Zasekaný ntb, prosím o kotrolu

[Smile]

Zdravím,
prosím o kontrolu. Notes po zapnutí jede v pohodě celkem, ovšem cca po 30 minutách se neuvěřitelně zasekává.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:48:59, on 15.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renáta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{230274AB-9E58-4151-BF8C-162A61923401}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{230274AB-9E58-4151-BF8C-162A61923401}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Burn4Free DB Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\Renáta\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Burn4Free DB Toolbar\tbcore3.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Burn4Free DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Burn4Free DB Toolbar\tbcore3.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = ?
O4 - Startup: wdywj.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18136 bytes

[Reklama]

[jaro3]

Odinstaluj toolbary.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{230274AB-9E58-4151-BF8C-162A61923401}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Burn4Free DB Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Burn4Free DB Toolbar\tbcore3.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Burn4Free DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Burn4Free DB Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: wdywj.exe
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Smile]

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.08.16.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Renáta :: RENCA-HP [administrátor]

16.8.2012 11:50:59
mbam-log-2012-08-16 (11-55-13).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228569
Uplynulý čas: 4 minut, 2 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\Users\Renáta\Downloads\FastDownload (1).exe (Affiliate.Downloader) -> Žádná instrukce nebyla provedena.
C:\Users\Renáta\Downloads\FastDownload (2).exe (Affiliate.Downloader) -> Žádná instrukce nebyla provedena.
C:\Users\Renáta\Downloads\FastDownload.exe (Affiliate.Downloader) -> Žádná instrukce nebyla provedena.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Žádná instrukce nebyla provedena.

(konec)

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Smile]

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.08.16.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Renáta :: RENCA-HP [administrátor]

16.8.2012 11:50:59
mbam-log-2012-08-16 (11-50-59).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228569
Uplynulý čas: 4 minut, 2 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\Users\Renáta\Downloads\FastDownload (1).exe (Affiliate.Downloader) -> Umístnění do karantény a smazání se zdařilo.
C:\Users\Renáta\Downloads\FastDownload (2).exe (Affiliate.Downloader) -> Umístnění do karantény a smazání se zdařilo.
C:\Users\Renáta\Downloads\FastDownload.exe (Affiliate.Downloader) -> Umístnění do karantény a smazání se zdařilo.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Umístnění do karantény a smazání se zdařilo.

(konec)

[Smile]

18:29:12.0433 6548 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
18:29:13.0166 6548 ============================================================
18:29:13.0166 6548 Current date / time: 2012/08/16 18:29:13.0166
18:29:13.0166 6548 SystemInfo:
18:29:13.0166 6548
18:29:13.0166 6548 OS Version: 6.1.7601 ServicePack: 1.0
18:29:13.0166 6548 Product type: Workstation
18:29:13.0166 6548 ComputerName: RENCA-HP
18:29:13.0166 6548 UserName: Renáta
18:29:13.0166 6548 Windows directory: C:\windows
18:29:13.0166 6548 System windows directory: C:\windows
18:29:13.0166 6548 Running under WOW64
18:29:13.0166 6548 Processor architecture: Intel x64
18:29:13.0166 6548 Number of processors: 4
18:29:13.0166 6548 Page size: 0x1000
18:29:13.0166 6548 Boot type: Normal boot
18:29:13.0166 6548 ============================================================
18:29:13.0603 6548 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:29:13.0603 6548 ============================================================
18:29:13.0603 6548 \Device\Harddisk0\DR0:
18:29:13.0603 6548 MBR partitions:
18:29:13.0603 6548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
18:29:13.0603 6548 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x23198000
18:29:13.0603 6548 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2322E800, BlocksNum 0x1E00000
18:29:13.0603 6548 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x2502E800, BlocksNum 0x3FD800
18:29:13.0603 6548 ============================================================
18:29:13.0634 6548 C: <-> \Device\Harddisk0\DR0\Partition2
18:29:13.0665 6548 F: <-> \Device\Harddisk0\DR0\Partition4
18:29:13.0712 6548 ============================================================
18:29:13.0712 6548 Initialize success
18:29:13.0712 6548 ============================================================
18:29:17.0331 1860 ============================================================
18:29:17.0331 1860 Scan started
18:29:17.0331 1860 Mode: Manual;
18:29:17.0331 1860 ============================================================
18:29:18.0111 1860 ================ Scan services =============================
18:29:18.0267 1860 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:29:18.0283 1860 1394ohci - ok
18:29:18.0330 1860 [ 1cffe9c06e66a57dae1452e449a58240 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
18:29:18.0330 1860 Accelerometer - ok
18:29:18.0392 1860 [ adc420616c501b45d26c0fd3ef1e54e4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:29:18.0392 1860 ACDaemon - ok
18:29:18.0455 1860 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:29:18.0470 1860 ACPI - ok
18:29:18.0517 1860 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:29:18.0533 1860 AcpiPmi - ok
18:29:18.0673 1860 [ 11a52cf7b265631deeb24c6149309eff ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:29:18.0689 1860 AdobeARMservice - ok
18:29:18.0735 1860 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
18:29:18.0751 1860 adp94xx - ok
18:29:18.0782 1860 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
18:29:18.0782 1860 adpahci - ok
18:29:18.0813 1860 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
18:29:18.0829 1860 adpu320 - ok
18:29:18.0845 1860 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:29:18.0845 1860 AeLookupSvc - ok
18:29:18.0938 1860 [ a6fb9db8f1a86861d955fd6975977ae0 ] AESTFilters C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
18:29:18.0938 1860 AESTFilters - ok
18:29:19.0016 1860 [ 6ccd1135320109d6b219f1a6e04ad9f6 ] Afc C:\windows\syswow64\drivers\Afc.sys
18:29:19.0032 1860 Afc - ok
18:29:19.0094 1860 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\windows\system32\drivers\afd.sys
18:29:19.0110 1860 AFD - ok
18:29:19.0125 1860 [ b65f8dba54f251906bbe8611b5a0e7ab ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
18:29:19.0125 1860 AgereModemAudio - ok
18:29:19.0188 1860 [ a6ab6f0ace87da76b4c401813d18be95 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
18:29:19.0266 1860 AgereSoftModem - ok
18:29:19.0313 1860 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\windows\system32\drivers\agp440.sys
18:29:19.0328 1860 agp440 - ok
18:29:19.0328 1860 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\windows\System32\alg.exe
18:29:19.0344 1860 ALG - ok
18:29:19.0359 1860 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\windows\system32\drivers\aliide.sys
18:29:19.0359 1860 aliide - ok
18:29:19.0391 1860 [ 5a06ab7ab4d389dfe3c109599df0bb65 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
18:29:19.0391 1860 AMD External Events Utility - ok
18:29:19.0406 1860 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\windows\system32\drivers\amdide.sys
18:29:19.0406 1860 amdide - ok
18:29:19.0437 1860 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
18:29:19.0453 1860 AmdK8 - ok
18:29:19.0593 1860 [ 650ddccd6657e20737433cb774521b81 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
18:29:19.0765 1860 amdkmdag - ok
18:29:19.0781 1860 [ f51b013c55b30dbe3ad59a7fe197c5ba ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
18:29:19.0812 1860 amdkmdap - ok
18:29:19.0859 1860 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
18:29:19.0859 1860 AmdPPM - ok
18:29:19.0905 1860 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:29:19.0905 1860 amdsata - ok
18:29:19.0937 1860 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
18:29:19.0952 1860 amdsbs - ok
18:29:19.0968 1860 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:29:19.0968 1860 amdxata - ok
18:29:20.0015 1860 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\windows\system32\drivers\appid.sys
18:29:20.0015 1860 AppID - ok
18:29:20.0030 1860 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:29:20.0046 1860 AppIDSvc - ok
18:29:20.0077 1860 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\windows\System32\appinfo.dll
18:29:20.0077 1860 Appinfo - ok
18:29:20.0139 1860 [ f401929ee0cc92bfe7f15161ca535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:29:20.0155 1860 Apple Mobile Device - ok
18:29:20.0171 1860 [ c484f8ceb1717c540242531db7845c4e ] arc C:\windows\system32\DRIVERS\arc.sys
18:29:20.0171 1860 arc - ok
18:29:20.0186 1860 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
18:29:20.0186 1860 arcsas - ok
18:29:20.0217 1860 [ ce2168c926927ba926301baf172bc693 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
18:29:20.0217 1860 ARCVCAM - ok
18:29:20.0249 1860 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:29:20.0264 1860 AsyncMac - ok
18:29:20.0342 1860 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\windows\system32\drivers\atapi.sys
18:29:20.0342 1860 atapi - ok
18:29:20.0389 1860 [ 2d648572ba9a610952fcafba1e119c2d ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
18:29:20.0389 1860 AtiHdmiService - ok
18:29:20.0436 1860 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:29:20.0451 1860 AudioEndpointBuilder - ok
18:29:20.0467 1860 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\windows\System32\Audiosrv.dll
18:29:20.0483 1860 AudioSrv - ok
18:29:20.0561 1860 [ 96b4456f1dca4eda506ed31c7d2d6b05 ] Avgfwfd C:\windows\system32\DRIVERS\avgfwd6a.sys
18:29:20.0576 1860 Avgfwfd - ok
18:29:20.0717 1860 [ 5cd22eb540f82c70e33e530003f3903b ] avgfws C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
18:29:20.0732 1860 avgfws - ok
18:29:20.0826 1860 [ 6d440ff3f44ca72edfd6176c6d6a89c0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
18:29:20.0857 1860 AVGIDSAgent - ok
18:29:20.0888 1860 [ e29ea1a0ec7ab9fa2dc7e75a03f12a4f ] AVGIDSDriver C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
18:29:20.0904 1860 AVGIDSDriver - ok
18:29:20.0919 1860 [ f823d184b8e8ffb8da3ead45dbf5bd6a ] AVGIDSEH C:\windows\system32\DRIVERS\AVGIDSEH.Sys
18:29:20.0919 1860 AVGIDSEH - ok
18:29:20.0919 1860 [ ed2b25bd7fe35d1944211968842d30da ] AVGIDSFilter C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
18:29:20.0919 1860 AVGIDSFilter - ok
18:29:20.0966 1860 [ 979cf8912449a10b987218bff80a1fa3 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
18:29:20.0966 1860 Avgldx64 - ok
18:29:21.0013 1860 [ 36b1a5843695766eac714daffc5b84d1 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
18:29:21.0013 1860 Avgmfx64 - ok
18:29:21.0044 1860 [ 1102239fb724527f1febbbbccf6bf313 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
18:29:21.0044 1860 Avgrkx64 - ok
18:29:21.0060 1860 [ 11f36d3ea82d9db9aa05a476a210551b ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
18:29:21.0060 1860 Avgtdia - ok
18:29:21.0107 1860 [ 6699ece24fe4b3f752a66c66a602ee86 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
18:29:21.0107 1860 avgwd - ok
18:29:21.0169 1860 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\windows\System32\AxInstSV.dll
18:29:21.0169 1860 AxInstSV - ok
18:29:21.0216 1860 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
18:29:21.0231 1860 b06bdrv - ok
18:29:21.0294 1860 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
18:29:21.0294 1860 b57nd60a - ok
18:29:21.0372 1860 [ 145b2fcf11fdda5c1d3c3dec36402a0f ] bcd3000 C:\windows\system32\DRIVERS\bcd3000_x64.sys
18:29:21.0387 1860 bcd3000 - ok
18:29:21.0434 1860 [ 3ce93283525fa3b9792fafc1f06cdec3 ] bcd3000wdm C:\windows\system32\DRIVERS\bcd3000wdm_x64.sys
18:29:21.0450 1860 bcd3000wdm - ok
18:29:21.0512 1860 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\windows\System32\bdesvc.dll
18:29:21.0512 1860 BDESVC - ok
18:29:21.0512 1860 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\windows\system32\drivers\Beep.sys
18:29:21.0528 1860 Beep - ok
18:29:21.0590 1860 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\windows\System32\bfe.dll
18:29:21.0590 1860 BFE - ok
18:29:21.0653 1860 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\windows\System32\qmgr.dll
18:29:21.0684 1860 BITS - ok
18:29:21.0731 1860 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:29:21.0731 1860 blbdrive - ok
18:29:21.0840 1860 [ 2bbd2ab07d779278114ba6a694972f1a ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
18:29:21.0855 1860 Bluetooth Device Manager - ok
18:29:21.0918 1860 [ 87d6a02028e47ca696c4294c658e3ee6 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
18:29:21.0949 1860 Bluetooth Media Service - ok
18:29:21.0996 1860 [ 9af4b2cf2f98cf6157cdfd917ae5785b ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
18:29:22.0011 1860 Bluetooth OBEX Service - ok
18:29:22.0105 1860 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:29:22.0105 1860 Bonjour Service - ok
18:29:22.0121 1860 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:29:22.0136 1860 bowser - ok
18:29:22.0152 1860 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
18:29:22.0152 1860 BrFiltLo - ok
18:29:22.0167 1860 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
18:29:22.0199 1860 BrFiltUp - ok
18:29:22.0245 1860 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\windows\System32\browser.dll
18:29:22.0245 1860 Browser - ok
18:29:22.0261 1860 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:29:22.0277 1860 Brserid - ok
18:29:22.0277 1860 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:29:22.0292 1860 BrSerWdm - ok
18:29:22.0308 1860 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:29:22.0308 1860 BrUsbMdm - ok
18:29:22.0323 1860 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:29:22.0323 1860 BrUsbSer - ok
18:29:22.0370 1860 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
18:29:22.0370 1860 BthEnum - ok
18:29:22.0386 1860 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
18:29:22.0386 1860 BTHMODEM - ok
18:29:22.0401 1860 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
18:29:22.0433 1860 BthPan - ok
18:29:22.0495 1860 [ 64c198198501f7560ee41d8d1efa7952 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
18:29:22.0526 1860 BTHPORT - ok
18:29:22.0557 1860 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\windows\system32\bthserv.dll
18:29:22.0557 1860 bthserv - ok
18:29:22.0604 1860 [ f188b7394d81010767b6df3178519a37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
18:29:22.0620 1860 BTHUSB - ok
18:29:22.0682 1860 [ e588420b950dac5ac397f76660bce520 ] BTMCOM C:\windows\system32\Drivers\btmcom.sys
18:29:22.0682 1860 BTMCOM - ok
18:29:22.0776 1860 [ 4eef6b894e05fc245640dcee9190a053 ] BTMUSB C:\windows\system32\Drivers\btmusb.sys
18:29:22.0838 1860 BTMUSB - ok
18:29:22.0901 1860 [ d8bd549336593ca304b3524ff2f42717 ] Bulk C:\windows\system32\Drivers\HDJBulk.sys
18:29:22.0932 1860 Bulk - ok
18:29:22.0979 1860 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:29:22.0994 1860 cdfs - ok
18:29:23.0072 1860 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
18:29:23.0103 1860 cdrom - ok
18:29:23.0150 1860 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\windows\System32\certprop.dll
18:29:23.0150 1860 CertPropSvc - ok
18:29:23.0166 1860 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\windows\system32\DRIVERS\circlass.sys
18:29:23.0166 1860 circlass - ok
18:29:23.0197 1860 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\windows\system32\CLFS.sys
18:29:23.0213 1860 CLFS - ok
18:29:23.0275 1860 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:23.0275 1860 clr_optimization_v2.0.50727_32 - ok
18:29:23.0322 1860 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:29:23.0322 1860 clr_optimization_v2.0.50727_64 - ok
18:29:23.0369 1860 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:23.0384 1860 clr_optimization_v4.0.30319_32 - ok
18:29:23.0415 1860 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:29:23.0415 1860 clr_optimization_v4.0.30319_64 - ok
18:29:23.0431 1860 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:29:23.0447 1860 CmBatt - ok
18:29:23.0493 1860 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\windows\system32\drivers\cmdide.sys
18:29:23.0493 1860 cmdide - ok
18:29:23.0556 1860 [ c4943b6c962e4b82197542447ad599f4 ] CNG C:\windows\system32\Drivers\cng.sys
18:29:23.0556 1860 CNG - ok
18:29:23.0587 1860 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
18:29:23.0587 1860 Compbatt - ok
18:29:23.0634 1860 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
18:29:23.0649 1860 CompositeBus - ok
18:29:23.0649 1860 COMSysApp - ok
18:29:23.0665 1860 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
18:29:23.0665 1860 crcdisk - ok
18:29:23.0712 1860 [ 15597883fbe9b056f276ada3ad87d9af ] CryptSvc C:\windows\system32\cryptsvc.dll
18:29:23.0712 1860 CryptSvc - ok
18:29:23.0743 1860 [ a8ba4da23ac20bda23ca15234d42a3fa ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
18:29:23.0743 1860 DAMDrv - ok
18:29:23.0805 1860 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\windows\system32\rpcss.dll
18:29:23.0805 1860 DcomLaunch - ok
18:29:23.0868 1860 [ 0fd1090009949c58c86b40dd705d0f5d ] DEBridge c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
18:29:23.0883 1860 DEBridge - ok
18:29:23.0915 1860 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\windows\System32\defragsvc.dll
18:29:23.0915 1860 defragsvc - ok
18:29:23.0946 1860 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:29:23.0961 1860 DfsC - ok
18:29:24.0008 1860 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\windows\system32\dhcpcore.dll
18:29:24.0008 1860 Dhcp - ok
18:29:24.0039 1860 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\windows\system32\drivers\discache.sys
18:29:24.0039 1860 discache - ok
18:29:24.0055 1860 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\windows\system32\DRIVERS\disk.sys
18:29:24.0055 1860 Disk - ok
18:29:24.0086 1860 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:29:24.0086 1860 Dnscache - ok
18:29:24.0133 1860 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\windows\System32\dot3svc.dll
18:29:24.0149 1860 dot3svc - ok
18:29:24.0180 1860 [ ef8004b4a9552c77fd0e99ab08841d13 ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
18:29:24.0195 1860 DpHost - ok
18:29:24.0242 1860 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\windows\system32\dps.dll
18:29:24.0242 1860 DPS - ok
18:29:24.0258 1860 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:29:24.0258 1860 drmkaud - ok
18:29:24.0336 1860 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:29:24.0351 1860 DXGKrnl - ok
18:29:24.0383 1860 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\windows\System32\eapsvc.dll
18:29:24.0383 1860 EapHost - ok
18:29:24.0476 1860 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
18:29:24.0601 1860 ebdrv - ok
18:29:24.0648 1860 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\windows\System32\lsass.exe
18:29:24.0648 1860 EFS - ok
18:29:24.0679 1860 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:29:24.0695 1860 ehRecvr - ok
18:29:24.0710 1860 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\windows\ehome\ehsched.exe
18:29:24.0710 1860 ehSched - ok
18:29:24.0757 1860 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
18:29:24.0773 1860 elxstor - ok
18:29:24.0788 1860 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\windows\system32\drivers\errdev.sys
18:29:24.0788 1860 ErrDev - ok
18:29:24.0819 1860 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\windows\system32\es.dll
18:29:24.0819 1860 EventSystem - ok
18:29:24.0835 1860 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\windows\system32\drivers\exfat.sys
18:29:24.0866 1860 exfat - ok
18:29:24.0897 1860 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\windows\system32\drivers\fastfat.sys
18:29:24.0913 1860 fastfat - ok
18:29:24.0975 1860 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\windows\system32\fxssvc.exe
18:29:24.0991 1860 Fax - ok
18:29:25.0022 1860 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\windows\system32\DRIVERS\fdc.sys
18:29:25.0022 1860 fdc - ok
18:29:25.0038 1860 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\windows\system32\fdPHost.dll
18:29:25.0038 1860 fdPHost - ok
18:29:25.0053 1860 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\windows\system32\fdrespub.dll
18:29:25.0053 1860 FDResPub - ok
18:29:25.0069 1860 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:29:25.0069 1860 FileInfo - ok
18:29:25.0069 1860 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:29:25.0085 1860 Filetrace - ok
18:29:25.0147 1860 [ 7e728680aa428506a82351d859c32c95 ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
18:29:25.0163 1860 FLCDLOCK - ok
18:29:25.0194 1860 [ 3d9b36631032fde0ffea0dc0260e4e35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:29:25.0209 1860 FLEXnet Licensing Service - ok
18:29:25.0241 1860 [ 52c0312ab35eb7187015fb6a99136bb5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
18:29:25.0272 1860 FLEXnet Licensing Service 64 - ok
18:29:25.0287 1860 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
18:29:25.0287 1860 flpydisk - ok
18:29:25.0334 1860 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:29:25.0350 1860 FltMgr - ok
18:29:25.0397 1860 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\windows\system32\FntCache.dll
18:29:25.0412 1860 FontCache - ok
18:29:25.0459 1860 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:29:25.0475 1860 FontCache3.0.0.0 - ok
18:29:25.0490 1860 [ d43703496149971890703b4b1b723eac ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:29:25.0490 1860 FsDepends - ok
18:29:25.0521 1860 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:29:25.0521 1860 Fs_Rec - ok
18:29:25.0568 1860 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:29:25.0584 1860 fvevol - ok
18:29:25.0599 1860 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
18:29:25.0599 1860 gagp30kx - ok
18:29:25.0646 1860 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:29:25.0646 1860 GEARAspiWDM - ok
18:29:25.0693 1860 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\windows\System32\gpsvc.dll
18:29:25.0724 1860 gpsvc - ok
18:29:25.0802 1860 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:29:25.0818 1860 gupdate - ok
18:29:25.0849 1860 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:29:25.0849 1860 gupdatem - ok
18:29:25.0865 1860 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:29:25.0865 1860 hcw85cir - ok
18:29:25.0911 1860 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:29:25.0943 1860 HdAudAddService - ok
18:29:25.0974 1860 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
18:29:25.0989 1860 HDAudBus - ok
18:29:26.0005 1860 [ b6ac71aaa2b10848f57fc49d55a651af ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
18:29:26.0005 1860 HECIx64 - ok
18:29:26.0099 1860 [ 4141c2cbd8d6c9f3f4004fe842c48e79 ] HerculesDJControlMP3 C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
18:29:26.0099 1860 HerculesDJControlMP3 - ok
18:29:26.0114 1860 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
18:29:26.0145 1860 HidBatt - ok
18:29:26.0192 1860 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
18:29:26.0192 1860 HidBth - ok
18:29:26.0208 1860 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
18:29:26.0208 1860 HidIr - ok
18:29:26.0239 1860 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\windows\system32\hidserv.dll
18:29:26.0239 1860 hidserv - ok
18:29:26.0255 1860 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
18:29:26.0255 1860 HidUsb - ok
18:29:26.0317 1860 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\windows\system32\kmsvc.dll
18:29:26.0317 1860 hkmsvc - ok
18:29:26.0364 1860 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:29:26.0364 1860 HomeGroupListener - ok
18:29:26.0411 1860 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:29:26.0426 1860 HomeGroupProvider - ok
18:29:26.0457 1860 [ a094a4096ad7a90e2d790b590d3cbfd4 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
18:29:26.0457 1860 HP Power Assistant Service - ok
18:29:26.0520 1860 [ ae2a8c80205f06be5edc63be0ae9a756 ] HP ProtectTools Service c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
18:29:26.0520 1860 HP ProtectTools Service - ok
18:29:26.0582 1860 [ 13bb1114451c63bfb41ba7daa4d70a29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:29:26.0582 1860 HP Support Assistant Service - ok
18:29:26.0613 1860 [ 58cc11d14d88ef70ef7abbc75b5eebd8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
18:29:26.0613 1860 HP Wireless Assistant Service - ok
18:29:26.0660 1860 [ 94c74d758e0f7b1d962da452b4d28c91 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
18:29:26.0660 1860 HPDayStarterService - ok
18:29:26.0691 1860 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
18:29:26.0691 1860 HPDrvMntSvc.exe - ok
18:29:26.0707 1860 [ 05712fddbd45a5864eb326faabc6a4e3 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
18:29:26.0707 1860 hpdskflt - ok
18:29:26.0738 1860 [ 393383fe7f577b4a111b44445716fcb3 ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
18:29:26.0738 1860 HpFkCryptService - ok
18:29:26.0769 1860 [ c9d858e20ae696e7a0d9a05b595f850a ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
18:29:26.0769 1860 HPFSService - ok
18:29:26.0816 1860 [ 4d94f4d7782657e79eb1352570b563db ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
18:29:26.0832 1860 hpHotkeyMonitor - ok
18:29:26.0832 1860 [ b98ee5d4535a685634b90f7e04de0df7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
18:29:26.0832 1860 HpqKbFiltr - ok
18:29:26.0863 1860 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:29:26.0894 1860 hpqwmiex - ok
18:29:26.0941 1860 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:29:26.0957 1860 HpSAMD - ok
18:29:26.0957 1860 [ aa036cc5f5221d9b915f4d4dce74ba9a ] hpsrv C:\windows\system32\Hpservice.exe
18:29:26.0957 1860 hpsrv - ok
18:29:27.0019 1860 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:29:27.0050 1860 HTTP - ok
18:29:27.0081 1860 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:29:27.0081 1860 hwpolicy - ok
18:29:27.0144 1860 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
18:29:27.0159 1860 i8042prt - ok
18:29:27.0191 1860 [ abbf174cb394f5c437410a788b7e404a ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
18:29:27.0206 1860 iaStor - ok
18:29:27.0253 1860 [ 31a0e93cdf29007d6c6fffb632f375ed ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:29:27.0253 1860 IAStorDataMgrSvc - ok
18:29:27.0300 1860 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:29:27.0315 1860 iaStorV - ok
18:29:27.0378 1860 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:29:27.0409 1860 idsvc - ok
18:29:27.0409 1860 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
18:29:27.0425 1860 iirsp - ok
18:29:27.0440 1860 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\windows\System32\ikeext.dll
18:29:27.0471 1860 IKEEXT - ok
18:29:27.0487 1860 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\windows\system32\drivers\intelide.sys
18:29:27.0487 1860 intelide - ok
18:29:27.0503 1860 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:29:27.0503 1860 intelppm - ok
18:29:27.0518 1860 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:29:27.0534 1860 IPBusEnum - ok
18:29:27.0581 1860 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:29:27.0581 1860 IpFilterDriver - ok
18:29:27.0643 1860 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:29:27.0643 1860 iphlpsvc - ok
18:29:27.0659 1860 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:29:27.0674 1860 IPMIDRV - ok
18:29:27.0690 1860 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:29:27.0721 1860 IPNAT - ok
18:29:27.0799 1860 [ a9ab99ee7d39725eafec82732d2b3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:29:27.0815 1860 iPod Service - ok
18:29:27.0830 1860 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\windows\system32\drivers\irenum.sys
18:29:27.0830 1860 IRENUM - ok
18:29:27.0830 1860 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:29:27.0846 1860 isapnp - ok
18:29:27.0861 1860 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:29:27.0861 1860 iScsiPrt - ok
18:29:27.0877 1860 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
18:29:27.0877 1860 kbdclass - ok
18:29:27.0924 1860 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
18:29:27.0924 1860 kbdhid - ok
18:29:27.0924 1860 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\windows\system32\lsass.exe
18:29:27.0939 1860 KeyIso - ok
18:29:27.0971 1860 [ da1e991a61cfdd755a589e206b97644b ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:29:27.0971 1860 KSecDD - ok
18:29:27.0986 1860 [ 7e33198d956943a4f11a5474c1e9106f ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:29:28.0002 1860 KSecPkg - ok
18:29:28.0017 1860 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
18:29:28.0017 1860 ksthunk - ok
18:29:28.0049 1860 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\windows\system32\msdtckrm.dll
18:29:28.0049 1860 KtmRm - ok
18:29:28.0095 1860 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\windows\system32\srvsvc.dll
18:29:28.0095 1860 LanmanServer - ok
18:29:28.0142 1860 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:29:28.0142 1860 LanmanWorkstation - ok
18:29:28.0173 1860 [ 83d8be94e1cbcbe2ea8372db1a95a159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:29:28.0189 1860 LightScribeService - ok
18:29:28.0220 1860 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:29:28.0220 1860 lltdio - ok
18:29:28.0236 1860 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\windows\System32\lltdsvc.dll
18:29:28.0251 1860 lltdsvc - ok
18:29:28.0251 1860 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\windows\System32\lmhsvc.dll
18:29:28.0267 1860 lmhosts - ok
18:29:28.0298 1860 [ bb4e55778d8de3885e1cdac795de7bce ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:29:28.0314 1860 LMS - ok
18:29:28.0345 1860 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
18:29:28.0361 1860 LSI_FC - ok
18:29:28.0361 1860 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
18:29:28.0361 1860 LSI_SAS - ok
18:29:28.0376 1860 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
18:29:28.0392 1860 LSI_SAS2 - ok
18:29:28.0407 1860 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
18:29:28.0407 1860 LSI_SCSI - ok
18:29:28.0423 1860 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\windows\system32\drivers\luafv.sys
18:29:28.0423 1860 luafv - ok
18:29:28.0485 1860 [ f453d1e6d881e8f8717e20ccd4199e85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
18:29:28.0501 1860 McComponentHostService - ok
18:29:28.0548 1860 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:29:28.0563 1860 Mcx2Svc - ok
18:29:28.0595 1860 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
18:29:28.0595 1860 megasas - ok
18:29:28.0610 1860 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
18:29:28.0610 1860 MegaSR - ok
18:29:28.0641 1860 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\windows\system32\mmcss.dll
18:29:28.0641 1860 MMCSS - ok
18:29:28.0657 1860 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\windows\system32\drivers\modem.sys
18:29:28.0657 1860 Modem - ok
18:29:28.0673 1860 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:29:28.0673 1860 monitor - ok
18:29:28.0719 1860 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
18:29:28.0719 1860 mouclass - ok
18:29:28.0766 1860 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:29:28.0766 1860 mouhid - ok
18:29:28.0813 1860 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:29:28.0829 1860 mountmgr - ok
18:29:28.0844 1860 [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:29:28.0844 1860 MozillaMaintenance - ok
18:29:28.0891 1860 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\windows\system32\drivers\mpio.sys
18:29:28.0907 1860 mpio - ok
18:29:28.0907 1860 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:29:28.0922 1860 mpsdrv - ok
18:29:28.0969 1860 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\windows\system32\mpssvc.dll
18:29:29.0000 1860 MpsSvc - ok
18:29:29.0047 1860 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:29:29.0063 1860 MRxDAV - ok
18:29:29.0094 1860 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:29:29.0094 1860 mrxsmb - ok
18:29:29.0141 1860 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:29:29.0141 1860 mrxsmb10 - ok
18:29:29.0156 1860 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:29:29.0156 1860 mrxsmb20 - ok
18:29:29.0172 1860 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\windows\system32\drivers\msahci.sys
18:29:29.0187 1860 msahci - ok
18:29:29.0203 1860 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:29:29.0203 1860 msdsm - ok
18:29:29.0219 1860 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\windows\System32\msdtc.exe
18:29:29.0265 1860 MSDTC - ok
18:29:29.0297 1860 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\windows\system32\drivers\Msfs.sys
18:29:29.0328 1860 Msfs - ok
18:29:29.0375 1860 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:29:29.0375 1860 mshidkmdf - ok
18:29:29.0406 1860 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:29:29.0421 1860 msisadrv - ok
18:29:29.0437 1860 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:29:29.0437 1860 MSiSCSI - ok
18:29:29.0453 1860 msiserver - ok
18:29:29.0468 1860 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:29:29.0468 1860 MSKSSRV - ok
18:29:29.0468 1860 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:29:29.0484 1860 MSPCLOCK - ok
18:29:29.0484 1860 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:29:29.0515 1860 MSPQM - ok
18:29:29.0562 1860 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:29:29.0562 1860 MsRPC - ok
18:29:29.0577 1860 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
18:29:29.0577 1860 mssmbios - ok
18:29:29.0593 1860 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:29:29.0593 1860 MSTEE - ok
18:29:29.0609 1860 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
18:29:29.0609 1860 MTConfig - ok
18:29:29.0624 1860 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\windows\system32\Drivers\mup.sys
18:29:29.0624 1860 Mup - ok
18:29:29.0687 1860 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\windows\system32\qagentRT.dll
18:29:29.0687 1860 napagent - ok
18:29:29.0718 1860 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:29:29.0733 1860 NativeWifiP - ok
18:29:29.0811 1860 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\windows\system32\drivers\ndis.sys
18:29:29.0843 1860 NDIS - ok
18:29:29.0858 1860 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:29:29.0858 1860 NdisCap - ok
18:29:29.0874 1860 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:29:29.0874 1860 NdisTapi - ok
18:29:29.0936 1860 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:29:29.0936 1860 Ndisuio - ok
18:29:29.0967 1860 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:29:29.0983 1860 NdisWan - ok
18:29:30.0014 1860 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:29:30.0014 1860 NDProxy - ok
18:29:30.0061 1860 [ 307bc83250fc8e3b2878d81e7d760299 ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
18:29:30.0077 1860 Netaapl - ok
18:29:30.0092 1860 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:29:30.0092 1860 NetBIOS - ok
18:29:30.0139 1860 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:29:30.0139 1860 NetBT - ok
18:29:30.0139 1860 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\windows\system32\lsass.exe
18:29:30.0155 1860 Netlogon - ok
18:29:30.0170 1860 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\windows\System32\netman.dll
18:29:30.0186 1860 Netman - ok
18:29:30.0201 1860 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\windows\System32\netprofm.dll
18:29:30.0201 1860 netprofm - ok
18:29:30.0233 1860 [ b964d4c524a80aba22db16fc1eded0a9 ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
18:29:30.0264 1860 netr28x - ok
18:29:30.0279 1860 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:29:30.0279 1860 NetTcpPortSharing - ok
18:29:30.0295 1860 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
18:29:30.0295 1860 nfrd960 - ok
18:29:30.0513 1860 [ fdcfe6c98fcd64aa6d8411f44faa2c29 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
18:29:30.0685 1860 NIHardwareService - ok
18:29:30.0747 1860 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
18:29:30.0747 1860 NlaSvc - ok
18:29:30.0779 1860 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\windows\system32\drivers\Npfs.sys
18:29:30.0794 1860 Npfs - ok
18:29:30.0825 1860 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\windows\system32\nsisvc.dll
18:29:30.0825 1860 nsi - ok
18:29:30.0841 1860 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:29:30.0841 1860 nsiproxy - ok
18:29:30.0888 1860 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:29:30.0919 1860 Ntfs - ok
18:29:30.0935 1860 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\windows\system32\drivers\Null.sys
18:29:30.0935 1860 Null - ok
18:29:30.0981 1860 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\windows\system32\drivers\nvraid.sys
18:29:30.0997 1860 nvraid - ok
18:29:31.0013 1860 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\windows\system32\drivers\nvstor.sys
18:29:31.0013 1860 nvstor - ok
18:29:31.0059 1860 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:29:31.0059 1860 nv_agp - ok
18:29:31.0091 1860 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:29:31.0106 1860 ohci1394 - ok
18:29:31.0200 1860 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:29:31.0200 1860 ose - ok
18:29:31.0356 1860 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:29:31.0449 1860 osppsvc - ok
18:29:31.0481 1860 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:29:31.0481 1860 p2pimsvc - ok
18:29:31.0496 1860 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\windows\system32\p2psvc.dll
18:29:31.0512 1860 p2psvc - ok
18:29:31.0527 1860 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
18:29:31.0559 1860 Parport - ok
18:29:31.0605 1860 [ 871eadac56b0a4c6512bbe32753ccf79 ] partmgr C:\windows\system32\drivers\partmgr.sys
18:29:31.0605 1860 partmgr - ok
18:29:31.0621 1860 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
18:29:31.0637 1860 PcaSvc - ok
18:29:31.0652 1860 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\windows\system32\drivers\pci.sys
18:29:31.0652 1860 pci - ok
18:29:31.0668 1860 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\windows\system32\drivers\pciide.sys
18:29:31.0668 1860 pciide - ok
18:29:31.0683 1860 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
18:29:31.0683 1860 pcmcia - ok
18:29:31.0699 1860 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\windows\system32\drivers\pcw.sys
18:29:31.0699 1860 pcw - ok
18:29:31.0730 1860 pdfcDispatcher - ok
18:29:31.0746 1860 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:29:31.0746 1860 PEAUTH - ok
18:29:31.0824 1860 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\windows\SysWow64\perfhost.exe
18:29:31.0824 1860 PerfHost - ok
18:29:31.0902 1860 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\windows\system32\pla.dll
18:29:31.0949 1860 pla - ok
18:29:31.0980 1860 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:29:31.0995 1860 PlugPlay - ok
18:29:32.0011 1860 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:29:32.0011 1860 PNRPAutoReg - ok
18:29:32.0011 1860 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:29:32.0027 1860 PNRPsvc - ok
18:29:32.0042 1860 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:29:32.0058 1860 PolicyAgent - ok
18:29:32.0073 1860 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\windows\system32\umpo.dll
18:29:32.0073 1860 Power - ok
18:29:32.0136 1860 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:29:32.0136 1860 PptpMiniport - ok
18:29:32.0167 1860 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\windows\system32\DRIVERS\processr.sys
18:29:32.0167 1860 Processor - ok
18:29:32.0167 1860 [ 5c78838b4d166d1a27db3a8a820c799a ] ProfSvc C:\windows\system32\profsvc.dll
18:29:32.0183 1860 ProfSvc - ok
18:29:32.0183 1860 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\windows\system32\lsass.exe
18:29:32.0183 1860 ProtectedStorage - ok
18:29:32.0245 1860 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:29:32.0245 1860 Psched - ok
18:29:32.0276 1860 [ a6a7ad767bf5141665f5c675f671b3e1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:29:32.0276 1860 PSI_SVC_2 - ok
18:29:32.0307 1860 [ 355f0f3b1c7cbed577d89a6fe437c6c6 ] QipGuard C:\Program Files (x86)\QipGuard\QipGuard.exe
18:29:32.0307 1860 QipGuard - ok
18:29:32.0370 1860 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
18:29:32.0417 1860 ql2300 - ok
18:29:32.0432 1860 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
18:29:32.0432 1860 ql40xx - ok
18:29:32.0510 1860 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\windows\system32\qwave.dll
18:29:32.0526 1860 QWAVE - ok
18:29:32.0557 1860 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:29:32.0557 1860 QWAVEdrv - ok
18:29:32.0573 1860 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:29:32.0573 1860 RasAcd - ok
18:29:32.0588 1860 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:29:32.0619 1860 RasAgileVpn - ok
18:29:32.0651 1860 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\windows\System32\rasauto.dll
18:29:32.0651 1860 RasAuto - ok
18:29:32.0697 1860 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:29:32.0697 1860 Rasl2tp - ok
18:29:32.0760 1860 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\windows\System32\rasmans.dll
18:29:32.0760 1860 RasMan - ok
18:29:32.0775 1860 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:29:32.0775 1860 RasPppoe - ok
18:29:32.0791 1860 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:29:32.0791 1860 RasSstp - ok
18:29:32.0838 1860 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:29:32.0838 1860 rdbss - ok
18:29:32.0853 1860 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
18:29:32.0869 1860 rdpbus - ok
18:29:32.0885 1860 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:29:32.0885 1860 RDPCDD - ok
18:29:32.0900 1860 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:29:32.0900 1860 RDPENCDD - ok
18:29:32.0916 1860 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:29:32.0916 1860 RDPREFMP - ok
18:29:32.0947 1860 [ 6d76e6433574b058adcb0c50df834492 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:29:32.0994 1860 RDPWD - ok
18:29:33.0041 1860 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:29:33.0041 1860 rdyboost - ok
18:29:33.0119 1860 [ d75d69d9b5f10d85b01762c5af5bd4a0 ] RELOOP_PLAY_USB C:\windows\system32\Drivers\rlplay_u.sys
18:29:33.0134 1860 RELOOP_PLAY_USB - ok
18:29:33.0165 1860 [ 1cc04108dc7d34901a335d55996f395e ] RELOOP_PLAY_WDM C:\windows\system32\drivers\rlplay_a.sys
18:29:33.0165 1860 RELOOP_PLAY_WDM - ok
18:29:33.0197 1860 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\windows\System32\mprdim.dll
18:29:33.0197 1860 RemoteAccess - ok
18:29:33.0212 1860 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:29:33.0212 1860 RemoteRegistry - ok
18:29:33.0243 1860 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
18:29:33.0243 1860 RFCOMM - ok
18:29:33.0259 1860 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:29:33.0275 1860 RpcEptMapper - ok
18:29:33.0275 1860 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\windows\system32\locator.exe
18:29:33.0290 1860 RpcLocator - ok
18:29:33.0337 1860 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\windows\system32\rpcss.dll
18:29:33.0337 1860 RpcSs - ok
18:29:33.0368 1860 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:29:33.0368 1860 rspndr - ok
18:29:33.0384 1860 [ 30f463768d5143bfd7b2df822b53cf4d ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
18:29:33.0399 1860 RSUSBSTOR - ok
18:29:33.0415 1860 [ ecbab4cd65cbedbe26ec6838e4fb7c1c ] RsvLock C:\windows\system32\drivers\RsvLock.sys
18:29:33.0431 1860 RsvLock - ok
18:29:33.0477 1860 [ fd978b2bf8a9b2390dcbef435e9c1f9f ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
18:29:33.0493 1860 RTL8167 - ok
18:29:33.0524 1860 [ 6c66e50dec6110295e695d0dc6d688aa ] s1039bus C:\windows\system32\DRIVERS\s1039bus.sys
18:29:33.0524 1860 s1039bus - ok
18:29:33.0540 1860 [ 98c7dbe2290d8cb0235e9528f6a1a53d ] s1039mdfl C:\windows\system32\DRIVERS\s1039mdfl.sys
18:29:33.0555 1860 s1039mdfl - ok
18:29:33.0571 1860 [ 7ef052a067d862ecd2a2335914611074 ] s1039mdm C:\windows\system32\DRIVERS\s1039mdm.sys
18:29:33.0571 1860 s1039mdm - ok
18:29:33.0602 1860 [ bcc3f31f1fe1e78a5ba2cd6a0e44ba64 ] s1039mgmt C:\windows\system32\DRIVERS\s1039mgmt.sys
18:29:33.0602 1860 s1039mgmt - ok
18:29:33.0602 1860 [ a0cf11bffa41176ccd54e701ceb68921 ] s1039nd5 C:\windows\system32\DRIVERS\s1039nd5.sys
18:29:33.0618 1860 s1039nd5 - ok
18:29:33.0633 1860 [ bd2da968c5dcef51ba8014fbac7a0b6a ] s1039obex C:\windows\system32\DRIVERS\s1039obex.sys
18:29:33.0633 1860 s1039obex - ok
18:29:33.0665 1860 [ 96b4051b65c1974258a8a33a03c0b082 ] s1039unic C:\windows\system32\DRIVERS\s1039unic.sys
18:29:33.0665 1860 s1039unic - ok
18:29:33.0680 1860 [ 317a99735c3a26c5cd60ab59e5e7e4e2 ] SafeBoot C:\windows\system32\drivers\SafeBoot.sys
18:29:33.0680 1860 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 317a99735c3a26c5cd60ab59e5e7e4e2

[Smile]

18:29:33.0680 1860 SafeBoot ( LockedFile.Multi.Generic ) - warning
18:29:33.0680 1860 SafeBoot - detected LockedFile.Multi.Generic (1)
18:29:33.0696 1860 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\windows\system32\lsass.exe
18:29:33.0696 1860 SamSs - ok
18:29:33.0711 1860 [ fd8714a36c4646de22ddc7e36f6d09ef ] SbAlg C:\windows\system32\drivers\SbAlg.sys
18:29:33.0711 1860 SbAlg - ok
18:29:33.0727 1860 [ fcaa034231e58b0de64d0a7904015535 ] SbFsLock C:\windows\system32\drivers\SbFsLock.sys
18:29:33.0727 1860 SbFsLock - ok
18:29:33.0774 1860 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:29:33.0774 1860 sbp2port - ok
18:29:33.0805 1860 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\windows\System32\SCardSvr.dll
18:29:33.0805 1860 SCardSvr - ok
18:29:33.0852 1860 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:29:33.0852 1860 scfilter - ok
18:29:33.0914 1860 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\windows\system32\schedsvc.dll
18:29:33.0945 1860 Schedule - ok
18:29:34.0008 1860 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\windows\System32\certprop.dll
18:29:34.0008 1860 SCPolicySvc - ok
18:29:34.0055 1860 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\windows\system32\drivers\sdbus.sys
18:29:34.0070 1860 sdbus - ok
18:29:34.0117 1860 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:29:34.0117 1860 SDRSVC - ok
18:29:34.0148 1860 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:29:34.0148 1860 secdrv - ok
18:29:34.0179 1860 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\windows\system32\seclogon.dll
18:29:34.0195 1860 seclogon - ok
18:29:34.0195 1860 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\windows\System32\sens.dll
18:29:34.0195 1860 SENS - ok
18:29:34.0211 1860 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\windows\system32\sensrsvc.dll
18:29:34.0211 1860 SensrSvc - ok
18:29:34.0226 1860 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\windows\system32\DRIVERS\serenum.sys
18:29:34.0226 1860 Serenum - ok
18:29:34.0257 1860 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\windows\system32\DRIVERS\serial.sys
18:29:34.0257 1860 Serial - ok
18:29:34.0273 1860 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
18:29:34.0273 1860 sermouse - ok
18:29:34.0335 1860 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\windows\system32\sessenv.dll
18:29:34.0351 1860 SessionEnv - ok
18:29:34.0398 1860 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:29:34.0398 1860 sffdisk - ok
18:29:34.0445 1860 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:29:34.0460 1860 sffp_mmc - ok
18:29:34.0476 1860 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:29:34.0491 1860 sffp_sd - ok
18:29:34.0491 1860 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
18:29:34.0507 1860 sfloppy - ok
18:29:34.0523 1860 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\windows\System32\ipnathlp.dll
18:29:34.0538 1860 SharedAccess - ok
18:29:34.0601 1860 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:29:34.0601 1860 ShellHWDetection - ok
18:29:34.0663 1860 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
18:29:34.0663 1860 SiSRaid2 - ok
18:29:34.0679 1860 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
18:29:34.0694 1860 SiSRaid4 - ok
18:29:34.0710 1860 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:29:34.0741 1860 Smb - ok
18:29:34.0788 1860 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:29:34.0788 1860 SNMPTRAP - ok
18:29:34.0866 1860 [ 6fc63b4b19fb809336034d5c5c4d2bc0 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
18:29:34.0913 1860 SNP2UVC - ok
18:29:34.0975 1860 [ 1a623f2b69e1f182f995f963c55db935 ] Sony Ericsson PCCompanion C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
18:29:34.0975 1860 Sony Ericsson PCCompanion - ok
18:29:34.0991 1860 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\windows\system32\drivers\spldr.sys
18:29:34.0991 1860 spldr - ok
18:29:35.0053 1860 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\windows\System32\spoolsv.exe
18:29:35.0069 1860 Spooler - ok
18:29:35.0193 1860 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\windows\system32\sppsvc.exe
18:29:35.0271 1860 sppsvc - ok
18:29:35.0287 1860 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:29:35.0287 1860 sppuinotify - ok
18:29:35.0303 1860 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\windows\system32\DRIVERS\srv.sys
18:29:35.0318 1860 srv - ok
18:29:35.0349 1860 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:29:35.0349 1860 srv2 - ok
18:29:35.0365 1860 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:29:35.0365 1860 srvnet - ok
18:29:35.0381 1860 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:29:35.0381 1860 SSDPSRV - ok
18:29:35.0396 1860 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\windows\system32\sstpsvc.dll
18:29:35.0396 1860 SstpSvc - ok
18:29:35.0505 1860 [ e455f5fe92edc3cad3f2963c5cca47e6 ] STacSV C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
18:29:35.0505 1860 STacSV - ok
18:29:35.0521 1860 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
18:29:35.0537 1860 stexstor - ok
18:29:35.0568 1860 [ 4a9d087c9a97071b9d06db38567da906 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
18:29:35.0599 1860 STHDA - ok
18:29:35.0677 1860 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\windows\System32\wiaservc.dll
18:29:35.0693 1860 stisvc - ok
18:29:35.0739 1860 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\windows\system32\drivers\swenum.sys
18:29:35.0739 1860 swenum - ok
18:29:35.0771 1860 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\windows\System32\swprv.dll
18:29:35.0771 1860 swprv - ok
18:29:35.0833 1860 [ d268d2a0db2a2bbe963e688d0b039267 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
18:29:35.0880 1860 SynTP - ok
18:29:35.0958 1860 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\windows\system32\sysmain.dll
18:29:35.0989 1860 SysMain - ok
18:29:36.0005 1860 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\windows\System32\TabSvc.dll
18:29:36.0005 1860 TabletInputService - ok
18:29:36.0051 1860 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\windows\System32\tapisrv.dll
18:29:36.0051 1860 TapiSrv - ok
18:29:36.0067 1860 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\windows\System32\tbssvc.dll
18:29:36.0067 1860 TBS - ok
18:29:36.0114 1860 [ fc62769e7bff2896035aeed399108162 ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:29:36.0161 1860 Tcpip - ok
18:29:36.0192 1860 [ fc62769e7bff2896035aeed399108162 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:29:36.0207 1860 TCPIP6 - ok
18:29:36.0223 1860 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:29:36.0223 1860 tcpipreg - ok
18:29:36.0270 1860 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:29:36.0285 1860 TDPIPE - ok
18:29:36.0332 1860 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:29:36.0363 1860 TDTCP - ok
18:29:36.0395 1860 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:29:36.0410 1860 tdx - ok
18:29:36.0457 1860 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\windows\system32\drivers\termdd.sys
18:29:36.0457 1860 TermDD - ok
18:29:36.0519 1860 [ 2e648163254233755035b46dd7b89123 ] TermService C:\windows\System32\termsrv.dll
18:29:36.0551 1860 TermService - ok
18:29:36.0566 1860 [ f0344071948d1a1fa732231785a0664c ] Themes C:\windows\system32\themeservice.dll
18:29:36.0566 1860 Themes - ok
18:29:36.0582 1860 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\windows\system32\mmcss.dll
18:29:36.0582 1860 THREADORDER - ok
18:29:36.0613 1860 [ dbcc20c02e8a3e43b03c304a4e40a84f ] TPM C:\windows\system32\drivers\tpm.sys
18:29:36.0613 1860 TPM - ok
18:29:36.0629 1860 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\windows\System32\trkwks.dll
18:29:36.0644 1860 TrkWks - ok
18:29:36.0675 1860 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:29:36.0675 1860 TrustedInstaller - ok
18:29:36.0722 1860 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:29:36.0722 1860 tssecsrv - ok
18:29:36.0785 1860 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:29:36.0785 1860 TsUsbFlt - ok
18:29:36.0831 1860 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:29:36.0831 1860 tunnel - ok
18:29:36.0863 1860 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
18:29:36.0863 1860 uagp35 - ok
18:29:36.0894 1860 [ 9eea84226ed2a028bc3fdfdde03fe95c ] uArcCapture C:\windows\system\uArcCapture.exe
18:29:36.0894 1860 uArcCapture - ok
18:29:36.0956 1860 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:29:36.0972 1860 udfs - ok
18:29:36.0987 1860 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:29:37.0003 1860 UI0Detect - ok
18:29:37.0019 1860 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:29:37.0019 1860 uliagpkx - ok
18:29:37.0081 1860 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\windows\system32\drivers\umbus.sys
18:29:37.0097 1860 umbus - ok
18:29:37.0143 1860 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\windows\system32\DRIVERS\umpass.sys
18:29:37.0143 1860 UmPass - ok
18:29:37.0221 1860 [ 44aa8d5d3b3b5610fef46ca8a9c52d8c ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:29:37.0284 1860 UNS - ok
18:29:37.0315 1860 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\windows\System32\upnphost.dll
18:29:37.0331 1860 upnphost - ok
18:29:37.0362 1860 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
18:29:37.0362 1860 USBAAPL64 - ok
18:29:37.0409 1860 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\windows\system32\drivers\usbaudio.sys
18:29:37.0409 1860 usbaudio - ok
18:29:37.0424 1860 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:29:37.0440 1860 usbccgp - ok
18:29:37.0487 1860 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:29:37.0487 1860 usbcir - ok
18:29:37.0533 1860 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\windows\system32\drivers\usbehci.sys
18:29:37.0533 1860 usbehci - ok
18:29:37.0565 1860 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:29:37.0565 1860 usbhub - ok
18:29:37.0580 1860 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\windows\system32\drivers\usbohci.sys
18:29:37.0596 1860 usbohci - ok
18:29:37.0611 1860 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:29:37.0611 1860 usbprint - ok
18:29:37.0627 1860 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
18:29:37.0643 1860 usbscan - ok
18:29:37.0658 1860 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:29:37.0658 1860 USBSTOR - ok
18:29:37.0674 1860 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:29:37.0674 1860 usbuhci - ok
18:29:37.0705 1860 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
18:29:37.0721 1860 usbvideo - ok
18:29:37.0736 1860 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\windows\System32\uxsms.dll
18:29:37.0736 1860 UxSms - ok
18:29:37.0752 1860 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\windows\system32\lsass.exe
18:29:37.0752 1860 VaultSvc - ok
18:29:37.0799 1860 [ f81a2648bff893c8efd9897811b14263 ] vcsFPService C:\windows\system32\vcsFPService.exe
18:29:37.0908 1860 vcsFPService - ok
18:29:37.0939 1860 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:29:37.0939 1860 vdrvroot - ok
18:29:38.0001 1860 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\windows\System32\vds.exe
18:29:38.0001 1860 vds - ok
18:29:38.0017 1860 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:29:38.0017 1860 vga - ok
18:29:38.0048 1860 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\windows\System32\drivers\vga.sys
18:29:38.0048 1860 VgaSave - ok
18:29:38.0048 1860 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:29:38.0064 1860 vhdmp - ok
18:29:38.0111 1860 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\windows\system32\drivers\viaide.sys
18:29:38.0111 1860 viaide - ok
18:29:38.0126 1860 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:29:38.0126 1860 volmgr - ok
18:29:38.0173 1860 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:29:38.0189 1860 volmgrx - ok
18:29:38.0220 1860 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\windows\system32\drivers\volsnap.sys
18:29:38.0220 1860 volsnap - ok
18:29:38.0251 1860 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
18:29:38.0251 1860 vsmraid - ok
18:29:38.0329 1860 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\windows\system32\vssvc.exe
18:29:38.0391 1860 VSS - ok
18:29:38.0407 1860 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:29:38.0407 1860 vwifibus - ok
18:29:38.0423 1860 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:29:38.0423 1860 vwififlt - ok
18:29:38.0438 1860 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\windows\system32\w32time.dll
18:29:38.0454 1860 W32Time - ok
18:29:38.0469 1860 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
18:29:38.0469 1860 WacomPen - ok
18:29:38.0485 1860 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:29:38.0485 1860 WANARP - ok
18:29:38.0485 1860 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:29:38.0485 1860 Wanarpv6 - ok
18:29:38.0563 1860 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:29:38.0594 1860 WatAdminSvc - ok
18:29:38.0672 1860 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\windows\system32\wbengine.exe
18:29:38.0719 1860 wbengine - ok
18:29:38.0750 1860 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:29:38.0750 1860 WbioSrvc - ok
18:29:38.0797 1860 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\windows\System32\wcncsvc.dll
18:29:38.0797 1860 wcncsvc - ok
18:29:38.0844 1860 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:29:38.0844 1860 WcsPlugInService - ok
18:29:38.0859 1860 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\windows\system32\DRIVERS\wd.sys
18:29:38.0875 1860 Wd - ok
18:29:38.0891 1860 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:29:38.0906 1860 Wdf01000 - ok
18:29:38.0922 1860 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\windows\system32\wdi.dll
18:29:38.0937 1860 WdiServiceHost - ok
18:29:38.0937 1860 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\windows\system32\wdi.dll
18:29:38.0937 1860 WdiSystemHost - ok
18:29:39.0000 1860 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\windows\System32\webclnt.dll
18:29:39.0015 1860 WebClient - ok
18:29:39.0031 1860 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\windows\system32\wecsvc.dll
18:29:39.0047 1860 Wecsvc - ok
18:29:39.0062 1860 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:29:39.0062 1860 wercplsupport - ok
18:29:39.0078 1860 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\windows\System32\WerSvc.dll
18:29:39.0078 1860 WerSvc - ok
18:29:39.0093 1860 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:29:39.0125 1860 WfpLwf - ok
18:29:39.0171 1860 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:29:39.0171 1860 WIMMount - ok
18:29:39.0187 1860 WinDefend - ok
18:29:39.0187 1860 WinHttpAutoProxySvc - ok
18:29:39.0249 1860 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:29:39.0249 1860 Winmgmt - ok
18:29:39.0343 1860 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\windows\system32\WsmSvc.dll
18:29:39.0421 1860 WinRM - ok
18:29:39.0483 1860 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
18:29:39.0515 1860 WinUsb - ok
18:29:39.0561 1860 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\windows\System32\wlansvc.dll
18:29:39.0593 1860 Wlansvc - ok
18:29:39.0702 1860 [ 98f138897ef4246381d197cb81846d62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:29:39.0764 1860 wlidsvc - ok
18:29:39.0827 1860 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:29:39.0827 1860 WmiAcpi - ok
18:29:39.0842 1860 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:29:39.0842 1860 wmiApSrv - ok
18:29:39.0858 1860 WMPNetworkSvc - ok
18:29:39.0873 1860 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\windows\System32\wpcsvc.dll
18:29:39.0873 1860 WPCSvc - ok
18:29:39.0920 1860 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:29:39.0920 1860 WPDBusEnum - ok
18:29:39.0936 1860 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:29:39.0936 1860 ws2ifsl - ok
18:29:39.0951 1860 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\windows\System32\wscsvc.dll
18:29:39.0967 1860 wscsvc - ok
18:29:39.0967 1860 WSearch - ok
18:29:40.0061 1860 [ 9df12edbc698b0bc353b3ef84861e430 ] wuauserv C:\windows\system32\wuaueng.dll
18:29:40.0123 1860 wuauserv - ok
18:29:40.0170 1860 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:29:40.0170 1860 WudfPf - ok
18:29:40.0185 1860 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:29:40.0201 1860 WUDFRd - ok
18:29:40.0248 1860 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:29:40.0248 1860 wudfsvc - ok
18:29:40.0279 1860 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\windows\System32\wwansvc.dll
18:29:40.0279 1860 WwanSvc - ok
18:29:40.0326 1860 ================ Scan global ===============================
18:29:40.0357 1860 (ba0cd8c393e8c9f83354106093832c7b) C:\windows\system32\basesrv.dll
18:29:40.0404 1860 (eb6a48cc998e1090e44e8e7f1009a640) C:\windows\system32\winsrv.dll
18:29:40.0419 1860 (eb6a48cc998e1090e44e8e7f1009a640) C:\windows\system32\winsrv.dll
18:29:40.0435 1860 (d6160f9d869ba3af0b787f971db56368) C:\windows\system32\sxssrv.dll
18:29:40.0466 1860 (24acb7e5be595468e3b9aa488b9b4fcb) C:\windows\system32\services.exe
18:29:40.0466 1860 [Global] - ok
18:29:40.0466 1860 ================ Scan MBR ==================================
18:29:40.0482 1860 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:29:40.0763 1860 \Device\Harddisk0\DR0 - ok
18:29:40.0763 1860 ================ Scan VBR ==================================
18:29:40.0763 1860 Boot (0x1200) (2380312f1864f4340df3f35039a14b09) \Device\Harddisk0\DR0\Partition1
18:29:40.0778 1860 \Device\Harddisk0\DR0\Partition1 - ok
18:29:40.0794 1860 Boot (0x1200) (ae6990b84765c4235cf9c199b2e8d88b) \Device\Harddisk0\DR0\Partition2
18:29:40.0794 1860 \Device\Harddisk0\DR0\Partition2 - ok
18:29:40.0825 1860 Boot (0x1200) (5c53d898d7607826949790e3ae38569e) \Device\Harddisk0\DR0\Partition3
18:29:40.0825 1860 \Device\Harddisk0\DR0\Partition3 - ok
18:29:40.0841 1860 Boot (0x1200) (de8fa1148526f24560f228e123e34216) \Device\Harddisk0\DR0\Partition4
18:29:40.0841 1860 \Device\Harddisk0\DR0\Partition4 - ok
18:29:40.0841 1860 ============================================================
18:29:40.0841 1860 Scan finished
18:29:40.0841 1860 ============================================================
18:29:40.0856 6320 Detected object count: 1
18:29:40.0856 6320 Actual detected object count: 1
18:29:48.0937 6320 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
18:29:48.0937 6320 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip
18:29:52.0244 6800 Deinitialize success

[Smile]

ComboFix 12-08-16.01 - Renáta 16.08.2012 18:43:31.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2991.1984 [GMT 2:00]
Spuštěný z: c:\users\Renßta\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\509A48B352.sys
C:\Thumbs.db
c:\users\Renáta\AppData\Local\ypjfvt.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\pt
c:\windows\SysWow64\pt\DPCont32.dll.mui
c:\windows\SysWow64\pt\DPCrProv.dll.mui
c:\windows\SysWow64\pt\DPFPApiUI.dll.mui
c:\windows\SysWow64\pt\DPPassFilter.dll.mui
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-16 do 2012-08-16 )))))))))))))))))))))))))))))))
.
.
2012-08-16 16:53 . 2012-08-16 16:53 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-08-16 16:53 . 2012-08-16 16:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-16 09:49 . 2012-08-16 09:49 -------- d-----w- c:\users\Renáta\AppData\Roaming\Malwarebytes
2012-08-16 09:49 . 2012-08-16 09:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-16 09:49 . 2012-08-16 09:49 -------- d-----w- c:\programdata\Malwarebytes
2012-08-16 09:49 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-15 15:44 . 2012-08-15 15:44 388096 ----a-r- c:\users\Renáta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-15 15:44 . 2012-08-15 15:44 -------- d-----w- c:\program files (x86)\Trend Micro
2012-08-13 17:22 . 2012-08-14 11:26 -------- d-----w- c:\users\Renáta\kbpki
2012-08-13 16:59 . 2012-08-13 16:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-13 16:57 . 2012-08-13 16:57 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2012-08-13 16:57 . 2012-08-13 16:57 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-13 16:57 . 2012-08-13 16:57 -------- d-----w- c:\program files (x86)\Java
2012-08-09 12:24 . 2012-08-09 12:24 -------- d-----w- c:\program files\iPod
2012-08-09 12:24 . 2012-08-09 12:24 -------- d-----w- c:\program files\iTunes
2012-08-09 12:24 . 2012-08-09 12:24 -------- d-----w- c:\program files (x86)\iTunes
2012-07-25 18:12 . 2012-07-25 18:12 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-07-25 18:10 . 2012-07-25 18:10 -------- d-----w- c:\program files\Bonjour
2012-07-25 18:10 . 2012-07-25 18:10 -------- d-----w- c:\program files (x86)\Bonjour
2012-07-19 22:11 . 2012-07-19 22:11 -------- d-----w- c:\program files (x86)\Codec Pack - All In 1
2012-07-19 17:55 . 2011-06-22 09:32 974848 ----a-w- c:\windows\SysWow64\mfc70.dll
2012-07-19 17:55 . 2011-06-22 09:32 487424 ----a-w- c:\windows\SysWow64\msvcp70.dll
2012-07-19 17:55 . 2011-06-22 09:32 344064 ----a-w- c:\windows\SysWow64\msvcr70.dll
2012-07-19 17:55 . 2011-06-22 09:32 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2012-07-19 17:55 . 2011-06-22 09:32 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-07-19 17:55 . 2012-08-15 15:53 -------- d-----w- c:\program files (x86)\AVS4YOU
2012-07-19 17:55 . 2012-07-19 17:56 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 10:28 . 2011-03-28 14:12 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-08-15 15:44 . 2012-08-15 15:44 388096 ----a-r- c:\users\Renáta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-15 15:44 . 2012-08-15 15:44 388096 ----a-r- c:\users\Renáta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-11 10:18 . 2011-01-29 14:18 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-08-11 10:18 . 2011-01-29 14:17 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-13 05:18 . 2011-03-28 14:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
.
c:\users\Renáta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Renáta\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe [2012-7-26 244656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 bcd3000;bcd3000;c:\windows\system32\DRIVERS\bcd3000_x64.sys [2010-08-05 54888]
R3 bcd3000wdm;bcd3000wdm;c:\windows\system32\DRIVERS\bcd3000wdm_x64.sys [2010-08-05 32872]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-04-09 52736]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys [2009-10-02 154112]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 129976]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2010-04-19 22528]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RELOOP_PLAY_USB;usb-audio.de driver for Reloop PLAY;c:\windows\system32\Drivers\rlplay_u.sys [2010-04-29 406080]
R3 RELOOP_PLAY_WDM;Reloop PLAY WDM Audio;c:\windows\system32\drivers\rlplay_a.sys [2010-04-29 50240]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-11 232480]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-30 1255736]
R4 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
R4 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 136176]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 136176]
R4 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [2007-11-21 20480]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R4 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R4 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2010-12-13 187776]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R4 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 26704]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-10 375376]
S1 RsvLock;RsvLock; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 203264]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-18 103992]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-12-05 5739008]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe [2009-12-04 506472]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6859776]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 264192]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 120400]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 29776]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2010-06-29 3232768]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-30 1028096]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 15:31]
.
2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 15:31]
.
2012-08-11 c:\windows\Tasks\HPCeeScheduleForRenáta.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-17 487424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bigseekpro.com/burn4free/{230274AB-9E58-4151-BF8C-162A61923401}
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Renáta\AppData\Roaming\Mozilla\Firefox\Profiles\2uptgu2f.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B94 ... &sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: general.useragent.extra.brc -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-08-16 19:13:10
ComboFix-quarantined-files.txt 2012-08-16 17:13
.
Před spuštěním: Volných bajtů: 18 364 862 464
Po spuštění: Volných bajtů: 18 107 920 384
.
- - End Of File - - EF16030DCBBBB98CB9C7A27D793A520B

[jaro3]

Máš málo místa na disku!! Máš mít alespoň 15% volného místa na systémovém disku pro windows!!

c:\users\Renáta\kbpki---Komerční Banka?

Odinstaluj:
McAfee Security Scan

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update
c:\program files (x86)\McAfee Security Scan

Driver::
update
gupdatem
McComponentHostService

DDS::
uStart Page = hxxp://www.bigseekpro.com/burn4free/{230274AB-9E58-4151-BF8C-162A61923401}
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www

Firefox::
FF - ProfilePath - c:\users\Renáta\AppData\Roaming\Mozilla\Firefox\Profiles\2uptgu2f.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - user.js: general.useragent.extra.brc -

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

+
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Smile]

ComboFix 12-08-16.01 - Renáta 17.08.2012 8:32.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2991.1600 [GMT 2:00]
Spuštěný z: c:\users\Renßta\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Renßta\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-17 do 2012-08-17 )))))))))))))))))))))))))))))))
.
.
2012-08-17 06:41 . 2012-08-17 06:41 -------- d-----w- c:\users\Kubík\AppData\Local\temp
2012-08-17 06:41 . 2012-08-17 06:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-17 06:41 . 2012-08-17 06:41 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-08-16 09:49 . 2012-08-16 09:49 -------- d-----w- c:\users\Renáta\AppData\Roaming\Malwarebytes
2012-08-16 09:49 . 2012-08-16 09:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-16 09:49 . 2012-08-16 09:49 -------- d-----w- c:\programdata\Malwarebytes
2012-08-16 09:49 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-15 15:44 . 2012-08-15 15:44 388096 ----a-r- c:\users\Renáta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-15 15:44 . 2012-08-15 15:44 -------- d-----w- c:\program files (x86)\Trend Micro
2012-08-13 17:22 . 2012-08-14 11:26 -------- d-----w- c:\users\Renáta\kbpki
2012-08-13 16:59 . 2012-08-13 16:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-13 16:57 . 2012-08-13 16:57 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2012-08-13 16:57 . 2012-08-13 16:57 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-13 16:57 . 2012-08-13 16:57 -------- d-----w- c:\program files (x86)\Java
2012-08-09 12:24 . 2012-08-09 12:24 -------- d-----w- c:\program files\iPod
2012-08-09 12:24 . 2012-08-09 12:24 -------- d-----w- c:\program files\iTunes
2012-08-09 12:24 . 2012-08-09 12:24 -------- d-----w- c:\program files (x86)\iTunes
2012-07-25 18:12 . 2012-07-25 18:12 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-07-25 18:10 . 2012-07-25 18:10 -------- d-----w- c:\program files\Bonjour
2012-07-25 18:10 . 2012-07-25 18:10 -------- d-----w- c:\program files (x86)\Bonjour
2012-07-19 22:11 . 2012-07-19 22:11 -------- d-----w- c:\program files (x86)\Codec Pack - All In 1
2012-07-19 17:55 . 2011-06-22 09:32 974848 ----a-w- c:\windows\SysWow64\mfc70.dll
2012-07-19 17:55 . 2011-06-22 09:32 487424 ----a-w- c:\windows\SysWow64\msvcp70.dll
2012-07-19 17:55 . 2011-06-22 09:32 344064 ----a-w- c:\windows\SysWow64\msvcr70.dll
2012-07-19 17:55 . 2011-06-22 09:32 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2012-07-19 17:55 . 2011-06-22 09:32 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-07-19 17:55 . 2012-08-15 15:53 -------- d-----w- c:\program files (x86)\AVS4YOU
2012-07-19 17:55 . 2012-07-19 17:56 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 10:28 . 2011-03-28 14:12 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-08-15 15:44 . 2012-08-15 15:44 388096 ----a-r- c:\users\Renáta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-15 15:44 . 2012-08-15 15:44 388096 ----a-r- c:\users\Renáta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-11 10:18 . 2011-01-29 14:18 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-08-11 10:18 . 2011-01-29 14:17 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-13 05:18 . 2011-03-28 14:12 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-16_16.54.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 02:36 . 2012-08-15 14:31 616242 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-08-17 06:09 616242 c:\windows\system32\perfh009.dat
- 2010-09-03 01:46 . 2012-08-15 14:31 631526 c:\windows\system32\perfh005.dat
+ 2010-09-03 01:46 . 2012-08-17 06:09 631526 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-08-17 06:09 106622 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-08-15 14:31 106622 c:\windows\system32\perfc009.dat
+ 2010-09-03 01:46 . 2012-08-17 06:09 122148 c:\windows\system32\perfc005.dat
- 2010-09-03 01:46 . 2012-08-15 14:31 122148 c:\windows\system32\perfc005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
.
c:\users\Renáta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Renáta\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe [2012-7-26 244656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 bcd3000;bcd3000;c:\windows\system32\DRIVERS\bcd3000_x64.sys [2010-08-05 54888]
R3 bcd3000wdm;bcd3000wdm;c:\windows\system32\DRIVERS\bcd3000wdm_x64.sys [2010-08-05 32872]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-04-09 52736]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys [2009-10-02 154112]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 129976]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2010-04-19 22528]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RELOOP_PLAY_USB;usb-audio.de driver for Reloop PLAY;c:\windows\system32\Drivers\rlplay_u.sys [2010-04-29 406080]
R3 RELOOP_PLAY_WDM;Reloop PLAY WDM Audio;c:\windows\system32\drivers\rlplay_a.sys [2010-04-29 50240]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-11 232480]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-30 1255736]
R4 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
R4 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 136176]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 136176]
R4 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [2007-11-21 20480]
R4 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R4 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2010-12-13 187776]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R4 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 26704]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-10 375376]
S1 RsvLock;RsvLock; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 203264]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-18 103992]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-12-05 5739008]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe [2009-12-04 506472]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6859776]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 264192]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 120400]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 29776]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2010-06-29 3232768]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-30 1028096]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 15:31]
.
2012-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 15:31]
.
2012-08-11 c:\windows\Tasks\HPCeeScheduleForRenáta.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-17 487424]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bigseekpro.com/burn4free/{230274AB-9E58-4151-BF8C-162A61923401}
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Renáta\AppData\Roaming\Mozilla\Firefox\Profiles\2uptgu2f.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B94 ... &sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: general.useragent.extra.brc -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-08-17 09:00:39
ComboFix-quarantined-files.txt 2012-08-17 07:00
ComboFix2.txt 2012-08-16 17:13
.
Před spuštěním: Volných bajtů: 34 494 771 200
Po spuštění: Volných bajtů: 34 044 448 768
.
- - End Of File - - BCC1DF60BE9DE8DA2C0546301673C295

[Smile]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:03:57, on 17.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{230274AB-9E58-4151-BF8C-162A61923401}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - Startup: Facebook Messenger.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12577 bytes

[Smile]

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-17 09:06:41
-----------------------------
09:06:41.107 OS Version: Windows x64 6.1.7601 Service Pack 1
09:06:41.107 Number of processors: 4 586 0x2505
09:06:41.107 ComputerName: RENCA-HP UserName: Renáta
09:06:42.542 Initialize success
09:06:49.096 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:06:49.096 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
09:06:49.111 Disk 0 MBR read successfully
09:06:49.111 Disk 0 MBR scan
09:06:49.127 Disk 0 Windows 7 default MBR code
09:06:49.127 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
09:06:49.142 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287536 MB offset 616448
09:06:49.174 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589490176
09:06:49.189 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 620947456
09:06:49.236 Disk 0 scanning C:\windows\system32\drivers
09:06:57.067 Service scanning
09:07:08.174 Service SafeBoot C:\windows\System32\Drivers\SafeBoot.sys **LOCKED** 32
09:07:13.151 Modules scanning
09:07:13.151 Disk 0 trace - called modules:
09:07:13.182 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
09:07:13.182 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800529e060]
09:07:13.198 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80051479e0]
09:07:13.198 5 hpdskflt.sys[fffff88001b90289] -> nt!IofCallDriver -> [0xfffffa80032db760]
09:07:13.213 7 ACPI.sys[fffff88000faa7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80032de050]
09:07:13.213 Scan finished successfully
09:07:25.288 Disk 0 MBR has been saved successfully to "C:\Users\Renáta\Desktop\MBR.dat"
09:07:25.303 The log file has been saved successfully to "C:\Users\Renáta\Desktop\aswMBR.txt"