jsn.donecore.net - další obět - prosím o kontrolu logu Vyřešeno

[jaro3]

Vlož sem log , do několika příspěvků.

+
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Reklama]

[mana.na]

tdsskiller - log 1. část

09:25:52.0921 0x0294 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
09:25:55.0906 0x0294 ============================================================
09:25:55.0906 0x0294 Current date / time: 2013/11/30 09:25:55.0906
09:25:55.0906 0x0294 SystemInfo:
09:25:55.0906 0x0294
09:25:55.0906 0x0294 OS Version: 5.1.2600 ServicePack: 3.0
09:25:55.0906 0x0294 Product type: Workstation
09:25:55.0906 0x0294 ComputerName: PC-17
09:25:55.0906 0x0294 UserName: Pepa
09:25:55.0906 0x0294 Windows directory: C:\WINDOWS
09:25:55.0906 0x0294 System windows directory: C:\WINDOWS
09:25:55.0906 0x0294 Processor architecture: Intel x86
09:25:55.0906 0x0294 Number of processors: 2
09:25:55.0906 0x0294 Page size: 0x1000
09:25:55.0906 0x0294 Boot type: Normal boot
09:25:55.0906 0x0294 ============================================================
09:25:57.0875 0x0294 KLMD registered as C:\WINDOWS\system32\drivers\64990587.sys
09:25:58.0031 0x0294 System UUID: {7762FCA1-1AB5-7E27-117E-1E1C8741A727}
09:25:58.0562 0x0294 Drive \Device\Harddisk0\DR0 - Size: 0x15D50E5DE00 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:25:58.0578 0x0294 Drive \Device\Harddisk1\DR1 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:25:58.0593 0x0294 ============================================================
09:25:58.0593 0x0294 \Device\Harddisk0\DR0:
09:25:58.0593 0x0294 MBR partitions:
09:25:58.0593 0x0294 \Device\Harddisk1\DR1:
09:25:58.0593 0x0294 MBR partitions:
09:25:58.0593 0x0294 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
09:25:58.0593 0x0294 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x2E031A75
09:25:58.0593 0x0294 ============================================================
09:25:58.0625 0x0294 C: <-> \Device\Harddisk1\DR1\Partition1
09:25:58.0718 0x0294 D: <-> \Device\Harddisk1\DR1\Partition2
09:25:58.0718 0x0294 ============================================================
09:25:58.0718 0x0294 Initialize success
09:25:58.0718 0x0294 ============================================================
09:26:00.0921 0x0d78 ============================================================
09:26:00.0921 0x0d78 Scan started
09:26:00.0921 0x0d78 Mode: Manual;
09:26:00.0921 0x0d78 ============================================================
09:26:00.0921 0x0d78 KSN ping started
09:26:01.0187 0x0d78 KSN ping finished: true
09:26:01.0890 0x0d78 ================ Scan system memory ========================
09:26:01.0890 0x0d78 System memory - ok
09:26:01.0890 0x0d78 ================ Scan services =============================
09:26:01.0968 0x0d78 [ C0393EB99A6C72C6BEF9BFC4A72B33A6, 72BF029C6A37DE131FFD61C2374C8920556236218613E37B5F348AA89FA12E42 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
09:26:01.0984 0x0d78 !SASCORE - ok
09:26:02.0140 0x0d78 Abiosdsk - ok
09:26:02.0140 0x0d78 abp480n5 - ok
09:26:02.0187 0x0d78 [ C966D1207BE8E6D4E28061B9B17619C4, 6A95B40A918E6F29F1159D3127F109A8F310F92E7E18193DAEEA4460BB203990 ] AbSoftMgr4 C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe
09:26:02.0203 0x0d78 AbSoftMgr4 - ok
09:26:02.0234 0x0d78 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:26:02.0234 0x0d78 ACPI - ok
09:26:02.0265 0x0d78 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:26:02.0265 0x0d78 ACPIEC - ok
09:26:02.0328 0x0d78 [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:26:02.0328 0x0d78 AdobeFlashPlayerUpdateSvc - ok
09:26:02.0328 0x0d78 adpu160m - ok
09:26:02.0359 0x0d78 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:26:02.0359 0x0d78 aec - ok
09:26:02.0406 0x0d78 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:26:02.0406 0x0d78 AFD - ok
09:26:02.0421 0x0d78 Aha154x - ok
09:26:02.0421 0x0d78 aic78u2 - ok
09:26:02.0421 0x0d78 aic78xx - ok
09:26:02.0453 0x0d78 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:26:02.0453 0x0d78 Alerter - ok
09:26:02.0468 0x0d78 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
09:26:02.0468 0x0d78 ALG - ok
09:26:02.0468 0x0d78 AliIde - ok
09:26:02.0468 0x0d78 amsint - ok
09:26:02.0500 0x0d78 [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:26:02.0515 0x0d78 AppMgmt - ok
09:26:02.0531 0x0d78 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:26:02.0531 0x0d78 Arp1394 - ok
09:26:02.0531 0x0d78 asc - ok
09:26:02.0531 0x0d78 asc3350p - ok
09:26:02.0531 0x0d78 asc3550 - ok
09:26:02.0593 0x0d78 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:26:02.0625 0x0d78 aspnet_state - ok
09:26:02.0640 0x0d78 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:26:02.0640 0x0d78 AsyncMac - ok
09:26:02.0656 0x0d78 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:26:02.0656 0x0d78 atapi - ok
09:26:02.0671 0x0d78 Atdisk - ok
09:26:02.0687 0x0d78 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:26:02.0687 0x0d78 Atmarpc - ok
09:26:02.0718 0x0d78 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:26:02.0718 0x0d78 AudioSrv - ok
09:26:02.0750 0x0d78 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:26:02.0750 0x0d78 audstub - ok
09:26:02.0828 0x0d78 [ F431DC5D94F4B2FDBC927655D8A9B10E, FA16A95E5B83D08F0FD76FDAB03FC7CD4B6917BFE15F2F1D9F3B781F6A1888D8 ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
09:26:02.0828 0x0d78 Autodesk Content Service - ok
09:26:03.0000 0x0d78 [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
09:26:03.0093 0x0d78 AVGIDSAgent - ok
09:26:03.0109 0x0d78 [ 4D7E34E36E586EA26F171A258341BD80, B11B750930382B19A257A7B259EBEDAE884971A59E649F4E346B285DCBF29D4A ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
09:26:03.0109 0x0d78 AVGIDSDriver - ok
09:26:03.0109 0x0d78 [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
09:26:03.0109 0x0d78 AVGIDSHX - ok
09:26:03.0140 0x0d78 [ 2717EBC35166B8793DBFFB4390B8F2E7, F04307734F7C474320353AC4109FCF3D03D0BAFAF3C52209D2A3BD9FAFE9E784 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
09:26:03.0140 0x0d78 AVGIDSShim - ok
09:26:03.0140 0x0d78 [ 2018C4E9A40B122408763A5635CF14D9, E0BF5D5C7CFDD078F8BBA9627F1F8E0434B38A23FA9E039B37A22D7E1AD4EFFA ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
09:26:03.0156 0x0d78 Avgldx86 - ok
09:26:03.0156 0x0d78 [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
09:26:03.0156 0x0d78 Avglogx - ok
09:26:03.0171 0x0d78 [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
09:26:03.0171 0x0d78 Avgmfx86 - ok
09:26:03.0187 0x0d78 [ CBCE8ED318DB8EA431F9D25AC9B7FF41, 14CD6A0A1FAFD37540953AE534F44378C14E43AD248DF6064E939B2ADE334F04 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
09:26:03.0187 0x0d78 Avgrkx86 - ok
09:26:03.0218 0x0d78 [ 14370FB29526F593C04FA48B5D69F7F0, EE5BBE674210AC3BC4103B6D43BABDCCCE681F3B0E93075F93CD453730C316B8 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
09:26:03.0218 0x0d78 Avgtdix - ok
09:26:03.0250 0x0d78 [ 48939D9F350AEF9370F03A1E49A49BE2, 889FC07FE2DC4262055F37F8EEFFE15D5F12615FF797951BE445B42152076327 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
09:26:03.0250 0x0d78 avgwd - ok
09:26:03.0281 0x0d78 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:26:03.0281 0x0d78 Beep - ok
09:26:03.0328 0x0d78 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
09:26:03.0328 0x0d78 BITS - ok
09:26:03.0359 0x0d78 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
09:26:03.0359 0x0d78 Browser - ok
09:26:03.0390 0x0d78 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:26:03.0390 0x0d78 cbidf2k - ok
09:26:03.0453 0x0d78 [ 58BF7714A312698108A96D0DE2BB6825, 87E0EC24520C9C421AF6A680FEF42E18911AABA373A9F927C5CE77AD50F8196F ] cbVSCService11 C:\Program Files\Cobian Backup 11\cbVSCService11.exe
09:26:03.0453 0x0d78 cbVSCService11 - ok
09:26:03.0453 0x0d78 cd20xrnt - ok
09:26:03.0468 0x0d78 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:26:03.0468 0x0d78 Cdaudio - ok
09:26:03.0484 0x0d78 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:26:03.0484 0x0d78 Cdfs - ok
09:26:03.0500 0x0d78 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:26:03.0515 0x0d78 Cdrom - ok
09:26:03.0515 0x0d78 Changer - ok
09:26:03.0546 0x0d78 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:26:03.0546 0x0d78 CiSvc - ok
09:26:03.0562 0x0d78 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:26:03.0562 0x0d78 ClipSrv - ok
09:26:03.0609 0x0d78 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:26:03.0656 0x0d78 clr_optimization_v2.0.50727_32 - ok
09:26:03.0687 0x0d78 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:26:03.0703 0x0d78 clr_optimization_v4.0.30319_32 - ok
09:26:03.0703 0x0d78 CmdIde - ok
09:26:03.0703 0x0d78 COMSysApp - ok
09:26:03.0718 0x0d78 Cpqarray - ok
09:26:03.0750 0x0d78 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:26:03.0750 0x0d78 CryptSvc - ok
09:26:03.0750 0x0d78 dac2w2k - ok
09:26:03.0750 0x0d78 dac960nt - ok
09:26:03.0796 0x0d78 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:26:03.0812 0x0d78 DcomLaunch - ok
09:26:03.0828 0x0d78 [ 6216FD7FD227DE454238A702B218CEC7, 5699FDD253754AE274B8624A41CBE778D74383E95D5167785A48A51AAD67FC70 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
09:26:03.0843 0x0d78 dgderdrv - ok
09:26:03.0859 0x0d78 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:26:03.0859 0x0d78 Dhcp - ok
09:26:03.0890 0x0d78 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:26:03.0890 0x0d78 Disk - ok
09:26:03.0890 0x0d78 dmadmin - ok
09:26:03.0937 0x0d78 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:26:03.0937 0x0d78 dmboot - ok
09:26:03.0953 0x0d78 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:26:03.0953 0x0d78 dmio - ok
09:26:03.0968 0x0d78 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:26:03.0968 0x0d78 dmload - ok
09:26:04.0000 0x0d78 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:26:04.0000 0x0d78 dmserver - ok
09:26:04.0031 0x0d78 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:26:04.0031 0x0d78 DMusic - ok
09:26:04.0046 0x0d78 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:26:04.0046 0x0d78 Dnscache - ok
09:26:04.0078 0x0d78 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:26:04.0093 0x0d78 Dot3svc - ok
09:26:04.0093 0x0d78 dpti2o - ok
09:26:04.0093 0x0d78 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:26:04.0093 0x0d78 drmkaud - ok
09:26:04.0125 0x0d78 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:26:04.0125 0x0d78 EapHost - ok
09:26:04.0140 0x0d78 [ F07BA56B0235F15EFF8F10DC6389C42E, A7202CCB418D03606A97679BCF166ACA12F8341E8AB97DF044AE00401B8496B4 ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys
09:26:04.0140 0x0d78 epmntdrv - ok
09:26:04.0156 0x0d78 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:26:04.0156 0x0d78 ERSvc - ok
09:26:04.0171 0x0d78 esgiguard - ok
09:26:04.0203 0x0d78 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013, FB06406AD9CCD946155C4E8CA769E0430589A4E4BBBDA2C90A67C84E0D2F8EE0 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys
09:26:04.0203 0x0d78 EuGdiDrv - ok
09:26:04.0234 0x0d78 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
09:26:04.0234 0x0d78 Eventlog - ok
09:26:04.0265 0x0d78 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
09:26:04.0281 0x0d78 EventSystem - ok
09:26:04.0312 0x0d78 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:26:04.0312 0x0d78 Fastfat - ok
09:26:04.0328 0x0d78 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:26:04.0328 0x0d78 FastUserSwitchingCompatibility - ok
09:26:04.0343 0x0d78 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
09:26:04.0343 0x0d78 Fdc - ok
09:26:04.0375 0x0d78 [ AE548A05F3F6DEDC9F110755D0FEE3F5, EFBC5F175B0A4E7D541E2376B95AAC0D3811222BBFE49E218738D2622DA2B275 ] FDCBNT C:\WINDOWS\system32\drivers\FDCBNT.SYS
09:26:04.0375 0x0d78 FDCBNT - ok
09:26:04.0390 0x0d78 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:26:04.0390 0x0d78 Fips - ok
09:26:04.0437 0x0d78 [ 993F917889C18E8AE005E8528D8B0068, E38DB48563CAE229F5BB2E244B43F53F4B185714D06F5E9550C468CA3ABA15DC ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:26:04.0468 0x0d78 FLEXnet Licensing Service - ok
09:26:04.0500 0x0d78 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:26:04.0500 0x0d78 Flpydisk - ok
09:26:04.0531 0x0d78 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:26:04.0531 0x0d78 FltMgr - ok
09:26:04.0593 0x0d78 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:26:04.0593 0x0d78 FontCache3.0.0.0 - ok
09:26:04.0625 0x0d78 [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
09:26:04.0625 0x0d78 FsUsbExDisk - ok
09:26:04.0656 0x0d78 [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
09:26:04.0671 0x0d78 FsUsbExService - ok
09:26:04.0671 0x0d78 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:26:04.0671 0x0d78 Fs_Rec - ok
09:26:04.0687 0x0d78 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:26:04.0687 0x0d78 Ftdisk - ok
09:26:04.0718 0x0d78 [ 54789F9BA0D59072CDD4E7C200E122C4, EAA497A97E2097CCEF5F7549E35CC87F652923E31BFDB9B590B54D7D8C72050A ] gdrv C:\WINDOWS\gdrv.sys
09:26:04.0718 0x0d78 gdrv - ok
09:26:04.0734 0x0d78 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:26:04.0734 0x0d78 Gpc - ok
09:26:04.0750 0x0d78 [ 6003BC70F1A8307262BD3C941BDA0B7E, E820EB4B7099687831A67D37F6004A58968D3B89BF7F964848191455E4DA3AF0 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
09:26:04.0750 0x0d78 grmnusb - ok
09:26:04.0796 0x0d78 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:26:04.0812 0x0d78 gupdate - ok
09:26:04.0812 0x0d78 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:26:04.0812 0x0d78 gupdatem - ok
09:26:04.0828 0x0d78 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:26:04.0828 0x0d78 HDAudBus - ok
09:26:04.0859 0x0d78 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:26:04.0859 0x0d78 helpsvc - ok
09:26:04.0890 0x0d78 [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
09:26:04.0890 0x0d78 HidServ - ok
09:26:04.0906 0x0d78 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:26:04.0906 0x0d78 HidUsb - ok
09:26:04.0937 0x0d78 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:26:04.0937 0x0d78 hkmsvc - ok
09:26:04.0968 0x0d78 [ 963571F6157F04AF8421D6D058B19E78, 3585C3D3E821BA29491E85684F829F1003B779C96877CAC7883174D5C7815D2A ] HP Port Resolver C:\WINDOWS\system32\hpbpro.exe
09:26:04.0984 0x0d78 HP Port Resolver - ok
09:26:05.0000 0x0d78 [ C5A288E4CEEF5A26D105117BAA3763AB, 65CC97191B36C3333C8E28F60451ED5D6C9E90582E650EF916B625BD793F7FAC ] HP Status Server C:\WINDOWS\system32\hpboid.exe
09:26:05.0015 0x0d78 HP Status Server - ok
09:26:05.0015 0x0d78 hpn - ok
09:26:05.0046 0x0d78 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:26:05.0062 0x0d78 HTTP - ok
09:26:05.0093 0x0d78 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:26:05.0093 0x0d78 HTTPFilter - ok
09:26:05.0093 0x0d78 i2omgmt - ok
09:26:05.0093 0x0d78 i2omp - ok
09:26:05.0109 0x0d78 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:26:05.0109 0x0d78 i8042prt - ok
09:26:05.0171 0x0d78 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:26:05.0203 0x0d78 idsvc - ok
09:26:05.0218 0x0d78 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:26:05.0218 0x0d78 Imapi - ok
09:26:05.0250 0x0d78 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:26:05.0250 0x0d78 ImapiService - ok
09:26:05.0250 0x0d78 ini910u - ok
09:26:05.0390 0x0d78 [ 83CC5FECFC2F91F91D9F7B019B8B9CE8, 283FE8CE41E08402861FA868704E7F309EF7087F5833225D3E749F747821CED7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:26:05.0453 0x0d78 IntcAzAudAddService - ok
09:26:05.0468 0x0d78 IntelIde - ok
09:26:05.0484 0x0d78 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:26:05.0484 0x0d78 intelppm - ok
09:26:05.0500 0x0d78 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:26:05.0500 0x0d78 Ip6Fw - ok
09:26:05.0531 0x0d78 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:26:05.0531 0x0d78 IpFilterDriver - ok
09:26:05.0546 0x0d78 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:26:05.0546 0x0d78 IpInIp - ok
09:26:05.0562 0x0d78 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:26:05.0562 0x0d78 IpNat - ok
09:26:05.0562 0x0d78 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:26:05.0562 0x0d78 IPSec - ok
09:26:05.0578 0x0d78 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:26:05.0578 0x0d78 IRENUM - ok
09:26:05.0593 0x0d78 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:26:05.0593 0x0d78 isapnp - ok
09:26:05.0671 0x0d78 [ A5937B2A94424CF1B13A4AD503AF6B2E, E96CE4E526E053FB410987BD444627BC7B26FCE48DC0A61916ADD0A69EFA6941 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
09:26:05.0671 0x0d78 JavaQuickStarterService - ok
09:26:05.0687 0x0d78 [ C995C0E8B4503FAC38793BB0236AD246, 5147C90053C8DBAFA9A7E4457A03AA2BCF5EC1A7367526FD102D4B542CC357B0 ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
09:26:05.0687 0x0d78 JGOGO - ok
09:26:05.0687 0x0d78 [ F90A4E8657319A652E04C5362926CFEA, 38169807B92FB550385DD5D73AFC4CB92D2F40FA29C803D6E94FD87349EB4CEE ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
09:26:05.0687 0x0d78 JRAID - ok
09:26:05.0703 0x0d78 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:26:05.0703 0x0d78 Kbdclass - ok
09:26:05.0734 0x0d78 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:26:05.0734 0x0d78 kbdhid - ok
09:26:05.0750 0x0d78 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:26:05.0765 0x0d78 kmixer - ok
09:26:05.0765 0x0d78 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:26:05.0781 0x0d78 KSecDD - ok
09:26:05.0796 0x0d78 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:26:05.0796 0x0d78 lanmanserver - ok
09:26:05.0812 0x0d78 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:26:05.0812 0x0d78 lanmanworkstation - ok
09:26:05.0828 0x0d78 lbrtfdc - ok
09:26:05.0875 0x0d78 [ AB8134127F786C9603817B5318DCEEAA, FA0C5D96B3996B2C793D856FFB9D20FD12A3AD18CEF2C5F31C905CBA06F93640 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
09:26:05.0875 0x0d78 LightScribeService - ok
09:26:05.0890 0x0d78 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:26:05.0890 0x0d78 LmHosts - ok
09:26:05.0921 0x0d78 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
09:26:05.0921 0x0d78 MBAMProtector - ok
09:26:05.0968 0x0d78 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:26:05.0984 0x0d78 MBAMScheduler - ok
09:26:06.0031 0x0d78 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:26:06.0046 0x0d78 MBAMService - ok
09:26:06.0093 0x0d78 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:26:06.0093 0x0d78 Messenger - ok
09:26:06.0125 0x0d78 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:26:06.0125 0x0d78 mnmdd - ok
09:26:06.0156 0x0d78 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:26:06.0156 0x0d78 mnmsrvc - ok
09:26:06.0187 0x0d78 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:26:06.0187 0x0d78 Modem - ok
09:26:06.0218 0x0d78 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:26:06.0218 0x0d78 Mouclass - ok
09:26:06.0250 0x0d78 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:26:06.0250 0x0d78 mouhid - ok
09:26:06.0250 0x0d78 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:26:06.0250 0x0d78 MountMgr - ok
09:26:06.0281 0x0d78 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:26:06.0281 0x0d78 MozillaMaintenance - ok
09:26:06.0281 0x0d78 mraid35x - ok
09:26:06.0296 0x0d78 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:26:06.0296 0x0d78 MRxDAV - ok
09:26:06.0328 0x0d78 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:26:06.0343 0x0d78 MRxSmb - ok
09:26:06.0359 0x0d78 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:26:06.0359 0x0d78 MSDTC - ok
09:26:06.0375 0x0d78 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:26:06.0375 0x0d78 Msfs - ok
09:26:06.0375 0x0d78 MSIServer - ok
09:26:06.0375 0x0d78 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:26:06.0375 0x0d78 MSKSSRV - ok
09:26:06.0390 0x0d78 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:26:06.0390 0x0d78 MSPCLOCK - ok
09:26:06.0406 0x0d78 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:26:06.0406 0x0d78 MSPQM - ok
09:26:06.0406 0x0d78 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:26:06.0421 0x0d78 mssmbios - ok
09:26:06.0421 0x0d78 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:26:06.0437 0x0d78 Mup - ok
09:26:06.0468 0x0d78 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
09:26:06.0484 0x0d78 napagent - ok
09:26:06.0484 0x0d78 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:26:06.0484 0x0d78 NDIS - ok
09:26:06.0515 0x0d78 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:26:06.0515 0x0d78 NdisTapi - ok
09:26:06.0546 0x0d78 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:26:06.0546 0x0d78 Ndisuio - ok
09:26:06.0562 0x0d78 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:26:06.0562 0x0d78 NdisWan - ok
09:26:06.0593 0x0d78 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:26:06.0593 0x0d78 NDProxy - ok
09:26:06.0625 0x0d78 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
09:26:06.0625 0x0d78 Net Driver HPZ12 - ok
09:26:06.0625 0x0d78 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:26:06.0625 0x0d78 NetBIOS - ok
09:26:06.0656 0x0d78 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:26:06.0656 0x0d78 NetBT - ok
09:26:06.0687 0x0d78 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
09:26:06.0687 0x0d78 NetDDE - ok
09:26:06.0687 0x0d78 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:26:06.0703 0x0d78 NetDDEdsdm - ok
09:26:06.0718 0x0d78 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:26:06.0718 0x0d78 Netlogon - ok
09:26:06.0734 0x0d78 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
09:26:06.0750 0x0d78 Netman - ok
09:26:06.0781 0x0d78 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:26:06.0796 0x0d78 NetTcpPortSharing - ok
09:26:06.0812 0x0d78 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:26:06.0812 0x0d78 NIC1394 - ok
09:26:06.0843 0x0d78 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
09:26:06.0843 0x0d78 Nla - ok
09:26:06.0875 0x0d78 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:26:06.0875 0x0d78 Npfs - ok
09:26:06.0890 0x0d78 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:26:06.0906 0x0d78 Ntfs - ok
09:26:06.0906 0x0d78 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:26:06.0906 0x0d78 NtLmSsp - ok
09:26:06.0921 0x0d78 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:26:06.0937 0x0d78 NtmsSvc - ok
09:26:06.0953 0x0d78 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:26:06.0953 0x0d78 Null - ok
09:26:07.0062 0x0d78 [ 392AD6A1676FBBC80FA1DAD4C9955131, E682A0F72161B7674A03A795494CCF4775833620DAE7E38F679562E9D70AD025 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:26:07.0125 0x0d78 nv - ok
09:26:07.0156 0x0d78 [ 1B96917D01EB81AFC4C37A0E648F470C, 583F06E8EB94C173A39896A3866E0F4D599B61DCF2C2727764B0103EA7963045 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
09:26:07.0156 0x0d78 NVSvc - ok
09:26:07.0187 0x0d78 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:26:07.0187 0x0d78 NwlnkFlt - ok
09:26:07.0187 0x0d78 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:26:07.0187 0x0d78 NwlnkFwd - ok
09:26:07.0250 0x0d78 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:26:07.0250 0x0d78 odserv - ok
09:26:07.0265 0x0d78 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:26:07.0265 0x0d78 ohci1394 - ok
09:26:07.0328 0x0d78 [ A3F63E4175EF13C060372C6222A1B59C, 0EEBF26F0D3277381F759674CF01B8385DF8661E903056643142ED7DCEE12138 ] OpLclSrv C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
09:26:07.0328 0x0d78 OpLclSrv - ok
09:26:07.0343 0x0d78 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:26:07.0359 0x0d78 ose - ok
09:26:07.0390 0x0d78 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:26:07.0390 0x0d78 Parport - ok
09:26:07.0390 0x0d78 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:26:07.0390 0x0d78 PartMgr - ok
09:26:07.0421 0x0d78 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:26:07.0421 0x0d78 ParVdm - ok
09:26:07.0421 0x0d78 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:26:07.0421 0x0d78 PCI - ok
09:26:07.0421 0x0d78 PCIDump - ok
09:26:07.0437 0x0d78 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:26:07.0437 0x0d78 PCIIde - ok
09:26:07.0453 0x0d78 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:26:07.0453 0x0d78 Pcmcia - ok
09:26:07.0468 0x0d78 PDCOMP - ok
09:26:07.0468 0x0d78 PDFRAME - ok
09:26:07.0468 0x0d78 PDRELI - ok
09:26:07.0468 0x0d78 PDRFRAME - ok
09:26:07.0468 0x0d78 perc2 - ok
09:26:07.0468 0x0d78 perc2hib - ok
09:26:07.0484 0x0d78 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
09:26:07.0484 0x0d78 PlugPlay - ok
09:26:07.0500 0x0d78 [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
09:26:07.0500 0x0d78 Pml Driver HPZ12 - ok
09:26:07.0515 0x0d78 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:26:07.0515 0x0d78 PolicyAgent - ok
09:26:07.0515 0x0d78 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:26:07.0531 0x0d78 PptpMiniport - ok
09:26:07.0531 0x0d78 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:26:07.0531 0x0d78 ProtectedStorage - ok
09:26:07.0531 0x0d78 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:26:07.0531 0x0d78 PSched - ok
09:26:07.0562 0x0d78 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:26:07.0562 0x0d78 Ptilink - ok
09:26:07.0578 0x0d78 [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:26:07.0578 0x0d78 PxHelp20 - ok
09:26:07.0578 0x0d78 ql1080 - ok
09:26:07.0593 0x0d78 Ql10wnt - ok
09:26:07.0593 0x0d78 ql12160 - ok
09:26:07.0593 0x0d78 ql1240 - ok
09:26:07.0593 0x0d78 ql1280 - ok
09:26:07.0593 0x0d78 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:26:07.0593 0x0d78 RasAcd - ok
09:26:07.0625 0x0d78 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:26:07.0640 0x0d78 RasAuto - ok
09:26:07.0640 0x0d78 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:26:07.0640 0x0d78 Rasl2tp - ok
09:26:07.0671 0x0d78 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:26:07.0687 0x0d78 RasMan - ok
09:26:07.0687 0x0d78 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:26:07.0687 0x0d78 RasPppoe - ok
09:26:07.0687 0x0d78 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:26:07.0687 0x0d78 Raspti - ok
09:26:07.0718 0x0d78 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:26:07.0718 0x0d78 Rdbss - ok
09:26:07.0718 0x0d78 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:26:07.0734 0x0d78 RDPCDD - ok
09:26:07.0734 0x0d78 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:26:07.0734 0x0d78 rdpdr - ok
09:26:07.0765 0x0d78 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:26:07.0765 0x0d78 RDPWD - ok
09:26:07.0796 0x0d78 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:26:07.0796 0x0d78 RDSessMgr - ok
09:26:07.0812 0x0d78 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:26:07.0812 0x0d78 redbook - ok
09:26:07.0843 0x0d78 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:26:07.0843 0x0d78 RemoteAccess - ok
09:26:07.0875 0x0d78 [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:26:07.0875 0x0d78 RemoteRegistry - ok
09:26:07.0890 0x0d78 [ 7B9921A14BE8D230148B87322CF1917A, 4A92F429C8930C1BF9B057D44B54ABB935AE052CFF4300085C4AA01214FD5456 ] ROCKEYNT C:\WINDOWS\system32\DRIVERS\Rockey4.sys
09:26:07.0890 0x0d78 ROCKEYNT - ok
09:26:07.0890 0x0d78 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:26:07.0890 0x0d78 RpcLocator - ok
09:26:07.0921 0x0d78 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:26:07.0921 0x0d78 RpcSs - ok
09:26:07.0937 0x0d78 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:26:07.0953 0x0d78 RSVP - ok
09:26:07.0953 0x0d78 [ 098DE621085D7F922871A99B0EC7DDD6, 95725678F2DE64ACF342BEC08C052D3F6FD91A70A6B051BC79581B06D49D2965 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
09:26:07.0953 0x0d78 RTLE8023xp - ok
09:26:07.0968 0x0d78 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
09:26:07.0968 0x0d78 SamSs - ok
09:26:07.0984 0x0d78 [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:26:07.0984 0x0d78 SASDIFSV - ok
09:26:08.0000 0x0d78 [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:26:08.0000 0x0d78 SASKUTIL - ok
09:26:08.0015 0x0d78 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:26:08.0031 0x0d78 SCardSvr - ok
09:26:08.0046 0x0d78 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:26:08.0046 0x0d78 Schedule - ok
09:26:08.0078 0x0d78 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:26:08.0078 0x0d78 Secdrv - ok
09:26:08.0093 0x0d78 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:26:08.0093 0x0d78 seclogon - ok
09:26:08.0109 0x0d78 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
09:26:08.0109 0x0d78 SENS - ok
09:26:08.0109 0x0d78 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:26:08.0125 0x0d78 serenum - ok
09:26:08.0156 0x0d78 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:26:08.0156 0x0d78 Serial - ok
09:26:08.0156 0x0d78 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:26:08.0156 0x0d78 Sfloppy - ok
09:26:08.0171 0x0d78 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:26:08.0187 0x0d78 SharedAccess - ok
09:26:08.0203 0x0d78 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:26:08.0203 0x0d78 ShellHWDetection - ok
09:26:08.0203 0x0d78 Simbad - ok
09:26:08.0203 0x0d78 Sparrow - ok
09:26:08.0234 0x0d78 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:26:08.0234 0x0d78 splitter - ok
09:26:08.0265 0x0d78 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:26:08.0265 0x0d78 Spooler - ok
09:26:08.0265 0x0d78 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:26:08.0265 0x0d78 sr - ok
09:26:08.0281 0x0d78 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
09:26:08.0296 0x0d78 srservice - ok
09:26:08.0328 0x0d78 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:26:08.0328 0x0d78 Srv - ok
09:26:08.0359 0x0d78 [ 33B11FF28DF39D086E3D80ACC0F87D90, 20592F532BD1E10A23849FAAF909BF754E89541A3C20D6AB5115C095B70EED61 ] sscebus C:\WINDOWS\system32\DRIVERS\sscebus.sys
09:26:08.0359 0x0d78 sscebus - ok
09:26:08.0375 0x0d78 [ 2635EB2E07E7389977E1F87B2570E655, 391453DFE04D7A235941CCDCE1BF0AA391DA410D801964A88D71FC5337B495F3 ] sscemdfl C:\WINDOWS\system32\DRIVERS\sscemdfl.sys
09:26:08.0375 0x0d78 sscemdfl - ok
09:26:08.0390 0x0d78 [ 82E42B6977C614CC9D036723D410A1DF, 52055CAEB8A76026E4F667510A4D1A7194B2D63C35F50640DE990E54427C000C ] sscemdm C:\WINDOWS\system32\DRIVERS\sscemdm.sys
09:26:08.0406 0x0d78 sscemdm - ok
09:26:08.0421 0x0d78 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:26:08.0421 0x0d78 SSDPSRV - ok
09:26:08.0437 0x0d78 [ E57B778208C783D8DEBAB320C16A1B82, D9B0ACAF219D377E91737337466137F1AC78731659C1F0531BA3D9191DADC483 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
09:26:08.0437 0x0d78 StarOpen - ok
09:26:08.0468 0x0d78 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:26:08.0468 0x0d78 stisvc - ok
09:26:08.0500 0x0d78 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:26:08.0500 0x0d78 swenum - ok
09:26:08.0515 0x0d78 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

[mana.na]

a zbytek:

09:26:08.0515 0x0d78 swmidi - ok
09:26:08.0515 0x0d78 SwPrv - ok
09:26:08.0515 0x0d78 symc810 - ok
09:26:08.0515 0x0d78 symc8xx - ok
09:26:08.0515 0x0d78 sym_hi - ok
09:26:08.0531 0x0d78 sym_u3 - ok
09:26:08.0531 0x0d78 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:26:08.0531 0x0d78 sysaudio - ok
09:26:08.0546 0x0d78 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:26:08.0546 0x0d78 SysmonLog - ok
09:26:08.0562 0x0d78 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:26:08.0578 0x0d78 TapiSrv - ok
09:26:08.0609 0x0d78 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:26:08.0609 0x0d78 Tcpip - ok
09:26:08.0640 0x0d78 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:26:08.0640 0x0d78 TDPIPE - ok
09:26:08.0640 0x0d78 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:26:08.0640 0x0d78 TDTCP - ok
09:26:08.0796 0x0d78 [ D53118C165AE5D188632B6CDEEE82A1B, 407885433688329DE733706DBF94D22704B6F55E2E846A288E2C2A546234621B ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
09:26:08.0875 0x0d78 TeamViewer8 - ok
09:26:08.0906 0x0d78 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:26:08.0906 0x0d78 TermDD - ok
09:26:08.0921 0x0d78 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
09:26:08.0937 0x0d78 TermService - ok
09:26:08.0953 0x0d78 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
09:26:08.0953 0x0d78 Themes - ok
09:26:08.0984 0x0d78 [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:26:08.0984 0x0d78 TlntSvr - ok
09:26:08.0984 0x0d78 TosIde - ok
09:26:09.0000 0x0d78 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:26:09.0015 0x0d78 TrkWks - ok
09:26:09.0046 0x0d78 [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
09:26:09.0046 0x0d78 truecrypt - ok
09:26:09.0062 0x0d78 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:26:09.0062 0x0d78 Udfs - ok
09:26:09.0062 0x0d78 ultra - ok
09:26:09.0062 0x0d78 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:26:09.0078 0x0d78 Update - ok
09:26:09.0109 0x0d78 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:26:09.0125 0x0d78 upnphost - ok
09:26:09.0125 0x0d78 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
09:26:09.0125 0x0d78 UPS - ok
09:26:09.0156 0x0d78 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:26:09.0156 0x0d78 usbccgp - ok
09:26:09.0171 0x0d78 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:26:09.0171 0x0d78 usbehci - ok
09:26:09.0187 0x0d78 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:26:09.0187 0x0d78 usbhub - ok
09:26:09.0203 0x0d78 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:26:09.0203 0x0d78 usbscan - ok
09:26:09.0218 0x0d78 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:26:09.0218 0x0d78 USBSTOR - ok
09:26:09.0218 0x0d78 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:26:09.0218 0x0d78 usbuhci - ok
09:26:09.0234 0x0d78 Util diamondata - ok
09:26:09.0234 0x0d78 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:26:09.0234 0x0d78 VgaSave - ok
09:26:09.0234 0x0d78 ViaIde - ok
09:26:09.0250 0x0d78 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:26:09.0250 0x0d78 VolSnap - ok
09:26:09.0265 0x0d78 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
09:26:09.0281 0x0d78 VSS - ok
09:26:09.0296 0x0d78 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
09:26:09.0296 0x0d78 W32Time - ok
09:26:09.0312 0x0d78 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:26:09.0312 0x0d78 Wanarp - ok
09:26:09.0343 0x0d78 [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
09:26:09.0343 0x0d78 WDC_SAM - ok
09:26:09.0343 0x0d78 WDICA - ok
09:26:09.0359 0x0d78 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:26:09.0359 0x0d78 wdmaud - ok
09:26:09.0375 0x0d78 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:26:09.0375 0x0d78 WebClient - ok
09:26:09.0437 0x0d78 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:26:09.0437 0x0d78 winmgmt - ok
09:26:09.0468 0x0d78 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:26:09.0468 0x0d78 WmdmPmSN - ok
09:26:09.0500 0x0d78 [ 0171CFF34BBA8C5977F18C48D8AEF8C6, 0E3E04220157CCFB92F8D029805EB56D101C2A3AB3375354537FA9B5B3CAA0AD ] Wmi C:\WINDOWS\System32\advapi32.dll
09:26:09.0515 0x0d78 Wmi - ok
09:26:09.0531 0x0d78 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:26:09.0531 0x0d78 WmiApSrv - ok
09:26:09.0546 0x0d78 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:26:09.0546 0x0d78 WpdUsb - ok
09:26:09.0609 0x0d78 [ 7CAEC4665452072662496CFCCAB727E2, 25771639042557CD1A348C405DCC7DD75DDC50323195A5833D9DAEEA442218B5 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:26:09.0640 0x0d78 WPFFontCache_v0400 - ok
09:26:09.0671 0x0d78 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:26:09.0687 0x0d78 wscsvc - ok
09:26:09.0718 0x0d78 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:26:09.0718 0x0d78 wuauserv - ok
09:26:09.0734 0x0d78 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:26:09.0750 0x0d78 WudfPf - ok
09:26:09.0750 0x0d78 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:26:09.0750 0x0d78 WudfRd - ok
09:26:09.0765 0x0d78 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:26:09.0765 0x0d78 WudfSvc - ok
09:26:09.0812 0x0d78 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:26:09.0828 0x0d78 WZCSVC - ok
09:26:09.0843 0x0d78 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:26:09.0843 0x0d78 xmlprov - ok
09:26:09.0859 0x0d78 ================ Scan global ===============================
09:26:09.0875 0x0d78 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
09:26:09.0906 0x0d78 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
09:26:09.0937 0x0d78 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
09:26:09.0953 0x0d78 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
09:26:09.0953 0x0d78 [ Global ] - ok
09:26:09.0953 0x0d78 ================ Scan MBR ==================================
09:26:09.0953 0x0d78 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:26:09.0953 0x0d78 \Device\Harddisk0\DR0 - ok
09:26:09.0968 0x0d78 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
09:26:10.0109 0x0d78 \Device\Harddisk1\DR1 - ok
09:26:10.0109 0x0d78 ================ Scan VBR ==================================
09:26:10.0109 0x0d78 [ 8508A3F1E543CB10F62D38119FFA4A00 ] \Device\Harddisk1\DR1\Partition1
09:26:10.0109 0x0d78 \Device\Harddisk1\DR1\Partition1 - ok
09:26:10.0125 0x0d78 [ 1FBC3F11FFA6164E2ACA7AF0855C42A1 ] \Device\Harddisk1\DR1\Partition2
09:26:10.0125 0x0d78 \Device\Harddisk1\DR1\Partition2 - ok
09:26:10.0125 0x0d78 Waiting for KSN requests completion. In queue: 235
09:26:11.0140 0x0d78 AV detected via SS1: AVG AntiVirus 2013, 2013.0, enabled, updated
09:26:11.0140 0x0d78 Win FW state via NFM: enabled
09:26:11.0312 0x0d78 ============================================================
09:26:11.0312 0x0d78 Scan finished
09:26:11.0312 0x0d78 ============================================================
09:26:11.0312 0x049c Detected object count: 0
09:26:11.0312 0x049c Actual detected object count: 0
09:26:55.0031 0x0898 Deinitialize success

[mana.na]

tak nevím, zda combofix nezamrznul. proběhlo skenování teď v okně svítí "mažu soubory" už asi půl hodiny a nic se neděje, při pohybu myší se kurzor nehne, nereaguje ani CapsLock..

[jaro3]

Někdy to trvá i hodinu.

[mana.na]

tak to zůstalo "viset", nutný tvrdý restart. Druhý pokus nějak proběhl, ale jak nevím, počítač běžel přes noc, ráno hláška, že Windows spuštěny po závažné chybě.

Report Combofix.txt níže:

ComboFix 13-12-01.01 - Pepa 01.12.2013 19:50:44.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.2880 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Pepa\Plocha\ComboFix.exe
AV: AVG AntiVirus 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}


((((((((((((((((((((((((( Soubory vytvořené od 2013-11-01 do 2013-12-01 )))))))))))))))))))))))))))))))


2013-11-29 11:31:16 . 2013-11-29 11:31:16 -------- d-----w- C:\WINDOWS\ERUNT
2013-11-29 11:06:59 . 2013-11-29 11:06:59 -------- d-----w- C:\Documents and Settings\Pepa\Data aplikací\Malwarebytes
2013-11-29 11:06:54 . 2013-11-29 11:06:54 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-11-29 11:06:53 . 2013-11-29 11:06:55 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2013-11-29 11:06:53 . 2013-04-04 13:50:32 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2013-11-28 09:09:19 . 2013-11-28 09:09:19 388096 ----a-r- C:\Documents and Settings\Pepa\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-11-28 09:09:18 . 2013-11-28 09:09:18 -------- d-----w- C:\Program Files\Trend Micro
2013-11-28 07:43:30 . 2013-11-28 07:43:30 -------- d-----w- C:\Tools
2013-11-28 04:31:55 . 2013-11-28 04:31:55 -------- d-----w- C:\Program Files\Better-Surf
2013-11-27 09:33:16 . 2013-11-27 09:33:16 -------- d-----w- C:\Archivos de programa
2013-11-20 08:57:48 . 2013-11-20 13:26:18 -------- d-----w- C:\Program Files\Mozilla Thunderbird
2013-11-19 05:48:12 . 2013-11-28 06:08:32 -------- d-----w- C:\Program Files\cGPSmapper
2013-11-05 12:25:01 . 2013-11-05 12:40:04 -------- d-----w- C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Mobogenie
2013-11-05 12:24:33 . 2013-11-05 12:24:33 -------- d-----w- C:\Program Files\Digiarty
2013-11-05 12:24:18 . 2013-11-05 13:00:16 -------- d-----w- C:\Program Files\Mobogenie
2013-11-05 12:08:43 . 2013-11-05 12:11:27 -------- d-----w- C:\My Video
2013-11-05 12:07:58 . 2013-11-05 12:07:58 -------- d-----w- C:\Program Files\Crystal Software
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-11-14 04:46:47 . 2012-04-03 03:41:48 692616 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-11-14 04:46:46 . 2011-12-08 13:50:19 71048 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-13 11:42:08 . 2004-08-18 12:00:00 920064 ----a-w- C:\WINDOWS\system32\wininet.dll
2013-10-13 07:12:07 . 2004-08-18 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2013-10-13 07:12:07 . 2004-08-18 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2013-10-13 07:12:06 . 2004-08-18 12:00:00 18944 ----a-w- C:\WINDOWS\system32\corpol.dll
2013-10-13 06:57:59 . 2004-08-18 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
2013-10-12 15:57:30 . 2004-08-18 12:00:00 279552 ----a-w- C:\WINDOWS\system32\oakley.dll
2013-10-09 13:13:11 . 2004-08-18 12:00:00 287744 ----a-w- C:\WINDOWS\system32\gdi32.dll
2013-10-07 11:00:01 . 2004-08-18 12:00:00 606208 ----a-w- C:\WINDOWS\system32\crypt32.dll
2013-10-05 01:42:42 . 2008-05-05 06:25:04 7168 ----a-w- C:\WINDOWS\system32\xpsp4res.dll
2013-09-13 04:27:06 . 2013-09-13 04:27:14 94632 ----a-w- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-09-13 04:27:05 . 2012-06-15 10:16:47 868264 ----a-w- C:\WINDOWS\system32\npdeployJava1.dll
2013-09-13 04:27:05 . 2012-06-15 10:16:47 144896 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2013-09-13 04:27:04 . 2012-03-12 08:47:10 790440 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2013-09-09 23:34:48 . 2011-12-23 11:32:08 22328 ----a-w- C:\WINDOWS\system32\drivers\avgidsshimx.sys
2013-09-04 23:43:42 . 2011-07-11 00:13:42 39224 ----a-w- C:\WINDOWS\system32\drivers\avgrkx86.sys


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}]
2013-11-25 09:15:50 86016 ----a-w- C:\Program Files\Better-Surf\ie\BetterSrf.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Akamai\netsession_win.exe" [2013-06-04 23:01:52 4489472]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [2013-07-16 05:41:02 1124744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 06:49:20 16126464]
"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 12:44:18 36864]
"36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [2007-02-06 12:08:36 1953792]
"nwiz"="nwiz.exe" [2006-03-17 19:16:00 1519616]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 19:16:00 7561216]
"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe" [2013-09-22 23:17:34 4411952]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 07:16:26 254336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 03:22:17 15360]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [2013-07-16 05:41:02 1124744]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 00:02:18 113024]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54:14 551296 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06:36 958576 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11]
2012-04-11 21:39:32 720896 ----a-w- C:\Program Files\Cobian Backup 11\Cobian.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2004-11-24 10:17:34 172032 ----a-w- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb13.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
2013-07-12 09:23:56 2074112 ----a-w- C:\Program Files\KeePass Password Safe 2\KeePass.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2013-07-26 12:43:52 844656 ----a-w- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-07-26 12:43:44 1564016 ----a-w- C:\Program Files\Samsung\Kies\Kies.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-07-26 12:43:46 311152 ----a-w- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50:42 155648 ----a-w- C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2013-06-07 14:51:02 774680 ----a-w- C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [BU]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ7.7\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\hphmon06.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"C:\\Documents and Settings\\Pepa\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=
"C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"C:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"C:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"C:\\Program Files\\SimpleFiles\\downloader.exe"=
"C:\\Program Files\\SimpleFiles\\SimpleFiles.exe"=
"C:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"C:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"C:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"50248:TCP"= 50248:TCP:Autodesk Content Service
"1051:TCP"= 1051:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R0 AVGIDSHX;AVGIDSHX;C:\WINDOWS\system32\drivers\avgidshx.sys [19.4.2012 3:50:26 60216]
R0 Avglogx;AVG Logging Driver;C:\WINDOWS\system32\drivers\avglogx.sys [8.2.2013 3:37:56 246072]
R0 Avgrkx86;AVG Anti-Rootkit Driver;C:\WINDOWS\system32\drivers\avgrkx86.sys [11.7.2011 1:13:42 39224]
R1 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\system32\drivers\avgidsdriverx.sys [23.12.2011 12:32:00 208184]
R1 AVGIDSShim;AVGIDSShim;C:\WINDOWS\system32\drivers\avgidsshimx.sys [23.12.2011 12:32:08 22328]
R1 Avgldx86;AVG AVI Loader Driver;C:\WINDOWS\system32\drivers\avgldx86.sys [11.7.2011 1:13:46 171320]
R1 Avgtdix;AVG TDI Driver;C:\WINDOWS\system32\drivers\avgtdix.sys [11.7.2011 1:14:38 182072]
R1 FDCBNT;FDCBNT;C:\WINDOWS\system32\drivers\FDCBNT.SYS [13.7.2012 13:17:39 44288]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 17:27:02 12880]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 22:55:22 67664]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore.exe [12.8.2011 0:38:07 116608]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31.1.2012 9:46:56 19232]
R2 avgwd;AVG WatchDog;C:\Program Files\AVG\AVG2013\avgwdsvc.exe [23.7.2013 18:09:28 283136]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;C:\Program Files\Cobian Backup 11\cbVSCService11.exe [11.4.2012 14:11:52 67584]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [6.8.2013 8:27:14 233472]
R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [29.11.2013 12:06:54 701512]
R2 OpLclSrv;OKI Local Port Manager;C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [1.8.2013 5:17:41 139264]
R2 TeamViewer8;TeamViewer 8;C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [22.8.2013 13:02:34 4308320]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [6.8.2013 8:27:14 37344]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\system32\drivers\mbam.sys [29.11.2013 12:06:53 22856]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files\AVG\AVG2013\avgidsagent.exe [4.7.2013 14:53:10 4939312]
S2 Util diamondata;Util diamondata;"C:\Program Files\diamondata\bin\utildiamondata.exe" --> C:\Program Files\diamondata\bin\utildiamondata.exe [?]
S3 AbSoftMgr4;AbSoftMgr4;C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [9.12.2011 6:18:49 378424]
S3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [9.1.2012 10:25:33 20032]
S3 epmntdrv;epmntdrv;C:\WINDOWS\system32\epmntdrv.sys [27.8.2013 4:46:17 13192]
S3 esgiguard;esgiguard;\??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys --> C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 EuGdiDrv;EuGdiDrv;C:\WINDOWS\system32\EuGdiDrv.sys [27.8.2013 4:46:17 8456]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);C:\WINDOWS\system32\drivers\sscebus.sys [6.8.2013 8:28:09 136904]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;C:\WINDOWS\system32\drivers\sscemdfl.sys [6.8.2013 8:28:10 17864]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;C:\WINDOWS\system32\drivers\sscemdm.sys [6.8.2013 8:28:10 153672]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\system32\drivers\wdcsam.sys [29.10.2012 12:55:36 11520]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - FSUSBEXDISK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-18 05:12:07 1210320 ----a-w- C:\Program Files\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe

Obsah adresáře 'Naplánované úlohy'

2013-12-01 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 03:41:48 . 2013-11-14 04:46:47]

2013-12-01 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-13 07:34:10 . 2012-07-13 07:34:08]

2013-12-01 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-13 07:34:10 . 2012-07-13 07:34:08]

2013-12-01 C:\WINDOWS\Tasks\SimpleFilesUpdate.job
- C:\Program Files\SimpleFiles\SFUpdater.exe [2013-10-02 14:02:01 . 2013-10-02 14:02:01]


------- Doplňkový sken -------

uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.1.110 213.180.36.130 213.180.36.131
FF - ProfilePath - C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =937811&p=
FF - ExtSQL: 2013-11-05 14:00; WebSiteRecommendation@weliketheweb.com; C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com
FF - ExtSQL: 2013-11-28 05:31; 12x3q4@3244516.com; C:\Program Files\Better-Surf\ff


------- Asociace souborů -------

.scr=AutoCADLTScriptFile

[jaro3]

Odinstaluj:
Better-Surf
Akamai

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
C:\Program Files\Better-Surf
C:\Program Files\Google\Update

Driver::
Util diamondata
esgiguard


Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[mana.na]

akamai odinstalováno
better-surf jsem zakázal a šel jen smazat, v seznamu programů k odinstalování nebyl
script jsem přetáhl, ComboFix se spustil, rozbalil, pustilo se modré "DOSové" okno, hláška, že bude trvat asi 10 min, po chvilce se PC sám restartoval, po náběhu windows hláška o pádu WIN po závažné chybě, zkoušel jsem asi 3x - pokaždé pád

Jestli to k něčemu je, tak:

Označení chyby :

BCCode : 19 BCP1 : 00000020 BCP2 : 89F0E000 BCP3 : 89F0E418
BCP4 : 1A830000 OSVer : 5_1_2600 SP : 3_0 Product : 256_1

odkaz na odesílané soubory :¨
manifest.txt:

Server=watson.microsoft.com
UI LCID=1029
Flags=1696080
Brand=WINDOWS
TitleName=Microsoft Windows
DigPidRegPath=HKLM\Software\Microsoft\Windows NT\CurrentVersion\DigitalProductId
ErrorText=Pro tuto chybu byl vytvořen protokol.
HeaderText=Činnost systému byla obnovena po závažné chybě.
Stage2URL=
Stage2URL=/dw/bluetwo.asp?BCCode=19&BCP1=00000020&BCP2=89F0E000&BCP3=89F0E418&BCP4=1A830000&OSVer=5_1_2600&SP=3_0&Product=256_1
DataFiles=C:\DOCUME~1\Pepa\LOCALS~1\Temp\WERa990.dir00\Mini120213-02.dmp|C:\DOCUME~1\Pepa\LOCALS~1\Temp\WERa990.dir00\sysdata.xml
ErrorSubPath=blue
DirectoryDelete=C:\DOCUME~1\Pepa\LOCALS~1\Temp\WERa990.dir00


sysdata.xml je moc velký, kdyžtak dopošlu

[jaro3]

Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

[mana.na]

whocrashed report:


--------------------------------------------------------------------------------
Welcome to WhoCrashed (HOME EDITION) v 5.00
--------------------------------------------------------------------------------

This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.

Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.

This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. It will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.

To obtain technical support visit www.resplendence.com/support

Click here to check if you have the latest version or if an update is available.

Just click the Analyze button for a comprehensible report ...



--------------------------------------------------------------------------------
Home Edition Notice
--------------------------------------------------------------------------------

This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which allows you to perform more thorough and detailed analysis. It also offers a range of additional features such as remote analysis on remote directories and remote computers on the network.

Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.


--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------

computer name: PC-17
windows version: Windows XP Service Pack 3, 5.1, build: 2600
windows dir: C:\WINDOWS
Hardware: P35-DS4, Gigabyte Technology Co., Ltd.
CPU: GenuineIntel Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 3756437504 total
VM: 2147352576, free: 2051854336




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

On Mon 2.12.2013 9:23:58 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini120213-02.dmp
This was probably caused by the following module: catchme.sys (catchme+0x10D7)
Bugcheck code: 0x19 (0x20, 0xFFFFFFFF89F0E000, 0xFFFFFFFF89F0E418, 0x1A830000)
Error: BAD_POOL_HEADER
Bug check description: This indicates that a pool header is corrupt.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: catchme.sys .
Google query: catchme.sys BAD_POOL_HEADER



On Mon 2.12.2013 9:17:25 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini120213-01.dmp
This was probably caused by the following module: Unknown (0xFFFFFFFF804F9FA3)
Bugcheck code: 0x19 (0x20, 0xFFFFFFFF8967F970, 0xFFFFFFFF8967FD88, 0x1A83001F)
Error: BAD_POOL_HEADER
Bug check description: This indicates that a pool header is corrupt.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
A third party driver was identified as the probable root cause of this system error.
Google query: BAD_POOL_HEADER



On Sun 1.12.2013 18:58:54 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini120113-02.dmp
This was probably caused by the following module: catchme.sys (catchme+0x10D7)
Bugcheck code: 0x19 (0x20, 0xFFFFFFFF89785360, 0xFFFFFFFF89785778, 0x1A83000A)
Error: BAD_POOL_HEADER
Bug check description: This indicates that a pool header is corrupt.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: catchme.sys .
Google query: catchme.sys BAD_POOL_HEADER



On Sun 1.12.2013 17:59:02 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini120113-01.dmp
This was probably caused by the following module: catchme.sys (catchme+0x10D7)
Bugcheck code: 0x19 (0x20, 0xFFFFFFFF89819128, 0xFFFFFFFF89819540, 0x1A830002)
Error: BAD_POOL_HEADER
Bug check description: This indicates that a pool header is corrupt.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: catchme.sys .
Google query: catchme.sys BAD_POOL_HEADER




--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

4 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

catchme.sys

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

[jaro3]

catchme.sys je ovladač Combofixu , zůstal někde viset.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[mana.na]

OTL log 1. část

OTL logfile created on: 5.12.2013 12:05:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pepa\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 65,36% Memory free
5,34 Gb Paging File | 4,46 Gb Available in Paging File | 83,65% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 49,26 Gb Free Space | 50,45% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 110,27 Gb Free Space | 29,96% Space Free | Partition Type: NTFS
Drive H: | 5493,93 Gb Total Space | 5225,07 Gb Free Space | 95,11% Space Free | Partition Type: NTFS
Drive P: | 196,86 Gb Total Space | 62,68 Gb Free Space | 31,84% Space Free | Partition Type: NTFS

Computer Name: PC-17 | User Name: Pepa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Pepa\Plocha\12)OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe (ZONER software)
PRC - C:\Program Files\SimpleFiles\SFUpdater.exe (http://simple-files.com/)
PRC - C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
PRC - C:\Program Files\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe (AB Studio)
PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Cobian Backup 11\cbVSCService11.exe (CobianSoft, Luis Cobian)
PRC - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe (Oki Data Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\PopTray\PopTray.exe (Renier Crause)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\ad1409a2b37d964a59676c6c6037f74e\System.WorkflowServices.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\83cd19e8259b8dd9435c1c3f8f31b60c\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\da5c75b55f26308ed4fe466d9ced831b\System.ServiceModel.Routing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6b4e6837908fa2db1fc9cb3a1ea1b4f4\System.ServiceModel.Discovery.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0b1827efb062c9c92e979a81448921e7\System.ServiceModel.Channels.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6230650d2a84290ecd5efeb71e2a8189\System.ServiceModel.Activities.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\dd3352e08d4faef7b60ce794de7bf768\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\2aa96298d1f51f8038cea1b9ddbcde1c\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\59a88c18ce6695139efc9f07f4bd2fcd\System.ServiceModel.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\22fc0718752aa625dcbb1be77040ccbe\System.Web.Services.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\826f8faf2fb2631f2a7d77de3db9a255\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bd154d4eae27aeaa0e9f6615dd79cb4d\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\c2a604fecdee3c3095608b48a2021a9e\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\55c245966c0b23a47587c18681457e48\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\85a501f8b0cb271f1bfab6532523ac3c\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d8f4106eee38420ac5eda7d630dc53fc\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\cb9c2ebcc364b9e8864ce87e12e9d324\System.EnterpriseServices.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\4def2701b8806e1b2b06e7e6e9f73c14\System.Transactions.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\cb9c2ebcc364b9e8864ce87e12e9d324\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\0da8da28d83604b6d01a9a4211b75835\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\b7285e9f3d19a05d5cc2c049e451685d\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\08c630893416f3379c9455870908ad6c\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll ()
MOD - C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll ()
MOD - C:\Program Files\Autodesk\Autodesk Sync\QJson.dll ()
MOD - C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll ()
MOD - C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()


========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software LLC)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (TeamViewer8) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AbSoftMgr4) -- C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe (AB Studio)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (cbVSCService11) -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe (CobianSoft, Luis Cobian)
SRV - (Autodesk Content Service) -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (OpLclSrv) -- C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe (Oki Data Corporation)
SRV - (HP Port Resolver) -- C:\WINDOWS\system32\hpbpro.exe (Hewlett-Packard Company)
SRV - (HP Status Server) -- C:\WINDOWS\system32\hpboid.exe (Hewlett-Packard Company)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\WINDOWS\system32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (sscemdm) -- C:\WINDOWS\system32\drivers\sscemdm.sys (MCCI Corporation)
DRV - (sscebus) -- C:\WINDOWS\system32\drivers\sscebus.sys (MCCI Corporation)
DRV - (sscemdfl) -- C:\WINDOWS\system32\drivers\sscemdfl.sys (MCCI Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (truecrypt) -- C:\WINDOWS\system32\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV - (ROCKEYNT) -- C:\WINDOWS\system32\drivers\Rockey4.sys (Feitian Technologies Co., Ltd.)
DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys ()
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (FDCBNT) -- C:\WINDOWS\system32\drivers\FDCBNT.SYS (Silence of Troubles United Company Ltd.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (JRAID) -- C:\WINDOWS\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (JGOGO) -- C:\WINDOWS\system32\drivers\JGOGO.sys (JMicron )


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {F5B0C4CA-C626-4C8F-9EC6-231E5A8CB584}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6796947F-440C-41D8-9A35-F6CCECB0E5A8}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{F5B0C4CA-C626-4C8F-9EC6-231E5A8CB584}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0
FF - prefs.js..extensions.enabledAddons: autopager%40mozilla.org:0.8.0.8
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.6
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.1.0
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:7.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\autodesk.com/Autodesk123D: C:\Documents and Settings\Pepa\Data aplikací\Autodesk\Autodesk123D32\1.0.6\npAutodesk123D32.dll (Autodesk)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.12.13 15:32:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\12x3q4@3244516.com: C:\Program Files\Better-Surf\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files\AVG\AVG2012\Thunderbird\

[2011.12.08 14:48:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Extensions
[2013.12.05 05:55:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions
[2013.11.19 09:46:04 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013.11.05 14:00:01 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com
[2013.11.05 13:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions
[2013.11.05 13:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions\staged
[2013.01.07 05:59:52 | 000,347,340 | ---- | M] () (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\autopager@mozilla.org.xpi
[2013.06.26 18:40:28 | 000,228,503 | ---- | M] () (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\ftd@ftd.com.xpi
[2013.01.02 07:49:46 | 000,151,038 | ---- | M] () (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2013.12.05 05:55:00 | 000,152,125 | ---- | M] () (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.10.10 05:43:36 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.11.18 07:00:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.11.18 07:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.11.18 07:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.11.18 07:00:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.18 07:00:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PEPA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\ZG7N3FL4.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PEPA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\ZG7N3FL4.DEFAULT\EXTENSIONS\{5C655500-E712-41E7-9349-CE462F844B19}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PEPA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\ZG7N3FL4.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PEPA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\ZG7N3FL4.DEFAULT\EXTENSIONS\AUTOPAGER@MOZILLA.ORG.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PEPA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\ZG7N3FL4.DEFAULT\EXTENSIONS\WEBSITERECOMMENDATION@WELIKETHEWEB.COM
[2012.01.03 11:50:49 | 000,000,888 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - default_search_provider: DaleSearch (Enabled)
CHR - default_search_provider: search_url = http://www.dalesearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=28DB001A4D454C53&affID=123659&tt=021013_dle&tsp=5023
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Pepa\Local Settings\Data aplikac00ED\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\McChPlg.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Pepa\Local Settings\Data aplikac00ED\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Autodesk 123D (Enabled) = C:\Documents and Settings\Pepa\Data aplikac00ED\Autodesk\Autodesk123D32\1.0.6\npAutodesk123D32.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U15 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: CacheList = C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa\3.0.4_0\
CHR - Extension: YouTube = C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled00E1v00E1n00ED Google = C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SiteAdvisor = C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013.03.19 11:55:48 | 000,000,767 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.1.140 HP001185015802
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [ABUNINSTALLEX] c:\Documents and Settings\All Users\Data aplikací\ab studio\ABUnInstallEx.exe (AB Studio C+E)
O4 - HKCU..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O4 - Startup: C:\Documents and Settings\Pepa\Nabídka Start\Programy\Po spuštění\PopTray.lnk = C:\Program Files\PopTray\PopTray.exe (Renier Crause)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.40.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.40.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.110 213.180.36.130 213.180.36.131
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19690CCF-DFFF-4F9A-B42C-281F35A4D45A}: DhcpNameServer = 192.168.1.110 213.180.36.130 213.180.36.131
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.12.08 12:52:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========