8527.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8565.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz857C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8595.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz85E9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8680.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8683.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz87C1.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz888.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8A86.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8DAC.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8E1D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8E32.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8E6C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8EC.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz8F84.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9087.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz909D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz910B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz910F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz917E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz91B3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz91CD.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz92F7.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9339.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9363.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz93AA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz94A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz94B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz951A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz95B8.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz961D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz964C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz964D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9736.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz97B6.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz97B7.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9824.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9891.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz989F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz98A4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz98CC.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz99B4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9A13.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9A48.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9A6F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9AB0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9ABF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9C24.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9C2A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9DBB.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9E2F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9EB7.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trz9FA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA00C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA164.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA194.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA316.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA384.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA42.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA477.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA582.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA6AE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA708.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA774.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA789.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA8F9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA8FF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzA9FE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzAA47.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzAB2.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzAB41.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzAB42.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzAB8D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzACC8.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzAD39.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB122.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB144.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB19A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB208.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB29D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB31B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB34B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB3DC.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB42B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB45B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB47D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB536.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB70.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB76B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB77B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB78F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzB7AF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBA65.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBB43.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBB7F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBBB5.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBC5D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBC71.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBCD4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBCFA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBDB0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBE25.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBE50.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBEA3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBF82.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBFDA.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzBFE5.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC0FF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC100.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC1FF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC23E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC2B4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC312.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC31F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC34C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC385.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC475.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC573.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC5B3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC725.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC8F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzC90.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCA2F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCA75.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCA77.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCAC3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCAD4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCC44.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCC5C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCC6F.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCD54.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCD5A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCD64.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCE5C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCEA0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCEA4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCEC0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCF32.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCF47.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzCFB.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD036.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD087.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD0C5.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD0FF.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD11C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD142.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD162.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD19C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD1B3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD21D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD3F2.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD446.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD4CE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD5DE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzD962.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDA19.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDACE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDB88.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDBE3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDBE5.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDE87.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDF54.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDF62.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDF6A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDF8A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzDFC7.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE11.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE20A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE31C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE34C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE361.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE3D7.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE49A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE4B5.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE546.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzE765.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzEA28.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzEA7C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzEACB.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzEADB.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzECB.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzECFD.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzED4A.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzED7E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzED8D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzED8E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzEDA0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzEDC9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzEFBD.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF012.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF045.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF053.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF09E.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF200.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF217.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF228.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF25D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF29D.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF2AE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF2B0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF2D9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF4A2.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF5AD.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF5AE.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF5D0.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF5F4.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF61B.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF752.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF79.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF7C9.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzF9B3.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzFA1C.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzFC30.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzFD98.tmp
c:\windows\Installer\{44bf1527-a826-c61a-0ee1-d4e29ae7801d}\U\trzFF08.tmp
c:\windows\msvcr71.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
.
Nakažená kopie c:\windows\system32\services.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-02 do 2013-02-02 )))))))))))))))))))))))))))))))
.
.
2013-02-02 11:58 . 2013-02-02 11:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-02-02 11:58 . 2013-02-02 11:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-02 11:26 . 2013-02-02 11:26 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-02 10:39 . 2013-02-02 10:39 -------- d-----w- c:\users\Petr\AppData\Roaming\Malwarebytes
2013-02-02 10:39 . 2013-02-02 10:39 -------- d-----w- c:\programdata\Malwarebytes
2013-02-02 10:39 . 2013-02-02 10:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-02 10:39 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-02 10:38 . 2013-02-02 10:38 -------- d-----w- c:\users\Petr\AppData\Local\Programs
2013-02-02 09:41 . 2013-02-02 09:41 -------- d-----w- c:\program files\CCleaner
2013-02-02 08:24 . 2013-02-02 08:24 388096 ----a-r- c:\users\Petr\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-02 08:24 . 2013-02-02 08:24 -------- d-----w- c:\program files (x86)\Trend Micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 18:35 . 2012-05-08 10:57 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-10 18:35 . 2011-09-22 16:09 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-08-23 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-1 2680160]
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-8-24 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-8-24 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-24 185856]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-12 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-05 25960]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-11 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-08 18:35]
.
2013-02-02 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2011-10-19 15:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Web Assistant\Extension32.dll
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-ASUS_N_Series_Screensaver - c:\windows\system32\ASUS_N_Series_Screensaver.scr
AddRemove-Serious Sam - The Second Encounter - c:\program files (x86)\Croteam\Serious Sam - The Second Encounter\uninstall.exe
AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3498029293-1549083434-3070060937-1001\Software\SecuROM\License information*]
"datasecu"=hex:ab,29,8e,1f,d0,61,71,10,58,3c,ec,7d,67,56,8e,80,03,f4,6a,62,06,
6b,e9,8e,c2,0a,96,66,24,37,8d,9c,ff,5a,f6,bc,28,ee,10,8d,40,79,34,7b,7a,d1,\
"rkeysecu"=hex:9f,ca,16,75,83,0a,d6,fd,d2,a5,ab,cb,c1,0d,12,f7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-02-02 13:12:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-02 12:12
.
Před spuštěním: Volných bajtů: 410 215 231 488
Po spuštění: Volných bajtů: 410 024 628 224
.
- - End Of File - - 0B8FAE212DC03C29990D4DC0FDCF7BCE

Příspěvekod **Žbeky** » 02 úno 2013 20:36

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
C:\TDSSKiller_Quarantine
c:\windows\AutoKMS

File::
c:\windows\system32\drivers\EagleX64.sys
c:\windows\system32\GameMon.des
c:\windows\Tasks\AutoKMS.job

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=-

Driver::
EagleX64
npggsvc

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
Obrázek

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Stáhni si aswMBR na svojí plochu.
Poklepej na aswMBR.exe. Klikni na Scan.
Po skenu klikni na aswASW.log a ulož si ho na plochu, vlož sem celý obsah toho logu.

Toto otestuj na Virustotal
c:\windows\system32\services.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Prosím o kontrolu logu - pomalý notebook

Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Kdo je online