PC-HELP.CZ

HJT log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:06:10, on 4.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\PrtScr\PrtScr.exe
C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ceskatelevize.cz/ivysilani/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [PrtScr by FireStarter] C:\Program Files (x86)\PrtScr\PrtScr.exe /Tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Dropbox.lnk = C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: En&queue current page with BID - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm
O8 - Extra context menu item: Enqueue link target with BID - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
O8 - Extra context menu item: Open &link target with BID - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm
O8 - Extra context menu item: Open current page with BID - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm
O8 - Extra context menu item: Open current page with BID Link Explorer - file://C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10484 bytes

Odinstaluj Yontoo Layer

v logu fixni:
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Ahoj díky za rady.

musím sem ještě napsat, že ještě než sem se dostal k dnešnímu čištění mě předevčírem napadl vir (nebo jak to nazvat, asi phishing) "policie české republik"



~ možná jste se s tím už setkali - z ničeho nic mi na obrazovku skočilo okno přes celou obrazovku, kde je vyjetý info o pc: IP adresa, jméno uživatele etc.. a hláška že jsem sledován policií a porušil jsem zákony a musím zaplatit pokutu 2000 ČZK, na stránce je okýnko, kde mě to žádá o číslo a PIN karty... nic jinýho nejde dělat, max. restart PC. přes nouzovej režim pc nereagovalo, až přes nouzovej režim s příkaz. řádkem odkud jsem šel na bod obnovy abych zjistil že ho tento virák celej smazal, nakonec se mi podařilo spustit "Malware bytes Anti-Malware", kterej něco našel, až jsem to smáznul tak po následujícím restartu PC už šlo - dnešní stav. Poté jsem provedl vše uvedené výše... Jo ještě mě po proscanování PC MBAMem me bezprostredne po tom vyhodila Avira (bezici v pozadi) hlášku o nalezení nějakýho viru - hodil jsem ho do karantény: (formát, název, přípona a umístění viru je hodně nápadně podobný tomu "policie ČR" - podle toho co jsem našel na netu za info o tom, buď se vrátil nebo tu zůstal pokud je to ono...



níže pak logy z MBAM a pak z ADW cleaneru:


Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org

Verze: v2013.02.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Felipe Grande :: FM_WORKSTATION [administrátor]

8.2.2013 16:01:25
mbam-log-2013-02-08 (16-01-25).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 256894
Uplynulý čas: 3 minut, 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)


ADW:

# AdwCleaner v2.111 - Logfile created 02/08/2013 at 16:09:52
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Felipe Grande - FM_WORKSTATION
# Boot Mode : Normal
# Running from : C:\Users\Felipe Grande\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Found : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Found : C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Found : C:\Users\Felipe Grande\AppData\LocalLow\Conduit
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\Babylon
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\Media Finder
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Found : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\BVD_ToolKit
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\MediaFinder
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BVD_ToolKit
Key Found : HKLM\SOFTWARE\Classes\MF
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03E0EF5B-DDBB-489C-A0D0-16287429CEAF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0A1281C7-432E-45B1-BE01-C5FC49144869}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4683DA83-50B0-4298-8B6F-2F2C767E41D3}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E49D8D56-543D-4B71-BA78-150D6DD38374}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0 (cs)

File : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\prefs.js

Found : user_pref("CT2014090.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2014090.AllowNonPrivacy", false);
Found : user_pref("CT2014090.CTID", "CT2014090");
Found : user_pref("CT2014090.CTPBaseServerUrl", "hxxp://services.conduit.com/");
Found : user_pref("CT2014090.CommunityChanged", false);
Found : user_pref("CT2014090.DialogsAlignMode", "LTR");
Found : user_pref("CT2014090.EMailNotifierPollDate", "Sun Feb 08 2009 14:33:13 GMT+0100");
Found : user_pref("CT2014090.EnableUsage", false);
Found : user_pref("CT2014090.ExternalComponentPollDate128450423515850725", "Sun Feb 08 2009 13:48:13 GMT+010[...]
Found : user_pref("CT2014090.FeedLastCount128446865667925723", 866);
Found : user_pref("CT2014090.FeedLastCount128446905016050140", 90);
Found : user_pref("CT2014090.FeedPollDate128450759039188258", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450759039188259", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450759039188260", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450759039188261", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450759039188262", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562798", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562799", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562800", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562801", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562802", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562803", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562804", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562805", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562806", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562807", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562808", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562809", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562810", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562811", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562812", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562813", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562814", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562815", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562816", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562817", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FeedPollDate128450877968562818", "Sun Feb 08 2009 13:48:13 GMT+0100");
Found : user_pref("CT2014090.FirstTime", true);
Found : user_pref("CT2014090.FirstTimeFF3", true);
Found : user_pref("CT2014090.FixPageNotFoundErrors", false);
Found : user_pref("CT2014090.Initialize", true);
Found : user_pref("CT2014090.InitializeCommonPrefs", true);
Found : user_pref("CT2014090.IsGrouping", false);
Found : user_pref("CT2014090.IsMulticommunity", false);
Found : user_pref("CT2014090.IsOpenThankYouPage", true);
Found : user_pref("CT2014090.IsOpenUninstallPage", true);
Found : user_pref("CT2014090.LanguagePackLastCheckTime", "Sat Feb 07 2009 10:05:27 GMT+0100");
Found : user_pref("CT2014090.LanguagePackReloadInterval", "24");
Found : user_pref("CT2014090.LastLogin", "Sat Feb 07 2009 10:05:25 GMT+0100");
Found : user_pref("CT2014090.Locale", "en-us");
Found : user_pref("CT2014090.LoginCache", "4");
Found : user_pref("CT2014090.MCDetectTooltipHeight", "83");
Found : user_pref("CT2014090.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2014090.MCDetectTooltipWidth", "295");
Found : user_pref("CT2014090.MyGadgetsServerUrl", "hxxp://services.MyStuff.u-page.com/MyStuffService.asmx/Le[...]
Found : user_pref("CT2014090.MyGadgetsTrustedDomains", "u-page.com");
Found : user_pref("CT2014090.RadioLastCheckTime", "Sun Feb 08 2009 10:06:14 GMT+0100");
Found : user_pref("CT2014090.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2014090.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2014090.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2014090.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT201[...]
Found : user_pref("CT2014090.Server", "hxxp://users.conduit.com");
Found : user_pref("CT2014090.SettingsLastUpdate", "1233402079");
Found : user_pref("CT2014090.ThirdPartyComponentsInterval", "72");
Found : user_pref("CT2014090.ThirdPartyComponentsLastCheck", "Sat Feb 07 2009 10:05:25 GMT+0100");
Found : user_pref("CT2014090.ThirdPartyComponentsLastUpdate", "1231051540");
Found : user_pref("CT2014090.ToolbarAlignMode", "SYSTEM");
Found : user_pref("CT2014090.ToolbarName", "Isohunt-vuze");
Found : user_pref("CT2014090.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2014090.UserID", "UN20090207100522255");
Found : user_pref("CT2014090.VusualLastUpdateTime", "1231051540");
Found : user_pref("CT2014090.WeatherNetwork", "");
Found : user_pref("CT2014090.WeatherPollDate", "Sun Feb 08 2009 14:18:14 GMT+0100");
Found : user_pref("CT2014090.WeatherUnit", "C");
Found : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2504091.CTID", "CT2504091");
Found : user_pref("CT2504091.CurrentServerDate", "15-6-2010");
Found : user_pref("CT2504091.DialogsAlignMode", "LTR");
Found : user_pref("CT2504091.DownloadReferralCookieData", "");
Found : user_pref("CT2504091.EMailNotifierPollDate", "Tue Jun 15 2010 09:53:39 GMT+0200");
Found : user_pref("CT2504091.FeedLastCount129079840422964131", 0);
Found : user_pref("CT2504091.FeedPollDate128891351169457140", "Tue Jun 15 2010 09:53:41 GMT+0200");
Found : user_pref("CT2504091.FeedPollDate129079840422964131", "Tue Jun 15 2010 09:53:41 GMT+0200");
Found : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Found : user_pref("CT2504091.FirstServerDate", "15-6-2010");
Found : user_pref("CT2504091.FirstTime", true);
Found : user_pref("CT2504091.FirstTimeFF3", true);
Found : user_pref("CT2504091.FirstTimeSettingsDone", true);
Found : user_pref("CT2504091.FixPageNotFoundErrors", true);
Found : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2504091.Initialize", true);
Found : user_pref("CT2504091.InitializeCommonPrefs", true);
Found : user_pref("CT2504091.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT2504091.InstallationType", "UnknownIntegration");
Found : user_pref("CT2504091.InstalledDate", "Tue Jun 15 2010 09:53:39 GMT+0200");
Found : user_pref("CT2504091.IsGrouping", false);
Found : user_pref("CT2504091.IsMulticommunity", false);
Found : user_pref("CT2504091.IsOpenThankYouPage", false);
Found : user_pref("CT2504091.IsOpenUninstallPage", false);
Found : user_pref("CT2504091.LanguagePackLastCheckTime", "Tue Jun 15 2010 09:53:41 GMT+0200");
Found : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2504091.LastLogin_2.7.1.3", "Tue Jun 15 2010 09:53:42 GMT+0200");
Found : user_pref("CT2504091.LatestVersion", "2.1.0.18");
Found : user_pref("CT2504091.Locale", "en-us");
Found : user_pref("CT2504091.LoginCache", 4);
Found : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Found : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Found : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
Found : user_pref("CT2504091.SearchInNewTabEnabled", true);
Found : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Tue Jun 15 2010 09:53:43 GMT+0200");
Found : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2504091.SettingsLastCheckTime", "Tue Jun 15 2010 09:53:37 GMT+0200");
Found : user_pref("CT2504091.SettingsLastUpdate", "1275605221");
Found : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Tue Jun 15 2010 09:53:36 GMT+0200");
Found : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1275605221");
Found : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2504091.UserID", "UN13956437300562421");
Found : user_pref("CT2504091.alertChannelId", "897164");
Found : user_pref("CT2504091.clientLogIsEnabled", false);
Found : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2504091.myStuffEnabled", true);
Found : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT3147923..clientLogIsEnabled", true);
Found : user_pref("CT3147923..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT3147923..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT3147923.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT3147923.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT3147923.BrowserCompStateIsOpen_129657313666888154", true);
Found : user_pref("CT3147923.BrowserCompStateIsOpen_129658343543475368", true);
Found : user_pref("CT3147923.CTID", "CT3147923");
Found : user_pref("CT3147923.CurrentServerDate", "3-2-2012");
Found : user_pref("CT3147923.DSInstall", false);
Found : user_pref("CT3147923.DialogsAlignMode", "LTR");
Found : user_pref("CT3147923.DialogsGetterLastCheckTime", "Fri Feb 03 2012 17:10:56 GMT+0100");
Found : user_pref("CT3147923.DownloadReferralCookieData", "");
Found : user_pref("CT3147923.EMailNotifierPollDate", "Fri Feb 03 2012 17:10:56 GMT+0100");
Found : user_pref("CT3147923.FirstServerDate", "3-2-2012");
Found : user_pref("CT3147923.FirstTime", true);
Found : user_pref("CT3147923.FirstTimeFF3", true);
Found : user_pref("CT3147923.FixPageNotFoundErrors", true);
Found : user_pref("CT3147923.GroupingServerCheckInterval", 1440);
Found : user_pref("CT3147923.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT3147923.HPInstall", false);
Found : user_pref("CT3147923.HasUserGlobalKeys", true);
Found : user_pref("CT3147923.HomePageProtectorEnabled", false);
Found : user_pref("CT3147923.HomepageBeforeUnload", "hxxp://www.centrum.cz/");
Found : user_pref("CT3147923.Initialize", true);
Found : user_pref("CT3147923.InitializeCommonPrefs", true);
Found : user_pref("CT3147923.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT3147923.InstallationId", "ConduitNSISIntegration");
Found : user_pref("CT3147923.InstallationType", "ConduitXPEIntegration");
Found : user_pref("CT3147923.InstalledDate", "Fri Feb 03 2012 17:10:56 GMT+0100");
Found : user_pref("CT3147923.InvalidateCache", false);
Found : user_pref("CT3147923.IsAlertDBUpdated", true);
Found : user_pref("CT3147923.IsGrouping", false);
Found : user_pref("CT3147923.IsInitSetupIni", true);
Found : user_pref("CT3147923.IsMulticommunity", false);
Found : user_pref("CT3147923.IsOpenThankYouPage", false);
Found : user_pref("CT3147923.IsOpenUninstallPage", true);
Found : user_pref("CT3147923.LanguagePackLastCheckTime", "Fri Feb 03 2012 17:11:00 GMT+0100");
Found : user_pref("CT3147923.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT3147923.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT3147923.LastLogin_3.9.0.3", "Fri Feb 03 2012 17:11:00 GMT+0100");
Found : user_pref("CT3147923.LatestVersion", "3.9.0.3");
Found : user_pref("CT3147923.Locale", "en");
Found : user_pref("CT3147923.MCDetectTooltipHeight", "83");
Found : user_pref("CT3147923.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT3147923.MCDetectTooltipWidth", "295");
Found : user_pref("CT3147923.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT3147923.OriginalFirstVersion", "3.9.0.3");
Found : user_pref("CT3147923.RadioIsPodcast", false);
Found : user_pref("CT3147923.RadioLastCheckTime", "Fri Feb 03 2012 17:10:59 GMT+0100");
Found : user_pref("CT3147923.RadioLastUpdateIPServer", "3");
Found : user_pref("CT3147923.RadioLastUpdateServer", "129658450662870000");
Found : user_pref("CT3147923.RadioMediaID", "21995873");
Found : user_pref("CT3147923.RadioMediaType", "Media Player");
Found : user_pref("CT3147923.RadioMenuSelectedID", "EBRadioMenu_CT314792321995873");
Found : user_pref("CT3147923.RadioShrinkedFromSetup", false);
Found : user_pref("CT3147923.RadioStationName", "California%20Rock%20-%20Rock");
Found : user_pref("CT3147923.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Found : user_pref("CT3147923.SearchCaption", "BVD ToolKit Customized Web Search");
Found : user_pref("CT3147923.SearchEngineBeforeUnload", "Web Search");
Found : user_pref("CT3147923.SearchFromAddressBarIsInit", true);
Found : user_pref("CT3147923.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT314[...]
Found : user_pref("CT3147923.SearchInNewTabEnabled", true);
Found : user_pref("CT3147923.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT3147923.SearchInNewTabLastCheckTime", "Fri Feb 03 2012 17:11:01 GMT+0100");
Found : user_pref("CT3147923.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT3147923.SearchProtectorEnabled", false);
Found : user_pref("CT3147923.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT3147923.SendProtectorDataViaLogin", true);
Found : user_pref("CT3147923.ServiceMapLastCheckTime", "Fri Feb 03 2012 17:10:54 GMT+0100");
Found : user_pref("CT3147923.SettingsLastCheckTime", "Fri Feb 03 2012 17:10:55 GMT+0100");
Found : user_pref("CT3147923.SettingsLastUpdate", "1327236858");
Found : user_pref("CT3147923.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3147923&SearchSource=13");
Found : user_pref("CT3147923.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT3147923.ThirdPartyComponentsLastCheck", "Fri Feb 03 2012 17:10:54 GMT+0100");
Found : user_pref("CT3147923.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT3147923.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT3147923.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3147923");
Found : user_pref("CT3147923.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT3147923.UserID", "UN34805631414889665");
Found : user_pref("CT3147923.ValidationData_Toolbar", 2);
Found : user_pref("CT3147923.alertChannelId", "1545834");
Found : user_pref("CT3147923.autoDisableScopes", -1);
Found : user_pref("CT3147923.backendstorage.meevideo_user_settings_null", "7B22757365724964223A6E756C6C2C226[...]
Found : user_pref("CT3147923.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT3147923.globalFirstTimeInfoLastCheckTime", "Fri Feb 03 2012 17:10:57 GMT+0100");
Found : user_pref("CT3147923.homepageProtectorEnableByLogin", true);
Found : user_pref("CT3147923.initDone", true);
Found : user_pref("CT3147923.isAppTrackingManagerOn", true);
Found : user_pref("CT3147923.isFirstRadioInstallation", false);
Found : user_pref("CT3147923.myStuffEnabled", true);
Found : user_pref("CT3147923.myStuffPublihserMinWidth", 400);
Found : user_pref("CT3147923.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT3147923.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT3147923.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT3147923.revertSettingsEnabled", false);
Found : user_pref("CT3147923.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT3147923.searchProtectorEnableByLogin", true);
Found : user_pref("CT3147923.testingCtid", "");
Found : user_pref("CT3147923.toolbarAppMetaDataLastCheckTime", "Fri Feb 03 2012 17:10:56 GMT+0100");
Found : user_pref("CT3147923.toolbarContextMenuLastCheckTime", "Fri Feb 03 2012 17:11:00 GMT+0100");
Found : user_pref("CT3147923.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT3147923[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT3147923", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... tenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... erApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... redApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... lbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... kg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT3147923",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"cde[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Felipe Grande\\AppData\\Roaming\\Mo[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Found : user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2014090,CT2504091,CT3147923");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2014090,CT2504091,CT3147923");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3147923");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Nov 25 2010 01:13:33 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "da43e35c-9caf-4508-84da-7df3d88a1b01");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3147923");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 03 2012 17:13:2[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 03 2012 17:10:55 GMT+0100");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "feda0324-1a71-4bf8-ab38-bac10c241c1d");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.centrum.cz/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Web Search");
Found : user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Thu Nov 25 2010 01:13:35 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Thu Nov 25 2010 01:13:35 GMT+0100"[...]
Found : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Thu Nov 25 2010 01:13:35 GMT+0100")[...]
Found : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Thu Nov 25 2010 01:13:35 GMT+0100")[...]
Found : user_pref("browser.babylon.HPOnNewTab", "1");
Found : user_pref("browser.search.defaultenginename", "Web Search");
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26014 octets] - [08/02/2013 16:09:52]

########## EOF - C:\AdwCleaner[R1].txt - [26075 octets] ##########




p.s. tvuj odkaz s ATF cleanerem nejak nefunguje, stáhl jsem ze slunečnice verzi 3.0.0.2

Je to teď poměrně rozšířený vir s tou policií

V adw nech vše smazat

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

ADW log:

´# AdwCleaner v2.111 - Logfile created 02/09/2013 at 12:48:06
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Felipe Grande - FM_WORKSTATION
# Boot Mode : Normal
# Running from : C:\Users\Felipe Grande\Desktop\ČIŠTĚNÍ PC AKTUAL!\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Deleted : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Deleted : C:\Users\Felipe Grande\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Felipe Grande\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Felipe Grande\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BVD_ToolKit
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BVD_ToolKit
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03E0EF5B-DDBB-489C-A0D0-16287429CEAF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0A1281C7-432E-45B1-BE01-C5FC49144869}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4683DA83-50B0-4298-8B6F-2F2C767E41D3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E49D8D56-543D-4B71-BA78-150D6DD38374}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0 (cs)

File : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\prefs.js

C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\user.js ... Deleted !

Deleted : user_pref("CT2014090.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2014090.AllowNonPrivacy", false);
Deleted : user_pref("CT2014090.CTID", "CT2014090");
Deleted : user_pref("CT2014090.CTPBaseServerUrl", "hxxp://services.conduit.com/");
Deleted : user_pref("CT2014090.CommunityChanged", false);
Deleted : user_pref("CT2014090.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2014090.EMailNotifierPollDate", "Sun Feb 08 2009 14:33:13 GMT+0100");
Deleted : user_pref("CT2014090.EnableUsage", false);
Deleted : user_pref("CT2014090.ExternalComponentPollDate128450423515850725", "Sun Feb 08 2009 13:48:13 GMT+010[...]
Deleted : user_pref("CT2014090.FeedLastCount128446865667925723", 866);
Deleted : user_pref("CT2014090.FeedLastCount128446905016050140", 90);
Deleted : user_pref("CT2014090.FeedPollDate128450759039188258", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450759039188259", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450759039188260", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450759039188261", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450759039188262", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562798", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562799", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562800", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562801", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562802", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562803", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562804", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562805", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562806", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562807", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562808", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562809", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562810", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562811", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562812", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562813", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562814", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562815", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562816", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562817", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FeedPollDate128450877968562818", "Sun Feb 08 2009 13:48:13 GMT+0100");
Deleted : user_pref("CT2014090.FirstTime", true);
Deleted : user_pref("CT2014090.FirstTimeFF3", true);
Deleted : user_pref("CT2014090.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2014090.Initialize", true);
Deleted : user_pref("CT2014090.InitializeCommonPrefs", true);
Deleted : user_pref("CT2014090.IsGrouping", false);
Deleted : user_pref("CT2014090.IsMulticommunity", false);
Deleted : user_pref("CT2014090.IsOpenThankYouPage", true);
Deleted : user_pref("CT2014090.IsOpenUninstallPage", true);
Deleted : user_pref("CT2014090.LanguagePackLastCheckTime", "Sat Feb 07 2009 10:05:27 GMT+0100");
Deleted : user_pref("CT2014090.LanguagePackReloadInterval", "24");
Deleted : user_pref("CT2014090.LastLogin", "Sat Feb 07 2009 10:05:25 GMT+0100");
Deleted : user_pref("CT2014090.Locale", "en-us");
Deleted : user_pref("CT2014090.LoginCache", "4");
Deleted : user_pref("CT2014090.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2014090.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2014090.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2014090.MyGadgetsServerUrl", "hxxp://services.MyStuff.u-page.com/MyStuffService.asmx/Le[...]
Deleted : user_pref("CT2014090.MyGadgetsTrustedDomains", "u-page.com");
Deleted : user_pref("CT2014090.RadioLastCheckTime", "Sun Feb 08 2009 10:06:14 GMT+0100");
Deleted : user_pref("CT2014090.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2014090.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2014090.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2014090.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT201[...]
Deleted : user_pref("CT2014090.Server", "hxxp://users.conduit.com");
Deleted : user_pref("CT2014090.SettingsLastUpdate", "1233402079");
Deleted : user_pref("CT2014090.ThirdPartyComponentsInterval", "72");
Deleted : user_pref("CT2014090.ThirdPartyComponentsLastCheck", "Sat Feb 07 2009 10:05:25 GMT+0100");
Deleted : user_pref("CT2014090.ThirdPartyComponentsLastUpdate", "1231051540");
Deleted : user_pref("CT2014090.ToolbarAlignMode", "SYSTEM");
Deleted : user_pref("CT2014090.ToolbarName", "Isohunt-vuze");
Deleted : user_pref("CT2014090.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2014090.UserID", "UN20090207100522255");
Deleted : user_pref("CT2014090.VusualLastUpdateTime", "1231051540");
Deleted : user_pref("CT2014090.WeatherNetwork", "");
Deleted : user_pref("CT2014090.WeatherPollDate", "Sun Feb 08 2009 14:18:14 GMT+0100");
Deleted : user_pref("CT2014090.WeatherUnit", "C");
Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2504091.CTID", "CT2504091");
Deleted : user_pref("CT2504091.CurrentServerDate", "15-6-2010");
Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2504091.DownloadReferralCookieData", "");
Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Tue Jun 15 2010 09:53:39 GMT+0200");
Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 0);
Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Tue Jun 15 2010 09:53:41 GMT+0200");
Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Tue Jun 15 2010 09:53:41 GMT+0200");
Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Deleted : user_pref("CT2504091.FirstServerDate", "15-6-2010");
Deleted : user_pref("CT2504091.FirstTime", true);
Deleted : user_pref("CT2504091.FirstTimeFF3", true);
Deleted : user_pref("CT2504091.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2504091.Initialize", true);
Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2504091.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2504091.InstalledDate", "Tue Jun 15 2010 09:53:39 GMT+0200");
Deleted : user_pref("CT2504091.IsGrouping", false);
Deleted : user_pref("CT2504091.IsMulticommunity", false);
Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Tue Jun 15 2010 09:53:41 GMT+0200");
Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2504091.LastLogin_2.7.1.3", "Tue Jun 15 2010 09:53:42 GMT+0200");
Deleted : user_pref("CT2504091.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT2504091.Locale", "en-us");
Deleted : user_pref("CT2504091.LoginCache", 4);
Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Tue Jun 15 2010 09:53:43 GMT+0200");
Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Tue Jun 15 2010 09:53:37 GMT+0200");
Deleted : user_pref("CT2504091.SettingsLastUpdate", "1275605221");
Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Tue Jun 15 2010 09:53:36 GMT+0200");
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1275605221");
Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2504091.UserID", "UN13956437300562421");
Deleted : user_pref("CT2504091.alertChannelId", "897164");
Deleted : user_pref("CT2504091.clientLogIsEnabled", false);
Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2504091.myStuffEnabled", true);
Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT3147923..clientLogIsEnabled", true);
Deleted : user_pref("CT3147923..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3147923..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3147923.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3147923.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3147923.BrowserCompStateIsOpen_129657313666888154", true);
Deleted : user_pref("CT3147923.BrowserCompStateIsOpen_129658343543475368", true);
Deleted : user_pref("CT3147923.CTID", "CT3147923");
Deleted : user_pref("CT3147923.CurrentServerDate", "3-2-2012");
Deleted : user_pref("CT3147923.DSInstall", false);
Deleted : user_pref("CT3147923.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3147923.DialogsGetterLastCheckTime", "Fri Feb 03 2012 17:10:56 GMT+0100");
Deleted : user_pref("CT3147923.DownloadReferralCookieData", "");
Deleted : user_pref("CT3147923.EMailNotifierPollDate", "Fri Feb 03 2012 17:10:56 GMT+0100");
Deleted : user_pref("CT3147923.FirstServerDate", "3-2-2012");
Deleted : user_pref("CT3147923.FirstTime", true);
Deleted : user_pref("CT3147923.FirstTimeFF3", true);
Deleted : user_pref("CT3147923.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3147923.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3147923.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3147923.HPInstall", false);
Deleted : user_pref("CT3147923.HasUserGlobalKeys", true);
Deleted : user_pref("CT3147923.HomePageProtectorEnabled", false);
Deleted : user_pref("CT3147923.HomepageBeforeUnload", "hxxp://www.centrum.cz/");
Deleted : user_pref("CT3147923.Initialize", true);
Deleted : user_pref("CT3147923.InitializeCommonPrefs", true);
Deleted : user_pref("CT3147923.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT3147923.InstallationId", "ConduitNSISIntegration");
Deleted : user_pref("CT3147923.InstallationType", "ConduitXPEIntegration");
Deleted : user_pref("CT3147923.InstalledDate", "Fri Feb 03 2012 17:10:56 GMT+0100");
Deleted : user_pref("CT3147923.InvalidateCache", false);
Deleted : user_pref("CT3147923.IsAlertDBUpdated", true);
Deleted : user_pref("CT3147923.IsGrouping", false);
Deleted : user_pref("CT3147923.IsInitSetupIni", true);
Deleted : user_pref("CT3147923.IsMulticommunity", false);
Deleted : user_pref("CT3147923.IsOpenThankYouPage", false);
Deleted : user_pref("CT3147923.IsOpenUninstallPage", true);
Deleted : user_pref("CT3147923.LanguagePackLastCheckTime", "Fri Feb 03 2012 17:11:00 GMT+0100");
Deleted : user_pref("CT3147923.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3147923.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3147923.LastLogin_3.9.0.3", "Fri Feb 03 2012 17:11:00 GMT+0100");
Deleted : user_pref("CT3147923.LatestVersion", "3.9.0.3");
Deleted : user_pref("CT3147923.Locale", "en");
Deleted : user_pref("CT3147923.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3147923.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3147923.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3147923.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3147923.OriginalFirstVersion", "3.9.0.3");
Deleted : user_pref("CT3147923.RadioIsPodcast", false);
Deleted : user_pref("CT3147923.RadioLastCheckTime", "Fri Feb 03 2012 17:10:59 GMT+0100");
Deleted : user_pref("CT3147923.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3147923.RadioLastUpdateServer", "129658450662870000");
Deleted : user_pref("CT3147923.RadioMediaID", "21995873");
Deleted : user_pref("CT3147923.RadioMediaType", "Media Player");
Deleted : user_pref("CT3147923.RadioMenuSelectedID", "EBRadioMenu_CT314792321995873");
Deleted : user_pref("CT3147923.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT3147923.RadioStationName", "California%20Rock%20-%20Rock");
Deleted : user_pref("CT3147923.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Deleted : user_pref("CT3147923.SearchCaption", "BVD ToolKit Customized Web Search");
Deleted : user_pref("CT3147923.SearchEngineBeforeUnload", "Web Search");
Deleted : user_pref("CT3147923.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3147923.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT314[...]
Deleted : user_pref("CT3147923.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3147923.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3147923.SearchInNewTabLastCheckTime", "Fri Feb 03 2012 17:11:01 GMT+0100");
Deleted : user_pref("CT3147923.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3147923.SearchProtectorEnabled", false);
Deleted : user_pref("CT3147923.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT3147923.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3147923.ServiceMapLastCheckTime", "Fri Feb 03 2012 17:10:54 GMT+0100");
Deleted : user_pref("CT3147923.SettingsLastCheckTime", "Fri Feb 03 2012 17:10:55 GMT+0100");
Deleted : user_pref("CT3147923.SettingsLastUpdate", "1327236858");
Deleted : user_pref("CT3147923.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3147923&SearchSource=13");
Deleted : user_pref("CT3147923.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3147923.ThirdPartyComponentsLastCheck", "Fri Feb 03 2012 17:10:54 GMT+0100");
Deleted : user_pref("CT3147923.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT3147923.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3147923.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3147923");
Deleted : user_pref("CT3147923.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3147923.UserID", "UN34805631414889665");
Deleted : user_pref("CT3147923.ValidationData_Toolbar", 2);
Deleted : user_pref("CT3147923.alertChannelId", "1545834");
Deleted : user_pref("CT3147923.autoDisableScopes", -1);
Deleted : user_pref("CT3147923.backendstorage.meevideo_user_settings_null", "7B22757365724964223A6E756C6C2C226[...]
Deleted : user_pref("CT3147923.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3147923.globalFirstTimeInfoLastCheckTime", "Fri Feb 03 2012 17:10:57 GMT+0100");
Deleted : user_pref("CT3147923.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3147923.initDone", true);
Deleted : user_pref("CT3147923.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3147923.isFirstRadioInstallation", false);
Deleted : user_pref("CT3147923.myStuffEnabled", true);
Deleted : user_pref("CT3147923.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3147923.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3147923.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3147923.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3147923.revertSettingsEnabled", false);
Deleted : user_pref("CT3147923.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3147923.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3147923.testingCtid", "");
Deleted : user_pref("CT3147923.toolbarAppMetaDataLastCheckTime", "Fri Feb 03 2012 17:10:56 GMT+0100");
Deleted : user_pref("CT3147923.toolbarContextMenuLastCheckTime", "Fri Feb 03 2012 17:11:00 GMT+0100");
Deleted : user_pref("CT3147923.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT3147923[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT3147923", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... tenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... erApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... redApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... lbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... kg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT3147923",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"cde[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Felipe Grande\\AppData\\Roaming\\Mo[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2014090,CT2504091,CT3147923");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2014090,CT2504091,CT3147923");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3147923");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Nov 25 2010 01:13:33 GMT+0100");
Deleted : user_pref("CommunityToolbar.globalUserId", "da43e35c-9caf-4508-84da-7df3d88a1b01");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3147923");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Feb 03 2012 17:13:2[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 03 2012 17:10:55 GMT+0100");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "feda0324-1a71-4bf8-ab38-bac10c241c1d");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.centrum.cz/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Web Search");
Deleted : user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Thu Nov 25 2010 01:13:35 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Thu Nov 25 2010 01:13:35 GMT+0100"[...]
Deleted : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Thu Nov 25 2010 01:13:35 GMT+0100")[...]
Deleted : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Thu Nov 25 2010 01:13:35 GMT+0100")[...]
Deleted : user_pref("browser.babylon.HPOnNewTab", "1");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26145 octets] - [08/02/2013 16:09:52]
AdwCleaner[R2].txt - [26225 octets] - [09/02/2013 12:46:23]
AdwCleaner[S1].txt - [26893 octets] - [09/02/2013 12:48:06]

########## EOF - C:\AdwCleaner[S1].txt - [26954 octets] ##########

TDSSKiller log:

12:57:58.0510 3740 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:57:58.0541 3740 ============================================================
12:57:58.0541 3740 Current date / time: 2013/02/09 12:57:58.0541
12:57:58.0541 3740 SystemInfo:
12:57:58.0541 3740
12:57:58.0541 3740 OS Version: 6.1.7601 ServicePack: 1.0
12:57:58.0541 3740 Product type: Workstation
12:57:58.0541 3740 ComputerName: FM_WORKSTATION
12:57:58.0541 3740 UserName: Felipe Grande
12:57:58.0541 3740 Windows directory: C:\Windows
12:57:58.0541 3740 System windows directory: C:\Windows
12:57:58.0541 3740 Running under WOW64
12:57:58.0541 3740 Processor architecture: Intel x64
12:57:58.0541 3740 Number of processors: 2
12:57:58.0541 3740 Page size: 0x1000
12:57:58.0541 3740 Boot type: Normal boot
12:57:58.0541 3740 ============================================================
12:58:00.0307 3740 Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:58:00.0338 3740 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:58:00.0338 3740 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:58:00.0354 3740 ============================================================
12:58:00.0354 3740 \Device\Harddisk2\DR2:
12:58:00.0354 3740 MBR partitions:
12:58:00.0354 3740 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x695C65E
12:58:00.0354 3740 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x695C6E2, BlocksNum 0x16867E9F
12:58:00.0354 3740 \Device\Harddisk0\DR0:
12:58:00.0354 3740 MBR partitions:
12:58:00.0354 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B3F7CE9
12:58:00.0354 3740 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B3F7D2F, BlocksNum 0xA035992
12:58:00.0354 3740 \Device\Harddisk1\DR1:
12:58:00.0354 3740 MBR partitions:
12:58:00.0354 3740 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
12:58:00.0354 3740 ============================================================
12:58:00.0401 3740 C: <-> \Device\Harddisk0\DR0\Partition2
12:58:00.0416 3740 E: <-> \Device\Harddisk0\DR0\Partition1
12:58:00.0432 3740 F: <-> \Device\Harddisk1\DR1\Partition1
12:58:00.0448 3740 G: <-> \Device\Harddisk2\DR2\Partition2
12:58:00.0479 3740 D: <-> \Device\Harddisk2\DR2\Partition1
12:58:00.0479 3740 ============================================================
12:58:00.0479 3740 Initialize success
12:58:00.0479 3740 ============================================================
12:58:13.0682 3104 ============================================================
12:58:13.0682 3104 Scan started
12:58:13.0682 3104 Mode: Manual;
12:58:13.0682 3104 ============================================================
12:58:15.0385 3104 ================ Scan system memory ========================
12:58:15.0385 3104 System memory - ok
12:58:15.0385 3104 ================ Scan services =============================
12:58:15.0526 3104 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:58:15.0526 3104 1394ohci - ok
12:58:15.0588 3104 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:58:15.0604 3104 ACPI - ok
12:58:15.0651 3104 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:58:15.0666 3104 AcpiPmi - ok
12:58:16.0354 3104 [ E2769E2699AF88CA3C57289A8A32ED19 ] AcronisOSSReinstallSvc C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
12:58:16.0370 3104 AcronisOSSReinstallSvc - ok
12:58:16.0432 3104 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:58:16.0432 3104 AdobeARMservice - ok
12:58:16.0588 3104 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:58:16.0604 3104 adp94xx - ok
12:58:16.0713 3104 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:58:16.0729 3104 adpahci - ok
12:58:16.0776 3104 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:58:16.0791 3104 adpu320 - ok
12:58:16.0838 3104 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:58:16.0838 3104 AeLookupSvc - ok
12:58:17.0073 3104 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:58:17.0088 3104 AFD - ok
12:58:17.0166 3104 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:58:17.0182 3104 agp440 - ok
12:58:17.0213 3104 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:58:17.0229 3104 ALG - ok
12:58:17.0307 3104 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:58:17.0323 3104 aliide - ok
12:58:17.0370 3104 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:58:17.0416 3104 amdide - ok
12:58:17.0495 3104 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:58:17.0510 3104 AmdK8 - ok
12:58:17.0526 3104 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:58:17.0541 3104 AmdPPM - ok
12:58:17.0620 3104 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:58:17.0635 3104 amdsata - ok
12:58:17.0713 3104 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:58:17.0760 3104 amdsbs - ok
12:58:17.0776 3104 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:58:17.0776 3104 amdxata - ok
12:58:18.0073 3104 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:58:18.0073 3104 AntiVirSchedulerService - ok
12:58:18.0135 3104 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:58:18.0135 3104 AntiVirService - ok
12:58:18.0260 3104 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:58:18.0276 3104 AppID - ok
12:58:18.0323 3104 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:58:18.0323 3104 AppIDSvc - ok
12:58:18.0401 3104 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:58:18.0401 3104 Appinfo - ok
12:58:18.0651 3104 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
12:58:18.0666 3104 AppMgmt - ok
12:58:18.0698 3104 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:58:18.0698 3104 arc - ok
12:58:18.0713 3104 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:58:18.0713 3104 arcsas - ok
12:58:19.0213 3104 [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
12:58:19.0213 3104 AsIO - ok
12:58:19.0698 3104 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:58:19.0979 3104 aspnet_state - ok
12:58:20.0026 3104 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:58:20.0026 3104 AsyncMac - ok
12:58:20.0088 3104 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:58:20.0088 3104 atapi - ok
12:58:20.0338 3104 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:58:20.0354 3104 AudioEndpointBuilder - ok
12:58:20.0385 3104 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:58:20.0385 3104 AudioSrv - ok
12:58:20.0604 3104 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
12:58:20.0635 3104 Autodesk Content Service - ok
12:58:20.0682 3104 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:58:20.0682 3104 avgntflt - ok
12:58:20.0729 3104 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:58:20.0729 3104 avipbb - ok
12:58:20.0745 3104 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:58:20.0745 3104 avkmgr - ok
12:58:20.0870 3104 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:58:20.0885 3104 AxInstSV - ok
12:58:21.0057 3104 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:58:21.0073 3104 b06bdrv - ok
12:58:21.0229 3104 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:58:21.0229 3104 b57nd60a - ok
12:58:21.0338 3104 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:58:21.0354 3104 BDESVC - ok
12:58:21.0463 3104 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:58:21.0463 3104 Beep - ok
12:58:21.0760 3104 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:58:21.0791 3104 BFE - ok
12:58:22.0041 3104 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:58:22.0057 3104 BITS - ok
12:58:22.0120 3104 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:58:22.0135 3104 blbdrive - ok
12:58:22.0213 3104 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:58:22.0213 3104 bowser - ok
12:58:22.0276 3104 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:58:22.0276 3104 BrFiltLo - ok
12:58:22.0307 3104 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:58:22.0323 3104 BrFiltUp - ok
12:58:22.0479 3104 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:58:22.0495 3104 BridgeMP - ok
12:58:22.0557 3104 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:58:22.0557 3104 Browser - ok
12:58:22.0635 3104 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:58:22.0651 3104 Brserid - ok
12:58:22.0698 3104 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:58:22.0713 3104 BrSerWdm - ok
12:58:22.0745 3104 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:58:22.0760 3104 BrUsbMdm - ok
12:58:22.0791 3104 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:58:22.0807 3104 BrUsbSer - ok
12:58:22.0870 3104 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:58:22.0901 3104 BTHMODEM - ok
12:58:23.0010 3104 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:58:23.0026 3104 bthserv - ok
12:58:23.0041 3104 catchme - ok
12:58:23.0073 3104 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:58:23.0088 3104 cdfs - ok
12:58:23.0213 3104 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:58:23.0213 3104 cdrom - ok
12:58:23.0323 3104 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:58:23.0338 3104 CertPropSvc - ok
12:58:23.0416 3104 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:58:23.0432 3104 circlass - ok
12:58:23.0510 3104 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:58:23.0510 3104 CLFS - ok
12:58:23.0698 3104 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:58:23.0729 3104 clr_optimization_v2.0.50727_32 - ok
12:58:23.0823 3104 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:58:23.0870 3104 clr_optimization_v2.0.50727_64 - ok
12:58:24.0260 3104 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:58:25.0073 3104 clr_optimization_v4.0.30319_32 - ok
12:58:25.0229 3104 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:58:25.0370 3104 clr_optimization_v4.0.30319_64 - ok
12:58:25.0448 3104 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:58:25.0463 3104 CmBatt - ok
12:58:25.0510 3104 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:58:25.0526 3104 cmdide - ok
12:58:25.0666 3104 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:58:25.0682 3104 CNG - ok
12:58:26.0401 3104 [ 8FDE9C9D9FDEC3B958EDFCC222FD1199 ] CodeMeter.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
12:58:26.0432 3104 CodeMeter.exe - ok
12:58:26.0463 3104 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:58:26.0463 3104 Compbatt - ok
12:58:26.0557 3104 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:58:26.0573 3104 CompositeBus - ok
12:58:26.0588 3104 COMSysApp - ok
12:58:26.0713 3104 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
12:58:26.0713 3104 cpuz135 - ok
12:58:26.0729 3104 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:58:26.0745 3104 crcdisk - ok
12:58:26.0854 3104 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:58:26.0854 3104 CryptSvc - ok
12:58:27.0010 3104 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
12:58:27.0026 3104 CSC - ok
12:58:27.0229 3104 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
12:58:27.0245 3104 CscService - ok
12:58:27.0385 3104 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:58:27.0401 3104 DcomLaunch - ok
12:58:27.0510 3104 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:58:27.0526 3104 defragsvc - ok
12:58:27.0620 3104 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:58:27.0635 3104 DfsC - ok
12:58:27.0729 3104 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:58:27.0745 3104 Dhcp - ok
12:58:27.0807 3104 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:58:27.0823 3104 discache - ok
12:58:27.0979 3104 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:58:28.0010 3104 Disk - ok
12:58:28.0088 3104 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:58:28.0088 3104 Dnscache - ok
12:58:28.0182 3104 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:58:28.0198 3104 dot3svc - ok
12:58:28.0276 3104 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:58:28.0276 3104 DPS - ok
12:58:28.0354 3104 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:58:28.0370 3104 drmkaud - ok
12:58:28.0479 3104 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:58:28.0495 3104 dtsoftbus01 - ok
12:58:28.0760 3104 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:58:28.0760 3104 DXGKrnl - ok
12:58:28.0807 3104 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:58:28.0823 3104 EapHost - ok
12:58:29.0354 3104 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:58:29.0416 3104 ebdrv - ok
12:58:29.0479 3104 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:58:29.0479 3104 EFS - ok
12:58:29.0791 3104 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:58:29.0807 3104 ehRecvr - ok
12:58:29.0885 3104 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:58:29.0901 3104 ehSched - ok
12:58:30.0088 3104 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:58:30.0120 3104 elxstor - ok
12:58:30.0166 3104 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:58:30.0182 3104 ErrDev - ok
12:58:30.0338 3104 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:58:30.0338 3104 EventSystem - ok
12:58:30.0401 3104 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:58:30.0416 3104 exfat - ok
12:58:30.0463 3104 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:58:30.0479 3104 fastfat - ok
12:58:30.0713 3104 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:58:30.0729 3104 Fax - ok
12:58:30.0776 3104 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:58:30.0791 3104 fdc - ok
12:58:30.0885 3104 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:58:30.0916 3104 fdPHost - ok
12:58:30.0948 3104 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:58:30.0963 3104 FDResPub - ok
12:58:30.0995 3104 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:58:31.0010 3104 FileInfo - ok
12:58:31.0026 3104 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:58:31.0041 3104 Filetrace - ok
12:58:31.0323 3104 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:58:31.0354 3104 FLEXnet Licensing Service - ok
12:58:31.0932 3104 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:58:31.0963 3104 FLEXnet Licensing Service 64 - ok
12:58:31.0995 3104 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:58:32.0010 3104 flpydisk - ok
12:58:32.0120 3104 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:58:32.0151 3104 FltMgr - ok
12:58:32.0432 3104 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:58:32.0463 3104 FontCache - ok
12:58:32.0573 3104 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:58:32.0604 3104 FontCache3.0.0.0 - ok
12:58:32.0651 3104 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:58:32.0666 3104 FsDepends - ok
12:58:32.0713 3104 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:58:32.0713 3104 Fs_Rec - ok
12:58:32.0870 3104 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:58:32.0885 3104 fvevol - ok
12:58:32.0932 3104 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:58:32.0948 3104 gagp30kx - ok
12:58:33.0041 3104 [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
12:58:33.0041 3104 ggflt - ok
12:58:33.0135 3104 [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
12:58:33.0151 3104 ggsemc - ok
12:58:33.0370 3104 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:58:33.0385 3104 gpsvc - ok
12:58:33.0588 3104 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:58:33.0588 3104 gupdate - ok
12:58:33.0588 3104 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:58:33.0588 3104 gupdatem - ok
12:58:33.0620 3104 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:58:33.0635 3104 hcw85cir - ok
12:58:33.0823 3104 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:58:33.0854 3104 HdAudAddService - ok
12:58:33.0885 3104 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:58:33.0901 3104 HDAudBus - ok
12:58:33.0948 3104 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:58:33.0963 3104 HidBatt - ok
12:58:33.0979 3104 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:58:33.0995 3104 HidBth - ok
12:58:34.0010 3104 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:58:34.0041 3104 HidIr - ok
12:58:34.0088 3104 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:58:34.0088 3104 hidserv - ok
12:58:34.0213 3104 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:58:34.0245 3104 HidUsb - ok
12:58:34.0291 3104 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:58:34.0307 3104 hkmsvc - ok
12:58:34.0385 3104 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:58:34.0401 3104 HomeGroupListener - ok
12:58:34.0495 3104 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:58:34.0495 3104 HomeGroupProvider - ok
12:58:34.0573 3104 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:58:34.0573 3104 HpSAMD - ok
12:58:34.0807 3104 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:58:34.0838 3104 HTTP - ok
12:58:34.0885 3104 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:58:34.0885 3104 hwpolicy - ok
12:58:34.0979 3104 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:58:34.0995 3104 i8042prt - ok
12:58:35.0166 3104 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:58:35.0182 3104 iaStorV - ok
12:58:35.0432 3104 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:58:35.0463 3104 idsvc - ok
12:58:35.0541 3104 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:58:35.0557 3104 iirsp - ok
12:58:35.0776 3104 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:58:35.0807 3104 IKEEXT - ok
12:58:36.0995 3104 [ 150AC23F21DBDBF8488408BA944B0D65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:58:37.0010 3104 IntcAzAudAddService - ok
12:58:37.0057 3104 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:58:37.0057 3104 intelide - ok
12:58:37.0135 3104 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:58:37.0135 3104 intelppm - ok
12:58:37.0198 3104 [ A79A140AB6CC3D1E0BB4E54DD3B17B07 ] IObitUnlocker C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys
12:58:37.0198 3104 IObitUnlocker - ok
12:58:37.0291 3104 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:58:37.0291 3104 IPBusEnum - ok
12:58:37.0323 3104 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:58:37.0323 3104 IpFilterDriver - ok
12:58:37.0354 3104 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:58:37.0385 3104 iphlpsvc - ok
12:58:37.0416 3104 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:58:37.0416 3104 IPMIDRV - ok
12:58:37.0463 3104 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:58:37.0479 3104 IPNAT - ok
12:58:37.0526 3104 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:58:37.0526 3104 IRENUM - ok
12:58:37.0588 3104 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:58:37.0588 3104 isapnp - ok
12:58:37.0698 3104 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:58:37.0698 3104 iScsiPrt - ok
12:58:37.0932 3104 [ EF72D272064D1877BFB391F67B8134D7 ] iteatapi C:\Windows\system32\DRIVERS\iteatapi.sys
12:58:37.0932 3104 iteatapi - ok
12:58:37.0995 3104 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:58:37.0995 3104 kbdclass - ok
12:58:38.0057 3104 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:58:38.0073 3104 kbdhid - ok
12:58:38.0088 3104 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:58:38.0088 3104 KeyIso - ok
12:58:38.0151 3104 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:58:38.0166 3104 KSecDD - ok
12:58:38.0245 3104 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:58:38.0260 3104 KSecPkg - ok
12:58:38.0291 3104 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:58:38.0291 3104 ksthunk - ok
12:58:38.0401 3104 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:58:38.0432 3104 KtmRm - ok
12:58:38.0557 3104 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:58:38.0573 3104 LanmanServer - ok
12:58:38.0651 3104 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:58:38.0651 3104 LanmanWorkstation - ok
12:58:38.0776 3104 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:58:38.0776 3104 lltdio - ok
12:58:38.0807 3104 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:58:38.0823 3104 lltdsvc - ok
12:58:38.0823 3104 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:58:38.0823 3104 lmhosts - ok
12:58:39.0151 3104 [ 7109163D8027076D2680CFC4E80E2A28 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
12:58:39.0151 3104 LMIGuardianSvc - ok
12:58:39.0245 3104 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
12:58:39.0245 3104 LMIInfo - ok
12:58:39.0448 3104 [ 8054CE1FC8B417691960D00F931516A7 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
12:58:39.0463 3104 LMIMaint - ok
12:58:39.0541 3104 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
12:58:39.0541 3104 lmimirr - ok
12:58:39.0604 3104 LMIRfsClientNP - ok
12:58:39.0713 3104 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
12:58:39.0713 3104 LMIRfsDriver - ok
12:58:39.0916 3104 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
12:58:39.0932 3104 LogMeIn - ok
12:58:39.0963 3104 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:58:39.0979 3104 LSI_FC - ok
12:58:40.0010 3104 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:58:40.0010 3104 LSI_SAS - ok
12:58:40.0041 3104 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:58:40.0041 3104 LSI_SAS2 - ok
12:58:40.0073 3104 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:58:40.0073 3104 LSI_SCSI - ok
12:58:40.0088 3104 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:58:40.0104 3104 luafv - ok
12:58:40.0151 3104 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:58:40.0166 3104 Mcx2Svc - ok
12:58:40.0213 3104 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:58:40.0229 3104 megasas - ok
12:58:40.0291 3104 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:58:40.0307 3104 MegaSR - ok
12:58:40.0651 3104 Microsoft SharePoint Workspace Audit Service - ok
12:58:40.0713 3104 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:58:40.0713 3104 MMCSS - ok
12:58:40.0745 3104 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:58:40.0760 3104 Modem - ok
12:58:40.0823 3104 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:58:40.0838 3104 monitor - ok
12:58:40.0916 3104 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:58:40.0916 3104 mouclass - ok
12:58:40.0979 3104 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:58:40.0995 3104 mouhid - ok
12:58:41.0041 3104 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:58:41.0057 3104 mountmgr - ok
12:58:41.0182 3104 [ 6380FF81DD4D78B23398752D2F46EA43 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:58:41.0182 3104 MozillaMaintenance - ok
12:58:41.0213 3104 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:58:41.0229 3104 mpio - ok
12:58:41.0291 3104 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:58:41.0307 3104 mpsdrv - ok
12:58:41.0541 3104 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:58:41.0557 3104 MpsSvc - ok
12:58:41.0620 3104 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:58:41.0635 3104 MRxDAV - ok
12:58:41.0713 3104 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:58:41.0729 3104 mrxsmb - ok
12:58:41.0838 3104 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:58:41.0854 3104 mrxsmb10 - ok
12:58:41.0932 3104 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:58:41.0948 3104 mrxsmb20 - ok
12:58:41.0963 3104 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:58:41.0963 3104 msahci - ok
12:58:42.0041 3104 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:58:42.0057 3104 msdsm - ok
12:58:42.0088 3104 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:58:42.0104 3104 MSDTC - ok
12:58:42.0135 3104 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:58:42.0135 3104 Msfs - ok
12:58:42.0182 3104 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:58:42.0198 3104 mshidkmdf - ok
12:58:42.0213 3104 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:58:42.0213 3104 msisadrv - ok
12:58:42.0338 3104 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:58:42.0338 3104 MSiSCSI - ok
12:58:42.0354 3104 msiserver - ok
12:58:42.0432 3104 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:58:42.0448 3104 MSKSSRV - ok
12:58:42.0495 3104 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:58:42.0510 3104 MSPCLOCK - ok
12:58:42.0557 3104 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:58:42.0573 3104 MSPQM - ok
12:58:42.0666 3104 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:58:42.0698 3104 MsRPC - ok
12:58:42.0745 3104 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:58:42.0760 3104 mssmbios - ok
12:58:42.0791 3104 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:58:42.0807 3104 MSTEE - ok
12:58:42.0823 3104 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:58:42.0838 3104 MTConfig - ok
12:58:42.0932 3104 [ 2219A3D695405E7BA2186BA6B9EDE14A ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:58:42.0932 3104 MTsensor - ok
12:58:42.0979 3104 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:58:42.0979 3104 Mup - ok
12:58:43.0135 3104 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:58:43.0151 3104 napagent - ok
12:58:43.0291 3104 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:58:43.0307 3104 NativeWifiP - ok
12:58:43.0620 3104 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:58:43.0635 3104 NDIS - ok
12:58:43.0698 3104 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:58:43.0713 3104 NdisCap - ok
12:58:43.0776 3104 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:58:43.0776 3104 NdisTapi - ok
12:58:43.0823 3104 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:58:43.0838 3104 Ndisuio - ok
12:58:43.0901 3104 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:58:43.0932 3104 NdisWan - ok
12:58:43.0963 3104 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:58:43.0995 3104 NDProxy - ok
12:58:44.0120 3104 [ 76C4D5C98A808D8C8E0C46280036FAF8 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:58:44.0120 3104 Net Driver HPZ12 - ok
12:58:44.0198 3104 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:58:44.0213 3104 NetBIOS - ok
12:58:44.0291 3104 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:58:44.0291 3104 NetBT - ok
12:58:44.0323 3104 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:58:44.0323 3104 Netlogon - ok
12:58:44.0479 3104 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:58:44.0495 3104 Netman - ok
12:58:44.0573 3104 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:58:44.0854 3104 NetMsmqActivator - ok
12:58:44.0885 3104 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:58:44.0901 3104 NetPipeActivator - ok
12:58:45.0041 3104 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:58:45.0057 3104 netprofm - ok
12:58:45.0135 3104 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:58:45.0151 3104 NetTcpActivator - ok
12:58:45.0151 3104 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:58:45.0151 3104 NetTcpPortSharing - ok
12:58:45.0213 3104 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:58:45.0229 3104 nfrd960 - ok
12:58:45.0370 3104 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:58:45.0385 3104 NlaSvc - ok
12:58:45.0416 3104 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:58:45.0432 3104 Npfs - ok
12:58:45.0448 3104 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:58:45.0448 3104 nsi - ok
12:58:45.0479 3104 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:58:45.0495 3104 nsiproxy - ok
12:58:45.0963 3104 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:58:46.0010 3104 Ntfs - ok
12:58:46.0057 3104 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:58:46.0073 3104 Null - ok
12:58:49.0229 3104 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:58:49.0307 3104 nvlddmkm - ok
12:58:49.0432 3104 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:58:49.0463 3104 nvraid - ok
12:58:49.0526 3104 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:58:49.0541 3104 nvstor - ok
12:58:49.0854 3104 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\Windows\system32\nvvsvc.exe
12:58:49.0870 3104 nvsvc - ok
12:58:50.0182 3104 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:58:50.0213 3104 nvUpdatusService - ok
12:58:50.0291 3104 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:58:50.0307 3104 nv_agp - ok
12:58:50.0354 3104 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:58:50.0370 3104 ohci1394 - ok
12:58:51.0213 3104 [ 3B21C8F61C8900206F003C58AFD39581 ] OODefragAgent C:\Program Files\OO Software\Defrag\oodag.exe
12:58:51.0245 3104 OODefragAgent - ok
12:58:51.0432 3104 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:58:51.0463 3104 ose - ok
12:58:52.0057 3104 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:58:52.0229 3104 osppsvc - ok
12:58:52.0370 3104 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:58:52.0385 3104 p2pimsvc - ok
12:58:52.0526 3104 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:58:52.0541 3104 p2psvc - ok
12:58:52.0635 3104 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:58:52.0651 3104 Parport - ok
12:58:52.0698 3104 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:58:52.0713 3104 partmgr - ok
12:58:52.0745 3104 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:58:52.0745 3104 PcaSvc - ok
12:58:52.0823 3104 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:58:52.0838 3104 pci - ok
12:58:52.0885 3104 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:58:52.0901 3104 pciide - ok
12:58:52.0916 3104 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:58:52.0932 3104 pcmcia - ok
12:58:52.0963 3104 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:58:52.0963 3104 pcw - ok
12:58:53.0088 3104 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:58:53.0104 3104 PEAUTH - ok
12:58:53.0463 3104 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:58:53.0495 3104 PeerDistSvc - ok
12:58:55.0291 3104 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:58:55.0323 3104 PerfHost - ok
12:58:55.0620 3104 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:58:55.0635 3104 pla - ok
12:58:55.0776 3104 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:58:55.0791 3104 PlugPlay - ok
12:58:55.0807 3104 [ D1A4DBB8A29F7FFC78378F47F9EA6B91 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:58:55.0807 3104 Pml Driver HPZ12 - ok
12:58:55.0823 3104 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:58:55.0838 3104 PNRPAutoReg - ok
12:58:55.0870 3104 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:58:55.0870 3104 PNRPsvc - ok
12:58:56.0010 3104 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:58:56.0026 3104 PolicyAgent - ok
12:58:56.0104 3104 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:58:56.0120 3104 Power - ok
12:58:56.0198 3104 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:58:56.0213 3104 PptpMiniport - ok
12:58:56.0276 3104 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:58:56.0338 3104 Processor - ok
12:58:56.0448 3104 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:58:56.0463 3104 ProfSvc - ok
12:58:56.0495 3104 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:58:56.0495 3104 ProtectedStorage - ok
12:58:56.0666 3104 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:58:56.0698 3104 Psched - ok
12:58:57.0120 3104 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:58:57.0135 3104 ql2300 - ok
12:58:57.0166 3104 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:58:57.0182 3104 ql40xx - ok
12:58:57.0276 3104 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:58:57.0291 3104 QWAVE - ok
12:58:57.0307 3104 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:58:57.0323 3104 QWAVEdrv - ok
12:58:57.0354 3104 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:58:57.0370 3104 RasAcd - ok
12:58:57.0448 3104 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:58:57.0463 3104 RasAgileVpn - ok
12:58:57.0495 3104 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:58:57.0510 3104 RasAuto - ok
12:58:57.0557 3104 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:58:57.0573 3104 Rasl2tp - ok
12:58:57.0682 3104 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:58:57.0698 3104 RasMan - ok
12:58:57.0729 3104 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:58:57.0745 3104 RasPppoe - ok
12:58:57.0791 3104 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:58:57.0807 3104 RasSstp - ok
12:58:57.0901 3104 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:58:57.0916 3104 rdbss - ok
12:58:57.0963 3104 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:58:57.0995 3104 rdpbus - ok
12:58:58.0010 3104 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:58:58.0026 3104 RDPCDD - ok
12:58:58.0120 3104 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:58:58.0135 3104 RDPDR - ok
12:58:58.0245 3104 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:58:58.0260 3104 RDPENCDD - ok
12:58:58.0291 3104 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:58:58.0338 3104 RDPREFMP - ok
12:58:58.0432 3104 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:58:58.0463 3104 RDPWD - ok
12:58:58.0651 3104 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:58:58.0682 3104 rdyboost - ok
12:58:58.0745 3104 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:58:58.0760 3104 RemoteAccess - ok
12:58:58.0823 3104 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:58:58.0838 3104 RemoteRegistry - ok
12:58:58.0901 3104 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:58:58.0901 3104 RpcEptMapper - ok
12:58:58.0963 3104 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:58:58.0979 3104 RpcLocator - ok
12:58:59.0120 3104 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:58:59.0135 3104 RpcSs - ok
12:58:59.0182 3104 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:58:59.0213 3104 rspndr - ok
12:58:59.0307 3104 [ 6C90231046FB9FC4123C42179832817F ] s117bus C:\Windows\system32\DRIVERS\s117bus.sys
12:58:59.0323 3104 s117bus - ok
12:58:59.0401 3104 [ 3279341C90EF8F226AF77623039F4495 ] s117mdfl C:\Windows\system32\DRIVERS\s117mdfl.sys
12:58:59.0416 3104 s117mdfl - ok
12:58:59.0479 3104 [ 73E331F555279E753B312675DDAF4516 ] s117mdm C:\Windows\system32\DRIVERS\s117mdm.sys
12:58:59.0495 3104 s117mdm - ok
12:58:59.0604 3104 [ D420731FD2880F0F40F20771EFAAD671 ] s117mgmt C:\Windows\system32\DRIVERS\s117mgmt.sys
12:58:59.0620 3104 s117mgmt - ok
12:58:59.0713 3104 [ 98236CA5A9A77D0983AC3F6D6527C796 ] s117nd5 C:\Windows\system32\DRIVERS\s117nd5.sys
12:58:59.0776 3104 s117nd5 - ok
12:58:59.0854 3104 [ 1DD613909477AE298C98E86617EC356B ] s117obex C:\Windows\system32\DRIVERS\s117obex.sys
12:58:59.0901 3104 s117obex - ok
12:59:00.0010 3104 [ 9A22DF5FE9B6BE279D820776A6ADB56F ] s117unic C:\Windows\system32\DRIVERS\s117unic.sys
12:59:00.0026 3104 s117unic - ok
12:59:00.0088 3104 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:59:00.0120 3104 s3cap - ok
12:59:00.0135 3104 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:59:00.0151 3104 SamSs - ok
12:59:00.0229 3104 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:59:00.0276 3104 sbp2port - ok
12:59:00.0401 3104 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:59:00.0432 3104 SCardSvr - ok
12:59:00.0479 3104 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:59:00.0510 3104 scfilter - ok
12:59:00.0760 3104 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:59:00.0791 3104 Schedule - ok
12:59:00.0823 3104 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:59:00.0823 3104 SCPolicySvc - ok
12:59:00.0885 3104 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:59:00.0916 3104 SDRSVC - ok
12:59:01.0010 3104 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:59:01.0026 3104 secdrv - ok
12:59:01.0041 3104 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:59:01.0057 3104 seclogon - ok
12:59:01.0104 3104 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:59:01.0104 3104 SENS - ok
12:59:01.0120 3104 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:59:01.0135 3104 SensrSvc - ok
12:59:01.0151 3104 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:59:01.0166 3104 Serenum - ok
12:59:01.0198 3104 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:59:01.0213 3104 Serial - ok
12:59:01.0260 3104 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:59:01.0276 3104 sermouse - ok
12:59:01.0323 3104 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:59:01.0323 3104 SessionEnv - ok
12:59:01.0370 3104 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:59:01.0385 3104 sffdisk - ok
12:59:01.0416 3104 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:59:01.0432 3104 sffp_mmc - ok
12:59:01.0448 3104 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:59:01.0463 3104 sffp_sd - ok
12:59:01.0479 3104 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:59:01.0479 3104 sfloppy - ok
12:59:01.0588 3104 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:59:01.0620 3104 SharedAccess - ok
12:59:01.0713 3104 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:59:01.0713 3104 ShellHWDetection - ok
12:59:01.0791 3104 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:59:01.0838 3104 SiSRaid2 - ok
12:59:01.0870 3104 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:59:01.0901 3104 SiSRaid4 - ok
12:59:02.0010 3104 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:59:02.0026 3104 Smb - ok
12:59:02.0151 3104 [ B84440E7554FC85E900EEF0A7AABA228 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
12:59:02.0151 3104 snapman - ok
12:59:02.0245 3104 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:59:02.0245 3104 SNMPTRAP - ok
12:59:02.0307 3104 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
12:59:02.0307 3104 speedfan - ok
12:59:02.0338 3104 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:59:02.0338 3104 spldr - ok
12:59:02.0526 3104 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:59:02.0526 3104 Spooler - ok
12:59:03.0213 3104 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:59:03.0260 3104 sppsvc - ok
12:59:03.0323 3104 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:59:03.0338 3104 sppuinotify - ok
12:59:03.0448 3104 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:59:03.0463 3104 srv - ok
12:59:03.0588 3104 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:59:03.0604 3104 srv2 - ok
12:59:03.0635 3104 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:59:03.0651 3104 srvnet - ok
12:59:03.0745 3104 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:59:03.0760 3104 SSDPSRV - ok
12:59:03.0791 3104 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:59:03.0791 3104 SstpSvc - ok
12:59:03.0854 3104 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:59:03.0870 3104 stexstor - ok
12:59:03.0948 3104 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:59:03.0963 3104 stisvc - ok
12:59:03.0995 3104 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:59:03.0995 3104 storflt - ok
12:59:04.0057 3104 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
12:59:04.0073 3104 StorSvc - ok
12:59:04.0120 3104 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:59:04.0120 3104 storvsc - ok
12:59:04.0291 3104 [ 04CF20310145DEC63D5387BEAFF77D9A ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
12:59:04.0307 3104 SWDUMon - ok
12:59:04.0354 3104 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:59:04.0354 3104 swenum - ok
12:59:04.0713 3104 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:59:04.0760 3104 SwitchBoard - ok
12:59:04.0916 3104 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:59:04.0932 3104 swprv - ok
12:59:05.0385 3104 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:59:05.0416 3104 SysMain - ok
12:59:05.0448 3104 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:59:05.0463 3104 TabletInputService - ok
12:59:05.0573 3104 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:59:05.0573 3104 TapiSrv - ok
12:59:05.0666 3104 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:59:05.0666 3104 TBS - ok
12:59:05.0948 3104 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:59:05.0963 3104 Tcpip - ok
12:59:06.0073 3104 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:59:06.0073 3104 TCPIP6 - ok
12:59:06.0120 3104 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:59:06.0120 3104 tcpipreg - ok
12:59:06.0166 3104 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:59:06.0182 3104 TDPIPE - ok

12:59:06.0213 3104 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:59:06.0229 3104 TDTCP - ok
12:59:06.0260 3104 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:59:06.0276 3104 tdx - ok
12:59:06.0307 3104 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:59:06.0307 3104 TermDD - ok
12:59:06.0370 3104 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:59:06.0401 3104 TermService - ok
12:59:06.0416 3104 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:59:06.0432 3104 Themes - ok
12:59:06.0479 3104 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:59:06.0479 3104 THREADORDER - ok
12:59:06.0510 3104 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:59:06.0510 3104 TrkWks - ok
12:59:06.0651 3104 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:59:06.0666 3104 TrustedInstaller - ok
12:59:06.0698 3104 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:59:06.0729 3104 tssecsrv - ok
12:59:06.0885 3104 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:59:06.0901 3104 TsUsbFlt - ok
12:59:06.0963 3104 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:59:06.0979 3104 tunnel - ok
12:59:06.0995 3104 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:59:07.0010 3104 uagp35 - ok
12:59:07.0120 3104 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:59:07.0135 3104 udfs - ok
12:59:07.0166 3104 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:59:07.0182 3104 UI0Detect - ok
12:59:07.0229 3104 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:59:07.0229 3104 uliagpkx - ok
12:59:07.0307 3104 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:59:07.0323 3104 umbus - ok
12:59:07.0385 3104 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:59:07.0401 3104 UmPass - ok
12:59:07.0479 3104 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
12:59:07.0495 3104 UmRdpService - ok
12:59:07.0526 3104 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:59:07.0541 3104 upnphost - ok
12:59:07.0604 3104 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:59:07.0604 3104 usbccgp - ok
12:59:07.0651 3104 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:59:07.0666 3104 usbcir - ok
12:59:07.0713 3104 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:59:07.0729 3104 usbehci - ok
12:59:07.0838 3104 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:59:07.0854 3104 usbhub - ok
12:59:07.0916 3104 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:59:07.0932 3104 usbohci - ok
12:59:08.0010 3104 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:59:08.0041 3104 usbprint - ok
12:59:08.0104 3104 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:59:08.0120 3104 usbscan - ok
12:59:08.0182 3104 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:59:08.0182 3104 USBSTOR - ok
12:59:08.0245 3104 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:59:08.0245 3104 usbuhci - ok
12:59:08.0307 3104 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:59:08.0307 3104 UxSms - ok
12:59:08.0370 3104 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:59:08.0370 3104 VaultSvc - ok
12:59:08.0401 3104 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:59:08.0401 3104 vdrvroot - ok
12:59:08.0479 3104 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:59:08.0495 3104 vds - ok
12:59:08.0541 3104 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:59:08.0557 3104 vga - ok
12:59:08.0573 3104 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:59:08.0573 3104 VgaSave - ok
12:59:08.0635 3104 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:59:08.0635 3104 vhdmp - ok
12:59:08.0666 3104 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:59:08.0682 3104 viaide - ok
12:59:08.0713 3104 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:59:08.0713 3104 vmbus - ok
12:59:08.0745 3104 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:59:08.0745 3104 VMBusHID - ok
12:59:08.0776 3104 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:59:08.0791 3104 volmgr - ok
12:59:08.0838 3104 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:59:08.0838 3104 volmgrx - ok
12:59:08.0885 3104 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:59:08.0885 3104 volsnap - ok
12:59:08.0948 3104 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:59:08.0963 3104 vsmraid - ok
12:59:09.0057 3104 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:59:09.0120 3104 VSS - ok
12:59:09.0135 3104 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:59:09.0135 3104 vwifibus - ok
12:59:09.0166 3104 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:59:09.0182 3104 W32Time - ok
12:59:09.0213 3104 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:59:09.0213 3104 WacomPen - ok
12:59:09.0260 3104 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:59:09.0291 3104 WANARP - ok
12:59:09.0307 3104 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:59:09.0307 3104 Wanarpv6 - ok
12:59:09.0370 3104 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:59:09.0432 3104 WatAdminSvc - ok
12:59:09.0588 3104 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:59:09.0620 3104 wbengine - ok
12:59:09.0651 3104 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:59:09.0666 3104 WbioSrvc - ok
12:59:09.0713 3104 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:59:09.0729 3104 wcncsvc - ok
12:59:09.0760 3104 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:59:09.0776 3104 WcsPlugInService - ok
12:59:09.0807 3104 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:59:09.0823 3104 Wd - ok
12:59:09.0963 3104 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:59:09.0995 3104 Wdf01000 - ok
12:59:10.0026 3104 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:59:10.0026 3104 WdiServiceHost - ok
12:59:10.0041 3104 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:59:10.0041 3104 WdiSystemHost - ok
12:59:10.0073 3104 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:59:10.0073 3104 WebClient - ok
12:59:10.0120 3104 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:59:10.0120 3104 Wecsvc - ok
12:59:10.0135 3104 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:59:10.0151 3104 wercplsupport - ok
12:59:10.0198 3104 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:59:10.0198 3104 WerSvc - ok
12:59:10.0260 3104 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:59:10.0260 3104 WfpLwf - ok
12:59:10.0276 3104 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:59:10.0323 3104 WIMMount - ok
12:59:10.0338 3104 WinDefend - ok
12:59:10.0354 3104 WinHttpAutoProxySvc - ok
12:59:11.0291 3104 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:59:11.0307 3104 Winmgmt - ok
12:59:11.0416 3104 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:59:11.0479 3104 WinRM - ok
12:59:11.0541 3104 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:59:11.0588 3104 WinUsb - ok
12:59:11.0651 3104 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:59:11.0666 3104 Wlansvc - ok
12:59:11.0682 3104 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:59:11.0682 3104 WmiAcpi - ok
12:59:11.0713 3104 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:59:11.0713 3104 wmiApSrv - ok
12:59:11.0729 3104 WMPNetworkSvc - ok
12:59:11.0760 3104 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:59:11.0760 3104 WPCSvc - ok
12:59:11.0791 3104 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:59:11.0791 3104 WPDBusEnum - ok
12:59:11.0838 3104 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:59:11.0838 3104 ws2ifsl - ok
12:59:11.0870 3104 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:59:11.0870 3104 wscsvc - ok
12:59:11.0885 3104 WSearch - ok
12:59:12.0104 3104 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:59:12.0151 3104 wuauserv - ok
12:59:12.0198 3104 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:59:12.0198 3104 WudfPf - ok
12:59:12.0307 3104 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:59:12.0338 3104 WUDFRd - ok
12:59:12.0370 3104 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:59:12.0385 3104 wudfsvc - ok
12:59:12.0416 3104 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:59:12.0432 3104 WwanSvc - ok
12:59:12.0604 3104 [ E1E858AEF2ED420CBB7605D3ECCEC69A ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:59:12.0620 3104 yukonw7 - ok
12:59:12.0635 3104 ================ Scan global ===============================
12:59:12.0682 3104 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:59:12.0776 3104 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
12:59:12.0791 3104 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
12:59:12.0838 3104 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:59:12.0901 3104 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:59:12.0901 3104 [Global] - ok
12:59:12.0901 3104 ================ Scan MBR ==================================
12:59:12.0916 3104 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
12:59:13.0057 3104 \Device\Harddisk2\DR2 - ok
12:59:13.0291 3104 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:59:13.0760 3104 \Device\Harddisk0\DR0 - ok
12:59:13.0776 3104 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:59:13.0776 3104 \Device\Harddisk1\DR1 - ok
12:59:13.0776 3104 ================ Scan VBR ==================================
12:59:13.0791 3104 [ 53DD8B267762DB5B3436BC0BC542FB1C ] \Device\Harddisk2\DR2\Partition1
12:59:13.0791 3104 \Device\Harddisk2\DR2\Partition1 - ok
12:59:13.0807 3104 [ 77DA5F837A07005F5431D5A9AB81A275 ] \Device\Harddisk2\DR2\Partition2
12:59:13.0807 3104 \Device\Harddisk2\DR2\Partition2 - ok
12:59:13.0807 3104 [ 9FF0B7B68F9E3B61941E8ACB18A3D824 ] \Device\Harddisk0\DR0\Partition1
12:59:13.0807 3104 \Device\Harddisk0\DR0\Partition1 - ok
12:59:13.0823 3104 [ 587F98547B42017C378338AAB8095998 ] \Device\Harddisk0\DR0\Partition2
12:59:13.0823 3104 \Device\Harddisk0\DR0\Partition2 - ok
12:59:13.0838 3104 [ 69B6FF925FED92F02CC726A87E2788B4 ] \Device\Harddisk1\DR1\Partition1
12:59:13.0838 3104 \Device\Harddisk1\DR1\Partition1 - ok
12:59:13.0838 3104 ============================================================
12:59:13.0838 3104 Scan finished
12:59:13.0838 3104 ============================================================
12:59:13.0870 2620 Detected object count: 0
12:59:13.0870 2620 Actual detected object count: 0
12:59:55.0651 3752 Deinitialize success




COMBOFIX LOG:

ComboFix 13-02-07.02 - Felipe Grande 09.02.2013 13:06:38.4.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2760 [GMT 1:00]
Spuštěný z: c:\users\Felipe Grande\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-09 do 2013-02-09 )))))))))))))))))))))))))))))))
.
.
2013-02-09 12:14 . 2013-02-09 12:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-02-09 12:14 . 2013-02-09 12:14 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2013-02-09 12:14 . 2013-02-09 12:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-09 11:35 . 2013-02-09 11:35 -------- d-----w- c:\users\Felipe Grande\AppData\Local\Comodo
2013-02-08 15:20 . 2013-02-08 15:20 -------- d-----w- c:\users\Felipe Grande\AppData\Local\ACD Systems
2013-02-08 15:11 . 2013-02-08 19:52 -------- d-----w- c:\users\Felipe Grande\AppData\Local\Adobe
2013-02-08 11:02 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{037B66C2-64D8-4FAB-BAD8-0B16C46952F0}\mpengine.dll
2013-02-01 20:55 . 2013-02-01 20:55 -------- d-----w- c:\users\Felipe Grande\AppData\Local\Programs
2013-01-30 21:10 . 2013-01-30 21:15 -------- d-----w- c:\users\Felipe Grande\AppData\Roaming\BID
2013-01-30 21:10 . 2013-01-30 21:10 -------- d-----w- c:\program files (x86)\Bulk Image Downloader
2013-01-21 22:42 . 2013-01-21 22:42 -------- d-----w- c:\users\Felipe Grande\AppData\Roaming\NCH Software
2013-01-21 22:41 . 2013-01-21 22:41 -------- d-----w- c:\programdata\NCH Swift Sound
2013-01-21 22:40 . 2013-01-21 22:40 -------- d-----w- c:\program files (x86)\NCH Swift Sound
2013-01-21 22:40 . 2013-01-21 22:40 -------- d-----w- c:\users\Felipe Grande\AppData\Roaming\NCH Swift Sound
2013-01-19 14:22 . 2013-01-19 14:22 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-01-19 14:18 . 2013-01-19 14:18 -------- d-----r- C:\MSOCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2012-01-28 02:29 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-10 02:09 . 2012-01-28 16:37 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-17 15:14 . 2012-12-17 15:14 289768 ----a-w- c:\windows\system32\javaws.exe
2012-12-17 15:14 . 2012-12-17 15:14 189416 ----a-w- c:\windows\system32\javaw.exe
2012-12-17 15:14 . 2012-12-17 15:14 188904 ----a-w- c:\windows\system32\java.exe
2012-12-17 15:14 . 2012-12-17 15:14 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-12-17 15:14 . 2012-10-13 09:18 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-17 15:14 . 2012-10-13 09:18 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-17 15:13 . 2012-12-17 15:13 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-17 15:13 . 2012-12-17 15:13 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-17 15:13 . 2012-01-25 03:07 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-17 15:11 . 2012-04-08 09:13 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-17 15:11 . 2012-01-24 16:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-16 17:11 . 2012-12-22 02:00 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 02:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 15:49 . 2012-03-11 09:27 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-07 13:20 . 2013-01-09 20:57 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 20:57 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 20:57 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 20:57 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 20:57 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 20:57 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 20:57 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 20:57 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 20:57 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 20:57 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 20:57 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 20:57 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 20:57 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 20:57 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 20:57 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 20:57 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 20:57 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 20:57 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 20:57 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 20:57 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 20:57 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 20:57 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 20:57 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 20:57 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 20:57 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 20:57 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 20:57 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 20:57 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 20:57 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 20:57 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 20:57 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 20:57 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-01 14:59 . 2012-12-01 14:59 724888 ----a-r- c:\users\Felipe Grande\AppData\Roaming\Microsoft\Installer\{4FF6A18E-1C17-4C48-8371-09C40B7ABFE9}\IconTmpl6.1992E333_D17A_448B_8484_ED047109D182.exe
2012-12-01 14:59 . 2012-12-01 14:59 212480 ----a-r- c:\users\Felipe Grande\AppData\Roaming\Microsoft\Installer\{4FF6A18E-1C17-4C48-8371-09C40B7ABFE9}\IconTmpl2.108DF49C_3AB4_4A7D_B6FD_8B6286B317FA.exe
2012-12-01 14:59 . 2012-12-01 14:59 2078096 ----a-r- c:\users\Felipe Grande\AppData\Roaming\Microsoft\Installer\{4FF6A18E-1C17-4C48-8371-09C40B7ABFE9}\IconTmpl4.1992E333_D17A_448B_8484_ED047109D182.exe
2012-11-30 05:45 . 2013-01-09 20:57 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 20:57 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 20:57 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 20:57 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 20:57 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 20:57 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 20:57 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 20:57 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 20:57 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PrtScr by FireStarter"="c:\program files (x86)\PrtScr\PrtScr.exe" [2008-03-19 1375744]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-09-07 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-6 3768176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-11-01 1431888]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-02-03 13352]
R3 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2011-03-09 33184]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-03-14 13920]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-25 1255736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-01-19 2078096]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-11-05 375728]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-01-11 15928]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 3136328]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-26 283200]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2011-09-14 398112]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 06:54 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-20 c:\windows\Tasks\AdobeAAMUpdater-1.0-FM_workstation-Felipe Grande.job
- c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-03-14 02:44]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cdbb4da02a08d8.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-25 03:41]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-25 03:41]
.
2012-09-14 c:\windows\Tasks\{5B847F59-12D6-4753-A9A9-33EAF03E0366}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2010-09-02 13:15]
.
2012-09-14 c:\windows\Tasks\{7B95DF1F-6DAA-4C00-AF78-755F60F9CE66}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2010-09-02 13:15]
.
2012-09-14 c:\windows\Tasks\{F8EFB556-EBB3-422B-AFE1-A139FC917E15}.job
- c:\program files (x86)\mozilla firefox\firefox.exe [2012-06-10 15:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-10-16 00:42 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-10-16 00:42 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-10-16 00:42 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-10-16 00:42 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-01-11 57928]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 4012360]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.ceskatelevize.cz/ivysilani/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: En&queue current page with BID - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm
IE: Enqueue link target with BID - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
IE: Open &link target with BID - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm
IE: Open current page with BID - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
TCP: DhcpNameServer = 147.32.110.1 147.32.110.2
FF - ProfilePath - c:\users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - ExtSQL: 2013-01-30 21:58; doubleclick-picture@windpr.tw; c:\users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\extensions\doubleclick-picture@windpr.tw.xpi
FF - ExtSQL: 2013-01-30 21:58; imagedownload@Merci.chao; c:\users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\extensions\imagedownload@Merci.chao.xpi
FF - ExtSQL: 2013-01-30 22:07; {524B8EF8-C312-11DB-8039-536F56D89593}; c:\users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1193739700-1416340202-3985265929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]
@Denied: (2) (S-1-5-21-1193739700-1416340202-3985265929-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10o"
.
[HKEY_USERS\S-1-5-21-1193739700-1416340202-3985265929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]
@Denied: (2) (S-1-5-21-1193739700-1416340202-3985265929-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10p"
.
[HKEY_USERS\S-1-5-21-1193739700-1416340202-3985265929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]
@Denied: (2) (S-1-5-21-1193739700-1416340202-3985265929-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10pf"
.
[HKEY_USERS\S-1-5-21-1193739700-1416340202-3985265929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-1193739700-1416340202-3985265929-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xmp"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="181C3CC3EFEA5B78DD9CE2F0A59D0D2A81E9412D60C4ABCA89FC491004278486AC0CBE9658347B9EE9C88A8E45C4C8A1711FF08BE86711275C108AF971424AAA35178E3254FCECE5D1A07125C9BF7DC87A91D19920C8DB78625B34F259816B6670A48E0D203205ED58FEA8A7043EBE8703AD405F0C767C90C57B113A9674D515ECA297418A06CD3A12C13327D7B3D22CC5E20E0AC54715A207125F3817712B731083738EF6EF8532E84C095DBD56356550A47F6AFAD17D4B7AC2D0F55C10BC2593BC60575D2A1BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808A6171C11EC38DE3D9DB7CE019D40AA5C99301CB82A91B5425E00CC559039F59406A702939CA7436F1379C1EAC2616EB562C0743B19942CAA82C94F90F4BC83A713BFC6C8142E519D38C917775961516C9B905BA615933E83827B32E45FB9005D6DD2F51E053DEB3CC92182497F8F9344366C0BE57F0B1D5AD7C582490C1FBCE0B5188FB623D726B23257945201A528008775C6D65F07C0EE602D522857714F8CF59995ABC716D79AC21D607750F04899C81E51CBDE2B5EB55F0A3961C6C693F497B28F886C251BC131F4FD1280D26F3A972EF488C9ACF6567A894D48FE4B275EEB18074E3244CFAC94B4896E4C41DF4375C1FCC99357C8AFBC2D2F22CCBCEAC2A4CE8B6E5DC99890E809A14D0F449AC647C8B93DD208D9D015C8FD2C1D70074F5A2FAFD3561BDCD7106EE9E5CA79698CD78682043FB173FED3066215054CE46508E789D9A6B6C7A14D390CDDA493D810D2922D3339DAA3B03161047D3ACBB11B0DFAB34E01AB4840C91030D563D5B702C9DA17D7401D3A94C72A107F18FEDFB92DBE4DF7379F913A116D0ADB769A9B44341CA16CFB284D8B1407B9249B88A63E0FDA798E43C89B49149F4AF66D4E5BEE68EB30E535BBB4A779EFB6EBEA207F5A3ECFDD3C3FF421DD27CAA81FFD7314CEA6B1ACA95B300FB340B13FC8CA10A874AA6D26A2EB04A09882E36242809EA6E10F28048F7FEE3C2C90EC12A1A7392425275A80D4AB6A5DD1C237B6C071F835DBA5E1A568D677E2BF7818F0D10E0DB73B6B101F5C88B0DF9168E2686F7340A92556BF07743CDA6B546C799FA8B213EE3613DCB8B3ADF2F19857593F1749C5AED76D7A9F6B2DBE8202C12F6A69EB6817CC1E61884B6A602259596209F55C6EB5C59C9EED754BDF9996B2A91DC9B53BC1E9ED144D07B43EC5F89897923C3A33716F788BF1B15D0AE611DD2D8AF6ACCD45A84CBEC8BFA16571D228E8308E94A1DB0FFAF3AF31CBA061A545D4870E15F83D5B620042C0ED4182F47998BA87BDDBAF8E81E02F7B2798C8BDCF0A6DA2D6278587C148054BF9529722E7BC8CB2B116ED8E4DAD00891EFE1C76C7"
"OODEFRAG14.00.00.01PROFESSIONAL"="D20C90ED580EDAFBCA309636E2FE3F07FBC1215AA62081F2227E92FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D1407A9C6AECB7A5D1407A9C6AECB7A5D1407D57E0EE69335AE6DA40C3C0A0AFEF7133C75836F649F00C9116E170C8D13AA5F3F81B297AB6F95C88722F0F182BC200298BD030EACD6C40C316DAE711ED840ED082C9DBF79A889C908A6FEDF30061D0B638CF9A47CA99393E507E90C257B098B2AA7F3908DD5572F91FA62059FD59F3A921F57847DBC205ED36FCF6F86E75E49193FEF7CAB4A9E3781A427D4130AAC2212519C438E19F56E12FD7572DF6CEF39B9E4DD3D4B40D1A8AACEF08A7D659B584127E23C4027714BAEAE08B07E40C074632E9F4F9754BACBD146F4A1088E9A7771C8558D57B9C5FE2721490AE3F8261664522AF07108736C317E7F5C0F0FAB1BEB80B2984F81F698F01B8B9FC7154DBDFEAF062769426CDBF60BEC4023D59FE66ABBCD84D396E02BF302395A15F3338EE447D23ACA4A68EDC5A63094083523809B0F0F3BC6F42F4C8B634D64E8D9AAB0C1BC3F378D4E817C33315067B7E4B18FA331F06ABEFBE41709EDD7AD96EF5B5032D8126CE3E0A1E2C8AAE68A5DFC1BC2987B0383046E572A2FF67CE8A442BF1DC60A24EF30750903063822135AFD054C06EEE83E94F331273674F50D4E4125C80560631889E54C415BA5C3D9434868E1E9AD58142218EEB7CB840ED40141B10E65114F82BC7152852F60A27BDF24123C39FD1FC2124AE3048CE5A6C0DEFAD8A554747E8F4838D63C5B78A9DA2D3AA11AD9CB1ACDFD5DB4BA117CB3133F0BE6D0B4879B61DF3E69582FA6561B5C9A8DBB27263E793489DA8FDC503D53AD707AD35AEB6162EAEE6F4BEB43BB2551379DE7EF3E1251B3EA24B8EE8D5F4CE69085F30FE621BC06979E11C74C7E28A3E56EE8F6EBB0A3B4FE347036834A0DDDB3D07E8D5FC262806803A36C64DA94A061F18AF22A4A01A0A97E7597A642693A07F4C30B63BC06DBF7FD8477501E9EC948EA1F901921C192B34E0C690EA0F85599E11728A41FA0D1BE42B87B7B2AC0D21C747CEC790DFDDEC6C0F7F876D015BD615ACE017688ED4D9A57C8FEF17537A444797D1CB379140A73480707C0535E373575C62153AE6EEDCC1941FAE68B83DA0BBBFDA55165284C2DA885466E3BB6B6D11CDF89565CE6067A38B25E3088EAC61ECF600303649E94C9FDC65E28B2C567580F7D2F426DDD9EAD38B10BC6A0F5EB901F0B249A9CA1050736A1EBBBF478A8CC60867C7BD4217354EE57D6C999F184596466EC8FCA20718211F00016D2FB8B9777674E0A95BFF13E8B3F0BF94DF07B51B3DF327A3DCC64C025139DCD304357858E8E739BCA8EBF210B8B67BEAA4772376EE9C19DD79B1B"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Celkový čas: 2013-02-09 13:17:22
ComboFix-quarantined-files.txt 2013-02-09 12:17
ComboFix2.txt 2012-11-22 15:06
.
Před spuštěním: Volných bajtů: 18 934 804 480
Po spuštění: Volných bajtů: 18 862 260 224
.
- - End Of File - - 3A1EB566627095D27BFB084E907B6580

dale mě stale nefunguje funkce obnoveni systemu (bod obnovy vytvořit lze ale spustit obnoveni uz ne), kdyz sem to ted namatkove zkousel...





...jo a reklama ve firefoxu porad vyskakuje... (nevim jestli to s tim souvisi ale jak ted vyskocila, ta zacal problikavat a mizet kurzor mysi...)

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

ComboFix 13-02-07.02 - Felipe Grande 10.02.2013 10:16:35.5.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2757 [GMT 1:00]
Spuštěný z: c:\users\Felipe Grande\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Felipe Grande\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\{5B847F59-12D6-4753-A9A9-33EAF03E0366}.job"
"c:\windows\Tasks\{7B95DF1F-6DAA-4C00-AF78-755F60F9CE66}.job"
"c:\windows\Tasks\{F8EFB556-EBB3-422B-AFE1-A139FC917E15}.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1cdbb4da02a08d8.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.124\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.124\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.124\psuser.dll
c:\program files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\0.0.0.0\GoogleEarth-Win-Plugin-6.2.2.6613.exe
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\24.0.1312.57\24.0.1312.57_24.0.1312.56_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.0.1.8244.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.0.2.8415.exe
c:\program files (x86)\Google\Update\Download\{B0E9AF48-15B0-4F40-8FA6-72C5D3E2DF8E}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-10 do 2013-02-10 )))))))))))))))))))))))))))))))
.
.
2013-02-10 09:56 . 2013-02-10 09:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-02-10 09:56 . 2013-02-10 09:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-02-10 09:56 . 2013-02-10 09:56 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2013-02-10 09:56 . 2013-02-10 09:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-10 09:07 . 2013-02-10 09:07 -------- d-----w- c:\users\Guest
2013-02-09 16:05 . 2013-02-09 16:05 -------- d-----w- c:\users\Felipe Grande\AppData\Local\Autodesk
2013-02-09 11:35 . 2013-02-09 11:35 -------- d-----w- c:\users\Felipe Grande\AppData\Local\Comodo
2013-02-08 15:20 . 2013-02-09 21:39 -------- d-----w- c:\users\Felipe Grande\AppData\Local\ACD Systems
2013-02-08 15:11 . 2013-02-10 00:48 -------- d-----w- c:\users\Felipe Grande\AppData\Local\Adobe
2013-02-08 11:02 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{037B66C2-64D8-4FAB-BAD8-0B16C46952F0}\mpengine.dll
2013-02-01 20:55 . 2013-02-01 20:55 -------- d-----w- c:\users\Felipe Grande\AppData\Local\Programs
2013-01-30 21:10 . 2013-01-30 21:15 -------- d-----w- c:\users\Felipe Grande\AppData\Roaming\BID
2013-01-30 21:10 . 2013-01-30 21:10 -------- d-----w- c:\program files (x86)\Bulk Image Downloader
2013-01-21 22:42 . 2013-01-21 22:42 -------- d-----w- c:\users\Felipe Grande\AppData\Roaming\NCH Software
2013-01-21 22:41 . 2013-01-21 22:41 -------- d-----w- c:\programdata\NCH Swift Sound
2013-01-21 22:40 . 2013-01-21 22:40 -------- d-----w- c:\program files (x86)\NCH Swift Sound
2013-01-21 22:40 . 2013-01-21 22:40 -------- d-----w- c:\users\Felipe Grande\AppData\Roaming\NCH Swift Sound
2013-01-19 14:22 . 2013-01-19 14:22 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-01-19 14:18 . 2013-01-19 14:18 -------- d-----r- C:\MSOCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2012-01-28 02:29 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-10 02:09 . 2012-01-28 16:37 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-17 15:14 . 2012-12-17 15:14 289768 ----a-w- c:\windows\system32\javaws.exe
2012-12-17 15:14 . 2012-12-17 15:14 189416 ----a-w- c:\windows\system32\javaw.exe
2012-12-17 15:14 . 2012-12-17 15:14 188904 ----a-w- c:\windows\system32\java.exe
2012-12-17 15:14 . 2012-12-17 15:14 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-12-17 15:14 . 2012-10-13 09:18 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-17 15:14 . 2012-10-13 09:18 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-17 15:13 . 2012-12-17 15:13 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-17 15:13 . 2012-12-17 15:13 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-17 15:13 . 2012-01-25 03:07 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-17 15:11 . 2012-04-08 09:13 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-17 15:11 . 2012-01-24 16:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-16 17:11 . 2012-12-22 02:00 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 02:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 15:49 . 2012-03-11 09:27 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-07 13:20 . 2013-01-09 20:57 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 20:57 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 20:57 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 20:57 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 20:57 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 20:57 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 20:57 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 20:57 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 20:57 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 20:57 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 20:57 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 20:57 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 20:57 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 20:57 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 20:57 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 20:57 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 20:57 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 20:57 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 20:57 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 20:57 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 20:57 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 20:57 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 20:57 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 20:57 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 20:57 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 20:57 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 20:57 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 20:57 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 20:57 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 20:57 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 20:57 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 20:57 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-01 14:59 . 2012-12-01 14:59 724888 ----a-r- c:\users\Felipe Grande\AppData\Roaming\Microsoft\Installer\{4FF6A18E-1C17-4C48-8371-09C40B7ABFE9}\IconTmpl6.1992E333_D17A_448B_8484_ED047109D182.exe
2012-12-01 14:59 . 2012-12-01 14:59 212480 ----a-r- c:\users\Felipe Grande\AppData\Roaming\Microsoft\Installer\{4FF6A18E-1C17-4C48-8371-09C40B7ABFE9}\IconTmpl2.108DF49C_3AB4_4A7D_B6FD_8B6286B317FA.exe
2012-12-01 14:59 . 2012-12-01 14:59 2078096 ----a-r- c:\users\Felipe Grande\AppData\Roaming\Microsoft\Installer\{4FF6A18E-1C17-4C48-8371-09C40B7ABFE9}\IconTmpl4.1992E333_D17A_448B_8484_ED047109D182.exe
2012-11-30 05:45 . 2013-01-09 20:57 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 20:57 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 20:57 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 20:57 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 20:57 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 20:57 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 20:57 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 20:57 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 20:57 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:57 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PrtScr by FireStarter"="c:\program files (x86)\PrtScr\PrtScr.exe" [2008-03-19 1375744]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-09-07 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-6 3768176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-11-01 1431888]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-02-03 13352]
R3 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2011-03-09 33184]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-03-14 13920]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-25 1255736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-01-19 2078096]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-11-05 375728]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-01-11 15928]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 3136328]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-26 283200]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2011-09-14 398112]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 06:54 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-20 c:\windows\Tasks\AdobeAAMUpdater-1.0-FM_workstation-Felipe Grande.job
- c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-03-14 02:44]
.
2012-09-14 c:\windows\Tasks\{5B847F59-12D6-4753-A9A9-33EAF03E0366}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2010-09-02 13:15]
.
2012-09-14 c:\windows\Tasks\{7B95DF1F-6DAA-4C00-AF78-755F60F9CE66}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2010-09-02 13:15]
.
2012-09-14 c:\windows\Tasks\{F8EFB556-EBB3-422B-AFE1-A139FC917E15}.job
- c:\program files (x86)\mozilla firefox\firefox.exe [2012-06-10 15:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-10-16 00:42 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-10-16 00:42 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-10-16 00:42 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-10-16 00:42 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-01-11 57928]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 4012360]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.ceskatelevize.cz/ivysilani/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: En&queue current page with BID - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm
IE: Enqueue link target with BID - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
IE: Open &link target with BID - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm
IE: Open current page with BID - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - file://c:\program files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
TCP: DhcpNameServer = 147.32.110.1 147.32.110.2
FF - ProfilePath - c:\users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - ExtSQL: 2013-01-30 21:58; doubleclick-picture@windpr.tw; c:\users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\extensions\doubleclick-picture@windpr.tw.xpi
FF - ExtSQL: 2013-01-30 21:58; imagedownload@Merci.chao; c:\users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\extensions\imagedownload@Merci.chao.xpi
FF - ExtSQL: 2013-01-30 22:07; {524B8EF8-C312-11DB-8039-536F56D89593}; c:\users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\6w4x7wh6.default\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1193739700-1416340202-3985265929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]
@Denied: (2) (S-1-5-21-1193739700-1416340202-3985265929-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10o"
.
[HKEY_USERS\S-1-5-21-1193739700-1416340202-3985265929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]
@Denied: (2) (S-1-5-21-1193739700-1416340202-3985265929-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10p"
.
[HKEY_USERS\S-1-5-21-1193739700-1416340202-3985265929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]
@Denied: (2) (S-1-5-21-1193739700-1416340202-3985265929-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10pf"
.
[HKEY_USERS\S-1-5-21-1193739700-1416340202-3985265929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-1193739700-1416340202-3985265929-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xmp"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="181C3CC3EFEA5B78DD9CE2F0A59D0D2A81E9412D60C4ABCA89FC491004278486AC0CBE9658347B9EE9C88A8E45C4C8A1711FF08BE86711275C108AF971424AAA35178E3254FCECE5D1A07125C9BF7DC87A91D19920C8DB78625B34F259816B6670A48E0D203205ED58FEA8A7043EBE8703AD405F0C767C90C57B113A9674D515ECA297418A06CD3A12C13327D7B3D22CC5E20E0AC54715A207125F3817712B731083738EF6EF8532E84C095DBD56356550A47F6AFAD17D4B7AC2D0F55C10BC2593BC60575D2A1BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808A6171C11EC38DE3D9DB7CE019D40AA5C99301CB82A91B5425E00CC559039F59406A702939CA7436F1379C1EAC2616EB562C0743B19942CAA82C94F90F4BC83A713BFC6C8142E519D38C917775961516C9B905BA615933E83827B32E45FB9005D6DD2F51E053DEB3CC92182497F8F9344366C0BE57F0B1D5AD7C582490C1FBCE0B5188FB623D726B23257945201A528008775C6D65F07C0EE602D522857714F8CF59995ABC716D79AC21D607750F04899C81E51CBDE2B5EB55F0A3961C6C693F497B28F886C251BC131F4FD1280D26F3A972EF488C9ACF6567A894D48FE4B275EEB18074E3244CFAC94B4896E4C41DF4375C1FCC99357C8AFBC2D2F22CCBCEAC2A4CE8B6E5DC99890E809A14D0F449AC647C8B93DD208D9D015C8FD2C1D70074F5A2FAFD3561BDCD7106EE9E5CA79698CD78682043FB173FED3066215054CE46508E789D9A6B6C7A14D390CDDA493D810D2922D3339DAA3B03161047D3ACBB11B0DFAB34E01AB4840C91030D563D5B702C9DA17D7401D3A94C72A107F18FEDFB92DBE4DF7379F913A116D0ADB769A9B44341CA16CFB284D8B1407B9249B88A63E0FDA798E43C89B49149F4AF66D4E5BEE68EB30E535BBB4A779EFB6EBEA207F5A3ECFDD3C3FF421DD27CAA81FFD7314CEA6B1ACA95B300FB340B13FC8CA10A874AA6D26A2EB04A09882E36242809EA6E10F28048F7FEE3C2C90EC12A1A7392425275A80D4AB6A5DD1C237B6C071F835DBA5E1A568D677E2BF7818F0D10E0DB73B6B101F5C88B0DF9168E2686F7340A92556BF07743CDA6B546C799FA8B213EE3613DCB8B3ADF2F19857593F1749C5AED76D7A9F6B2DBE8202C12F6A69EB6817CC1E61884B6A602259596209F55C6EB5C59C9EED754BDF9996B2A91DC9B53BC1E9ED144D07B43EC5F89897923C3A33716F788BF1B15D0AE611DD2D8AF6ACCD45A84CBEC8BFA16571D228E8308E94A1DB0FFAF3AF31CBA061A545D4870E15F83D5B620042C0ED4182F47998BA87BDDBAF8E81E02F7B2798C8BDCF0A6DA2D6278587C148054BF9529722E7BC8CB2B116ED8E4DAD00891EFE1C76C7"
"OODEFRAG14.00.00.01PROFESSIONAL"="D20C90ED580EDAFBCA309636E2FE3F07FBC1215AA62081F2227E92FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D1407A9C6AECB7A5D1407A9C6AECB7A5D1407D57E0EE69335AE6DA40C3C0A0AFEF7133C75836F649F00C9116E170C8D13AA5F3F81B297AB6F95C88722F0F182BC200298BD030EACD6C40C316DAE711ED840ED082C9DBF79A889C908A6FEDF30061D0B638CF9A47CA99393E507E90C257B098B2AA7F3908DD5572F91FA62059FD59F3A921F57847DBC205ED36FCF6F86E75E49193FEF7CAB4A9E3781A427D4130AAC2212519C438E19F56E12FD7572DF6CEF39B9E4DD3D4B40D1A8AACEF08A7D659B584127E23C4027714BAEAE08B07E40C074632E9F4F9754BACBD146F4A1088E9A7771C8558D57B9C5FE2721490AE3F8261664522AF07108736C317E7F5C0F0FAB1BEB80B2984F81F698F01B8B9FC7154DBDFEAF062769426CDBF60BEC4023D59FE66ABBCD84D396E02BF302395A15F3338EE447D23ACA4A68EDC5A63094083523809B0F0F3BC6F42F4C8B634D64E8D9AAB0C1BC3F378D4E817C33315067B7E4B18FA331F06ABEFBE41709EDD7AD96EF5B5032D8126CE3E0A1E2C8AAE68A5DFC1BC2987B0383046E572A2FF67CE8A442BF1DC60A24EF30750903063822135AFD054C06EEE83E94F331273674F50D4E4125C80560631889E54C415BA5C3D9434868E1E9AD58142218EEB7CB840ED40141B10E65114F82BC7152852F60A27BDF24123C39FD1FC2124AE3048CE5A6C0DEFAD8A554747E8F4838D63C5B78A9DA2D3AA11AD9CB1ACDFD5DB4BA117CB3133F0BE6D0B4879B61DF3E69582FA6561B5C9A8DBB27263E793489DA8FDC503D53AD707AD35AEB6162EAEE6F4BEB43BB2551379DE7EF3E1251B3EA24B8EE8D5F4CE69085F30FE621BC06979E11C74C7E28A3E56EE8F6EBB0A3B4FE347036834A0DDDB3D07E8D5FC262806803A36C64DA94A061F18AF22A4A01A0A97E7597A642693A07F4C30B63BC06DBF7FD8477501E9EC948EA1F901921C192B34E0C690EA0F85599E11728A41FA0D1BE42B87B7B2AC0D21C747CEC790DFDDEC6C0F7F876D015BD615ACE017688ED4D9A57C8FEF17537A444797D1CB379140A73480707C0535E373575C62153AE6EEDCC1941FAE68B83DA0BBBFDA55165284C2DA885466E3BB6B6D11CDF89565CE6067A38B25E3088EAC61ECF600303649E94C9FDC65E28B2C567580F7D2F426DDD9EAD38B10BC6A0F5EB901F0B249A9CA1050736A1EBBBF478A8CC60867C7BD4217354EE57D6C999F184596466EC8FCA20718211F00016D2FB8B9777674E0A95BFF13E8B3F0BF94DF07B51B3DF327A3DCC64C025139DCD304357858E8E739BCA8EBF210B8B67BEAA4772376EE9C19DD79B1B"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Celkový čas: 2013-02-10 11:03:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-10 10:03
ComboFix2.txt 2013-02-09 12:17
ComboFix3.txt 2012-11-22 15:06
.
Před spuštěním: Volných bajtů: 19 338 231 808
Po spuštění: Volných bajtů: 18 878 349 312
.
- - End Of File - - B81C0EAD7016DCAFAFAFD6248FFB4781

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-10 13:58:59
-----------------------------
13:58:59.798 OS Version: Windows x64 6.1.7601 Service Pack 1
13:58:59.798 Number of processors: 2 586 0x602
13:58:59.798 ComputerName: FM_WORKSTATION UserName: Felipe Grande
13:59:00.330 Initialize success
13:59:20.095 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
13:59:20.095 Disk 0 Vendor: WDC_WD3200YS-01PGB0 21.00M21 Size: 305245MB BusType: 3
13:59:20.111 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-5
13:59:20.111 Disk 1 Vendor: WDC_WD20EARS-00MVWB0 51.0AB51 Size: 1907729MB BusType: 3
13:59:20.111 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T0L0-2
13:59:20.111 Disk 2 Vendor: WDC_WD2500KS-00MJB0 02.01C03 Size: 238475MB BusType: 3
13:59:20.142 Disk 0 MBR read successfully
13:59:20.142 Disk 0 MBR scan
13:59:20.142 Disk 0 Windows 7 default MBR code
13:59:20.158 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 223215 MB offset 63
13:59:20.158 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 82027 MB offset 457145647
13:59:20.189 Disk 0 scanning C:\Windows\system32\drivers
13:59:25.048 Service scanning
13:59:38.001 Modules scanning
13:59:38.001 Disk 0 trace - called modules:
13:59:38.033 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
13:59:38.048 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c1d370]
13:59:38.048 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa80047aa060]
13:59:38.064 Scan finished successfully
13:59:52.798 Disk 0 MBR has been saved successfully to "C:\Users\Felipe Grande\Desktop\MBR.dat"
13:59:52.798 The log file has been saved successfully to "C:\Users\Felipe Grande\Desktop\aswMBR.txt"