Blokování určitých webů - "blacklist" se zvětšuje

[memphisto]

Ten TDDS dej sem. V tom texťáku se to špatně čte a zalamuje řádky. Pokud je dlouhý, tak jej rozděl na více odpovědí

[Reklama]

[hadic]

Tvé přání je mým rozkazem!

Shodou náhod se dnes objevil další člověk s naprosto stejným problémem, a nefungují mu naprosto stejné weby jako mě. Tady je: http://www.czemoney.com/forum/post969219.html

10:11:42.0250 0x0990 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
10:11:45.0485 0x0990 ============================================================
10:11:45.0485 0x0990 Current date / time: 2013/12/12 10:11:45.0485
10:11:45.0485 0x0990 SystemInfo:
10:11:45.0485 0x0990
10:11:45.0485 0x0990 OS Version: 5.1.2600 ServicePack: 3.0
10:11:45.0485 0x0990 Product type: Workstation
10:11:45.0485 0x0990 ComputerName: FILIP
10:11:45.0485 0x0990 UserName: já
10:11:45.0485 0x0990 Windows directory: C:\WINDOWS
10:11:45.0485 0x0990 System windows directory: C:\WINDOWS
10:11:45.0485 0x0990 Processor architecture: Intel x86
10:11:45.0485 0x0990 Number of processors: 2
10:11:45.0485 0x0990 Page size: 0x1000
10:11:45.0485 0x0990 Boot type: Normal boot
10:11:45.0485 0x0990 ============================================================
10:11:49.0704 0x0990 KLMD registered as C:\WINDOWS\system32\drivers\48226672.sys
10:11:50.0219 0x0990 System UUID: {0186F5B9-C0CA-C945-3F5E-B96F8AF5C0CA}
10:11:51.0157 0x0990 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:11:51.0157 0x0990 ============================================================
10:11:51.0157 0x0990 \Device\Harddisk0\DR0:
10:11:51.0157 0x0990 MBR partitions:
10:11:51.0157 0x0990 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1AE77C42
10:11:51.0172 0x0990 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1AE77CC0, BlocksNum 0x234C8C1
10:11:51.0172 0x0990 ============================================================
10:11:51.0219 0x0990 C: <-> \Device\Harddisk0\DR0\Partition1
10:11:51.0250 0x0990 H: <-> \Device\Harddisk0\DR0\Partition2
10:11:51.0250 0x0990 ============================================================
10:11:51.0250 0x0990 Initialize success
10:11:51.0250 0x0990 ============================================================
10:11:52.0735 0x03e8 ============================================================
10:11:52.0735 0x03e8 Scan started
10:11:52.0735 0x03e8 Mode: Manual;
10:11:52.0735 0x03e8 ============================================================
10:11:52.0735 0x03e8 KSN ping started
10:12:18.0110 0x03e8 KSN ping finished: true
10:12:19.0063 0x03e8 ================ Scan system memory ========================
10:12:19.0063 0x03e8 System memory - ok
10:12:19.0063 0x03e8 ================ Scan services =============================
10:12:19.0157 0x03e8 Abiosdsk - ok
10:12:19.0157 0x03e8 abp480n5 - ok
10:12:19.0219 0x03e8 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:12:19.0219 0x03e8 ACPI - ok
10:12:19.0344 0x03e8 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:12:19.0344 0x03e8 ACPIEC - ok
10:12:19.0500 0x03e8 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:12:19.0500 0x03e8 AdobeFlashPlayerUpdateSvc - ok
10:12:19.0516 0x03e8 adpu160m - ok
10:12:19.0547 0x03e8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:12:19.0547 0x03e8 aec - ok
10:12:19.0594 0x03e8 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:12:19.0610 0x03e8 AFD - ok
10:12:19.0610 0x03e8 Aha154x - ok
10:12:19.0625 0x03e8 aic78u2 - ok
10:12:19.0625 0x03e8 aic78xx - ok
10:12:19.0657 0x03e8 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:12:19.0657 0x03e8 Alerter - ok
10:12:19.0688 0x03e8 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
10:12:19.0688 0x03e8 ALG - ok
10:12:19.0688 0x03e8 AliIde - ok
10:12:19.0985 0x03e8 ALSysIO - ok
10:12:20.0063 0x03e8 AmdK8 - ok
10:12:20.0063 0x03e8 AmdPPM - ok
10:12:20.0079 0x03e8 amsint - ok
10:12:20.0110 0x03e8 [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:12:20.0110 0x03e8 AppMgmt - ok
10:12:20.0125 0x03e8 asc - ok
10:12:20.0125 0x03e8 asc3350p - ok
10:12:20.0125 0x03e8 asc3550 - ok
10:12:20.0250 0x03e8 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:12:20.0313 0x03e8 aspnet_state - ok
10:12:20.0360 0x03e8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:12:20.0360 0x03e8 AsyncMac - ok
10:12:20.0407 0x03e8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:12:20.0407 0x03e8 atapi - ok
10:12:20.0407 0x03e8 Atdisk - ok
10:12:20.0469 0x03e8 [ 1BD87FEC00508DCFC23AF4727BA14333, 3EF55A839D1F98F6BF2D9C37C3ECF145792529A82760A6337C269E64EFED8116 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:12:20.0485 0x03e8 Ati HotKey Poller - ok
10:12:20.0688 0x03e8 [ CAADF7AA3ABC6AFCB3D02B129DE9863A, 5C4FC4D47ECFAA4CA96AC5D4559BBA7EC9221C9081A8B08D3CB49E65C5EEE294 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:12:20.0782 0x03e8 ati2mtag - ok
10:12:20.0813 0x03e8 [ AF7EE20D8ECC163D30BD2AB594A74BAF, DF223CC93A68BE05AE5297693C9CA7DDFF75C913B43B5A3A2A85D6E4BC0ADA1D ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
10:12:20.0829 0x03e8 AtiHDAudioService - ok
10:12:20.0829 0x03e8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:12:20.0844 0x03e8 Atmarpc - ok
10:12:20.0860 0x03e8 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:12:20.0860 0x03e8 AudioSrv - ok
10:12:20.0907 0x03e8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:12:20.0907 0x03e8 audstub - ok
10:12:20.0938 0x03e8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:12:20.0938 0x03e8 Beep - ok
10:12:21.0016 0x03e8 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
10:12:21.0047 0x03e8 BITS - ok
10:12:21.0110 0x03e8 [ 852A1BD08E7DFEB9E30B5440881C0501, 92D3F82A29D4466706DA0A30921B4AE5D67F08C2C4EF362EDB1A2D254A5AF068 ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
10:12:21.0110 0x03e8 BlueletAudio - ok
10:12:21.0125 0x03e8 [ 8FC27B12A02B43947787F0EF1885DF9B, 1C0A44406FCD78BB6410140512B2165F974CD1837400A818529E4054A358E7BF ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
10:12:21.0125 0x03e8 BlueletSCOAudio - ok
10:12:21.0188 0x03e8 [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:12:21.0204 0x03e8 Bonjour Service - ok
10:12:21.0250 0x03e8 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
10:12:21.0250 0x03e8 Browser - ok
10:12:21.0282 0x03e8 [ C5CCE2B26F73F8CF7F3C82159E79AA08, 09FDCB702ADB4A58F061D314BD7FD4A2BD487EA877F89A5F31B86BE0BBC24360 ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
10:12:21.0282 0x03e8 BT - ok
10:12:21.0282 0x03e8 BTCFilterService - ok
10:12:21.0344 0x03e8 [ DA473D279420234170DA795F1CAD4479, A6958C700496695D9B24D570FDCCB47C114217426AACB3FABBBA1941C722008D ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys
10:12:21.0344 0x03e8 Btcsrusb - ok
10:12:21.0375 0x03e8 [ CE643D0918123D76A5CAAB008FCA9663, 045FA050D273C56AF13DC24A3E4AB14B236AC2CB4DD48D5B3180696096D3A931 ] BTHidEnum C:\WINDOWS\system32\Drivers\vbtenum.sys
10:12:21.0375 0x03e8 BTHidEnum - ok
10:12:21.0407 0x03e8 [ DFCA4FE4C8AEC786B4D0F432EB730F48, 3D9731A50127E86280B93466A3CAA90607027341E04EA3A8AE89B373DFC0A5B8 ] BTHidMgr C:\WINDOWS\system32\Drivers\BTHidMgr.sys
10:12:21.0407 0x03e8 BTHidMgr - ok
10:12:21.0407 0x03e8 btkrnl - ok
10:12:21.0407 0x03e8 catchme - ok
10:12:21.0454 0x03e8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:12:21.0454 0x03e8 cbidf2k - ok
10:12:21.0469 0x03e8 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:12:21.0469 0x03e8 CCDECODE - ok
10:12:21.0485 0x03e8 cd20xrnt - ok
10:12:21.0516 0x03e8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:12:21.0516 0x03e8 Cdaudio - ok
10:12:21.0532 0x03e8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:12:21.0532 0x03e8 Cdfs - ok
10:12:21.0547 0x03e8 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:12:21.0547 0x03e8 Cdrom - ok
10:12:21.0594 0x03e8 [ A3E467EF4A30CCF8AE674AC879CC56FE, 0F74725EF943F940114762558D2AB9BD16E35D38228DCC59F68DEBADC1EAB3B1 ] CH341SER C:\WINDOWS\system32\Drivers\CH341SER.SYS
10:12:21.0594 0x03e8 CH341SER - ok
10:12:21.0610 0x03e8 Changer - ok
10:12:21.0657 0x03e8 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:12:21.0657 0x03e8 CiSvc - ok
10:12:21.0688 0x03e8 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:12:21.0688 0x03e8 ClipSrv - ok
10:12:21.0719 0x03e8 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:12:21.0782 0x03e8 clr_optimization_v2.0.50727_32 - ok
10:12:21.0844 0x03e8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:12:21.0844 0x03e8 clr_optimization_v4.0.30319_32 - ok
10:12:21.0860 0x03e8 CmdIde - ok
10:12:21.0860 0x03e8 COMSysApp - ok
10:12:21.0875 0x03e8 Cpqarray - ok
10:12:21.0907 0x03e8 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:12:21.0907 0x03e8 CryptSvc - ok
10:12:21.0969 0x03e8 [ F054744F67576A01139885173392502B, 4FEA15AABC4FC63A3E991412CAF17283BBD257172EF7E255F40F5E22E0286902 ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfo.sys
10:12:21.0969 0x03e8 CrystalSysInfo - ok
10:12:22.0032 0x03e8 [ 310C5EC0B4278211089F0A5E915D025F, A9E3F148A26D5712802FED26DBEE659BB3ADFB35F28FD22EBAC0872CF1CC1B09 ] cvintdrv C:\WINDOWS\system32\drivers\cvintdrv.sys
10:12:22.0032 0x03e8 cvintdrv - ok
10:12:22.0047 0x03e8 [ 5776322F93CDB91086111F5FFBFDA2A0, 3F965C1415E27A5D4F70AB71A42CCA39E74DF6AF258C503E0392A9DAA4CEF044 ] d347bus C:\WINDOWS\system32\DRIVERS\d347bus.sys
10:12:22.0063 0x03e8 d347bus - ok
10:12:22.0063 0x03e8 [ B49F79ACE459763F4E0380071BE9CB45, 4AC5C4C3C7D7739E6309D1C9A89D307AD77376A9E37F7EBC0AA59251548DE2A8 ] d347prt C:\WINDOWS\system32\Drivers\d347prt.sys
10:12:22.0063 0x03e8 d347prt - ok
10:12:22.0063 0x03e8 dac2w2k - ok
10:12:22.0079 0x03e8 dac960nt - ok
10:12:22.0125 0x03e8 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:12:22.0157 0x03e8 DcomLaunch - ok
10:12:22.0235 0x03e8 [ 3427361E7E9CD1742EE7AFC37F2CBE8F, D7273B36316384CAE839BB69F4ADDC12EB48DF14438246CA9D74AB9264DDE23A ] DeviceFinderService C:\Program Files\Sony\PlayMemories Home\dfs.exe
10:12:22.0266 0x03e8 DeviceFinderService - ok
10:12:22.0297 0x03e8 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:12:22.0329 0x03e8 Dhcp - ok
10:12:22.0344 0x03e8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:12:22.0344 0x03e8 Disk - ok
10:12:22.0360 0x03e8 dmadmin - ok
10:12:22.0391 0x03e8 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:12:22.0407 0x03e8 dmboot - ok
10:12:22.0454 0x03e8 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:12:22.0469 0x03e8 dmio - ok
10:12:22.0485 0x03e8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:12:22.0485 0x03e8 dmload - ok
10:12:22.0516 0x03e8 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:12:22.0516 0x03e8 dmserver - ok
10:12:22.0532 0x03e8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:12:22.0532 0x03e8 DMusic - ok
10:12:22.0563 0x03e8 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:12:22.0563 0x03e8 Dnscache - ok
10:12:22.0625 0x03e8 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:12:22.0625 0x03e8 Dot3svc - ok
10:12:22.0641 0x03e8 dpti2o - ok
10:12:22.0641 0x03e8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:12:22.0641 0x03e8 drmkaud - ok
10:12:22.0672 0x03e8 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:12:22.0672 0x03e8 EapHost - ok
10:12:22.0672 0x03e8 ecntc - ok
10:12:22.0735 0x03e8 [ 12B769B5D8FB009927EB0E22443DC2AF, 95B051FD88175A1321E790F619BE366AEB77F8CCF738BA133AB68DFC2DB12218 ] EGXFilter C:\WINDOWS\system32\drivers\egxfilter.sys
10:12:22.0735 0x03e8 EGXFilter - ok
10:12:22.0782 0x03e8 ekrn - ok
10:12:22.0797 0x03e8 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:12:22.0797 0x03e8 ERSvc - ok
10:12:22.0844 0x03e8 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
10:12:22.0844 0x03e8 Eventlog - ok
10:12:22.0891 0x03e8 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
10:12:22.0891 0x03e8 EventSystem - ok
10:12:22.0938 0x03e8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:12:22.0938 0x03e8 Fastfat - ok
10:12:22.0985 0x03e8 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:12:22.0985 0x03e8 FastUserSwitchingCompatibility - ok
10:12:23.0000 0x03e8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:12:23.0000 0x03e8 Fdc - ok
10:12:23.0016 0x03e8 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:12:23.0016 0x03e8 Fips - ok
10:12:23.0063 0x03e8 FirebirdGuardianDefaultInstance - ok
10:12:23.0079 0x03e8 FirebirdServerDefaultInstance - ok
10:12:23.0172 0x03e8 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:12:23.0188 0x03e8 FLEXnet Licensing Service - ok
10:12:23.0235 0x03e8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:12:23.0235 0x03e8 Flpydisk - ok
10:12:23.0250 0x03e8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:12:23.0250 0x03e8 FltMgr - ok
10:12:23.0407 0x03e8 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:12:23.0407 0x03e8 FontCache3.0.0.0 - ok
10:12:23.0422 0x03e8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:12:23.0422 0x03e8 Fs_Rec - ok
10:12:23.0438 0x03e8 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:12:23.0454 0x03e8 Ftdisk - ok
10:12:23.0454 0x03e8 GMSIPCI - ok
10:12:23.0547 0x03e8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:12:23.0547 0x03e8 Gpc - ok
10:12:23.0719 0x03e8 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate1ca0b59fbbe09ff C:\Program Files\Google\Update\GoogleUpdate.exe
10:12:23.0719 0x03e8 gupdate1ca0b59fbbe09ff - ok
10:12:23.0735 0x03e8 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:12:23.0735 0x03e8 gupdatem - ok
10:12:23.0750 0x03e8 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
10:12:23.0766 0x03e8 hamachi - ok
10:12:23.0860 0x03e8 [ 732ECA7B8647E7F39A875B3EE9CAEE9E, FEC5987010A3242D691B1F0744000EE58994419D136A7C53E17B43D2573D8501 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
10:12:23.0891 0x03e8 Hamachi2Svc - ok
10:12:23.0922 0x03e8 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:12:23.0938 0x03e8 HDAudBus - ok
10:12:23.0985 0x03e8 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:12:23.0985 0x03e8 helpsvc - ok
10:12:24.0016 0x03e8 [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
10:12:24.0016 0x03e8 HidServ - ok
10:12:24.0032 0x03e8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:12:24.0032 0x03e8 HidUsb - ok
10:12:24.0079 0x03e8 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:12:24.0079 0x03e8 hkmsvc - ok
10:12:24.0094 0x03e8 hpn - ok
10:12:24.0141 0x03e8 [ 5FABA4775D4C61E55EC669D643FFC71F, EDBC23F6079DC4F4492E3A3381D1DDABA2BDAD05BAF831BB9E92D55AEBEB3FDB ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:12:24.0141 0x03e8 HPZid412 - ok
10:12:24.0157 0x03e8 [ A3C43980EE1F1BEAC778B44EA65DBDD4, 404F5248FD7DB0AAF02F214FC6001D743EB61F579D250A87D06F58F9182F5DE4 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:12:24.0157 0x03e8 HPZipr12 - ok
10:12:24.0172 0x03e8 [ 2906949BD4E206F2BB0DD1896CE9F66F, F1EAE39571C2264163E1E080ED83225B6CD005FB2BAD0925430E7B1FE0654DAE ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:12:24.0172 0x03e8 HPZius12 - ok
10:12:24.0188 0x03e8 HTCAND32 - ok
10:12:24.0219 0x03e8 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:12:24.0235 0x03e8 HTTP - ok
10:12:24.0266 0x03e8 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:12:24.0266 0x03e8 HTTPFilter - ok
10:12:24.0313 0x03e8 [ DCD57B7B85AF95C603227DD4710ABFF2, 737FAC968E2699903861730C63DF01CE0C3491E8EBAB29F9C553A75D9F5FD5E2 ] hwinterface C:\WINDOWS\system32\Drivers\hwinterface.sys
10:12:24.0344 0x03e8 hwinterface - ok
10:12:24.0344 0x03e8 i2omgmt - ok
10:12:24.0344 0x03e8 i2omp - ok
10:12:24.0391 0x03e8 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:12:24.0391 0x03e8 i8042prt - ok
10:12:24.0485 0x03e8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:12:24.0485 0x03e8 IDriverT - ok
10:12:24.0579 0x03e8 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:12:24.0625 0x03e8 idsvc - ok
10:12:24.0672 0x03e8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:12:24.0672 0x03e8 Imapi - ok
10:12:24.0704 0x03e8 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:12:24.0719 0x03e8 ImapiService - ok
10:12:24.0719 0x03e8 ini910u - ok
10:12:25.0000 0x03e8 [ B2957D6C1226F029230DAC2C46D34286, C581D967C96DD3EC1DFFEDF01087A3042FED333CFF389698FCC7396B79B8C13F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:12:25.0110 0x03e8 IntcAzAudAddService - ok
10:12:25.0125 0x03e8 IntelIde - ok
10:12:25.0157 0x03e8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:12:25.0157 0x03e8 Ip6Fw - ok
10:12:25.0204 0x03e8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:12:25.0204 0x03e8 IpFilterDriver - ok
10:12:25.0219 0x03e8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:12:25.0219 0x03e8 IpInIp - ok
10:12:25.0235 0x03e8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:12:25.0250 0x03e8 IpNat - ok
10:12:25.0282 0x03e8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:12:25.0282 0x03e8 IPSec - ok
10:12:25.0329 0x03e8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:12:25.0329 0x03e8 IRENUM - ok
10:12:25.0360 0x03e8 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:12:25.0360 0x03e8 isapnp - ok
10:12:25.0485 0x03e8 [ 9ECF00E19736054E019C532AED8228FC, F5A64A8269EA3655BBD4850298F335C0BD30535258928ED7CE62A32A3363E60B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:12:25.0485 0x03e8 JavaQuickStarterService - ok
10:12:25.0500 0x03e8 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:12:25.0516 0x03e8 Kbdclass - ok
10:12:25.0563 0x03e8 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:12:25.0563 0x03e8 kbdhid - ok
10:12:25.0579 0x03e8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:12:25.0579 0x03e8 kmixer - ok
10:12:25.0610 0x03e8 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:12:25.0610 0x03e8 KSecDD - ok
10:12:25.0641 0x03e8 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:12:25.0641 0x03e8 lanmanserver - ok
10:12:25.0688 0x03e8 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:12:25.0688 0x03e8 lanmanworkstation - ok
10:12:25.0704 0x03e8 lbrtfdc - ok
10:12:25.0797 0x03e8 [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:12:25.0797 0x03e8 LightScribeService - ok
10:12:25.0860 0x03e8 [ 47A111A4DC0D67DA431DF9F91EE09682, 242E319B7152C4F8B1ECF28C50228C02BBC99BF91F93E3907F5614156BA823EE ] LkCitadelServer C:\WINDOWS\system32\lkcitdl.exe
10:12:25.0875 0x03e8 LkCitadelServer - ok
10:12:25.0875 0x03e8 [ 93CD77EF951E426A2C36A33D750D9321, 4590FDC4DD6FFAA8947D421B2832A7330D2584C9D0F2EE66FE91617602056BAA ] lkClassAds C:\WINDOWS\system32\lkads.exe
10:12:25.0875 0x03e8 lkClassAds - ok
10:12:25.0907 0x03e8 [ 9F616DF9EC606BA99323DAC363C4D414, 96A669F3E43E6F81815E744D094E016BCC98AA958C69997049F94FB265FC5CDE ] lkTimeSync C:\WINDOWS\system32\lktsrv.exe
10:12:25.0907 0x03e8 lkTimeSync - ok
10:12:25.0938 0x03e8 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:12:25.0938 0x03e8 LmHosts - ok
10:12:25.0954 0x03e8 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:12:25.0954 0x03e8 Messenger - ok
10:12:26.0032 0x03e8 Microsoft SharePoint Workspace Audit Service - ok
10:12:26.0079 0x03e8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:12:26.0079 0x03e8 mnmdd - ok
10:12:26.0125 0x03e8 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:12:26.0125 0x03e8 mnmsrvc - ok
10:12:26.0157 0x03e8 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:12:26.0172 0x03e8 Modem - ok
10:12:26.0172 0x03e8 motandroidusb - ok
10:12:26.0172 0x03e8 motccgp - ok
10:12:26.0188 0x03e8 motccgpfl - ok
10:12:26.0188 0x03e8 MotDev - ok
10:12:26.0204 0x03e8 motmodem - ok
10:12:26.0204 0x03e8 MotoSwitchService - ok
10:12:26.0219 0x03e8 Motousbnet - ok
10:12:26.0219 0x03e8 motusbdevice - ok
10:12:26.0235 0x03e8 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:12:26.0235 0x03e8 Mouclass - ok
10:12:26.0266 0x03e8 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:12:26.0266 0x03e8 mouhid - ok
10:12:26.0282 0x03e8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:12:26.0282 0x03e8 MountMgr - ok
10:12:26.0375 0x03e8 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:12:26.0375 0x03e8 MozillaMaintenance - ok
10:12:26.0375 0x03e8 mraid35x - ok
10:12:26.0391 0x03e8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:12:26.0391 0x03e8 MRxDAV - ok
10:12:26.0454 0x03e8 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:12:26.0469 0x03e8 MRxSmb - ok
10:12:26.0500 0x03e8 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:12:26.0516 0x03e8 MSDTC - ok
10:12:26.0532 0x03e8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:12:26.0532 0x03e8 Msfs - ok
10:12:26.0532 0x03e8 MSICPL - ok
10:12:26.0547 0x03e8 MSIServer - ok
10:12:26.0579 0x03e8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:12:26.0579 0x03e8 MSKSSRV - ok
10:12:26.0594 0x03e8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:12:26.0594 0x03e8 MSPCLOCK - ok
10:12:26.0610 0x03e8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:12:26.0625 0x03e8 MSPQM - ok
10:12:26.0625 0x03e8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:12:26.0641 0x03e8 mssmbios - ok
10:12:26.0657 0x03e8 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:12:26.0657 0x03e8 MSTEE - ok
10:12:26.0688 0x03e8 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:12:26.0704 0x03e8 Mup - ok
10:12:26.0750 0x03e8 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:12:26.0750 0x03e8 NABTSFEC - ok
10:12:26.0829 0x03e8 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
10:12:26.0844 0x03e8 napagent - ok
10:12:26.0860 0x03e8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:12:26.0875 0x03e8 NDIS - ok
10:12:26.0891 0x03e8 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:12:26.0891 0x03e8 NdisIP - ok
10:12:26.0922 0x03e8 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:12:26.0922 0x03e8 NdisTapi - ok
10:12:26.0954 0x03e8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:12:26.0969 0x03e8 Ndisuio - ok
10:12:26.0969 0x03e8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:12:26.0969 0x03e8 NdisWan - ok
10:12:27.0016 0x03e8 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:12:27.0016 0x03e8 NDProxy - ok
10:12:27.0032 0x03e8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:12:27.0032 0x03e8 NetBIOS - ok
10:12:27.0079 0x03e8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:12:27.0079 0x03e8 NetBT - ok
10:12:27.0094 0x03e8 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
10:12:27.0094 0x03e8 NetDDE - ok
10:12:27.0110 0x03e8 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:12:27.0110 0x03e8 NetDDEdsdm - ok
10:12:27.0141 0x03e8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:12:27.0141 0x03e8 Netlogon - ok
10:12:27.0188 0x03e8 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
10:12:27.0188 0x03e8 Netman - ok
10:12:27.0235 0x03e8 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:12:27.0235 0x03e8 NetTcpPortSharing - ok
10:12:27.0344 0x03e8 [ B60EB6D73C59436200A5B9AD8504A0BD, 19A7847ABC8B3310A0E109CE6D3F1C40E021B5A3C207086B85151C73E47AB8FA ] NIDomainService C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
10:12:27.0344 0x03e8 NIDomainService - ok
10:12:27.0344 0x03e8 niSvcLoc - ok
10:12:27.0391 0x03e8 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
10:12:27.0391 0x03e8 Nla - ok
10:12:27.0422 0x03e8 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] NPF C:\WINDOWS\system32\drivers\npf.sys
10:12:27.0422 0x03e8 NPF - ok
10:12:27.0469 0x03e8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:12:27.0469 0x03e8 Npfs - ok
10:12:27.0469 0x03e8 NTACCESS - ok
10:12:27.0500 0x03e8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:12:27.0516 0x03e8 Ntfs - ok
10:12:27.0516 0x03e8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:12:27.0516 0x03e8 NtLmSsp - ok
10:12:27.0563 0x03e8 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:12:27.0579 0x03e8 NtmsSvc - ok
10:12:27.0625 0x03e8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
10:12:27.0625 0x03e8 Null - ok
10:12:28.0204 0x03e8 [ 7C56F3FD65B2BDB315CA3605A5392D7B, 1C33B2723BBD958FE06D71B6AC5C54DF1F46491C292749FE0DB8577BF056A765 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:12:28.0469 0x03e8 nv - ok
10:12:28.0532 0x03e8 [ 45BA510DB13A0496DB1CD16826519E03, AE6B736B243E789927EE06ACF3C3E059B68C8D72281C8F4940090E31908E9D4C ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
10:12:28.0532 0x03e8 NVENETFD - ok
10:12:28.0563 0x03e8 [ A117466B0ACB13288DEEE4F2E936E67F, BF9FFBD8DA1B365BA843F66CF1408360CAB29C16B46B2AC1B91E266AD49765AE ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
10:12:28.0563 0x03e8 nvgts - ok
10:12:28.0594 0x03e8 [ 57CBDB934FB1AFB7E03B413D151A6152, 2FC08150CB2F16EEE906E07E1462D2289E0E4CE56331F2AA9DD96392D8A9D670 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
10:12:28.0594 0x03e8 nvnetbus - ok
10:12:28.0657 0x03e8 [ 03DBB885DEAE94F06C06EC06ACDB8B47, BB35BB252340725D486385119C11232E9D80722001CD258AC73C199C01DEF045 ] nvsmu C:\WINDOWS\system32\DRIVERS\nvsmu.sys
10:12:28.0657 0x03e8 nvsmu - ok
10:12:28.0719 0x03e8 [ 2E6ED9FE65A9B3EC606603ED0F33DD7D, B6E4D8974D4F3E317E6359F1F4398A17B464CED87792BAB31F62DEF57BEEF815 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
10:12:28.0735 0x03e8 NVSvc - ok
10:12:28.0782 0x03e8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:12:28.0782 0x03e8 NwlnkFlt - ok
10:12:28.0782 0x03e8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:12:28.0782 0x03e8 NwlnkFwd - ok
10:12:28.0829 0x03e8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:12:28.0829 0x03e8 ose - ok
10:12:29.0063 0x03e8 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:12:29.0219 0x03e8 osppsvc - ok
10:12:29.0250 0x03e8 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:12:29.0266 0x03e8 Parport - ok
10:12:29.0282 0x03e8 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:12:29.0282 0x03e8 PartMgr - ok
10:12:29.0329 0x03e8 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:12:29.0329 0x03e8 ParVdm - ok
10:12:29.0329 0x03e8 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:12:29.0344 0x03e8 PCI - ok
10:12:29.0344 0x03e8 PCIDump - ok
10:12:29.0375 0x03e8 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:12:29.0375 0x03e8 PCIIde - ok
10:12:29.0422 0x03e8 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:12:29.0422 0x03e8 Pcmcia - ok
10:12:29.0454 0x03e8 [ 55E00AE13BB55E66030F2EB429A33156, D5C6DE34605908D8079D87EB29365A39A44D1FCD41CD3736372790E0D105B08E ] PCTCore C:\WINDOWS\system32\drivers\PCTCore.sys
10:12:29.0454 0x03e8 PCTCore - ok
10:12:29.0516 0x03e8 [ F820B4C61D1E591325B679D479D4EEA4, 7AE393C2E31CA92083842563C8E887B473D64FD5BC10168FDD1822DF782DB854 ] pctDS C:\WINDOWS\system32\drivers\pctDS.sys
10:12:29.0532 0x03e8 pctDS - ok
10:12:29.0563 0x03e8 [ ACC8C15F3D59F17C5D903FF1DE3B43D3, C0451359864FD9E59DBDD12C55D84C9019EAD14B17D88785B111A738E542E616 ] pctEFA C:\WINDOWS\system32\drivers\pctEFA.sys
10:12:29.0579 0x03e8 pctEFA - ok
10:12:29.0625 0x03e8 [ C718F517B49B23D456B4A70789035DF5, 45D4CE6C25D29D2741EA4D01A523C2389BA3CF5CE46DBB1DDA4092B3251A64D6 ] PCTSD C:\WINDOWS\system32\Drivers\PCTSD.sys
10:12:29.0625 0x03e8 PCTSD - ok
10:12:29.0625 0x03e8 PDCOMP - ok
10:12:29.0641 0x03e8 PDFRAME - ok
10:12:29.0641 0x03e8 PDRELI - ok
10:12:29.0657 0x03e8 PDRFRAME - ok
10:12:29.0657 0x03e8 perc2 - ok
10:12:29.0672 0x03e8 perc2hib - ok
10:12:29.0688 0x03e8 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
10:12:29.0704 0x03e8 PlugPlay - ok
10:12:29.0750 0x03e8 [ 7C725A94A89E3C1EA7D492D5E79698A2, 0E678DF8D5B54FF671912DF103623ACF3264E86BDACF744D0A7BA80C51A79110 ] PMBDeviceInfoProvider C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
10:12:29.0797 0x03e8 PMBDeviceInfoProvider - ok
10:12:29.0829 0x03e8 [ 901C43516504CBE582E4C4193E00876A, AB071D9287AD84B313440AB55D0EF01452D445C009A62E2703D42DF9D37986ED ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
10:12:29.0829 0x03e8 Pml Driver HPZ12 - ok
10:12:29.0844 0x03e8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:12:29.0844 0x03e8 PolicyAgent - ok
10:12:29.0875 0x03e8 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:12:29.0875 0x03e8 PptpMiniport - ok
10:12:29.0954 0x03e8 [ 88422CB9D58BD542269318A6850FC384, 9FEC4BDA00B55476B76B969BEC97175E50AF94E7E5452301DBA5998040E4D600 ] PQNTDrv C:\WINDOWS\system32\drivers\PQNTDrv.sys
10:12:29.0954 0x03e8 PQNTDrv - ok
10:12:29.0954 0x03e8 [ 7EB15DCE4EC3A0220BD796A15C18186E, E06C572F3FE4F3377D8AF74E8EF15478E71B4C61F944E48E8C35534BEF086110 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
10:12:29.0954 0x03e8 Processor - ok
10:12:29.0969 0x03e8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:12:29.0969 0x03e8 ProtectedStorage - ok
10:12:30.0016 0x03e8 [ 64E413BA0C529AA40C3924BBCC4153DB, 9E0EB02078EE250AC618D4A4537D54BACDD7E2B67349162CA61F35EAF91601EE ] ProtexisLicensing C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
10:12:30.0016 0x03e8 ProtexisLicensing - ok
10:12:30.0016 0x03e8 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:12:30.0016 0x03e8 PSched - ok
10:12:30.0047 0x03e8 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:12:30.0047 0x03e8 Ptilink - ok
10:12:30.0079 0x03e8 [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:12:30.0079 0x03e8 PxHelp20 - ok
10:12:30.0094 0x03e8 ql1080 - ok
10:12:30.0094 0x03e8 Ql10wnt - ok
10:12:30.0094 0x03e8 ql12160 - ok
10:12:30.0110 0x03e8 ql1240 - ok
10:12:30.0110 0x03e8 ql1280 - ok
10:12:30.0125 0x03e8 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:12:30.0125 0x03e8 RasAcd - ok
10:12:30.0157 0x03e8 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:12:30.0172 0x03e8 RasAuto - ok
10:12:30.0188 0x03e8 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:12:30.0188 0x03e8 Rasl2tp - ok
10:12:30.0235 0x03e8 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:12:30.0250 0x03e8 RasMan - ok
10:12:30.0250 0x03e8 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:12:30.0250 0x03e8 RasPppoe - ok
10:12:30.0266 0x03e8 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:12:30.0266 0x03e8 Raspti - ok
10:12:30.0329 0x03e8 [ A1E70B8354D52AEB3CB49568C7C0A2FF, 18C42DD15901ACD87EE821FBF4A20554311237C31AE8ED77099DE7BCC22F908F ] Razerlow C:\WINDOWS\system32\Drivers\Razerlow.sys
10:12:30.0329 0x03e8 Razerlow - ok
10:12:30.0360 0x03e8 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:12:30.0360 0x03e8 Rdbss - ok
10:12:30.0360 0x03e8 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:12:30.0360 0x03e8 RDPCDD - ok
10:12:30.0407 0x03e8 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:12:30.0422 0x03e8 rdpdr - ok
10:12:30.0454 0x03e8 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:12:30.0454 0x03e8 RDPWD - ok
10:12:30.0485 0x03e8 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:12:30.0500 0x03e8 RDSessMgr - ok
10:12:30.0516 0x03e8 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:12:30.0516 0x03e8 redbook - ok
10:12:30.0547 0x03e8 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:12:30.0547 0x03e8 RemoteAccess - ok
10:12:30.0579 0x03e8 [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

[hadic]

10:12:30.0579 0x03e8 RemoteRegistry - ok
10:12:30.0625 0x03e8 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
10:12:30.0625 0x03e8 ROOTMODEM - ok
10:12:30.0657 0x03e8 [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
10:12:30.0672 0x03e8 rpcapd - ok
10:12:30.0672 0x03e8 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
10:12:30.0672 0x03e8 RpcLocator - ok
10:12:30.0719 0x03e8 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:12:30.0719 0x03e8 RpcSs - ok
10:12:30.0735 0x03e8 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:12:30.0750 0x03e8 RSVP - ok
10:12:30.0750 0x03e8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
10:12:30.0750 0x03e8 SamSs - ok
10:12:30.0813 0x03e8 [ 224049C51E2C2D07B02B1BED262976A1, DE36291D5FFAE9FF92A6C1A8C7152CBC95EE50205E2E0051498832F447000265 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
10:12:30.0813 0x03e8 SbieDrv - ok
10:12:30.0829 0x03e8 [ 3129023CEF1A2225665D44F9545DAED4, D25ECDA8221660AF8B690409A051B7094F522399BE0A54D79A236EB598F7B841 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
10:12:30.0829 0x03e8 SbieSvc - ok
10:12:30.0844 0x03e8 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:12:30.0844 0x03e8 SCardSvr - ok
10:12:30.0891 0x03e8 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:12:30.0891 0x03e8 Schedule - ok
10:12:30.0969 0x03e8 [ CADC6D185D8560A1EC266B0A97C4F153, C439E33A308E54AA5678C9753BB850955619363DB8FC986D0D676E17F1DBB635 ] sdAuxService C:\Program Files\PC Tools Security\pctsAuxs.exe
10:12:30.0985 0x03e8 sdAuxService - ok
10:12:31.0047 0x03e8 [ B895ECCD553FEEBB424E80B5D239757C, CF01C4F841893CC833A768100009825A424282411BA250265EEE64D0949C793F ] sdCoreService C:\Program Files\PC Tools Security\pctsSvc.exe
10:12:31.0094 0x03e8 sdCoreService - ok
10:12:31.0125 0x03e8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:12:31.0125 0x03e8 Secdrv - ok
10:12:31.0157 0x03e8 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:12:31.0157 0x03e8 seclogon - ok
10:12:31.0157 0x03e8 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
10:12:31.0172 0x03e8 SENS - ok
10:12:31.0188 0x03e8 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:12:31.0188 0x03e8 serenum - ok
10:12:31.0235 0x03e8 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:12:31.0235 0x03e8 Serial - ok
10:12:31.0360 0x03e8 [ 58D5BFDF3ADF49FE9CABD78CC61D92F6, 2A8AA6589829E224BD6211888A21BC8B9A061E9607F7CEEE4430299BA5F02A04 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:12:31.0391 0x03e8 ServiceLayer - ok
10:12:31.0407 0x03e8 SetupNTGLM7X - ok
10:12:31.0422 0x03e8 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:12:31.0438 0x03e8 Sfloppy - ok
10:12:31.0500 0x03e8 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:12:31.0516 0x03e8 SharedAccess - ok
10:12:31.0547 0x03e8 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:12:31.0547 0x03e8 ShellHWDetection - ok
10:12:31.0547 0x03e8 Simbad - ok
10:12:31.0594 0x03e8 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:12:31.0594 0x03e8 SkypeUpdate - ok
10:12:31.0610 0x03e8 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:12:31.0610 0x03e8 SLIP - ok
10:12:31.0688 0x03e8 [ 43B8C052890896C6D1617CA90B2730E0, D38C06D6132976F00A6876E77FD58A6EDDA8B2B94BEAAB1ABC91B43690299C06 ] SNPSTD3 C:\WINDOWS\system32\DRIVERS\snpstd3.sys
10:12:31.0704 0x03e8 SNPSTD3 - ok
10:12:31.0704 0x03e8 Sparrow - ok
10:12:31.0750 0x03e8 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:12:31.0750 0x03e8 splitter - ok
10:12:31.0782 0x03e8 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:12:31.0782 0x03e8 Spooler - ok
10:12:31.0860 0x03e8 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
10:12:31.0860 0x03e8 Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
10:12:31.0860 0x03e8 sptd - detected LockedFile.Multi.Generic ( 1 )
10:12:34.0219 0x03e8 Detect skipped due to KSN trusted
10:12:34.0219 0x03e8 sptd - ok
10:12:34.0219 0x03e8 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:12:34.0235 0x03e8 sr - ok
10:12:34.0266 0x03e8 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
10:12:34.0282 0x03e8 srservice - ok
10:12:34.0313 0x03e8 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:12:34.0329 0x03e8 Srv - ok
10:12:34.0360 0x03e8 [ 406776FE3C2B66796BAC1A7AFB9AC8A1, A23D71FA734A0651D32279829793C7127510DB6A0CF51DF1999AF405BC0D3662 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
10:12:34.0360 0x03e8 ssadbus - ok
10:12:34.0391 0x03e8 [ B19532D015A5D295E2AA34BB521202CF, 100AF0DDA8DD5EC6BFF6E8C728BEAA7EF7ECBBF449BC96474885BACEFAC4D871 ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
10:12:34.0391 0x03e8 ssadmdfl - ok
10:12:34.0422 0x03e8 [ 2AEBF9108E6F435458B9499C27394DA4, 7FD1DD3092B64D39B9E51C1A34DDD8D0C5B8808A578C1B8C33DE17DA53597E47 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
10:12:34.0422 0x03e8 ssadmdm - ok
10:12:34.0454 0x03e8 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:12:34.0454 0x03e8 SSDPSRV - ok
10:12:34.0532 0x03e8 [ B1691AF4A072CB674D600DB16DD7308E, 214E35001E7BA10E8C329CE8904E900AA54F9B35C5329F2FF20E3156D6F21A8E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
10:12:34.0532 0x03e8 StarWindServiceAE - ok
10:12:34.0579 0x03e8 [ 06CDA2A5A549BC455D004461E6BC5B33, 9731AEBB98B40F610113BE1989F85CE5805D9C3840A0E22B1F30883A6349CFED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
10:12:34.0579 0x03e8 StillCam - ok
10:12:34.0625 0x03e8 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:12:34.0641 0x03e8 stisvc - ok
10:12:34.0672 0x03e8 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:12:34.0672 0x03e8 streamip - ok
10:12:34.0704 0x03e8 [ 147D1EFB83CCCCE9935DAD521F0FB447, 6FFA2AB9901933CBCC1CDB5E8FC62F19699135B8D0A615E1C487E7690DEB21A8 ] SureThing Labelflash service C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
10:12:34.0719 0x03e8 SureThing Labelflash service - ok
10:12:34.0750 0x03e8 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:12:34.0750 0x03e8 swenum - ok
10:12:34.0750 0x03e8 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:12:34.0750 0x03e8 swmidi - ok
10:12:34.0766 0x03e8 SwPrv - ok
10:12:34.0782 0x03e8 symc810 - ok
10:12:34.0782 0x03e8 symc8xx - ok
10:12:34.0782 0x03e8 sym_hi - ok
10:12:34.0797 0x03e8 sym_u3 - ok
10:12:34.0813 0x03e8 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:12:34.0813 0x03e8 sysaudio - ok
10:12:34.0844 0x03e8 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:12:34.0860 0x03e8 SysmonLog - ok
10:12:34.0875 0x03e8 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:12:34.0891 0x03e8 TapiSrv - ok
10:12:34.0938 0x03e8 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:12:34.0954 0x03e8 Tcpip - ok
10:12:34.0985 0x03e8 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:12:34.0985 0x03e8 TDPIPE - ok
10:12:35.0000 0x03e8 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:12:35.0000 0x03e8 TDTCP - ok
10:12:35.0782 0x03e8 [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
10:12:35.0891 0x03e8 TeamViewer8 - ok
10:12:35.0938 0x03e8 [ 9101FFFCFCCD1A30E870A5B8A9091B10, 58AAB0F6FF78FD0ECDD8D9DA1B6852E9E57E3DAA39489ABDDBA106ECE0B3BCA7 ] teamviewervpn C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
10:12:35.0938 0x03e8 teamviewervpn - ok
10:12:35.0954 0x03e8 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:12:35.0954 0x03e8 TermDD - ok
10:12:36.0000 0x03e8 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
10:12:36.0016 0x03e8 TermService - ok
10:12:36.0047 0x03e8 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
10:12:36.0047 0x03e8 Themes - ok
10:12:36.0094 0x03e8 [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:12:36.0094 0x03e8 TlntSvr - ok
10:12:36.0094 0x03e8 TosIde - ok
10:12:36.0141 0x03e8 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:12:36.0141 0x03e8 TrkWks - ok
10:12:36.0188 0x03e8 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:12:36.0188 0x03e8 Udfs - ok
10:12:36.0188 0x03e8 ultra - ok
10:12:36.0266 0x03e8 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:12:36.0266 0x03e8 Update - ok
10:12:36.0454 0x03e8 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:12:36.0454 0x03e8 upnphost - ok
10:12:36.0469 0x03e8 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
10:12:36.0469 0x03e8 UPS - ok
10:12:36.0516 0x03e8 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
10:12:36.0516 0x03e8 usbaudio - ok
10:12:36.0547 0x03e8 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:12:36.0547 0x03e8 usbccgp - ok
10:12:36.0563 0x03e8 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:12:36.0563 0x03e8 usbehci - ok
10:12:36.0594 0x03e8 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:12:36.0594 0x03e8 usbhub - ok
10:12:36.0625 0x03e8 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:12:36.0625 0x03e8 usbohci - ok
10:12:36.0657 0x03e8 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:12:36.0657 0x03e8 usbprint - ok
10:12:36.0657 0x03e8 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:12:36.0657 0x03e8 usbscan - ok
10:12:36.0688 0x03e8 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:12:36.0688 0x03e8 USBSTOR - ok
10:12:36.0719 0x03e8 [ 63BBFCA7F390F4C49ED4B96BFB1633E0, AEB89CF43376709CDD715D844E8CBB8F2BE24D39795F45F7C84F21962F3A52AB ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
10:12:36.0719 0x03e8 usbvideo - ok
10:12:36.0750 0x03e8 [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E, CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
10:12:36.0750 0x03e8 usb_rndisx - ok
10:12:36.0782 0x03e8 [ 45826DFB364133677B3C7ED01ED6BE1D, 0A9B51770BA69C73DB8FC81D50017E7CCF59DD05D3024D4C9F8CE03076CA8A7B ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
10:12:36.0797 0x03e8 VBoxDrv - ok
10:12:36.0844 0x03e8 [ F8857EBB92B79D35CD04D8D71BA2FF04, 45BE62C04EF888A6D5C27444F05C8163A75F3DE3A869CAF2757D4FC9D1D401BA ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
10:12:36.0844 0x03e8 VBoxNetAdp - ok
10:12:36.0875 0x03e8 [ EBD7F7F3D1E444C7A51F1A677E5E5C83, C6D7D5A3EB3E58C898E55DF12AE99D0CB55E1F0E46B2227E78755EB288E2F835 ] VBoxNetFlt C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
10:12:36.0875 0x03e8 VBoxNetFlt - ok
10:12:36.0938 0x03e8 [ 9220698E8345687496BC12171CBD9387, 1C311501AC2B475682F6BB324C5B1B2085609DF94693490BD4F8BB71F8482920 ] VBoxUSB C:\WINDOWS\system32\Drivers\VBoxUSB.sys
10:12:36.0938 0x03e8 VBoxUSB - ok
10:12:37.0000 0x03e8 [ CE66AA98D12EC5F08E9F8201948CE054, AE1627740DB2DC11FFEE987BFEC9A96D0B2595BCF535BD06835748C6693D9482 ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
10:12:37.0000 0x03e8 VBoxUSBMon - ok
10:12:37.0016 0x03e8 [ 51750B0539986186C6931FC40D171521, 8288954D1393D8D3EEECDF79A73FB82E19B03B67022AFE9C20E99134E6E4C8BF ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys
10:12:37.0016 0x03e8 VComm - ok
10:12:37.0047 0x03e8 [ 6D9C891C0A761AFED1F3609C2E56F2B9, 53A528AB64CE5567C05194D006F066E8ABA572DCF305A42A5915EFE66A127BDA ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys
10:12:37.0047 0x03e8 VcommMgr - ok
10:12:37.0063 0x03e8 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:12:37.0063 0x03e8 VgaSave - ok
10:12:37.0079 0x03e8 ViaIde - ok
10:12:37.0125 0x03e8 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:12:37.0125 0x03e8 VolSnap - ok
10:12:37.0157 0x03e8 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
10:12:37.0172 0x03e8 VSS - ok
10:12:37.0204 0x03e8 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
10:12:37.0219 0x03e8 W32Time - ok
10:12:37.0235 0x03e8 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:12:37.0235 0x03e8 Wanarp - ok
10:12:37.0282 0x03e8 [ 46A247F6617526AFE38B6F12F5512120, 24931910E3D678829A7A6CF1140CFE428E05057A4D3A14086ED66B884E847D2D ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
10:12:37.0282 0x03e8 wceusbsh - ok
10:12:37.0500 0x03e8 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:12:37.0688 0x03e8 Wdf01000 - ok
10:12:37.0704 0x03e8 WDICA - ok
10:12:37.0719 0x03e8 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:12:37.0719 0x03e8 wdmaud - ok
10:12:37.0766 0x03e8 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:12:37.0766 0x03e8 WebClient - ok
10:12:37.0844 0x03e8 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:12:37.0844 0x03e8 winmgmt - ok
10:12:37.0922 0x03e8 [ 4D34CEDD74BDBF2B6A935EAE3BF80543, 217D4B405C2F7F429D2633ABC75B35BC4B1271EF4B7D779048CF82C2575A54FC ] WinRM C:\WINDOWS\system32\WsmSvc.dll
10:12:37.0969 0x03e8 WinRM - ok
10:12:38.0016 0x03e8 [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:12:38.0016 0x03e8 WinUSB - ok
10:12:38.0047 0x03e8 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:12:38.0063 0x03e8 WmdmPmSN - ok
10:12:38.0125 0x03e8 [ 0171CFF34BBA8C5977F18C48D8AEF8C6, 0E3E04220157CCFB92F8D029805EB56D101C2A3AB3375354537FA9B5B3CAA0AD ] Wmi C:\WINDOWS\System32\advapi32.dll
10:12:38.0157 0x03e8 Wmi - ok
10:12:38.0172 0x03e8 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:12:38.0188 0x03e8 WmiApSrv - ok
10:12:38.0204 0x03e8 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:12:38.0204 0x03e8 WpdUsb - ok
10:12:38.0516 0x03e8 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:12:38.0532 0x03e8 WPFFontCache_v0400 - ok
10:12:38.0579 0x03e8 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:12:38.0579 0x03e8 WS2IFSL - ok
10:12:38.0625 0x03e8 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:12:38.0625 0x03e8 wscsvc - ok
10:12:38.0657 0x03e8 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:12:38.0657 0x03e8 WSTCODEC - ok
10:12:38.0688 0x03e8 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:12:38.0688 0x03e8 wuauserv - ok
10:12:38.0735 0x03e8 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:12:38.0735 0x03e8 WudfPf - ok
10:12:38.0766 0x03e8 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:12:38.0766 0x03e8 WudfRd - ok
10:12:38.0797 0x03e8 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:12:38.0813 0x03e8 WudfSvc - ok
10:12:38.0860 0x03e8 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:12:38.0891 0x03e8 WZCSVC - ok
10:12:38.0922 0x03e8 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:12:38.0922 0x03e8 xmlprov - ok
10:12:38.0969 0x03e8 [ 5A15AE65A63A760255E6F29C01761FD1, B16B2DF838FE426806A3D9E6725FF8C090942F000E152CACA1E723375BF945BD ] xTouch C:\WINDOWS\system32\DRIVERS\xtouch.sys
10:12:38.0969 0x03e8 xTouch - ok
10:12:38.0985 0x03e8 ================ Scan global ===============================
10:12:39.0016 0x03e8 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
10:12:39.0079 0x03e8 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
10:12:39.0094 0x03e8 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
10:12:39.0110 0x03e8 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
10:12:39.0110 0x03e8 [ Global ] - ok
10:12:39.0110 0x03e8 ================ Scan MBR ==================================
10:12:39.0141 0x03e8 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
10:12:39.0282 0x03e8 \Device\Harddisk0\DR0 - ok
10:12:39.0282 0x03e8 ================ Scan VBR ==================================
10:12:39.0282 0x03e8 [ B34E1B1E9DCB445E4E91CF013D915753 ] \Device\Harddisk0\DR0\Partition1
10:12:39.0282 0x03e8 \Device\Harddisk0\DR0\Partition1 - ok
10:12:39.0329 0x03e8 [ A797CCE097F5D472EF8E46116BFB5648 ] \Device\Harddisk0\DR0\Partition2
10:12:39.0360 0x03e8 \Device\Harddisk0\DR0\Partition2 - ok
10:12:39.0360 0x03e8 Waiting for KSN requests completion. In queue: 244
10:12:40.0360 0x03e8 Waiting for KSN requests completion. In queue: 244
10:12:41.0360 0x03e8 Waiting for KSN requests completion. In queue: 244
10:12:42.0407 0x03e8 AV detected via SS1: Spyware Doctor with AntiVirus, , disabled, updated
10:12:42.0407 0x03e8 AV detected via SS1: avast! Antivirus, 5.0.150996950, enabled, updated
10:12:42.0407 0x03e8 AV detected via SS1: ESET Smart Security 5.0, 5.0, disabled, updated
10:12:42.0407 0x03e8 FW detected via SS1: ESET Personal firewall, 5.0.84.0, disabled
10:12:42.0407 0x03e8 Win FW state via NFM: enabled
10:12:45.0094 0x03e8 ============================================================
10:12:45.0094 0x03e8 Scan finished
10:12:45.0094 0x03e8 ============================================================
10:12:45.0110 0x0bb0 Detected object count: 0
10:12:45.0110 0x0bb0 Actual detected object count: 0
10:13:12.0657 0x09b0 Deinitialize success

[jaro3]

10:12:42.0407 0x03e8 AV detected via SS1: Spyware Doctor with AntiVirus, , disabled, updated
10:12:42.0407 0x03e8 AV detected via SS1: avast! Antivirus, 5.0.150996950, enabled, updated
10:12:42.0407 0x03e8 AV detected via SS1: ESET Smart Security 5.0, 5.0, disabled, updated
10:12:42.0407 0x03e8 FW detected via SS1: ESET Personal firewall, 5.0.84.0, disabled

Máš mít jen jeden antivir a antispyware! Ostatní odinstaluj.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[hadic]

Omlouvám se za delší nečinnost!

Antiviry jsou už dáávno odinstalovaný, nechápu proč to detekuje tyhle čtyři programy. Nejen že nejsou spuštěný, ale měly by být i odinstalovaný.

Zde je log z Combofixu (ani teď weby nefungují):

ComboFix 13-12-17.02 - já 17.12.2013 23:39:09.7.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1367 [GMT 1:00]
Spuštěný z: c:\documents and settings\jß\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: ESET Smart Security 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\d.ini
c:\windows\daemon.dll
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\system32\_000015_.tmp.dll
c:\windows\system32\drivers\hwinterface.sys
c:\windows\system32\perfc6573.dat
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_hwinterface
-------\Service_hwinterface
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-17 do 2013-12-17 )))))))))))))))))))))))))))))))
.
.
2013-12-15 20:42 . 2013-12-15 20:42 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\Google
2013-12-10 22:43 . 2013-12-17 14:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\boost_interprocess
2013-12-10 21:17 . 2013-12-10 21:17 -------- d-----w- c:\windows\ERUNT
2013-12-10 15:47 . 2013-12-10 20:30 -------- d-----w- C:\AdwCleaner
2013-12-09 07:24 . 2013-12-09 07:24 -------- d-----w- C:\RAAL
2013-12-08 10:33 . 2013-12-17 15:52 -------- d-----w- c:\documents and settings\já\Data aplikací\Bytecoin
2013-12-03 07:01 . 2013-12-17 00:02 -------- d-----w- c:\documents and settings\já\Data aplikací\Infinitecoin
2013-12-03 00:22 . 2013-12-17 22:00 -------- d-----w- c:\documents and settings\já\Data aplikací\Colossuscoin
2013-12-01 13:12 . 2013-12-01 13:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Motorola
2013-11-28 09:21 . 2013-11-28 09:21 -------- d-----w- c:\program files\Motorola
2013-11-28 09:21 . 2013-11-28 09:21 -------- d-----w- c:\documents and settings\já\Data aplikací\Motorola Mobility
2013-11-28 09:20 . 2009-12-21 14:42 15616 ----a-w- c:\windows\system32\mot_ci.dll
2013-11-28 09:20 . 2013-11-28 09:21 -------- d-----w- c:\program files\Common Files\Motorola Shared
2013-11-28 09:18 . 2013-11-28 09:18 -------- d-----w- c:\documents and settings\já\Data aplikací\Motorola
2013-11-20 07:53 . 2013-11-20 07:53 -------- d-----w- c:\program files\LinuxLive USB Creator
2013-11-19 19:44 . 2013-11-19 19:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\BlueStacksSetup
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 14:17 . 2013-07-12 11:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 14:17 . 2011-12-28 22:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 19:20 . 2013-10-28 19:20 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-09-30 15:53 . 2013-06-02 08:50 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-09-30 15:53 . 2013-06-02 08:50 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-09-30 15:53 . 2013-06-02 08:50 479232 ----a-w- c:\windows\system32\msvcm80.dll
2005-10-12 14:04 . 2005-10-12 14:04 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"WhatPulse"="c:\program files\WhatPulse\WhatPulse.exe" [2009-04-08 2814976]
"cfweatherStation"="c:\weather\Weather.exe" [2009-08-17 1189376]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-08-25 545552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"snpstd3"="c:\windows\vsnpstd3.exe" [2004-07-30 286720]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"wmagent.exe"="c:\program files\WebMoney Agent\wmagent.exe" [2009-10-19 210400]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"ClearTKHandle"="c:\program files\TouchKit\ClearTKHandle.exe" [2007-06-12 118784]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-02 1987976]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"PMBVolumeWatcher"="c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2013-04-24 740888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\já\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\já\Data aplikací\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Documents and Settings\\já\\Plocha\\Já\\qipinfium9000\\infium.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WebMoney\\WebMoney.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Documents and Settings\\já\\Plocha\\QIP Infium bz™Pack\\inf.exe"=
"c:\\Games\\Transport Tycoon Deluxe for Windows\\TTDLOADW.OVL"=
"c:\\Documents and Settings\\já\\Plocha\\Transport-Tycoon-Deluxe-Win-OpenTTD-0.7.2\\openttd.exe"=
"c:\\Documents and Settings\\já\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\FileZilla FTP Client\\filezilla.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\3DO\\Heroes of Might and Magic IV\\heroes4c.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\sm-ssc\\Program\\StepMania.exe"=
"c:\\Program Files\\sm-ssc\\Program\\StepMania-SSE2.exe"=
"c:\\Program Files\\Attractel\\Zoiper\\Zoiper.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Já\\chmatakov15.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Bitcoin\\bitcoin-qt.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Já\\SkypePortable\\App\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\já\\Plocha\\COL-1.5.1-release\\ColossusCoin-qt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Infinitecoin\\infinitecoind.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Infinitecoin\\infinitecoin-qt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Bytecoin-0.8.1.1\\bytecoin-qt.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4736:TCP"= 4736:TCP:pekzbf
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [13.1.2010 22:57 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [13.1.2010 22:57 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.3.2009 21:07 691696]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [8.2.2011 20:26 158736]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [8.2.2011 20:26 42960]
R2 DeviceFinderService;DeviceFinderService;c:\program files\Sony\PlayMemories Home\dfs.exe [24.4.2013 4:31 149528]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2.2.2012 13:22 1373576]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 18:07 35088]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [24.4.2013 4:30 483864]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [18.8.2013 11:10 5087584]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [11.3.2010 10:17 25088]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [18.1.2011 17:43 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [18.1.2011 17:43 120208]
R3 xTouch;xTouch;c:\windows\system32\drivers\xTouch.sys [28.7.2009 9:38 103936]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET Smart Security\ekrn.exe" --> c:\program files\ESET\ESET Smart Security\ekrn.exe [?]
S2 gupdate1ca0b59fbbe09ff;Služba Google Update (gupdate1ca0b59fbbe09ff);c:\program files\Google\Update\GoogleUpdate.exe [18.6.2010 22:10 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\J1EA6~1\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\J1EA6~1\LOCALS~1\Temp\ALSysIO.sys [?]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [28.6.2011 7:13 101904]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys --> c:\windows\system32\DRIVERS\motfilt.sys [?]
S3 ecntc;ecntc;\??\c:\windows\system32\03.tmp --> c:\windows\system32\03.tmp [?]
S3 EGXFilter;EGXFilter;c:\windows\system32\drivers\EGXFilter.sys [28.7.2009 9:38 120960]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys --> c:\windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys --> c:\windows\system32\Drivers\motoandroid.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys --> c:\windows\system32\DRIVERS\motodrv.sys [?]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys --> c:\windows\system32\DRIVERS\Motousbnet.sys [?]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys --> c:\windows\system32\DRIVERS\motusbdevice.sys [?]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [21.8.2009 14:45 19020]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [10.5.2012 14:10 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [10.5.2012 14:10 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [10.5.2012 14:10 121576]
S3 SureThing Labelflash service;SureThing Labelflash service;c:\program files\Common Files\SureThing Shared\stllssvr.exe [14.5.2011 15:47 74392]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [8.2.2011 20:26 31888]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
xhzczud
rsoups
ichvu
vzrfd
ppsuxqspa
plqkxxjn
gjdbqjta
ugmwoi
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 16:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12 14:17]
.
2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 21:10]
.
2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 21:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;192.168.*.*
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.144.143.254 82.144.143.1
FF - ProfilePath - c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: network.proxy.ftp - 165.193.102.220
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - 188.92.240.246
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.socks - 165.193.102.220
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 165.193.102.220
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-12-02 17:33; iweb2x@sciweavers.org; c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\extensions\iweb2x@sciweavers.org.xpi
FF - ExtSQL: 2013-12-02 18:04; save-as-pdf-ff@pdfcrowd.com; c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\extensions\save-as-pdf-ff@pdfcrowd.com.xpi
FF - ExtSQL: !HIDDEN! 2011-04-22 08:45; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-nwiz - nwiz.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Heroes of Might and Magic IV - c:\windows\IsUn0405.exe
AddRemove-Streamripper - c:\program files\Winamp\streamripper\Uninstall.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-17 23:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ecntc]
"ImagePath"="\??\c:\windows\system32\03.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B27D71D-66C2-6585-4DB4-8B782FF846FC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{84551BE5-5511-116C-3C4F-3FD495A026A0}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jaiakmkanmmgdofjokmb"=hex:62,61,6d,63,00,00
"jaiakmkanmmgdofjokac"=hex:62,61,68,64,00,00
"iaiboochabpkgbdgoa"=hex:6b,61,70,63,69,61,6d,6a,64,63,66,70,6b,66,68,6e,61,6a,
6d,63,66,61,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1796)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(2724)
c:\program files\TeamViewer\Version8\tv_w32.dll
c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\program files\Google\Drive\Microsoft.VC90.CRT\MSVCP90.dll
c:\program files\Google\Drive\Microsoft.VC90.CRT\MSVCR90.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\lkcitdl.exe
c:\windows\RTHDCPL.EXE
c:\documents and settings\já\Data aplikací\Dropbox\bin\Dropbox.exe
c:\progra~1\MICROS~3\rapimgr.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\program files\Common Files\Protexis\License Service\PSIService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
c:\program files\TeamViewer\Version8\TeamViewer.exe
c:\windows\system32\wscntfy.exe
c:\program files\TeamViewer\Version8\tv_w32.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Celkový čas: 2013-12-18 00:03:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-17 23:03
ComboFix2.txt 2009-10-29 12:30
ComboFix3.txt 2009-10-28 21:49
ComboFix4.txt 2009-10-26 21:42
ComboFix5.txt 2013-12-17 22:28
.
Před spuštěním: Volných bajtů: 22 235 541 504
Po spuštění: Volných bajtů: 22 339 448 832
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 23F433EBD72AEB408FD22D487B5840EB
413FC2A0C716421B3158746D63736515

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
SecCenter::
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

File::
c:\windows\system32\aswBoot.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Google\Update
c:\program files\Skype\Updater

Driver::
gupdate1ca0b59fbbe09ff
SkypeUpdate
ALSysIO
BTCFilterService
ecntc
HTCAND32
motandroidusb
motccgp
motccgpfl
MotDev
Motousbnet
motusbdevice
SetupNTGLM7X
xhzczud
ppsuxqspa
plqkxxjn
gjdbqjta
ugmwoi

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4736:TCP"=-

NetSvcs::
xhzczud
ppsuxqspa
plqkxxjn
gjdbqjta
ugmwoi

RegLock::
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B27D71D-66C2-6585-4DB4-8B782FF846FC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{84551BE5-5511-116C-3C4F-3FD495A026A0}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jaiakmkanmmgdofjokmb"=hex:62,61,6d,63,00,00
"jaiakmkanmmgdofjokac"=hex:62,61,68,64,00,00
"iaiboochabpkgbdgoa"=hex:6b,61,70,63,69,61,6d,6a,64,63,66,70,6b,66,68,6e,61,6a,
 6d,63,66,61,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

C:\RAAL tu složku znáš?

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\03.tmp"

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

FF - prefs.js: network.proxy.ftp - 165.193.102.220
FF - prefs.js: network.proxy.gopher - 188.92.240.246
FF - prefs.js: network.proxy.socks - 165.193.102.220
FF - prefs.js: network.proxy.ssl - 165.193.102.220

Ty IP adresy znáš?

[hadic]

Složku RAAL znám, to je od programu raaltrans. Ty IP ale ne, ani podle whois mi nejsou povědomý, takže to je nějakej šmejd. aswMBR stáhnu zítra, už na to nemám dnes sílu, a 03.tmp už asi nikde v PC není. Hledal jsem to ručně ve složce system32 a i přes funkci hledat na celým disku a nic.

ComboFix 13-12-17.02 - já 21.12.2013 22:57:54.8.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1355 [GMT 1:00]
Spuštěný z: c:\documents and settings\já\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\já\Plocha\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
FILE ::
"c:\windows\system32\aswBoot.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.22.3\goopdate.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_am.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_da.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_de.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_el.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_en.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_es.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_et.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_id.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_is.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_it.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_no.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_te.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_th.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.22.3\psmachine.dll
c:\program files\Google\Update\1.3.22.3\psuser.dll
c:\program files\Google\Update\Download\{342F0D43-D89F-4CCB-A297-6E93B5383B97}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.2.2041\GoogleEarth-Win-Bundle-7.1.2.2041.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ALSYSIO
-------\Legacy_GUPDATE1CA0B59FBBE09FF
-------\Legacy_SETUPNTGLM7X
-------\Legacy_SKYPEUPDATE
-------\Service_ALSysIO
-------\Service_BTCFilterService
-------\Service_ecntc
-------\Service_gupdate1ca0b59fbbe09ff
-------\Service_HTCAND32
-------\Service_motandroidusb
-------\Service_motccgp
-------\Service_motccgpfl
-------\Service_MotDev
-------\Service_Motousbnet
-------\Service_motusbdevice
-------\Service_SetupNTGLM7X
-------\Service_SkypeUpdate
-------\Service_gupdatem
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-21 do 2013-12-21 )))))))))))))))))))))))))))))))
.
.
2013-12-15 20:42 . 2013-12-15 20:42 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\Google
2013-12-10 22:43 . 2013-12-21 21:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\boost_interprocess
2013-12-10 21:17 . 2013-12-10 21:17 -------- d-----w- c:\windows\ERUNT
2013-12-10 15:47 . 2013-12-10 20:30 -------- d-----w- C:\AdwCleaner
2013-12-09 07:24 . 2013-12-09 07:24 -------- d-----w- C:\RAAL
2013-12-08 10:33 . 2013-12-21 02:33 -------- d-----w- c:\documents and settings\já\Data aplikací\Bytecoin
2013-12-03 07:01 . 2013-12-21 03:22 -------- d-----w- c:\documents and settings\já\Data aplikací\Infinitecoin
2013-12-03 00:22 . 2013-12-21 21:43 -------- d-----w- c:\documents and settings\já\Data aplikací\Colossuscoin
2013-12-01 13:12 . 2013-12-01 13:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Motorola
2013-11-28 09:21 . 2013-11-28 09:21 -------- d-----w- c:\program files\Motorola
2013-11-28 09:21 . 2013-11-28 09:21 -------- d-----w- c:\documents and settings\já\Data aplikací\Motorola Mobility
2013-11-28 09:20 . 2009-12-21 14:42 15616 ----a-w- c:\windows\system32\mot_ci.dll
2013-11-28 09:20 . 2013-11-28 09:21 -------- d-----w- c:\program files\Common Files\Motorola Shared
2013-11-28 09:18 . 2013-11-28 09:18 -------- d-----w- c:\documents and settings\já\Data aplikací\Motorola
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 14:17 . 2013-07-12 11:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 14:17 . 2011-12-28 22:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 19:20 . 2013-10-28 19:20 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-09-30 15:53 . 2013-06-02 08:50 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-09-30 15:53 . 2013-06-02 08:50 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-09-30 15:53 . 2013-06-02 08:50 479232 ----a-w- c:\windows\system32\msvcm80.dll
2005-10-12 14:04 . 2005-10-12 14:04 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"WhatPulse"="c:\program files\WhatPulse\WhatPulse.exe" [2009-04-08 2814976]
"cfweatherStation"="c:\weather\Weather.exe" [2009-08-17 1189376]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-08-25 545552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"snpstd3"="c:\windows\vsnpstd3.exe" [2004-07-30 286720]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"wmagent.exe"="c:\program files\WebMoney Agent\wmagent.exe" [2009-10-19 210400]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"ClearTKHandle"="c:\program files\TouchKit\ClearTKHandle.exe" [2007-06-12 118784]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-02 1987976]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"PMBVolumeWatcher"="c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2013-04-24 740888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\já\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\já\Data aplikací\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Documents and Settings\\já\\Plocha\\Já\\qipinfium9000\\infium.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WebMoney\\WebMoney.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Documents and Settings\\já\\Plocha\\QIP Infium bz™Pack\\inf.exe"=
"c:\\Games\\Transport Tycoon Deluxe for Windows\\TTDLOADW.OVL"=
"c:\\Documents and Settings\\já\\Plocha\\Transport-Tycoon-Deluxe-Win-OpenTTD-0.7.2\\openttd.exe"=
"c:\\Documents and Settings\\já\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\FileZilla FTP Client\\filezilla.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\3DO\\Heroes of Might and Magic IV\\heroes4c.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\sm-ssc\\Program\\StepMania.exe"=
"c:\\Program Files\\sm-ssc\\Program\\StepMania-SSE2.exe"=
"c:\\Program Files\\Attractel\\Zoiper\\Zoiper.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Já\\chmatakov15.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Bitcoin\\bitcoin-qt.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Já\\SkypePortable\\App\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\já\\Plocha\\COL-1.5.1-release\\ColossusCoin-qt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Infinitecoin\\infinitecoind.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Infinitecoin\\infinitecoin-qt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Bytecoin-0.8.1.1\\bytecoin-qt.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [13.1.2010 22:57 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [13.1.2010 22:57 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.3.2009 21:07 691696]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [8.2.2011 20:26 158736]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [8.2.2011 20:26 42960]
R2 DeviceFinderService;DeviceFinderService;c:\program files\Sony\PlayMemories Home\dfs.exe [24.4.2013 4:31 149528]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2.2.2012 13:22 1373576]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 18:07 35088]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [24.4.2013 4:30 483864]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [18.8.2013 11:10 5087584]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [11.3.2010 10:17 25088]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [18.1.2011 17:43 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [18.1.2011 17:43 120208]
R3 xTouch;xTouch;c:\windows\system32\drivers\xTouch.sys [28.7.2009 9:38 103936]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET Smart Security\ekrn.exe" --> c:\program files\ESET\ESET Smart Security\ekrn.exe [?]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [28.6.2011 7:13 101904]
S3 EGXFilter;EGXFilter;c:\windows\system32\drivers\EGXFilter.sys [28.7.2009 9:38 120960]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [21.8.2009 14:45 19020]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [10.5.2012 14:10 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [10.5.2012 14:10 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [10.5.2012 14:10 121576]
S3 SureThing Labelflash service;SureThing Labelflash service;c:\program files\Common Files\SureThing Shared\stllssvr.exe [14.5.2011 15:47 74392]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [8.2.2011 20:26 31888]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
rsoups
ichvu
vzrfd
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 16:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12 14:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;192.168.*.*
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.144.143.254 82.144.143.1
FF - ProfilePath - c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: network.proxy.ftp - 165.193.102.220
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - 188.92.240.246
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.socks - 165.193.102.220
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 165.193.102.220
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-12-02 17:33; iweb2x@sciweavers.org; c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\extensions\iweb2x@sciweavers.org.xpi
FF - ExtSQL: 2013-12-02 18:04; save-as-pdf-ff@pdfcrowd.com; c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\extensions\save-as-pdf-ff@pdfcrowd.com.xpi
FF - ExtSQL: !HIDDEN! 2011-04-22 08:45; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-21 23:20
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B27D71D-66C2-6585-4DB4-8B782FF846FC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{84551BE5-5511-116C-3C4F-3FD495A026A0}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jaiakmkanmmgdofjokmb"=hex:62,61,6d,63,00,00
"jaiakmkanmmgdofjokac"=hex:62,61,68,64,00,00
"iaiboochabpkgbdgoa"=hex:6b,61,70,63,69,61,6d,6a,64,63,66,70,6b,66,68,6e,61,6a,
6d,63,66,61,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1796)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3724)
c:\program files\TeamViewer\Version8\tv_w32.dll
c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\program files\Google\Drive\Microsoft.VC90.CRT\MSVCP90.dll
c:\program files\Google\Drive\Microsoft.VC90.CRT\MSVCR90.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\program files\Common Files\Protexis\License Service\PSIService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\RTHDCPL.EXE
c:\progra~1\MICROS~3\rapimgr.exe
c:\documents and settings\já\Data aplikací\Dropbox\bin\Dropbox.exe
c:\program files\TeamViewer\Version8\TeamViewer.exe
c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\TeamViewer\Version8\tv_w32.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Celkový čas: 2013-12-21 23:27:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-21 22:27
ComboFix2.txt 2013-12-17 23:03
ComboFix3.txt 2009-10-29 12:30
ComboFix4.txt 2009-10-28 21:49
ComboFix5.txt 2013-12-21 21:55
.
Před spuštěním: Volných bajtů: 21 864 005 632
Po spuštění: Volných bajtů: 21 735 456 768
.
- - End Of File - - 18FF2FB8EE42A531A8793F4D2C70665B
413FC2A0C716421B3158746D63736515

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
Driver::
rsoups
ichvu
vzrfd

NetSvcs::
rsoups
ichvu
vzrfd

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"=-

DDS::
uInternet Settings,ProxyOverride = *.local;192.168.*.*

Firefox::
FF - ProfilePath - c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: network.proxy.ftp - 165.193.102.220
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - 188.92.240.246
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.socks - 165.193.102.220
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 165.193.102.220
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-12-02 17:33; iweb2x@sciweavers.org; c:\documents and settings\já\Data aplikacÃÂ\Mozilla\Firefox\Profiles\0fpnruwx.default\extensions\iweb2x@sciweavers.org.xpi
FF - ExtSQL: 2013-12-02 18:04; save-as-pdf-ff@pdfcrowd.com; c:\documents and settings\já\Data aplikacÃÂ\Mozilla\Firefox\Profiles\0fpnruwx.default\extensions\save-as-pdf-ff@pdfcrowd.com.xpi

RegLock::
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B27D71D-66C2-6585-4DB4-8B782FF846FC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{84551BE5-5511-116C-3C4F-3FD495A026A0}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jaiakmkanmmgdofjokmb"=hex:62,61,6d,63,00,00
"jaiakmkanmmgdofjokac"=hex:62,61,68,64,00,00
"iaiboochabpkgbdgoa"=hex:6b,61,70,63,69,61,6d,6a,64,63,66,70,6b,66,68,6e,61,6a,
 6d,63,66,61,00,00


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

+
aswMBR.

[hadic]

Zatím weby stále nefungují :(

ComboFix 13-12-17.02 - já 26.12.2013 11:05:22.9.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1307 [GMT 1:00]
Spuštěný z: c:\documents and settings\jß\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\jß\Plocha\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-26 do 2013-12-26 )))))))))))))))))))))))))))))))
.
.
2013-12-15 20:42 . 2013-12-15 20:42 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\Google
2013-12-10 22:43 . 2013-12-21 21:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\boost_interprocess
2013-12-10 21:17 . 2013-12-10 21:17 -------- d-----w- c:\windows\ERUNT
2013-12-10 15:47 . 2013-12-10 20:30 -------- d-----w- C:\AdwCleaner
2013-12-09 07:24 . 2013-12-09 07:24 -------- d-----w- C:\RAAL
2013-12-08 10:33 . 2013-12-21 02:33 -------- d-----w- c:\documents and settings\já\Data aplikací\Bytecoin
2013-12-03 07:01 . 2013-12-21 03:22 -------- d-----w- c:\documents and settings\já\Data aplikací\Infinitecoin
2013-12-03 00:22 . 2013-12-21 21:43 -------- d-----w- c:\documents and settings\já\Data aplikací\Colossuscoin
2013-12-01 13:12 . 2013-12-01 13:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Motorola
2013-11-28 09:21 . 2013-11-28 09:21 -------- d-----w- c:\program files\Motorola
2013-11-28 09:21 . 2013-11-28 09:21 -------- d-----w- c:\documents and settings\já\Data aplikací\Motorola Mobility
2013-11-28 09:20 . 2009-12-21 14:42 15616 ----a-w- c:\windows\system32\mot_ci.dll
2013-11-28 09:20 . 2013-11-28 09:21 -------- d-----w- c:\program files\Common Files\Motorola Shared
2013-11-28 09:18 . 2013-11-28 09:18 -------- d-----w- c:\documents and settings\já\Data aplikací\Motorola
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 14:17 . 2013-07-12 11:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 14:17 . 2011-12-28 22:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 19:20 . 2013-10-28 19:20 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-09-30 15:53 . 2013-06-02 08:50 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-09-30 15:53 . 2013-06-02 08:50 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-09-30 15:53 . 2013-06-02 08:50 479232 ----a-w- c:\windows\system32\msvcm80.dll
2005-10-12 14:04 . 2005-10-12 14:04 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"WhatPulse"="c:\program files\WhatPulse\WhatPulse.exe" [2009-04-08 2814976]
"cfweatherStation"="c:\weather\Weather.exe" [2009-08-17 1189376]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-08-25 545552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"snpstd3"="c:\windows\vsnpstd3.exe" [2004-07-30 286720]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"wmagent.exe"="c:\program files\WebMoney Agent\wmagent.exe" [2009-10-19 210400]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"ClearTKHandle"="c:\program files\TouchKit\ClearTKHandle.exe" [2007-06-12 118784]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-02 1987976]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"PMBVolumeWatcher"="c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2013-04-24 740888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\já\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\já\Data aplikací\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Documents and Settings\\já\\Plocha\\Já\\qipinfium9000\\infium.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WebMoney\\WebMoney.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Documents and Settings\\já\\Plocha\\QIP Infium bz™Pack\\inf.exe"=
"c:\\Games\\Transport Tycoon Deluxe for Windows\\TTDLOADW.OVL"=
"c:\\Documents and Settings\\já\\Plocha\\Transport-Tycoon-Deluxe-Win-OpenTTD-0.7.2\\openttd.exe"=
"c:\\Documents and Settings\\já\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\FileZilla FTP Client\\filezilla.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\3DO\\Heroes of Might and Magic IV\\heroes4c.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\sm-ssc\\Program\\StepMania.exe"=
"c:\\Program Files\\sm-ssc\\Program\\StepMania-SSE2.exe"=
"c:\\Program Files\\Attractel\\Zoiper\\Zoiper.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Já\\chmatakov15.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Bitcoin\\bitcoin-qt.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Já\\SkypePortable\\App\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\já\\Plocha\\COL-1.5.1-release\\ColossusCoin-qt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Infinitecoin\\infinitecoind.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Infinitecoin\\infinitecoin-qt.exe"=
"c:\\Documents and Settings\\já\\Plocha\\Bytecoin-0.8.1.1\\bytecoin-qt.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [13.1.2010 22:57 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [13.1.2010 22:57 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.3.2009 21:07 691696]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [8.2.2011 20:26 158736]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [8.2.2011 20:26 42960]
R2 DeviceFinderService;DeviceFinderService;c:\program files\Sony\PlayMemories Home\dfs.exe [24.4.2013 4:31 149528]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2.2.2012 13:22 1373576]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 18:07 35088]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [24.4.2013 4:30 483864]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [18.8.2013 11:10 5087584]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [11.3.2010 10:17 25088]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [18.1.2011 17:43 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [18.1.2011 17:43 120208]
R3 xTouch;xTouch;c:\windows\system32\drivers\xTouch.sys [28.7.2009 9:38 103936]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET Smart Security\ekrn.exe" --> c:\program files\ESET\ESET Smart Security\ekrn.exe [?]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [28.6.2011 7:13 101904]
S3 EGXFilter;EGXFilter;c:\windows\system32\drivers\EGXFilter.sys [28.7.2009 9:38 120960]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [21.8.2009 14:45 19020]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [10.5.2012 14:10 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [10.5.2012 14:10 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [10.5.2012 14:10 121576]
S3 SureThing Labelflash service;SureThing Labelflash service;c:\program files\Common Files\SureThing Shared\stllssvr.exe [14.5.2011 15:47 74392]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [8.2.2011 20:26 31888]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
rsoups
ichvu
vzrfd
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 16:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12 14:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;192.168.*.*
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.144.143.254 82.144.143.1
FF - ProfilePath - c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: network.proxy.ftp - 165.193.102.220
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - 188.92.240.246
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.socks - 165.193.102.220
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 165.193.102.220
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-12-02 17:33; iweb2x@sciweavers.org; c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\extensions\iweb2x@sciweavers.org.xpi
FF - ExtSQL: 2013-12-02 18:04; save-as-pdf-ff@pdfcrowd.com; c:\documents and settings\já\Data aplikací\Mozilla\Firefox\Profiles\0fpnruwx.default\extensions\save-as-pdf-ff@pdfcrowd.com.xpi
FF - ExtSQL: !HIDDEN! 2011-04-22 08:45; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-26 11:21
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0B27D71D-66C2-6585-4DB4-8B782FF846FC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1993962763-1708537768-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{84551BE5-5511-116C-3C4F-3FD495A026A0}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jaiakmkanmmgdofjokmb"=hex:62,61,6d,63,00,00
"jaiakmkanmmgdofjokac"=hex:62,61,68,64,00,00
"iaiboochabpkgbdgoa"=hex:6b,61,70,63,69,61,6d,6a,64,63,66,70,6b,66,68,6e,61,6a,
6d,63,66,61,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1792)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(992)
c:\program files\TeamViewer\Version8\tv_w32.dll
c:\documents and settings\já\Data aplikací\Dropbox\bin\DropboxExt.19.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\program files\Google\Drive\Microsoft.VC90.CRT\MSVCP90.dll
c:\program files\Google\Drive\Microsoft.VC90.CRT\MSVCR90.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-12-26 11:24:52
ComboFix-quarantined-files.txt 2013-12-26 10:24
ComboFix2.txt 2013-12-21 22:27
ComboFix3.txt 2013-12-17 23:03
ComboFix4.txt 2009-10-29 12:30
ComboFix5.txt 2013-12-26 10:02
.
Před spuštěním: Volných bajtů: 22 134 829 056
Po spuštění: Volných bajtů: 22 111 825 920
.
- - End Of File - - 53706EE553384EFA6FDDAC07CA08D686
413FC2A0C716421B3158746D63736515


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-26 11:27:45
-----------------------------
11:27:45.218 OS Version: Windows 5.1.2600 Service Pack 3
11:27:45.218 Number of processors: 2 586 0x6B02
11:27:45.218 ComputerName: FILIP UserName: já
11:27:47.062 Initialize success
11:28:34.015 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-10
11:28:34.030 Disk 0 Vendor: WDC_WD2500AAJS-00VWA0 12.01B02 Size: 238475MB BusType: 3
11:28:34.030 Device \Driver\atapi -> MajorFunction 8a44e7b8
11:28:34.030 Disk 0 MBR read successfully
11:28:34.046 Disk 0 MBR scan
11:28:34.046 Disk 0 Windows XP default MBR code
11:28:34.046 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 220399 MB offset 63
11:28:34.046 Disk 0 Partition - 00 0F Extended LBA 18073 MB offset 451378305
11:28:34.062 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 18073 MB offset 451378368
11:28:34.077 Disk 0 scanning sectors +488392065
11:28:34.140 Disk 0 scanning C:\WINDOWS\system32\drivers
11:28:49.140 Service scanning
11:28:52.640 Service GMSIPCI D:\INSTALL\GMSIPCI.SYS **LOCKED** 21
11:28:56.390 Service MSICPL D:\install4\MSICPL.sys **LOCKED** 21
11:28:57.374 Service NTACCESS D:\NTACCESS.sys **LOCKED** 21
11:29:00.140 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
11:29:03.874 Modules scanning
11:29:10.062 Disk 0 trace - called modules:
11:29:10.077 ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8a44e7b8]<<
11:29:10.077 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a929ab8]
11:29:10.077 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> \Device\00000089[0x8a9d08a8]
11:29:10.093 5 ACPI.sys[b7e4e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-10[0x8a8f3940]
11:29:10.093 \Driver\atapi[0x8a92d030] -> IRP_MJ_CREATE -> 0x8a44e7b8
11:29:10.093 Scan finished successfully
11:29:21.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\já\Plocha\MBR.dat"
11:29:21.843 The log file has been saved successfully to "C:\Documents and Settings\já\Plocha\aswMBR.txt"

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:27, on 26.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\WebMoney Agent\wmagent.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sony\PlayMemories Home\dfs.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\já\Plocha\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [wmagent.exe] "C:\Program Files\WebMoney Agent\wmagent.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ClearTKHandle] C:\Program Files\TouchKit\ClearTKHandle.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [cfweatherStation] C:\Weather\Weather.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DeviceFinderService - Unknown owner - C:\Program Files\Sony\PlayMemories Home\dfs.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 11239 bytes

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.