PC-HELP.CZ

Dobry den, po kliknuti na jakekoliv misto na internetove strance mi vyskoci nove okno s nejakou reklamou.
Prosim o kontrolu logu. Dekuji


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:01, on 25.1.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 7150 bytes

Odinstaluj:
Ask Toolbar
Google toolbar

v logu fixni:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

nejde mi to v logu fixnout, vyskakuje na me okno ktere posilam v priloze. kdyz dam ano tak vyskoci dalsi okno ktere je taky v priloze

zkus klik pravým na spouštěcí soubor HJT a zvolit možnost Spustit jako správce

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.25.06

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Pavel :: PAVEL-PC [administrátor]

25.1.2013 16:51:27
MBAM-log-2013-01-25 (16-56-19).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 193910
Uplynulý čas: 4 minut, 10 sekund

Nalezené procesy v paměti: 1
C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.InstallBrain) -> 1784 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 9
HKCR\Typelib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 2
C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.

(konec)


# AdwCleaner v2.108 - Logfile created 01/25/2013 at 16:57:56
# Updated 24/01/2013 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : Pavel - PAVEL-PC
# Boot Mode : Normal
# Running from : C:\Users\Pavel\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : IBUpdaterService

***** [Files / Folders] *****

Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\file scout
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\Users\Pavel\AppData\Local\Conduit
Folder Found : C:\Users\Pavel\AppData\LocalLow\Conduit
Folder Found : C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\on87fu3y.default\extensions\crossriderapp2258@crossrider.com
Folder Found : C:\Users\Pavel\AppData\Roaming\PerformerSoft

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044224458}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Found : HKU\S-1-5-21-2855798801-2560433423-1982038742-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (cs)

File : C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\on87fu3y.default\prefs.js

Found : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1357153452);
Found : user_pref("extensions.crossriderapp2258.2258.active", true);
Found : user_pref("extensions.crossriderapp2258.2258.addressbar", "");
Found : user_pref("extensions.crossriderapp2258.2258.addressbarenhanced", "");
Found : user_pref("extensions.crossriderapp2258.2258.affid", "0");
Found : user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n\n//\n");
Found : user_pref("extensions.crossriderapp2258.2258.backgroundver", 19);
Found : user_pref("extensions.crossriderapp2258.2258.can_run_bg_code", true);
Found : user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");
Found : user_pref("extensions.crossriderapp2258.2258.changeprevious", false);
Found : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1357153452");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.value", "1357153452");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_blocklist.expiration", "Tue Jan 22 2013 19:[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.expiration", "Tue Jan 29 2013 [...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.value", "%22CZ%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.value", "1358879664");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_currenttime.value", "%221358875092%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.value", "%221%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installtime.value", "%221356061492%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.value", "%2214019%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pc_20120828.value", "1357156286418");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.value", "%2221%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.value", "%22126719%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.value", "1357156282637");
Found : user_pref("extensions.crossriderapp2258.2258.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie.lastrequest.value", "%7B%22path%22%3A%22/%22%2C%[...]
Found : user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");
Found : user_pref("extensions.crossriderapp2258.2258.domain", "");
Found : user_pref("extensions.crossriderapp2258.2258.emailsig", "");
Found : user_pref("extensions.crossriderapp2258.2258.enablesearch", false);
Found : user_pref("extensions.crossriderapp2258.2258.exposesites", "");
Found : user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");
Found : user_pref("extensions.crossriderapp2258.2258.group", 0);
Found : user_pref("extensions.crossriderapp2258.2258.homepage", "");
Found : user_pref("extensions.crossriderapp2258.2258.iframe", false);
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_appVer.value", "104");
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_lastVersion.value", "0");
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_meta.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_nextCheck.expiration", "Wed Jan 23[...]
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_nextCheck.value", "true");
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Found : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_queue.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp2258.2258.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Found : user_pref("extensions.crossriderapp2258.2258.manifesturl", "");
Found : user_pref("extensions.crossriderapp2258.2258.name", "I Want This");
Found : user_pref("extensions.crossriderapp2258.2258.newtab", "");
Found : user_pref("extensions.crossriderapp2258.2258.opensearch", "");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.ver", 12);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.code", "\"CH\"==appAPI.platform&[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.name", "GPL Background (BG)");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.ver", 7);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.name", "CrossriderAppUtils");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.ver", 2);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.name", "CrossriderUtils");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.ver", 2);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.name", "FacebookFFIE");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.ver", 1);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.name", "FFAppAPIWrapper");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.ver", 4);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.name", "jQuery");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.ver", 3);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.name", "resources_background");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.ver", 1);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.name", "appApiMessage");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.ver", 1);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.name", "appApiValidation");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.ver", 1);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.code", "if(typeof jQuery!==\"undefine[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.name", "CrossriderInfo");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.ver", 2);
Found : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_0", "14,78,16,64,47,72,1000015");
Found : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_1", "17,14,78,13,16,15,64,72,1000[...]
Found : user_pref("extensions.crossriderapp2258.2258.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Found : user_pref("extensions.crossriderapp2258.2258.pluginsversion", 29);
Found : user_pref("extensions.crossriderapp2258.2258.premium", true);
Found : user_pref("extensions.crossriderapp2258.2258.publisher", "215 Apps");
Found : user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);
Found : user_pref("extensions.crossriderapp2258.2258.setnewtab", false);
Found : user_pref("extensions.crossriderapp2258.2258.settingsurl", "");
Found : user_pref("extensions.crossriderapp2258.2258.thankyou", "hxxp://iw.antthis.com/thankyou.html");
Found : user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);
Found : user_pref("extensions.crossriderapp2258.2258.ver", 104);
Found : user_pref("extensions.crossriderapp2258.adsOldValue", -1);
Found : user_pref("extensions.crossriderapp2258.apps", "2258");
Found : user_pref("extensions.crossriderapp2258.bic", "13bfca641afba01d0a68af860622f72f");
Found : user_pref("extensions.crossriderapp2258.cid", 2258);
Found : user_pref("extensions.crossriderapp2258.firstrun", false);
Found : user_pref("extensions.crossriderapp2258.hadappinstalled", true);
Found : user_pref("extensions.crossriderapp2258.installationdate", 1357153452);
Found : user_pref("extensions.crossriderapp2258.lastcheck", 22647994);
Found : user_pref("extensions.crossriderapp2258.lastcheckitem", 22647995);
Found : user_pref("extensions.crossriderapp2258.misc.lastBgWorkerTimer", "1357155432915");
Found : user_pref("extensions.crossriderapp2258.misc.lastDomWorkerTimer", "1357155432913");
Found : user_pref("extensions.crossriderapp2258.modetype", "production");
Found : user_pref("extensions.enabledAddons", "%7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.0.3,crossriderap[...]

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\Pavel\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [15477 octets] - [25/01/2013 16:57:56]

########## EOF - C:\AdwCleaner[R1].txt - [15538 octets] ##########

V Mbam a AdwCleaneru nech vše smazat a dodej logy

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.25.06

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Pavel :: PAVEL-PC [administrátor]

25.1.2013 18:48:33
mbam-log-2013-01-25 (18-48-33).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 193684
Uplynulý čas: 3 minut, 52 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

# AdwCleaner v2.108 - Logfile created 01/25/2013 at 18:44:58
# Updated 24/01/2013 by Xplode
# Operating system : Windows 7 Ultimate (32 bits)
# User : Pavel - PAVEL-PC
# Boot Mode : Normal
# Running from : C:\Users\Pavel\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : IBUpdaterService

***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\file scout
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Users\Pavel\AppData\Local\Conduit
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\on87fu3y.default\extensions\crossriderapp2258@crossrider.com
Folder Deleted : C:\Users\Pavel\AppData\Roaming\PerformerSoft

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044224458}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (cs)

File : C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\on87fu3y.default\prefs.js

Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1357153452);
Deleted : user_pref("extensions.crossriderapp2258.2258.active", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.addressbar", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.addressbarenhanced", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.affid", "0");
Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n\n//\n");
Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundver", 19);
Deleted : user_pref("extensions.crossriderapp2258.2258.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1357153452");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.value", "1357153452");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_blocklist.expiration", "Tue Jan 22 2013 19:[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.expiration", "Tue Jan 29 2013 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.value", "%22CZ%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.value", "1358879664");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_currenttime.value", "%221358875092%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installtime.value", "%221356061492%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.value", "%2214019%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_pc_20120828.value", "1357156286418");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.value", "%2221%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.value", "%22126719%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.value", "1357156282637");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.lastrequest.value", "%7B%22path%22%3A%22/%22%2C%[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");
Deleted : user_pref("extensions.crossriderapp2258.2258.domain", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.emailsig", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.exposesites", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.group", 0);
Deleted : user_pref("extensions.crossriderapp2258.2258.homepage", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.iframe", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_appVer.value", "104");
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_nextCheck.expiration", "Wed Jan 23[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp2258.2258.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.name", "I Want This");
Deleted : user_pref("extensions.crossriderapp2258.2258.newtab", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.opensearch", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.ver", 12);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.code", "\"CH\"==appAPI.platform&[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.ver", 7);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.ver", 4);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.name", "appApiMessage");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.name", "appApiValidation");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.code", "if(typeof jQuery!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.name", "CrossriderInfo");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.ver", 2);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_0", "14,78,16,64,47,72,1000015");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_1", "17,14,78,13,16,15,64,72,1000[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.pluginsversion", 29);
Deleted : user_pref("extensions.crossriderapp2258.2258.premium", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp2258.2258.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.thankyou", "hxxp://iw.antthis.com/thankyou.html");
Deleted : user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp2258.2258.ver", 104);
Deleted : user_pref("extensions.crossriderapp2258.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp2258.apps", "2258");
Deleted : user_pref("extensions.crossriderapp2258.bic", "13bfca641afba01d0a68af860622f72f");
Deleted : user_pref("extensions.crossriderapp2258.cid", 2258);
Deleted : user_pref("extensions.crossriderapp2258.firstrun", false);
Deleted : user_pref("extensions.crossriderapp2258.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp2258.installationdate", 1357153452);
Deleted : user_pref("extensions.crossriderapp2258.lastcheck", 22647994);
Deleted : user_pref("extensions.crossriderapp2258.lastcheckitem", 22647995);
Deleted : user_pref("extensions.crossriderapp2258.misc.lastBgWorkerTimer", "1357155432915");
Deleted : user_pref("extensions.crossriderapp2258.misc.lastDomWorkerTimer", "1357155432913");
Deleted : user_pref("extensions.crossriderapp2258.modetype", "production");
Deleted : user_pref("extensions.enabledAddons", "%7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.0.3,crossriderap[...]

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\Pavel\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [15608 octets] - [25/01/2013 16:57:56]
AdwCleaner[R2].txt - [15669 octets] - [25/01/2013 18:44:42]
AdwCleaner[S1].txt - [15392 octets] - [25/01/2013 18:44:58]

########## EOF - C:\AdwCleaner[S1].txt - [15453 octets] ##########

ComboFix 12-07-25.04 - Pavel 29.01.2013 19:19:25.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.1789.1251 [GMT 1:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\roboot.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-29 )))))))))))))))))))))))))))))))
.
.
2013-01-29 18:26 . 2013-01-29 18:28 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2013-01-29 18:26 . 2013-01-29 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-29 14:15 . 2013-01-29 14:15 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59B15996-CF6D-4C8A-8AE4-7C91D0676B8C}\offreg.dll
2013-01-27 20:48 . 2013-01-27 20:48 -------- d-----w- c:\users\Pavel\AppData\Local\Adobe
2013-01-25 15:50 . 2013-01-25 15:50 -------- d-----w- c:\users\Pavel\AppData\Roaming\Malwarebytes
2013-01-25 15:50 . 2013-01-25 15:50 -------- d-----w- c:\programdata\Malwarebytes
2013-01-25 15:50 . 2013-01-25 15:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-25 15:50 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-25 15:49 . 2013-01-25 15:49 -------- d-----w- c:\users\Pavel\AppData\Local\Programs
2013-01-25 13:01 . 2013-01-25 13:01 388096 ----a-r- c:\users\Pavel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-25 13:01 . 2013-01-25 13:01 -------- d-----w- c:\program files\Trend Micro
2013-01-22 10:31 . 2013-01-22 10:31 25200 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2013-01-22 10:31 . 2013-01-22 10:31 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-01-22 10:31 . 2013-01-22 10:31 12400 ----a-w- c:\windows\system32\drivers\ggflt.sys
2013-01-22 10:30 . 2013-01-24 16:29 -------- d-----w- c:\programdata\Sony Ericsson
2013-01-22 10:25 . 2013-01-22 10:25 -------- d-----w- c:\programdata\Sony
2013-01-22 10:25 . 2013-01-22 10:25 -------- d-----w- c:\program files\Sony
2013-01-21 19:29 . 2013-01-21 19:29 -------- d-----w- c:\users\Pavel\AppData\Roaming\StatusWinks
2013-01-18 19:23 . 2013-01-18 19:23 -------- d-----w- c:\users\Pavel\AppData\Roaming\TeamViewer
2013-01-18 19:22 . 2013-01-18 19:22 -------- d-----w- c:\users\Pavel\AppData\Local\Microsoft Games
2013-01-10 21:41 . 2011-09-21 07:00 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59B15996-CF6D-4C8A-8AE4-7C91D0676B8C}\mpengine.dll
2013-01-07 10:57 . 2013-01-07 10:57 -------- d-----w- c:\program files\Common Files\Adobe
2013-01-04 15:26 . 2008-11-26 10:47 102400 ----a-w- c:\windows\system32\Unzip32N.dll
2013-01-04 15:26 . 2008-11-26 10:47 151552 ----a-w- c:\windows\system32\Zip32N.dll
2013-01-04 15:26 . 2013-01-04 16:42 -------- d-----w- c:\program files\Primy kanal
2013-01-04 09:36 . 2013-01-04 09:36 -------- d-----w- c:\windows\Sun
2013-01-04 09:34 . 2013-01-04 05:54 746984 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-04 09:33 . 2013-01-04 09:33 -------- d-----w- c:\programdata\McAfee
2013-01-02 19:04 . 2013-01-02 19:04 -------- d-----w- c:\users\Pavel\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 14:53 . 2012-07-28 11:11 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-26 14:53 . 2011-10-13 19:37 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-04 05:54 . 2012-12-19 17:28 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-19 19:46 . 2012-12-19 19:46 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-12-19 19:46 . 2012-12-19 19:46 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-12-19 19:46 . 2012-12-19 19:46 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-12-19 19:46 . 2012-12-19 19:46 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-12-19 19:46 . 2012-12-19 19:46 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-12-19 19:46 . 2012-12-19 19:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-12-19 19:46 . 2012-12-19 19:46 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-12-19 19:46 . 2012-12-19 19:46 367104 ----a-w- c:\windows\system32\html.iec
2012-12-19 19:46 . 2012-12-19 19:46 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-12-19 19:46 . 2012-12-19 19:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-19 19:46 . 2012-12-19 19:46 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-19 19:46 . 2012-12-19 19:46 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-12-19 19:46 . 2012-12-19 19:46 161792 ----a-w- c:\windows\system32\msls31.dll
2012-12-19 19:46 . 2012-12-19 19:46 152064 ----a-w- c:\windows\system32\wextract.exe
2012-12-19 19:46 . 2012-12-19 19:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-12-19 19:46 . 2012-12-19 19:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-12-19 19:46 . 2012-12-19 19:46 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-19 19:46 . 2012-12-19 19:46 11776 ----a-w- c:\windows\system32\mshta.exe
2012-12-19 19:46 . 2012-12-19 19:46 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-12-19 19:46 . 2012-12-19 19:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-12-19 19:46 . 2012-12-19 19:46 101888 ----a-w- c:\windows\system32\admparse.dll
2012-12-19 19:46 . 2012-12-19 19:46 801792 ----a-w- c:\windows\system32\FntCache.dll
2012-12-19 19:46 . 2012-12-19 19:46 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-12-19 19:46 . 2012-12-19 19:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-12-19 19:46 . 2012-12-19 19:46 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2012-12-19 19:46 . 2012-12-19 19:46 3181568 ----a-w- c:\windows\system32\mf.dll
2012-12-19 19:46 . 2012-12-19 19:46 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-12-19 19:46 . 2012-12-19 19:46 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-12-19 19:46 . 2012-12-19 19:46 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-12-19 19:46 . 2012-12-19 19:46 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-12-19 19:46 . 2012-12-19 19:46 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-12-19 19:46 . 2012-12-19 19:46 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-12-19 19:46 . 2012-12-19 19:46 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-12-19 19:46 . 2012-12-19 19:46 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-12-19 19:46 . 2012-12-19 19:46 107520 ----a-w- c:\windows\system32\cdd.dll
2012-12-19 19:46 . 2012-12-19 19:46 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-12-19 19:46 . 2012-12-19 19:46 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-12-19 17:28 . 2012-12-19 17:28 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-29 08:26 . 2013-01-02 19:03 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
.
c:\users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Pavel\AppData\Local\Temp\ALSysIO.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\DRIVERS\s916bus.sys [x]
R3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s916mdfl.sys [x]
R3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s916mdm.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-28 14:53]
.
2013-01-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000Core.job
- c:\users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-02 14:13]
.
2013-01-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000UA.job
- c:\users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-02 14:13]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-14 14:34]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-14 14:34]
.
2013-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000Core.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 22:13]
.
2013-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000UA.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 22:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\on87fu3y.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-29 19:33:24
ComboFix-quarantined-files.txt 2013-01-29 18:33
.
Před spuštěním: Volných bajtů: 38 723 555 328
Po spuštění: Volných bajtů: 38 605 336 576
.
- - End Of File - - AE53E0F112ECBF07AF872E5AFC06C615

18:55:33.0017 2220 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:55:33.0360 2220 ============================================================
18:55:33.0360 2220 Current date / time: 2013/01/25 18:55:33.0360
18:55:33.0360 2220 SystemInfo:
18:55:33.0360 2220
18:55:33.0360 2220 OS Version: 6.1.7600 ServicePack: 0.0
18:55:33.0360 2220 Product type: Workstation
18:55:33.0360 2220 ComputerName: PAVEL-PC
18:55:33.0360 2220 UserName: Pavel
18:55:33.0360 2220 Windows directory: C:\Windows
18:55:33.0360 2220 System windows directory: C:\Windows
18:55:33.0360 2220 Processor architecture: Intel x86
18:55:33.0360 2220 Number of processors: 2
18:55:33.0360 2220 Page size: 0x1000
18:55:33.0360 2220 Boot type: Normal boot
18:55:33.0360 2220 ============================================================
18:55:34.0436 2220 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:55:34.0436 2220 ============================================================
18:55:34.0436 2220 \Device\Harddisk0\DR0:
18:55:34.0436 2220 MBR partitions:
18:55:34.0436 2220 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000
18:55:34.0436 2220 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x32000
18:55:34.0436 2220 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC382800, BlocksNum 0x10E42800
18:55:34.0436 2220 ============================================================
18:55:34.0467 2220 C: <-> \Device\Harddisk0\DR0\Partition1
18:55:34.0514 2220 D: <-> \Device\Harddisk0\DR0\Partition3
18:55:34.0514 2220 ============================================================
18:55:34.0514 2220 Initialize success
18:55:34.0514 2220 ============================================================
18:55:38.0196 3316 ============================================================
18:55:38.0196 3316 Scan started
18:55:38.0196 3316 Mode: Manual;
18:55:38.0196 3316 ============================================================
18:55:39.0163 3316 ================ Scan system memory ========================
18:55:39.0163 3316 System memory - ok
18:55:39.0163 3316 ================ Scan services =============================
18:55:39.0319 3316 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:55:39.0319 3316 1394ohci - ok
18:55:39.0366 3316 [ CC1F1D3D70DC13C2C281488D347D4415 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
18:55:39.0366 3316 Accelerometer - ok
18:55:39.0397 3316 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
18:55:39.0397 3316 ACPI - ok
18:55:39.0428 3316 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
18:55:39.0428 3316 AcpiPmi - ok
18:55:39.0506 3316 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:55:39.0506 3316 AdobeARMservice - ok
18:55:39.0584 3316 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:55:39.0584 3316 AdobeFlashPlayerUpdateSvc - ok
18:55:39.0631 3316 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:55:39.0631 3316 adp94xx - ok
18:55:39.0678 3316 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:55:39.0678 3316 adpahci - ok
18:55:39.0693 3316 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:55:39.0693 3316 adpu320 - ok
18:55:39.0725 3316 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:55:39.0725 3316 AeLookupSvc - ok
18:55:39.0756 3316 [ DDC040FDB01EF1712A6B13E52AFB104C ] AFD C:\Windows\system32\drivers\afd.sys
18:55:39.0771 3316 AFD - ok
18:55:39.0818 3316 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
18:55:39.0818 3316 AgereSoftModem - ok
18:55:39.0865 3316 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
18:55:39.0865 3316 agp440 - ok
18:55:39.0881 3316 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:55:39.0881 3316 aic78xx - ok
18:55:39.0943 3316 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:55:39.0943 3316 ALG - ok
18:55:39.0974 3316 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
18:55:39.0974 3316 aliide - ok
18:55:40.0083 3316 ALSysIO - ok
18:55:40.0115 3316 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
18:55:40.0115 3316 amdagp - ok
18:55:40.0146 3316 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
18:55:40.0146 3316 amdide - ok
18:55:40.0146 3316 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:55:40.0161 3316 AmdK8 - ok
18:55:40.0177 3316 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:55:40.0177 3316 AmdPPM - ok
18:55:40.0208 3316 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
18:55:40.0208 3316 amdsata - ok
18:55:40.0224 3316 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:55:40.0224 3316 amdsbs - ok
18:55:40.0255 3316 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
18:55:40.0255 3316 amdxata - ok
18:55:40.0286 3316 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
18:55:40.0286 3316 AppID - ok
18:55:40.0317 3316 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:55:40.0317 3316 AppIDSvc - ok
18:55:40.0349 3316 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
18:55:40.0349 3316 Appinfo - ok
18:55:40.0380 3316 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:55:40.0380 3316 AppMgmt - ok
18:55:40.0427 3316 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:55:40.0427 3316 arc - ok
18:55:40.0458 3316 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:55:40.0458 3316 arcsas - ok
18:55:40.0473 3316 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:55:40.0473 3316 AsyncMac - ok
18:55:40.0489 3316 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
18:55:40.0489 3316 atapi - ok
18:55:40.0614 3316 [ 712D8A95E45B070114C5309ADA7358FF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:55:40.0645 3316 atikmdag - ok
18:55:40.0692 3316 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:55:40.0692 3316 AudioEndpointBuilder - ok
18:55:40.0707 3316 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:55:40.0707 3316 Audiosrv - ok
18:55:40.0739 3316 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:55:40.0739 3316 AxInstSV - ok
18:55:40.0785 3316 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:55:40.0785 3316 b06bdrv - ok
18:55:40.0817 3316 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:55:40.0817 3316 b57nd60x - ok
18:55:40.0895 3316 [ EB7C2DADF52F50F69F198C14C3556DC1 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
18:55:40.0910 3316 BCM43XX - ok
18:55:40.0926 3316 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:55:40.0926 3316 BDESVC - ok
18:55:40.0957 3316 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:55:40.0957 3316 Beep - ok
18:55:40.0988 3316 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
18:55:41.0004 3316 BFE - ok
18:55:41.0035 3316 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
18:55:41.0051 3316 BITS - ok
18:55:41.0066 3316 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:55:41.0066 3316 blbdrive - ok
18:55:41.0082 3316 [ FCAFAEF6798D7B51FF029F99A9898961 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:55:41.0082 3316 bowser - ok
18:55:41.0113 3316 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:55:41.0113 3316 BrFiltLo - ok
18:55:41.0129 3316 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:55:41.0129 3316 BrFiltUp - ok
18:55:41.0160 3316 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll
18:55:41.0175 3316 Browser - ok
18:55:41.0207 3316 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:55:41.0207 3316 Brserid - ok
18:55:41.0238 3316 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:55:41.0238 3316 BrSerWdm - ok
18:55:41.0269 3316 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:55:41.0269 3316 BrUsbMdm - ok
18:55:41.0269 3316 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:55:41.0269 3316 BrUsbSer - ok
18:55:41.0300 3316 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
18:55:41.0300 3316 BthEnum - ok
18:55:41.0316 3316 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:55:41.0316 3316 BTHMODEM - ok
18:55:41.0331 3316 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:55:41.0331 3316 BthPan - ok
18:55:41.0363 3316 [ 4A34888E13224678DD062466AFEC4240 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
18:55:41.0363 3316 BTHPORT - ok
18:55:41.0394 3316 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:55:41.0394 3316 bthserv - ok
18:55:41.0409 3316 [ FA04C63916FA221DBB91FCE153D07A55 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
18:55:41.0409 3316 BTHUSB - ok
18:55:41.0425 3316 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:55:41.0425 3316 cdfs - ok
18:55:41.0472 3316 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:55:41.0472 3316 cdrom - ok
18:55:41.0503 3316 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
18:55:41.0503 3316 CertPropSvc - ok
18:55:41.0519 3316 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:55:41.0519 3316 circlass - ok
18:55:41.0550 3316 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:55:41.0550 3316 CLFS - ok
18:55:41.0628 3316 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:55:41.0628 3316 clr_optimization_v2.0.50727_32 - ok
18:55:41.0643 3316 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:55:41.0643 3316 CmBatt - ok
18:55:41.0675 3316 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
18:55:41.0675 3316 cmdide - ok
18:55:41.0706 3316 [ 1B675691ED940766149C93E8F4488D68 ] CNG C:\Windows\system32\Drivers\cng.sys
18:55:41.0706 3316 CNG - ok
18:55:41.0768 3316 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:55:41.0768 3316 Com4QLBEx - ok
18:55:41.0799 3316 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:55:41.0799 3316 Compbatt - ok
18:55:41.0815 3316 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:55:41.0815 3316 CompositeBus - ok
18:55:41.0831 3316 COMSysApp - ok
18:55:41.0862 3316 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:55:41.0862 3316 crcdisk - ok
18:55:41.0909 3316 [ 9C231178CE4FB385F4B54B0A9080B8A4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:55:41.0909 3316 CryptSvc - ok
18:55:41.0955 3316 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
18:55:41.0955 3316 CSC - ok
18:55:41.0987 3316 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
18:55:42.0002 3316 CscService - ok
18:55:42.0049 3316 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
18:55:42.0049 3316 DcomLaunch - ok
18:55:42.0080 3316 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:55:42.0080 3316 defragsvc - ok
18:55:42.0111 3316 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:55:42.0111 3316 DfsC - ok
18:55:42.0143 3316 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:55:42.0143 3316 Dhcp - ok
18:55:42.0189 3316 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:55:42.0189 3316 discache - ok
18:55:42.0221 3316 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:55:42.0221 3316 Disk - ok
18:55:42.0252 3316 [ D0722E963D3C6145446874241401B209 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:55:42.0252 3316 Dnscache - ok
18:55:42.0283 3316 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
18:55:42.0299 3316 dot3svc - ok
18:55:42.0299 3316 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
18:55:42.0314 3316 DPS - ok
18:55:42.0345 3316 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:55:42.0345 3316 drmkaud - ok
18:55:42.0392 3316 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:55:42.0392 3316 dtsoftbus01 - ok
18:55:42.0423 3316 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:55:42.0439 3316 DXGKrnl - ok
18:55:42.0470 3316 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:55:42.0470 3316 EapHost - ok
18:55:42.0579 3316 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:55:42.0595 3316 ebdrv - ok
18:55:42.0626 3316 [ F42309C4191C506B71DB5D1126D26318 ] EFS C:\Windows\System32\lsass.exe
18:55:42.0626 3316 EFS - ok
18:55:42.0689 3316 [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:55:42.0689 3316 ehRecvr - ok
18:55:42.0720 3316 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:55:42.0720 3316 ehSched - ok
18:55:42.0813 3316 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:55:42.0813 3316 elxstor - ok
18:55:42.0845 3316 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
18:55:42.0845 3316 ErrDev - ok
18:55:42.0876 3316 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:55:42.0891 3316 EventSystem - ok
18:55:42.0907 3316 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:55:42.0907 3316 exfat - ok
18:55:42.0954 3316 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:55:42.0954 3316 fastfat - ok
18:55:42.0985 3316 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
18:55:42.0985 3316 Fax - ok
18:55:43.0016 3316 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:55:43.0016 3316 fdc - ok
18:55:43.0047 3316 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:55:43.0047 3316 fdPHost - ok
18:55:43.0063 3316 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:55:43.0063 3316 FDResPub - ok
18:55:43.0079 3316 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:55:43.0079 3316 FileInfo - ok
18:55:43.0094 3316 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:55:43.0094 3316 Filetrace - ok
18:55:43.0125 3316 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:55:43.0125 3316 flpydisk - ok
18:55:43.0157 3316 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:55:43.0157 3316 FltMgr - ok
18:55:43.0203 3316 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
18:55:43.0219 3316 FontCache - ok
18:55:43.0266 3316 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:55:43.0266 3316 FontCache3.0.0.0 - ok
18:55:43.0281 3316 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:55:43.0281 3316 FsDepends - ok
18:55:43.0313 3316 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:55:43.0313 3316 Fs_Rec - ok
18:55:43.0328 3316 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:55:43.0328 3316 fvevol - ok
18:55:43.0344 3316 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:55:43.0344 3316 gagp30kx - ok
18:55:43.0375 3316 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
18:55:43.0375 3316 ggflt - ok
18:55:43.0406 3316 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
18:55:43.0406 3316 ggsemc - ok
18:55:43.0437 3316 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
18:55:43.0453 3316 gpsvc - ok
18:55:43.0515 3316 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:55:43.0515 3316 gupdate - ok
18:55:43.0531 3316 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:55:43.0531 3316 gupdatem - ok
18:55:43.0578 3316 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:55:43.0578 3316 gusvc - ok
18:55:43.0609 3316 [ C172F0D0329E46513B09E1FC60A27B9D ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
18:55:43.0609 3316 HBtnKey - ok
18:55:43.0625 3316 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:55:43.0625 3316 hcw85cir - ok
18:55:43.0671 3316 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:55:43.0671 3316 HdAudAddService - ok
18:55:43.0703 3316 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:55:43.0703 3316 HDAudBus - ok
18:55:43.0718 3316 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:55:43.0718 3316 HidBatt - ok
18:55:43.0734 3316 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:55:43.0734 3316 HidBth - ok
18:55:43.0749 3316 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:55:43.0749 3316 HidIr - ok
18:55:43.0781 3316 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:55:43.0781 3316 hidserv - ok
18:55:43.0796 3316 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:55:43.0796 3316 HidUsb - ok
18:55:43.0843 3316 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:55:43.0843 3316 hkmsvc - ok
18:55:43.0859 3316 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:55:43.0874 3316 HomeGroupListener - ok
18:55:43.0905 3316 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:55:43.0905 3316 HomeGroupProvider - ok
18:55:43.0937 3316 [ 4EF10B866C62ABBEAF7511CDD05A19BE ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
18:55:43.0937 3316 hpdskflt - ok
18:55:43.0968 3316 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:55:43.0983 3316 HpqKbFiltr - ok
18:55:43.0999 3316 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
18:55:43.0999 3316 hpqwmiex - ok
18:55:44.0030 3316 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
18:55:44.0030 3316 HpSAMD - ok
18:55:44.0061 3316 [ C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] hpsrv C:\Windows\system32\Hpservice.exe
18:55:44.0061 3316 hpsrv - ok
18:55:44.0108 3316 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:55:44.0108 3316 HTTP - ok
18:55:44.0124 3316 Huawei - ok
18:55:44.0139 3316 hwdatacard - ok
18:55:44.0171 3316 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:55:44.0171 3316 hwpolicy - ok
18:55:44.0217 3316 hwusbdev - ok
18:55:44.0249 3316 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:55:44.0249 3316 i8042prt - ok
18:55:44.0280 3316 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
18:55:44.0280 3316 iaStorV - ok
18:55:44.0389 3316 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:55:44.0405 3316 idsvc - ok
18:55:44.0436 3316 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:55:44.0436 3316 iirsp - ok
18:55:44.0483 3316 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
18:55:44.0498 3316 IKEEXT - ok
18:55:44.0514 3316 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:55:44.0514 3316 intelide - ok
18:55:44.0545 3316 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:55:44.0545 3316 intelppm - ok
18:55:44.0561 3316 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:55:44.0561 3316 IPBusEnum - ok
18:55:44.0592 3316 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:55:44.0592 3316 IpFilterDriver - ok
18:55:44.0654 3316 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:55:44.0670 3316 iphlpsvc - ok
18:55:44.0670 3316 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:55:44.0685 3316 IPMIDRV - ok
18:55:44.0717 3316 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:55:44.0717 3316 IPNAT - ok
18:55:44.0748 3316 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:55:44.0748 3316 IRENUM - ok
18:55:44.0763 3316 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
18:55:44.0763 3316 isapnp - ok
18:55:44.0779 3316 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:55:44.0779 3316 iScsiPrt - ok
18:55:44.0810 3316 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:55:44.0810 3316 kbdclass - ok
18:55:44.0841 3316 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:55:44.0841 3316 kbdhid - ok
18:55:44.0857 3316 [ F42309C4191C506B71DB5D1126D26318 ] KeyIso C:\Windows\system32\lsass.exe
18:55:44.0857 3316 KeyIso - ok
18:55:44.0888 3316 [ E36A061EC11B373826905B21BE10948F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:55:44.0888 3316 KSecDD - ok
18:55:44.0904 3316 [ 26C046977E85B95036453D7B88BA1820 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:55:44.0904 3316 KSecPkg - ok
18:55:44.0951 3316 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:55:44.0951 3316 KtmRm - ok
18:55:44.0998 3316 [ BCA92CB047A4326925ECEF759DBAA233 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:55:44.0998 3316 LanmanServer - ok
18:55:45.0013 3316 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:55:45.0029 3316 LanmanWorkstation - ok
18:55:45.0060 3316 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:55:45.0060 3316 lltdio - ok
18:55:45.0091 3316 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:55:45.0091 3316 lltdsvc - ok
18:55:45.0107 3316 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:55:45.0107 3316 lmhosts - ok
18:55:45.0138 3316 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:55:45.0138 3316 LSI_FC - ok
18:55:45.0154 3316 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:55:45.0154 3316 LSI_SAS - ok
18:55:45.0169 3316 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:55:45.0169 3316 LSI_SAS2 - ok
18:55:45.0185 3316 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:55:45.0185 3316 LSI_SCSI - ok
18:55:45.0216 3316 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:55:45.0216 3316 luafv - ok
18:55:45.0232 3316 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:55:45.0247 3316 Mcx2Svc - ok
18:55:45.0263 3316 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:55:45.0263 3316 megasas - ok
18:55:45.0278 3316 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:55:45.0294 3316 MegaSR - ok
18:55:45.0341 3316 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:55:45.0356 3316 Microsoft Office Groove Audit Service - ok
18:55:45.0388 3316 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:55:45.0388 3316 MMCSS - ok
18:55:45.0403 3316 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:55:45.0403 3316 Modem - ok
18:55:45.0419 3316 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:55:45.0419 3316 monitor - ok
18:55:45.0450 3316 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:55:45.0450 3316 mouclass - ok
18:55:45.0481 3316 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:55:45.0481 3316 mouhid - ok
18:55:45.0497 3316 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:55:45.0497 3316 mountmgr - ok
18:55:45.0512 3316 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
18:55:45.0512 3316 mpio - ok
18:55:45.0528 3316 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:55:45.0528 3316 mpsdrv - ok
18:55:45.0575 3316 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
18:55:45.0575 3316 MpsSvc - ok
18:55:45.0606 3316 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:55:45.0606 3316 MRxDAV - ok
18:55:45.0622 3316 [ F4A054BE78AF7F410129C4B64B07DC9B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:55:45.0622 3316 mrxsmb - ok
18:55:45.0653 3316 [ DEFFA295BD1895C6ED8E3078412AC60B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:55:45.0653 3316 mrxsmb10 - ok
18:55:45.0684 3316 [ 24D76ABE5DCAD22F19D105F76FDF0CE1 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:55:45.0684 3316 mrxsmb20 - ok
18:55:45.0700 3316 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
18:55:45.0715 3316 msahci - ok
18:55:45.0731 3316 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
18:55:45.0731 3316 msdsm - ok
18:55:45.0762 3316 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:55:45.0762 3316 MSDTC - ok
18:55:45.0778 3316 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:55:45.0778 3316 Msfs - ok
18:55:45.0793 3316 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:55:45.0793 3316 mshidkmdf - ok
18:55:45.0809 3316 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
18:55:45.0809 3316 msisadrv - ok
18:55:45.0856 3316 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:55:45.0856 3316 MSiSCSI - ok
18:55:45.0856 3316 msiserver - ok
18:55:45.0871 3316 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:55:45.0871 3316 MSKSSRV - ok
18:55:45.0902 3316 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:55:45.0902 3316 MSPCLOCK - ok
18:55:45.0918 3316 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:55:45.0918 3316 MSPQM - ok
18:55:45.0934 3316 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:55:45.0934 3316 MsRPC - ok
18:55:45.0965 3316 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:55:45.0965 3316 mssmbios - ok
18:55:45.0965 3316 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:55:45.0965 3316 MSTEE - ok
18:55:46.0012 3316 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:55:46.0012 3316 MTConfig - ok
18:55:46.0012 3316 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:55:46.0012 3316 Mup - ok
18:55:46.0058 3316 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
18:55:46.0058 3316 napagent - ok
18:55:46.0105 3316 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:55:46.0105 3316 NativeWifiP - ok
18:55:46.0214 3316 [ 89844C3D3A7AAE8999E229C88E452633 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:55:46.0214 3316 NBService - ok
18:55:46.0261 3316 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:55:46.0261 3316 NDIS - ok
18:55:46.0324 3316 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:55:46.0324 3316 NdisCap - ok
18:55:46.0339 3316 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:55:46.0339 3316 NdisTapi - ok
18:55:46.0370 3316 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:55:46.0386 3316 Ndisuio - ok
18:55:46.0402 3316 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:55:46.0402 3316 NdisWan - ok
18:55:46.0417 3316 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:55:46.0417 3316 NDProxy - ok
18:55:46.0433 3316 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:55:46.0433 3316 NetBIOS - ok
18:55:46.0448 3316 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:55:46.0448 3316 NetBT - ok
18:55:46.0480 3316 [ F42309C4191C506B71DB5D1126D26318 ] Netlogon C:\Windows\system32\lsass.exe
18:55:46.0480 3316 Netlogon - ok
18:55:46.0526 3316 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:55:46.0526 3316 Netman - ok
18:55:46.0558 3316 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:55:46.0558 3316 netprofm - ok
18:55:46.0589 3316 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:55:46.0589 3316 NetTcpPortSharing - ok
18:55:46.0620 3316 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:55:46.0620 3316 nfrd960 - ok
18:55:46.0651 3316 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
18:55:46.0651 3316 NlaSvc - ok
18:55:46.0745 3316 [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:55:46.0745 3316 NMIndexingService - ok
18:55:46.0776 3316 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:55:46.0776 3316 Npfs - ok
18:55:46.0792 3316 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:55:46.0792 3316 nsi - ok
18:55:46.0807 3316 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:55:46.0807 3316 nsiproxy - ok
18:55:46.0870 3316 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:55:46.0885 3316 Ntfs - ok
18:55:46.0901 3316 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:55:46.0901 3316 Null - ok
18:55:46.0932 3316 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
18:55:46.0932 3316 nvraid - ok
18:55:46.0948 3316 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
18:55:46.0948 3316 nvstor - ok
18:55:46.0963 3316 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
18:55:46.0963 3316 nv_agp - ok
18:55:47.0026 3316 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:55:47.0026 3316 odserv - ok
18:55:47.0057 3316 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:55:47.0057 3316 ohci1394 - ok
18:55:47.0135 3316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:55:47.0135 3316 ose - ok
18:55:47.0166 3316 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:55:47.0182 3316 p2pimsvc - ok
18:55:47.0197 3316 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:55:47.0197 3316 p2psvc - ok
18:55:47.0244 3316 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:55:47.0244 3316 Parport - ok
18:55:47.0260 3316 [ FF4218952B51DE44FE910953A3E686B9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:55:47.0260 3316 partmgr - ok
18:55:47.0275 3316 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:55:47.0275 3316 Parvdm - ok
18:55:47.0291 3316 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:55:47.0306 3316 PcaSvc - ok
18:55:47.0322 3316 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
18:55:47.0322 3316 pci - ok
18:55:47.0338 3316 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
18:55:47.0338 3316 pciide - ok
18:55:47.0353 3316 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:55:47.0353 3316 pcmcia - ok
18:55:47.0384 3316 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:55:47.0384 3316 pcw - ok
18:55:47.0416 3316 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:55:47.0416 3316 PEAUTH - ok
18:55:47.0462 3316 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:55:47.0478 3316 PeerDistSvc - ok
18:55:47.0556 3316 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
18:55:47.0572 3316 pla - ok
18:55:47.0603 3316 [ 2CC2008F1296968FBA162ED9F9AFE328 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:55:47.0603 3316 PlugPlay - ok
18:55:47.0618 3316 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:55:47.0634 3316 PNRPAutoReg - ok
18:55:47.0650 3316 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:55:47.0650 3316 PNRPsvc - ok
18:55:47.0696 3316 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:55:47.0696 3316 PolicyAgent - ok
18:55:47.0712 3316 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
18:55:47.0728 3316 Power - ok
18:55:47.0759 3316 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:55:47.0759 3316 PptpMiniport - ok
18:55:47.0774 3316 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:55:47.0774 3316 Processor - ok
18:55:47.0806 3316 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
18:55:47.0806 3316 ProfSvc - ok
18:55:47.0837 3316 [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:55:47.0837 3316 ProtectedStorage - ok
18:55:47.0852 3316 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:55:47.0852 3316 Psched - ok
18:55:47.0899 3316 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:55:47.0915 3316 ql2300 - ok
18:55:47.0930 3316 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:55:47.0946 3316 ql40xx - ok
18:55:47.0977 3316 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:55:47.0977 3316 QWAVE - ok
18:55:47.0993 3316 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:55:47.0993 3316 QWAVEdrv - ok

18:55:48.0040 3316 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:55:48.0040 3316 RasAcd - ok
18:55:48.0055 3316 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:55:48.0071 3316 RasAgileVpn - ok
18:55:48.0086 3316 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:55:48.0086 3316 RasAuto - ok
18:55:48.0102 3316 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:55:48.0102 3316 Rasl2tp - ok
18:55:48.0149 3316 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
18:55:48.0149 3316 RasMan - ok
18:55:48.0164 3316 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:55:48.0164 3316 RasPppoe - ok
18:55:48.0196 3316 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:55:48.0196 3316 RasSstp - ok
18:55:48.0211 3316 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:55:48.0211 3316 rdbss - ok
18:55:48.0242 3316 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:55:48.0242 3316 rdpbus - ok
18:55:48.0258 3316 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:55:48.0258 3316 RDPCDD - ok
18:55:48.0305 3316 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:55:48.0305 3316 RDPDR - ok
18:55:48.0320 3316 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:55:48.0320 3316 RDPENCDD - ok
18:55:48.0336 3316 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:55:48.0336 3316 RDPREFMP - ok
18:55:48.0352 3316 [ 801371BA9782282892D00AADB08EE367 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:55:48.0352 3316 RDPWD - ok
18:55:48.0398 3316 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:55:48.0398 3316 rdyboost - ok
18:55:48.0430 3316 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:55:48.0430 3316 RemoteAccess - ok
18:55:48.0461 3316 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:55:48.0461 3316 RemoteRegistry - ok
18:55:48.0492 3316 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:55:48.0492 3316 RFCOMM - ok
18:55:48.0523 3316 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:55:48.0523 3316 RpcEptMapper - ok
18:55:48.0539 3316 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:55:48.0539 3316 RpcLocator - ok
18:55:48.0570 3316 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
18:55:48.0570 3316 RpcSs - ok
18:55:48.0617 3316 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:55:48.0617 3316 rspndr - ok
18:55:48.0648 3316 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
18:55:48.0648 3316 s3cap - ok
18:55:48.0679 3316 [ FEC4F19C80F623C3BFB386FC815BCD30 ] s916bus C:\Windows\system32\DRIVERS\s916bus.sys
18:55:48.0679 3316 s916bus - ok
18:55:48.0710 3316 [ A6F154DA17CAFD5743F552B1A88B2C32 ] s916mdfl C:\Windows\system32\DRIVERS\s916mdfl.sys
18:55:48.0710 3316 s916mdfl - ok
18:55:48.0742 3316 [ B4362E96E0A9D258CF5C7CA7AD28958A ] s916mdm C:\Windows\system32\DRIVERS\s916mdm.sys
18:55:48.0742 3316 s916mdm - ok
18:55:48.0757 3316 [ F42309C4191C506B71DB5D1126D26318 ] SamSs C:\Windows\system32\lsass.exe
18:55:48.0757 3316 SamSs - ok
18:55:48.0788 3316 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
18:55:48.0788 3316 sbp2port - ok
18:55:48.0820 3316 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:55:48.0820 3316 SCardSvr - ok
18:55:48.0835 3316 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:55:48.0835 3316 scfilter - ok
18:55:48.0866 3316 [ 3E8B0C453E25613A1F59762A5C42AA75 ] Schedule C:\Windows\system32\schedsvc.dll
18:55:48.0882 3316 Schedule - ok
18:55:48.0898 3316 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:55:48.0898 3316 SCPolicySvc - ok
18:55:48.0929 3316 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:55:48.0929 3316 SDRSVC - ok
18:55:48.0960 3316 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:55:48.0960 3316 secdrv - ok
18:55:48.0991 3316 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:55:48.0991 3316 seclogon - ok
18:55:49.0022 3316 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:55:49.0022 3316 SENS - ok
18:55:49.0038 3316 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:55:49.0038 3316 SensrSvc - ok
18:55:49.0054 3316 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:55:49.0054 3316 Serenum - ok
18:55:49.0069 3316 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:55:49.0069 3316 Serial - ok
18:55:49.0085 3316 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:55:49.0085 3316 sermouse - ok
18:55:49.0116 3316 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
18:55:49.0116 3316 SessionEnv - ok
18:55:49.0132 3316 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:55:49.0147 3316 sffdisk - ok
18:55:49.0163 3316 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:55:49.0163 3316 sffp_mmc - ok
18:55:49.0163 3316 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:55:49.0163 3316 sffp_sd - ok
18:55:49.0194 3316 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:55:49.0194 3316 sfloppy - ok
18:55:49.0210 3316 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:55:49.0225 3316 SharedAccess - ok
18:55:49.0256 3316 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:55:49.0272 3316 ShellHWDetection - ok
18:55:49.0288 3316 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
18:55:49.0288 3316 sisagp - ok
18:55:49.0319 3316 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:55:49.0319 3316 SiSRaid2 - ok
18:55:49.0334 3316 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:55:49.0334 3316 SiSRaid4 - ok
18:55:49.0350 3316 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:55:49.0350 3316 Smb - ok
18:55:49.0381 3316 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:55:49.0397 3316 SNMPTRAP - ok
18:55:49.0428 3316 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
18:55:49.0428 3316 Sony PC Companion - ok
18:55:49.0444 3316 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:55:49.0444 3316 spldr - ok
18:55:49.0475 3316 [ 49B6DD6AB3715B7A67965F17194E98A9 ] Spooler C:\Windows\System32\spoolsv.exe
18:55:49.0475 3316 Spooler - ok
18:55:49.0568 3316 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
18:55:49.0600 3316 sppsvc - ok
18:55:49.0615 3316 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:55:49.0615 3316 sppuinotify - ok
18:55:49.0662 3316 [ 2BA4EBC7DFBA845A1EDBE1F75913BE33 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:55:49.0662 3316 srv - ok
18:55:49.0678 3316 [ DCE7E10FEAABD4CAE95948B3DE5340BB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:55:49.0693 3316 srv2 - ok
18:55:49.0693 3316 [ B5665BAA2120B8A54E22E9CD07C05106 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:55:49.0693 3316 srvnet - ok
18:55:49.0724 3316 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:55:49.0740 3316 SSDPSRV - ok
18:55:49.0756 3316 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:55:49.0756 3316 SstpSvc - ok
18:55:49.0771 3316 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:55:49.0771 3316 stexstor - ok
18:55:49.0802 3316 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
18:55:49.0818 3316 StiSvc - ok
18:55:49.0849 3316 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
18:55:49.0849 3316 storflt - ok
18:55:49.0865 3316 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
18:55:49.0865 3316 storvsc - ok
18:55:49.0896 3316 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:55:49.0896 3316 swenum - ok
18:55:49.0943 3316 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:55:49.0943 3316 swprv - ok
18:55:50.0005 3316 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
18:55:50.0021 3316 SysMain - ok
18:55:50.0036 3316 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:55:50.0036 3316 TabletInputService - ok
18:55:50.0052 3316 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
18:55:50.0068 3316 TapiSrv - ok
18:55:50.0083 3316 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:55:50.0083 3316 TBS - ok
18:55:50.0146 3316 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:55:50.0161 3316 Tcpip - ok
18:55:50.0192 3316 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:55:50.0208 3316 TCPIP6 - ok
18:55:50.0224 3316 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:55:50.0224 3316 tcpipreg - ok
18:55:50.0239 3316 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:55:50.0239 3316 TDPIPE - ok
18:55:50.0255 3316 [ 7551E91EA999EE9A8E9C331D5A9C31F3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:55:50.0255 3316 TDTCP - ok
18:55:50.0270 3316 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:55:50.0270 3316 tdx - ok
18:55:50.0302 3316 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:55:50.0302 3316 TermDD - ok
18:55:50.0348 3316 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
18:55:50.0364 3316 TermService - ok
18:55:50.0380 3316 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:55:50.0380 3316 Themes - ok
18:55:50.0395 3316 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:55:50.0395 3316 THREADORDER - ok
18:55:50.0426 3316 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:55:50.0442 3316 TrkWks - ok
18:55:50.0489 3316 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:55:50.0489 3316 TrustedInstaller - ok
18:55:50.0504 3316 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:55:50.0504 3316 tssecsrv - ok
18:55:50.0551 3316 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:55:50.0551 3316 tunnel - ok
18:55:50.0567 3316 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:55:50.0567 3316 uagp35 - ok
18:55:50.0598 3316 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:55:50.0598 3316 udfs - ok
18:55:50.0645 3316 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:55:50.0645 3316 UI0Detect - ok
18:55:50.0660 3316 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
18:55:50.0660 3316 uliagpkx - ok
18:55:50.0692 3316 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:55:50.0692 3316 umbus - ok
18:55:50.0707 3316 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:55:50.0707 3316 UmPass - ok
18:55:50.0738 3316 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
18:55:50.0754 3316 UmRdpService - ok
18:55:50.0770 3316 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:55:50.0770 3316 upnphost - ok
18:55:50.0785 3316 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:55:50.0801 3316 usbccgp - ok
18:55:50.0816 3316 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
18:55:50.0816 3316 usbcir - ok
18:55:50.0816 3316 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:55:50.0832 3316 usbehci - ok
18:55:50.0863 3316 [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:55:50.0863 3316 usbhub - ok
18:55:50.0879 3316 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:55:50.0879 3316 usbohci - ok
18:55:50.0879 3316 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:55:50.0879 3316 usbprint - ok
18:55:50.0894 3316 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:55:50.0910 3316 USBSTOR - ok
18:55:50.0910 3316 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:55:50.0910 3316 usbuhci - ok
18:55:50.0957 3316 [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:55:50.0957 3316 usbvideo - ok
18:55:50.0988 3316 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:55:50.0988 3316 UxSms - ok
18:55:51.0004 3316 [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc C:\Windows\system32\lsass.exe
18:55:51.0004 3316 VaultSvc - ok
18:55:51.0019 3316 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
18:55:51.0019 3316 vdrvroot - ok
18:55:51.0050 3316 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
18:55:51.0066 3316 vds - ok
18:55:51.0097 3316 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:55:51.0097 3316 vga - ok
18:55:51.0113 3316 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:55:51.0113 3316 VgaSave - ok
18:55:51.0128 3316 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
18:55:51.0128 3316 vhdmp - ok
18:55:51.0160 3316 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
18:55:51.0160 3316 viaagp - ok
18:55:51.0175 3316 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:55:51.0175 3316 ViaC7 - ok
18:55:51.0191 3316 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
18:55:51.0191 3316 viaide - ok
18:55:51.0222 3316 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
18:55:51.0222 3316 vmbus - ok
18:55:51.0253 3316 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
18:55:51.0253 3316 VMBusHID - ok
18:55:51.0284 3316 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
18:55:51.0284 3316 volmgr - ok
18:55:51.0316 3316 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:55:51.0316 3316 volmgrx - ok
18:55:51.0331 3316 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
18:55:51.0347 3316 volsnap - ok
18:55:51.0362 3316 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:55:51.0362 3316 vsmraid - ok
18:55:51.0409 3316 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
18:55:51.0425 3316 VSS - ok
18:55:51.0440 3316 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:55:51.0440 3316 vwifibus - ok
18:55:51.0456 3316 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:55:51.0456 3316 vwififlt - ok
18:55:51.0503 3316 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:55:51.0503 3316 vwifimp - ok
18:55:51.0518 3316 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:55:51.0534 3316 W32Time - ok
18:55:51.0565 3316 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:55:51.0565 3316 WacomPen - ok
18:55:51.0596 3316 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:55:51.0596 3316 WANARP - ok
18:55:51.0596 3316 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:55:51.0596 3316 Wanarpv6 - ok
18:55:51.0643 3316 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
18:55:51.0659 3316 wbengine - ok
18:55:51.0690 3316 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:55:51.0690 3316 WbioSrvc - ok
18:55:51.0706 3316 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:55:51.0721 3316 wcncsvc - ok
18:55:51.0737 3316 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:55:51.0737 3316 WcsPlugInService - ok
18:55:51.0752 3316 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:55:51.0752 3316 Wd - ok
18:55:51.0799 3316 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:55:51.0799 3316 Wdf01000 - ok
18:55:51.0815 3316 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:55:51.0815 3316 WdiServiceHost - ok
18:55:51.0830 3316 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:55:51.0830 3316 WdiSystemHost - ok
18:55:51.0846 3316 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
18:55:51.0862 3316 WebClient - ok
18:55:51.0877 3316 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:55:51.0893 3316 Wecsvc - ok
18:55:51.0908 3316 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:55:51.0908 3316 wercplsupport - ok
18:55:51.0924 3316 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:55:51.0940 3316 WerSvc - ok
18:55:51.0955 3316 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:55:51.0955 3316 WfpLwf - ok
18:55:51.0986 3316 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:55:51.0986 3316 WIMMount - ok
18:55:52.0049 3316 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:55:52.0064 3316 WinDefend - ok
18:55:52.0064 3316 WinHttpAutoProxySvc - ok
18:55:52.0127 3316 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:55:52.0127 3316 Winmgmt - ok
18:55:52.0189 3316 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
18:55:52.0205 3316 WinRM - ok
18:55:52.0252 3316 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:55:52.0252 3316 WinUsb - ok
18:55:52.0298 3316 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:55:52.0298 3316 Wlansvc - ok
18:55:52.0314 3316 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:55:52.0314 3316 WmiAcpi - ok
18:55:52.0345 3316 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:55:52.0345 3316 wmiApSrv - ok
18:55:52.0408 3316 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:55:52.0423 3316 WMPNetworkSvc - ok
18:55:52.0454 3316 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:55:52.0454 3316 WPCSvc - ok
18:55:52.0470 3316 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:55:52.0486 3316 WPDBusEnum - ok
18:55:52.0501 3316 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:55:52.0501 3316 ws2ifsl - ok
18:55:52.0517 3316 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:55:52.0532 3316 wscsvc - ok
18:55:52.0532 3316 WSearch - ok
18:55:52.0595 3316 [ A33408CC036F9C08142B11BE5E93F0A1 ] wuauserv C:\Windows\system32\wuaueng.dll
18:55:52.0610 3316 wuauserv - ok
18:55:52.0626 3316 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:55:52.0626 3316 WudfPf - ok
18:55:52.0673 3316 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:55:52.0673 3316 WUDFRd - ok
18:55:52.0704 3316 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:55:52.0704 3316 wudfsvc - ok
18:55:52.0720 3316 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:55:52.0735 3316 WwanSvc - ok
18:55:52.0766 3316 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
18:55:52.0766 3316 yukonw7 - ok
18:55:52.0798 3316 ================ Scan global ===============================
18:55:52.0829 3316 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
18:55:52.0844 3316 [ 827E4F75901CA3F990B1487D3301841E ] C:\Windows\system32\winsrv.dll
18:55:52.0860 3316 [ 827E4F75901CA3F990B1487D3301841E ] C:\Windows\system32\winsrv.dll
18:55:52.0891 3316 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:55:52.0922 3316 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:55:52.0922 3316 [Global] - ok
18:55:52.0922 3316 ================ Scan MBR ==================================
18:55:52.0938 3316 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:55:53.0359 3316 \Device\Harddisk0\DR0 - ok
18:55:53.0359 3316 ================ Scan VBR ==================================
18:55:53.0375 3316 [ 9AF35CB63C8AF0CBFF0574E7D4F32134 ] \Device\Harddisk0\DR0\Partition1
18:55:53.0375 3316 \Device\Harddisk0\DR0\Partition1 - ok
18:55:53.0375 3316 [ 768B684A86129F0012B3CAA472B4AE32 ] \Device\Harddisk0\DR0\Partition2
18:55:53.0390 3316 \Device\Harddisk0\DR0\Partition2 - ok
18:55:53.0406 3316 [ 5504460FBE0D37E4C81715C2386FC2A6 ] \Device\Harddisk0\DR0\Partition3
18:55:53.0406 3316 \Device\Harddisk0\DR0\Partition3 - ok
18:55:53.0406 3316 ============================================================
18:55:53.0406 3316 Scan finished
18:55:53.0406 3316 ============================================================
18:55:53.0422 3240 Detected object count: 0
18:55:53.0422 3240 Actual detected object count: 0
18:56:09.0178 0476 Deinitialize success

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

ComboFix 12-07-25.04 - Pavel 29.01.2013 23:06:22.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.1789.1145 [GMT 1:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pavel\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Pavel\AppData\Local\Temp\ALSysIO.sys"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\program files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.4.3607.2246\GoogleToolbarInstaller_updater_signed.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\programdata\McAfee
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2855798801-2560433423-1982038742-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ALSYSIO
-------\Service_ALSysIO
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-29 )))))))))))))))))))))))))))))))
.
.
2013-01-29 22:15 . 2013-01-29 22:18 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2013-01-29 22:15 . 2013-01-29 22:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-29 21:56 . 2013-01-29 21:56 -------- d-----w- c:\program files\Bit Che
2013-01-29 21:56 . 2013-01-29 21:56 -------- d-----w- c:\users\Pavel\AppData\Roaming\Convivea
2013-01-29 21:56 . 2004-03-08 23:00 152848 ----a-w- c:\windows\system32\comdlg32.OCX
2013-01-29 21:56 . 2004-03-08 23:00 124688 ----a-w- c:\windows\system32\mswinsck.ocx
2013-01-29 14:15 . 2013-01-29 22:18 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59B15996-CF6D-4C8A-8AE4-7C91D0676B8C}\offreg.dll
2013-01-27 20:48 . 2013-01-27 20:48 -------- d-----w- c:\users\Pavel\AppData\Local\Adobe
2013-01-25 15:50 . 2013-01-25 15:50 -------- d-----w- c:\users\Pavel\AppData\Roaming\Malwarebytes
2013-01-25 15:50 . 2013-01-25 15:50 -------- d-----w- c:\programdata\Malwarebytes
2013-01-25 15:50 . 2013-01-25 15:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-25 15:50 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-25 15:49 . 2013-01-25 15:49 -------- d-----w- c:\users\Pavel\AppData\Local\Programs
2013-01-25 13:01 . 2013-01-25 13:01 388096 ----a-r- c:\users\Pavel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-25 13:01 . 2013-01-25 13:01 -------- d-----w- c:\program files\Trend Micro
2013-01-22 10:31 . 2013-01-22 10:31 25200 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2013-01-22 10:31 . 2013-01-22 10:31 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-01-22 10:31 . 2013-01-22 10:31 12400 ----a-w- c:\windows\system32\drivers\ggflt.sys
2013-01-22 10:30 . 2013-01-24 16:29 -------- d-----w- c:\programdata\Sony Ericsson
2013-01-22 10:25 . 2013-01-22 10:25 -------- d-----w- c:\programdata\Sony
2013-01-22 10:25 . 2013-01-22 10:25 -------- d-----w- c:\program files\Sony
2013-01-21 19:29 . 2013-01-21 19:29 -------- d-----w- c:\users\Pavel\AppData\Roaming\StatusWinks
2013-01-18 19:23 . 2013-01-18 19:23 -------- d-----w- c:\users\Pavel\AppData\Roaming\TeamViewer
2013-01-18 19:22 . 2013-01-18 19:22 -------- d-----w- c:\users\Pavel\AppData\Local\Microsoft Games
2013-01-10 21:41 . 2011-09-21 07:00 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59B15996-CF6D-4C8A-8AE4-7C91D0676B8C}\mpengine.dll
2013-01-07 10:57 . 2013-01-07 10:57 -------- d-----w- c:\program files\Common Files\Adobe
2013-01-04 15:26 . 2008-11-26 10:47 102400 ----a-w- c:\windows\system32\Unzip32N.dll
2013-01-04 15:26 . 2008-11-26 10:47 151552 ----a-w- c:\windows\system32\Zip32N.dll
2013-01-04 15:26 . 2013-01-04 16:42 -------- d-----w- c:\program files\Primy kanal
2013-01-04 09:36 . 2013-01-04 09:36 -------- d-----w- c:\windows\Sun
2013-01-04 09:34 . 2013-01-04 05:54 746984 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-02 19:04 . 2013-01-02 19:04 -------- d-----w- c:\users\Pavel\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 14:53 . 2012-07-28 11:11 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-26 14:53 . 2011-10-13 19:37 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-04 05:54 . 2012-12-19 17:28 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-19 19:46 . 2012-12-19 19:46 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-12-19 19:46 . 2012-12-19 19:46 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-12-19 19:46 . 2012-12-19 19:46 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-12-19 19:46 . 2012-12-19 19:46 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-12-19 19:46 . 2012-12-19 19:46 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-12-19 19:46 . 2012-12-19 19:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-12-19 19:46 . 2012-12-19 19:46 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-12-19 19:46 . 2012-12-19 19:46 367104 ----a-w- c:\windows\system32\html.iec
2012-12-19 19:46 . 2012-12-19 19:46 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-12-19 19:46 . 2012-12-19 19:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-19 19:46 . 2012-12-19 19:46 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-19 19:46 . 2012-12-19 19:46 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-12-19 19:46 . 2012-12-19 19:46 161792 ----a-w- c:\windows\system32\msls31.dll
2012-12-19 19:46 . 2012-12-19 19:46 152064 ----a-w- c:\windows\system32\wextract.exe
2012-12-19 19:46 . 2012-12-19 19:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-12-19 19:46 . 2012-12-19 19:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-12-19 19:46 . 2012-12-19 19:46 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-19 19:46 . 2012-12-19 19:46 11776 ----a-w- c:\windows\system32\mshta.exe
2012-12-19 19:46 . 2012-12-19 19:46 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-12-19 19:46 . 2012-12-19 19:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-12-19 19:46 . 2012-12-19 19:46 101888 ----a-w- c:\windows\system32\admparse.dll
2012-12-19 19:46 . 2012-12-19 19:46 801792 ----a-w- c:\windows\system32\FntCache.dll
2012-12-19 19:46 . 2012-12-19 19:46 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-12-19 19:46 . 2012-12-19 19:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-12-19 19:46 . 2012-12-19 19:46 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2012-12-19 19:46 . 2012-12-19 19:46 3181568 ----a-w- c:\windows\system32\mf.dll
2012-12-19 19:46 . 2012-12-19 19:46 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-12-19 19:46 . 2012-12-19 19:46 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-12-19 19:46 . 2012-12-19 19:46 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-12-19 19:46 . 2012-12-19 19:46 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-12-19 19:46 . 2012-12-19 19:46 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-12-19 19:46 . 2012-12-19 19:46 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-12-19 19:46 . 2012-12-19 19:46 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-12-19 19:46 . 2012-12-19 19:46 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-12-19 19:46 . 2012-12-19 19:46 107520 ----a-w- c:\windows\system32\cdd.dll
2012-12-19 19:46 . 2012-12-19 19:46 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-12-19 19:46 . 2012-12-19 19:46 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-12-19 17:28 . 2012-12-19 17:28 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-29 08:26 . 2013-01-02 19:03 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2013-01-29_18.28.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:55 . 2013-01-29 22:19 36402 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-10-13 18:42 . 2013-01-29 22:19 6998 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2855798801-2560433423-1982038742-1000_UserData.bin
- 2013-01-29 14:12 . 2013-01-29 14:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2013-01-29 14:12 . 2013-01-29 22:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2013-01-29 14:12 . 2013-01-29 14:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2013-01-29 14:12 . 2013-01-29 22:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:03 . 2013-01-26 03:12 6815744 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:03 . 2013-01-29 21:55 6815744 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2013-01-23 04:38 . 2013-01-23 04:38 8616960 c:\windows\Installer\118132e.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
.
c:\users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\DRIVERS\s916bus.sys [x]
R3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s916mdfl.sys [x]
R3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s916mdm.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-28 14:53]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\on87fu3y.default\
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2013-01-29 23:23:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-29 22:23
ComboFix2.txt 2013-01-29 18:33
.
Před spuštěním: Volných bajtů: 35 544 772 608
Po spuštění: Volných bajtů: 35 316 518 912
.
- - End Of File - - 90EB063A90E50F56A1213D49B1E97CFA

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.