Kontrola zpomalený PC a internet

[masterbill]

čus,
potřeboval bych zkontrolovat PC byl přeinstalovaný a daný tam nějaký nový HW (zdroj, grafika a více RAM) ale nijak extra nepociťuji nárůst výkonu, spíše je PC nyní pomalejší už ho nějakou dobu od přeinstalování používám, tak mi na něj koukněte. díky


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:44:33, on 22.7.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\vsnpstd2.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WinTV\WinTV7\WinTVTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Uživatel\PortableApps\FSCapture69\FSCapture.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Uživatel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Uživatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1799270022-2577491155-1398509358-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - Startup: FastStone Capture.lnk = ?
O4 - Global Startup: WinTV Recording Status.lnk = C:\Program Files\WinTV\WinTV7\WinTVTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe

--
End of file - 9439 bytes


Malwarebytes Anti-Malware 1.62.0.1300
http://www.malwarebytes.org

Verze databáze: v2012.07.22.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Uživatel :: UŽIVATEL-PC [administrátor]

22.7.2012 19:48:25
mbam-log-2012-07-22 (20-36-46).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 218611
Uplynulý čas: 18 minut, 3 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\Uživatel\AppData\Local\Temp\KMP_3.3.0.33.exe (PUP.ToolbarDownloader) -> Žádná instrukce nebyla provedena.

(konec)

spustil jsem ATF Cleaner a tento nalezený soubor už to nenalezlo

[Reklama]

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Uživatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[masterbill]

20:01:14.0839 6004 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
20:01:15.0206 6004 ============================================================
20:01:15.0207 6004 Current date / time: 2012/07/23 20:01:15.0206
20:01:15.0207 6004 SystemInfo:
20:01:15.0208 6004
20:01:15.0208 6004 OS Version: 6.0.6002 ServicePack: 2.0
20:01:15.0209 6004 Product type: Workstation
20:01:15.0209 6004 ComputerName: UŽIVATEL-PC
20:01:15.0210 6004 UserName: Uživatel
20:01:15.0210 6004 Windows directory: C:\Windows
20:01:15.0210 6004 System windows directory: C:\Windows
20:01:15.0210 6004 Processor architecture: Intel x86
20:01:15.0211 6004 Number of processors: 4
20:01:15.0211 6004 Page size: 0x1000
20:01:15.0211 6004 Boot type: Normal boot
20:01:15.0212 6004 ============================================================
20:01:16.0540 6004 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:01:16.0711 6004 ============================================================
20:01:16.0712 6004 \Device\Harddisk0\DR0:
20:01:16.0712 6004 MBR partitions:
20:01:16.0712 6004 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
20:01:16.0712 6004 ============================================================
20:01:16.0866 6004 C: <-> \Device\Harddisk0\DR0\Partition0
20:01:16.0873 6004 ============================================================
20:01:16.0874 6004 Initialize success
20:01:16.0874 6004 ============================================================
20:01:26.0906 6100 ============================================================
20:01:26.0906 6100 Scan started
20:01:26.0906 6100 Mode: Manual;
20:01:26.0907 6100 ============================================================
20:01:27.0896 6100 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:01:27.0901 6100 ACPI - ok
20:01:28.0062 6100 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:01:28.0111 6100 AdobeARMservice - ok
20:01:28.0223 6100 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:01:28.0231 6100 AdobeFlashPlayerUpdateSvc - ok
20:01:28.0318 6100 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:01:28.0323 6100 adp94xx - ok
20:01:28.0371 6100 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:01:28.0376 6100 adpahci - ok
20:01:28.0403 6100 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:01:28.0409 6100 adpu160m - ok
20:01:28.0445 6100 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:01:28.0449 6100 adpu320 - ok
20:01:28.0555 6100 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:01:28.0558 6100 AeLookupSvc - ok
20:01:28.0631 6100 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:01:28.0636 6100 AFD - ok
20:01:28.0676 6100 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:01:28.0680 6100 agp440 - ok
20:01:28.0708 6100 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:01:28.0711 6100 aic78xx - ok
20:01:28.0765 6100 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
20:01:28.0769 6100 ALG - ok
20:01:28.0787 6100 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:01:28.0791 6100 aliide - ok
20:01:28.0823 6100 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:01:28.0826 6100 amdagp - ok
20:01:28.0855 6100 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:01:28.0859 6100 amdide - ok
20:01:28.0885 6100 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:01:28.0888 6100 AmdK7 - ok
20:01:28.0912 6100 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
20:01:28.0917 6100 AmdK8 - ok
20:01:28.0989 6100 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
20:01:28.0997 6100 Appinfo - ok
20:01:29.0023 6100 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:01:29.0026 6100 arc - ok
20:01:29.0069 6100 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:01:29.0074 6100 arcsas - ok
20:01:29.0240 6100 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:01:29.0244 6100 aspnet_state - ok
20:01:29.0297 6100 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:01:29.0302 6100 AsyncMac - ok
20:01:29.0339 6100 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:01:29.0344 6100 atapi - ok
20:01:29.0430 6100 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:01:29.0441 6100 AudioEndpointBuilder - ok
20:01:29.0468 6100 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:01:29.0496 6100 Audiosrv - ok
20:01:29.0666 6100 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:01:29.0673 6100 BBSvc - ok
20:01:29.0735 6100 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:01:29.0738 6100 Beep - ok
20:01:29.0805 6100 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
20:01:29.0812 6100 BFE - ok
20:01:29.0948 6100 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
20:01:29.0960 6100 BITS - ok
20:01:29.0975 6100 blbdrive - ok
20:01:30.0031 6100 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:01:30.0037 6100 bowser - ok
20:01:30.0079 6100 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:01:30.0083 6100 BrFiltLo - ok
20:01:30.0105 6100 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:01:30.0108 6100 BrFiltUp - ok
20:01:30.0165 6100 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
20:01:30.0171 6100 Browser - ok
20:01:30.0194 6100 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:01:30.0198 6100 Brserid - ok
20:01:30.0232 6100 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:01:30.0238 6100 BrSerWdm - ok
20:01:30.0259 6100 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:01:30.0263 6100 BrUsbMdm - ok
20:01:30.0288 6100 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:01:30.0291 6100 BrUsbSer - ok
20:01:30.0314 6100 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:01:30.0318 6100 BTHMODEM - ok
20:01:30.0353 6100 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:01:30.0356 6100 cdfs - ok
20:01:30.0406 6100 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:01:30.0409 6100 cdrom - ok
20:01:30.0541 6100 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:01:30.0544 6100 CertPropSvc - ok
20:01:30.0562 6100 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:01:30.0566 6100 circlass - ok
20:01:30.0618 6100 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:01:30.0627 6100 CLFS - ok
20:01:30.0725 6100 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:30.0730 6100 clr_optimization_v2.0.50727_32 - ok
20:01:30.0884 6100 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:01:30.0917 6100 clr_optimization_v4.0.30319_32 - ok
20:01:30.0964 6100 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:01:30.0967 6100 cmdide - ok
20:01:31.0005 6100 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
20:01:31.0009 6100 Compbatt - ok
20:01:31.0031 6100 COMSysApp - ok
20:01:31.0065 6100 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:01:31.0070 6100 crcdisk - ok
20:01:31.0094 6100 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:01:31.0097 6100 Crusoe - ok
20:01:31.0179 6100 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
20:01:31.0187 6100 CryptSvc - ok
20:01:31.0252 6100 dc3d (ca812b19c0e2bc044214ad3f6436e730) C:\Windows\system32\DRIVERS\dc3d.sys
20:01:31.0257 6100 dc3d - ok
20:01:31.0382 6100 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:01:31.0393 6100 DcomLaunch - ok
20:01:31.0450 6100 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:01:31.0454 6100 DfsC - ok
20:01:31.0709 6100 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
20:01:31.0741 6100 DFSR - ok
20:01:31.0905 6100 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
20:01:31.0909 6100 Dhcp - ok
20:01:31.0988 6100 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:01:31.0992 6100 disk - ok
20:01:32.0066 6100 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
20:01:32.0074 6100 Dnscache - ok
20:01:32.0149 6100 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
20:01:32.0154 6100 dot3svc - ok
20:01:32.0222 6100 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
20:01:32.0228 6100 DPS - ok
20:01:32.0269 6100 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:01:32.0273 6100 drmkaud - ok
20:01:32.0373 6100 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:01:32.0380 6100 DXGKrnl - ok
20:01:32.0437 6100 e1express (2269390a8af6e2c1c381cc15afccf0ac) C:\Windows\system32\DRIVERS\e1e6032.sys
20:01:32.0442 6100 e1express - ok
20:01:32.0555 6100 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:01:32.0559 6100 E1G60 - ok
20:01:32.0629 6100 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
20:01:32.0634 6100 EapHost - ok
20:01:32.0697 6100 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:01:32.0701 6100 Ecache - ok
20:01:32.0771 6100 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
20:01:32.0810 6100 ehRecvr - ok
20:01:32.0875 6100 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:01:32.0913 6100 ehSched - ok
20:01:32.0968 6100 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:01:33.0003 6100 ehstart - ok
20:01:33.0089 6100 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:01:33.0094 6100 elxstor - ok
20:01:33.0201 6100 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
20:01:33.0210 6100 EMDMgmt - ok
20:01:33.0305 6100 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
20:01:33.0311 6100 EventSystem - ok
20:01:33.0357 6100 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:01:33.0360 6100 exfat - ok
20:01:33.0412 6100 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:01:33.0416 6100 fastfat - ok
20:01:33.0528 6100 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:01:33.0532 6100 fdc - ok
20:01:33.0574 6100 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
20:01:33.0579 6100 fdPHost - ok
20:01:33.0624 6100 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:01:33.0628 6100 FDResPub - ok
20:01:33.0657 6100 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:01:33.0660 6100 FileInfo - ok
20:01:33.0700 6100 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:01:33.0706 6100 Filetrace - ok
20:01:33.0740 6100 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:01:33.0744 6100 flpydisk - ok
20:01:33.0787 6100 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:01:33.0791 6100 FltMgr - ok
20:01:33.0933 6100 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
20:01:33.0983 6100 FontCache - ok
20:01:34.0096 6100 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:01:34.0101 6100 FontCache3.0.0.0 - ok
20:01:34.0148 6100 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
20:01:34.0153 6100 Fs_Rec - ok
20:01:34.0197 6100 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:01:34.0203 6100 gagp30kx - ok
20:01:34.0325 6100 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
20:01:34.0333 6100 gpsvc - ok
20:01:34.0430 6100 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:01:34.0437 6100 gusvc - ok
20:01:34.0655 6100 HauppaugeTVServer (615cf0ace0b3bd7931e6bb4653e27523) C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe
20:01:34.0732 6100 HauppaugeTVServer - ok
20:01:35.0082 6100 HCW85BDA (e085d07d43e3de1b5ef2a835235c0171) C:\Windows\system32\drivers\HCW85BDA.sys
20:01:35.0120 6100 HCW85BDA - ok
20:01:35.0369 6100 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:01:35.0374 6100 HdAudAddService - ok
20:01:35.0485 6100 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:01:35.0492 6100 HDAudBus - ok
20:01:35.0550 6100 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:01:35.0556 6100 HidBth - ok
20:01:35.0580 6100 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:01:35.0585 6100 HidIr - ok
20:01:35.0641 6100 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
20:01:35.0647 6100 hidserv - ok
20:01:35.0676 6100 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:01:35.0680 6100 HidUsb - ok
20:01:35.0740 6100 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
20:01:35.0747 6100 hkmsvc - ok
20:01:35.0768 6100 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:01:35.0774 6100 HpCISSs - ok
20:01:35.0856 6100 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:01:35.0861 6100 HTTP - ok
20:01:35.0903 6100 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:01:35.0907 6100 i2omp - ok
20:01:35.0979 6100 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:01:35.0983 6100 i8042prt - ok
20:01:36.0067 6100 iaStor (cdf6179ec9129e9abc5b0f0525b159eb) C:\Windows\system32\DRIVERS\iaStor.sys
20:01:36.0073 6100 iaStor - ok
20:01:36.0132 6100 IAStorDataMgrSvc (17125b7d2f56b4b35441561c780c2ccb) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:01:36.0139 6100 IAStorDataMgrSvc - ok
20:01:36.0201 6100 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:01:36.0205 6100 iaStorV - ok
20:01:36.0342 6100 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:01:36.0359 6100 idsvc - ok
20:01:36.0378 6100 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:01:36.0382 6100 iirsp - ok
20:01:36.0490 6100 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
20:01:36.0498 6100 IKEEXT - ok
20:01:36.0885 6100 IntcAzAudAddService (345ac48d17f5c2f2aa1ee50d34c3978b) C:\Windows\system32\drivers\RTKVHDA.sys
20:01:36.0910 6100 IntcAzAudAddService - ok
20:01:37.0068 6100 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:01:37.0072 6100 intelide - ok
20:01:37.0109 6100 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:01:37.0113 6100 intelppm - ok
20:01:37.0162 6100 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
20:01:37.0168 6100 IPBusEnum - ok
20:01:37.0205 6100 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:01:37.0209 6100 IpFilterDriver - ok
20:01:37.0274 6100 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
20:01:37.0280 6100 iphlpsvc - ok
20:01:37.0295 6100 IpInIp - ok
20:01:37.0325 6100 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:01:37.0327 6100 IPMIDRV - ok
20:01:37.0374 6100 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:01:37.0377 6100 IPNAT - ok
20:01:37.0397 6100 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:01:37.0402 6100 IRENUM - ok
20:01:37.0437 6100 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:01:37.0440 6100 isapnp - ok
20:01:37.0553 6100 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:01:37.0557 6100 iScsiPrt - ok
20:01:37.0579 6100 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:01:37.0585 6100 iteatapi - ok
20:01:37.0611 6100 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:01:37.0615 6100 iteraid - ok
20:01:37.0666 6100 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:01:37.0672 6100 kbdclass - ok
20:01:37.0713 6100 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:01:37.0718 6100 kbdhid - ok
20:01:37.0763 6100 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:01:37.0772 6100 KeyIso - ok
20:01:37.0837 6100 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
20:01:37.0842 6100 KSecDD - ok
20:01:37.0932 6100 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
20:01:37.0941 6100 KtmRm - ok
20:01:38.0028 6100 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
20:01:38.0037 6100 LanmanServer - ok
20:01:38.0102 6100 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
20:01:38.0112 6100 LanmanWorkstation - ok
20:01:38.0206 6100 LightScribeService (71c6a95a5f0ccc87298c4dd0f2c3635a) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:01:38.0258 6100 LightScribeService - ok
20:01:38.0326 6100 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:01:38.0329 6100 lltdio - ok
20:01:38.0393 6100 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
20:01:38.0401 6100 lltdsvc - ok
20:01:38.0532 6100 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:01:38.0539 6100 lmhosts - ok
20:01:38.0590 6100 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:01:38.0594 6100 LSI_FC - ok
20:01:38.0629 6100 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:01:38.0635 6100 LSI_SAS - ok
20:01:38.0670 6100 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:01:38.0673 6100 LSI_SCSI - ok
20:01:38.0725 6100 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:01:38.0728 6100 luafv - ok
20:01:38.0776 6100 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
20:01:38.0783 6100 Mcx2Svc - ok
20:01:38.0836 6100 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:01:38.0839 6100 megasas - ok
20:01:39.0022 6100 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:01:39.0027 6100 Microsoft Office Groove Audit Service - ok
20:01:39.0083 6100 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:01:39.0091 6100 MMCSS - ok
20:01:39.0128 6100 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:01:39.0131 6100 Modem - ok
20:01:39.0247 6100 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:01:39.0250 6100 monitor - ok
20:01:39.0303 6100 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:01:39.0306 6100 mouclass - ok
20:01:39.0352 6100 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:01:39.0355 6100 mouhid - ok
20:01:39.0399 6100 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:01:39.0405 6100 MountMgr - ok
20:01:39.0544 6100 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:01:39.0548 6100 MozillaMaintenance - ok
20:01:39.0642 6100 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
20:01:39.0646 6100 MpFilter - ok
20:01:39.0690 6100 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:01:39.0693 6100 mpio - ok
20:01:39.0835 6100 MpKsldba42ce3 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C76A103F-C525-4149-BDFB-438D5CC4B524}\MpKsldba42ce3.sys
20:01:39.0839 6100 MpKsldba42ce3 - ok
20:01:39.0892 6100 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:01:39.0896 6100 mpsdrv - ok
20:01:39.0977 6100 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
20:01:39.0988 6100 MpsSvc - ok
20:01:40.0022 6100 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:01:40.0025 6100 Mraid35x - ok
20:01:40.0063 6100 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:01:40.0069 6100 MRxDAV - ok
20:01:40.0125 6100 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:01:40.0129 6100 mrxsmb - ok
20:01:40.0168 6100 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:01:40.0173 6100 mrxsmb10 - ok
20:01:40.0205 6100 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:01:40.0209 6100 mrxsmb20 - ok
20:01:40.0253 6100 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:01:40.0256 6100 msahci - ok
20:01:40.0302 6100 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:01:40.0306 6100 msdsm - ok
20:01:40.0350 6100 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
20:01:40.0359 6100 MSDTC - ok
20:01:40.0393 6100 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:01:40.0397 6100 Msfs - ok
20:01:40.0449 6100 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:01:40.0455 6100 msisadrv - ok
20:01:40.0553 6100 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
20:01:40.0559 6100 MSiSCSI - ok
20:01:40.0577 6100 msiserver - ok
20:01:40.0615 6100 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:01:40.0621 6100 MSKSSRV - ok
20:01:40.0773 6100 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:01:40.0776 6100 MsMpSvc - ok
20:01:40.0816 6100 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:01:40.0822 6100 MSPCLOCK - ok
20:01:40.0840 6100 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:01:40.0848 6100 MSPQM - ok
20:01:40.0903 6100 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:01:40.0907 6100 MsRPC - ok
20:01:40.0952 6100 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:01:40.0956 6100 mssmbios - ok
20:01:40.0987 6100 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:01:40.0990 6100 MSTEE - ok
20:01:41.0016 6100 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:01:41.0020 6100 Mup - ok
20:01:41.0088 6100 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
20:01:41.0098 6100 napagent - ok
20:01:41.0151 6100 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:01:41.0155 6100 NativeWifiP - ok
20:01:41.0240 6100 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:01:41.0246 6100 NDIS - ok
20:01:41.0287 6100 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:01:41.0291 6100 NdisTapi - ok
20:01:41.0328 6100 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:01:41.0333 6100 Ndisuio - ok
20:01:41.0392 6100 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:01:41.0396 6100 NdisWan - ok
20:01:41.0424 6100 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:01:41.0428 6100 NDProxy - ok
20:01:41.0519 6100 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:01:41.0523 6100 NetBIOS - ok
20:01:41.0566 6100 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:01:41.0572 6100 netbt - ok
20:01:41.0604 6100 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:01:41.0609 6100 Netlogon - ok
20:01:41.0666 6100 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
20:01:41.0675 6100 Netman - ok
20:01:41.0839 6100 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:01:41.0845 6100 NetMsmqActivator - ok
20:01:41.0860 6100 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:01:41.0866 6100 NetPipeActivator - ok
20:01:41.0937 6100 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
20:01:41.0945 6100 netprofm - ok
20:01:41.0965 6100 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:01:41.0974 6100 NetTcpActivator - ok
20:01:41.0995 6100 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:01:42.0000 6100 NetTcpPortSharing - ok
20:01:42.0053 6100 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:01:42.0057 6100 nfrd960 - ok
20:01:42.0129 6100 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:01:42.0134 6100 NisDrv - ok
20:01:42.0282 6100 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
20:01:42.0289 6100 NisSrv - ok
20:01:42.0359 6100 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
20:01:42.0367 6100 NlaSvc - ok
20:01:42.0411 6100 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:01:42.0414 6100 Npfs - ok
20:01:42.0538 6100 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
20:01:42.0543 6100 nsi - ok
20:01:42.0563 6100 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:01:42.0568 6100 nsiproxy - ok
20:01:42.0698 6100 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:01:42.0711 6100 Ntfs - ok
20:01:42.0752 6100 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:01:42.0756 6100 ntrigdigi - ok
20:01:42.0791 6100 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:01:42.0794 6100 Null - ok
20:01:42.0867 6100 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
20:01:42.0871 6100 NVHDA - ok
20:01:44.0009 6100 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:01:44.0217 6100 nvlddmkm - ok
20:01:44.0619 6100 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:01:44.0629 6100 nvraid - ok
20:01:44.0710 6100 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:01:44.0714 6100 nvstor - ok
20:01:44.0809 6100 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
20:01:44.0822 6100 nvsvc - ok
20:01:45.0118 6100 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:01:45.0159 6100 nvUpdatusService - ok
20:01:45.0319 6100 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:01:45.0324 6100 nv_agp - ok
20:01:45.0343 6100 NwlnkFlt - ok
20:01:45.0369 6100 NwlnkFwd - ok
20:01:45.0550 6100 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:01:45.0562 6100 odserv - ok
20:01:45.0616 6100 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:01:45.0622 6100 ohci1394 - ok
20:01:45.0702 6100 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:01:45.0707 6100 ose - ok
20:01:45.0833 6100 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:01:45.0844 6100 p2pimsvc - ok
20:01:45.0865 6100 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:01:45.0882 6100 p2psvc - ok
20:01:46.0000 6100 PanService (77cdc6c43d8c3e05d0e21b36eaabebae) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
20:01:46.0056 6100 PanService - ok
20:01:46.0149 6100 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:01:46.0155 6100 Parport - ok
20:01:46.0204 6100 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
20:01:46.0208 6100 partmgr - ok
20:01:46.0231 6100 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:01:46.0236 6100 Parvdm - ok
20:01:46.0287 6100 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
20:01:46.0296 6100 PcaSvc - ok
20:01:46.0339 6100 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:01:46.0343 6100 pci - ok
20:01:46.0363 6100 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
20:01:46.0371 6100 pciide - ok
20:01:46.0434 6100 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:01:46.0439 6100 pcmcia - ok
20:01:46.0625 6100 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:01:46.0634 6100 PEAUTH - ok
20:01:46.0893 6100 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
20:01:46.0950 6100 pla - ok
20:01:47.0163 6100 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
20:01:47.0208 6100 PlugPlay - ok
20:01:47.0347 6100 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:01:47.0360 6100 PNRPAutoReg - ok
20:01:47.0385 6100 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:01:47.0404 6100 PNRPsvc - ok
20:01:47.0524 6100 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
20:01:47.0528 6100 Point32 - ok
20:01:47.0630 6100 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
20:01:47.0638 6100 PolicyAgent - ok
20:01:47.0697 6100 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:01:47.0705 6100 PptpMiniport - ok
20:01:47.0752 6100 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:01:47.0756 6100 Processor - ok
20:01:47.0820 6100 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
20:01:47.0829 6100 ProfSvc - ok
20:01:47.0853 6100 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:01:47.0859 6100 ProtectedStorage - ok
20:01:47.0908 6100 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:01:47.0912 6100 PSched - ok
20:01:48.0040 6100 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:01:48.0049 6100 ql2300 - ok
20:01:48.0082 6100 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:01:48.0089 6100 ql40xx - ok
20:01:48.0152 6100 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
20:01:48.0162 6100 QWAVE - ok
20:01:48.0191 6100 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:01:48.0194 6100 QWAVEdrv - ok
20:01:48.0235 6100 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:01:48.0239 6100 RasAcd - ok
20:01:48.0285 6100 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
20:01:48.0294 6100 RasAuto - ok
20:01:48.0345 6100 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:01:48.0349 6100 Rasl2tp - ok
20:01:48.0423 6100 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
20:01:48.0433 6100 RasMan - ok
20:01:48.0522 6100 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:01:48.0525 6100 RasPppoe - ok
20:01:48.0548 6100 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:01:48.0555 6100 RasSstp - ok
20:01:48.0605 6100 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:01:48.0609 6100 rdbss - ok
20:01:48.0634 6100 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:01:48.0638 6100 RDPCDD - ok
20:01:48.0709 6100 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:01:48.0713 6100 rdpdr - ok
20:01:48.0741 6100 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:01:48.0744 6100 RDPENCDD - ok
20:01:48.0825 6100 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
20:01:48.0830 6100 RDPWD - ok
20:01:48.0898 6100 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
20:01:48.0910 6100 RemoteAccess - ok
20:01:48.0970 6100 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
20:01:48.0980 6100 RemoteRegistry - ok
20:01:49.0011 6100 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:01:49.0021 6100 RpcLocator - ok
20:01:49.0109 6100 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:01:49.0121 6100 RpcSs - ok
20:01:49.0173 6100 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:01:49.0176 6100 rspndr - ok
20:01:49.0219 6100 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:01:49.0224 6100 SamSs - ok
20:01:49.0272 6100 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:01:49.0276 6100 sbp2port - ok
20:01:49.0321 6100 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
20:01:49.0330 6100 SCardSvr - ok
20:01:49.0437 6100 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
20:01:49.0450 6100 Schedule - ok
20:01:49.0537 6100 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:01:49.0541 6100 SCPolicySvc - ok
20:01:49.0598 6100 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
20:01:49.0608 6100 SDRSVC - ok
20:01:49.0770 6100 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:01:49.0774 6100 SeaPort - ok
20:01:49.0796 6100 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:01:49.0799 6100 secdrv - ok
20:01:49.0827 6100 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
20:01:49.0838 6100 seclogon - ok
20:01:49.0891 6100 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
20:01:49.0900 6100 SENS - ok
20:01:49.0930 6100 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:01:49.0938 6100 Serenum - ok
20:01:49.0979 6100 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:01:49.0986 6100 Serial - ok
20:01:50.0027 6100 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:01:50.0034 6100 sermouse - ok
20:01:50.0115 6100 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
20:01:50.0123 6100 SessionEnv - ok
20:01:50.0147 6100 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
20:01:50.0151 6100 sffdisk - ok
20:01:50.0173 6100 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:01:50.0176 6100 sffp_mmc - ok
20:01:50.0224 6100 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
20:01:50.0228 6100 sffp_sd - ok
20:01:50.0247 6100 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:01:50.0254 6100 sfloppy - ok
20:01:50.0338 6100 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
20:01:50.0344 6100 SharedAccess - ok
20:01:50.0407 6100 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
20:01:50.0414 6100 ShellHWDetection - ok
20:01:50.0452 6100 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
20:01:50.0456 6100 sisagp - ok
20:01:50.0483 6100 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:01:50.0487 6100 SiSRaid2 - ok
20:01:50.0550 6100 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:01:50.0554 6100 SiSRaid4 - ok
20:01:50.0672 6100 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files\Skype\Updater\Updater.exe
20:01:50.0709 6100 SkypeUpdate - ok
20:01:51.0081 6100 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
20:01:51.0113 6100 slsvc - ok
20:01:51.0255 6100 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
20:01:51.0264 6100 SLUINotify - ok
20:01:51.0327 6100 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:01:51.0332 6100 Smb - ok
20:01:51.0394 6100 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:01:51.0407 6100 SNMPTRAP - ok
20:01:51.0537 6100 snpstd2 (2da734a0cecb7259617acbb43d114128) C:\Windows\system32\DRIVERS\snpstd2.sys
20:01:51.0543 6100 snpstd2 - ok
20:01:51.0734 6100 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
20:01:51.0740 6100 Sony PC Companion - ok
20:01:51.0781 6100 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:01:51.0787 6100 spldr - ok
20:01:51.0848 6100 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
20:01:51.0857 6100 Spooler - ok
20:01:51.0956 6100 sptd (0022cfff1a41e5ce3a764050a7ddf22a) C:\Windows\System32\Drivers\sptd.sys
20:01:51.0963 6100 sptd - ok
20:01:52.0033 6100 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:01:52.0039 6100 srv - ok
20:01:52.0087 6100 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:01:52.0091 6100 srv2 - ok
20:01:52.0121 6100 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:01:52.0125 6100 srvnet - ok
20:01:52.0173 6100 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
20:01:52.0182 6100 SSDPSRV - ok
20:01:52.0237 6100 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
20:01:52.0245 6100 SstpSvc - ok
20:01:52.0304 6100 Steam Client Service - ok
20:01:52.0453 6100 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:01:52.0460 6100 Stereo Service - ok
20:01:52.0598 6100 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
20:01:52.0611 6100 stisvc - ok
20:01:52.0669 6100 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:01:52.0674 6100 swenum - ok
20:01:52.0750 6100 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
20:01:52.0761 6100 swprv - ok
20:01:52.0801 6100 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:01:52.0806 6100 Symc8xx - ok
20:01:52.0831 6100 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:01:52.0834 6100 Sym_hi - ok
20:01:52.0853 6100 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:01:52.0857 6100 Sym_u3 - ok
20:01:52.0952 6100 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
20:01:52.0965 6100 SysMain - ok
20:01:53.0019 6100 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:01:53.0028 6100 TabletInputService - ok
20:01:53.0094 6100 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
20:01:53.0104 6100 TapiSrv - ok
20:01:53.0144 6100 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
20:01:53.0155 6100 TBS - ok
20:01:53.0270 6100 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
20:01:53.0280 6100 Tcpip - ok
20:01:53.0304 6100 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
20:01:53.0312 6100 Tcpip6 - ok
20:01:53.0349 6100 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
20:01:53.0355 6100 tcpipreg - ok
20:01:53.0389 6100 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:01:53.0392 6100 TDPIPE - ok
20:01:53.0419 6100 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:01:53.0422 6100 TDTCP - ok
20:01:53.0469 6100 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:01:53.0473 6100 tdx - ok
20:01:53.0547 6100 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:01:53.0553 6100 TermDD - ok
20:01:53.0626 6100 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
20:01:53.0638 6100 TermService - ok
20:01:53.0710 6100 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
20:01:53.0720 6100 Themes - ok
20:01:53.0779 6100 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:01:53.0785 6100 THREADORDER - ok
20:01:53.0842 6100 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
20:01:53.0849 6100 TrkWks - ok
20:01:53.0913 6100 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
20:01:53.0955 6100 TrustedInstaller - ok
20:01:54.0024 6100 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:01:54.0027 6100 tssecsrv - ok
20:01:54.0067 6100 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:01:54.0071 6100 tunmp - ok
20:01:54.0114 6100 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:01:54.0121 6100 tunnel - ok
20:01:54.0178 6100 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:01:54.0181 6100 uagp35 - ok
20:01:54.0258 6100 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:01:54.0262 6100 udfs - ok
20:01:54.0325 6100 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
20:01:54.0337 6100 UI0Detect - ok
20:01:54.0373 6100 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:01:54.0377 6100 uliagpkx - ok
20:01:54.0418 6100 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:01:54.0422 6100 uliahci - ok
20:01:54.0457 6100 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:01:54.0461 6100 UlSata - ok
20:01:54.0497 6100 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:01:54.0505 6100 ulsata2 - ok
20:01:54.0571 6100 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:01:54.0575 6100 umbus - ok
20:01:54.0647 6100 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
20:01:54.0658 6100 upnphost - ok
20:01:54.0755 6100 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
20:01:54.0759 6100 usbaudio - ok
20:01:54.0812 6100 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:01:54.0816 6100 usbccgp - ok
20:01:54.0858 6100 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:01:54.0861 6100 usbcir - ok
20:01:54.0935 6100 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:01:54.0939 6100 usbehci - ok
20:01:54.0981 6100 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:01:54.0989 6100 usbhub - ok
20:01:55.0029 6100 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:01:55.0035 6100 usbohci - ok
20:01:55.0070 6100 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
20:01:55.0075 6100 usbprint - ok
20:01:55.0178 6100 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:01:55.0182 6100 USBSTOR - ok
20:01:55.0250 6100 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:01:55.0255 6100 usbuhci - ok
20:01:55.0302 6100 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
20:01:55.0310 6100 UxSms - ok
20:01:55.0372 6100 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
20:01:55.0385 6100 vds - ok
20:01:55.0431 6100 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:01:55.0439 6100 vga - ok
20:01:55.0478 6100 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:01:55.0483 6100 VgaSave - ok
20:01:55.0541 6100 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:01:55.0544 6100 viaagp - ok
20:01:55.0564 6100 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:01:55.0571 6100 ViaC7 - ok
20:01:55.0591 6100 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:01:55.0595 6100 viaide - ok
20:01:55.0633 6100 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:01:55.0636 6100 volmgr - ok
20:01:55.0695 6100 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:01:55.0700 6100 volmgrx - ok
20:01:55.0744 6100 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:01:55.0749 6100 volsnap - ok
20:01:55.0788 6100 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:01:55.0791 6100 vsmraid - ok
20:01:55.0908 6100 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
20:01:55.0924 6100 VSS - ok
20:01:56.0002 6100 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
20:01:56.0012 6100 W32Time - ok
20:01:56.0085 6100 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:01:56.0089 6100 WacomPen - ok
20:01:56.0241 6100 wampapache (f41e453a90ef19217cee1675f5256ee7) c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
20:01:56.0246 6100 wampapache - ok
20:01:56.0336 6100 wampmysqld - ok
20:01:56.0389 6100 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:01:56.0392 6100 Wanarp - ok
20:01:56.0407 6100 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:01:56.0411 6100 Wanarpv6 - ok
20:01:56.0501 6100 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
20:01:56.0513 6100 wcncsvc - ok
20:01:56.0601 6100 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:01:56.0609 6100 WcsPlugInService - ok
20:01:56.0646 6100 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:01:56.0652 6100 Wd - ok
20:01:56.0762 6100 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:01:56.0767 6100 Wdf01000 - ok
20:01:56.0804 6100 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:01:56.0811 6100 WdiServiceHost - ok
20:01:56.0829 6100 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:01:56.0841 6100 WdiSystemHost - ok
20:01:56.0894 6100 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
20:01:56.0905 6100 WebClient - ok
20:01:56.0974 6100 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
20:01:56.0984 6100 Wecsvc - ok
20:01:57.0046 6100 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
20:01:57.0053 6100 wercplsupport - ok
20:01:57.0102 6100 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
20:01:57.0110 6100 WerSvc - ok
20:01:57.0216 6100 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
20:01:57.0225 6100 WinDefend - ok
20:01:57.0263 6100 WinHttpAutoProxySvc - ok
20:01:57.0355 6100 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
20:01:57.0359 6100 Winmgmt - ok
20:01:57.0715 6100 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
20:01:57.0735 6100 WinRM - ok
20:01:57.0836 6100 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
20:01:57.0840 6100 WinUSB - ok
20:01:57.0937 6100 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
20:01:57.0950 6100 Wlansvc - ok
20:01:58.0111 6100 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:01:58.0135 6100 wlcrasvc - ok
20:01:58.0479 6100 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:01:58.0546 6100 wlidsvc - ok
20:01:58.0777 6100 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
20:01:58.0789 6100 WmiAcpi - ok
20:01:59.0012 6100 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
20:01:59.0022 6100 wmiApSrv - ok
20:01:59.0227 6100 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:01:59.0285 6100 WMPNetworkSvc - ok
20:01:59.0386 6100 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
20:01:59.0426 6100 WPCSvc - ok
20:01:59.0539 6100 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
20:01:59.0589 6100 WPDBusEnum - ok
20:01:59.0881 6100 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:01:59.0896 6100 WPFFontCache_v0400 - ok
20:01:59.0994 6100 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:02:00.0000 6100 ws2ifsl - ok
20:02:00.0069 6100 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
20:02:00.0086 6100 wscsvc - ok
20:02:00.0110 6100 WSearch - ok
20:02:00.0366 6100 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
20:02:00.0396 6100 wuauserv - ok
20:02:00.0602 6100 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:02:00.0607 6100 WUDFRd - ok
20:02:00.0650 6100 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
20:02:00.0662 6100 wudfsvc - ok
20:02:00.0686 6100 XDva398 - ok
20:02:00.0715 6100 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:02:01.0162 6100 \Device\Harddisk0\DR0 - ok
20:02:01.0166 6100 Boot (0x1200) (9b23d15149db9c64824e2db928ff7713) \Device\Harddisk0\DR0\Partition0
20:02:01.0168 6100 \Device\Harddisk0\DR0\Partition0 - ok
20:02:01.0169 6100 ============================================================
20:02:01.0169 6100 Scan finished
20:02:01.0170 6100 ============================================================
20:02:01.0182 6072 Detected object count: 0
20:02:01.0182 6072 Actual detected object count: 0
20:02:42.0702 6052 Deinitialize success

[masterbill]

MBAM čístý

ComboFix 12-07-24.01 - Uživatel 23.07.2012 20:21:19.1.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3326.2217 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-23 do 2012-07-23 )))))))))))))))))))))))))))))))
.
.
2012-07-23 19:01 . 2012-07-23 19:02 -------- d-----w- c:\users\Uživatel\AppData\Local\temp
2012-07-23 19:01 . 2012-07-23 19:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-23 19:01 . 2012-07-23 19:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-23 18:09 . 2012-07-23 18:09 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C76A103F-C525-4149-BDFB-438D5CC4B524}\MpKsl206cb11f.sys
2012-07-23 18:08 . 2012-07-23 18:08 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C76A103F-C525-4149-BDFB-438D5CC4B524}\offreg.dll
2012-07-23 17:16 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C76A103F-C525-4149-BDFB-438D5CC4B524}\mpengine.dll
2012-07-22 20:10 . 2012-07-22 20:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{3EE1ABFC-2431-4041-A7AE-5689F5B1222E}
2012-07-22 20:10 . 2012-07-22 20:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{49A35902-F297-4AAC-9B52-B33DAD627EB7}
2012-07-22 17:46 . 2012-07-22 17:46 -------- d-----w- c:\users\Uživatel\AppData\Roaming\Malwarebytes
2012-07-22 17:45 . 2012-07-22 17:45 -------- d-----w- c:\programdata\Malwarebytes
2012-07-22 17:45 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-22 17:45 . 2012-07-22 17:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-22 16:31 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-21 22:18 . 2012-07-21 22:18 -------- d-----w- c:\users\Uživatel\AppData\Local\{4D720026-0B02-45A1-A1AA-94F80F36F315}
2012-07-21 22:18 . 2012-07-21 22:18 -------- d-----w- c:\users\Uživatel\AppData\Local\{883AB47C-2EDF-45BF-A748-D448E64FAB1E}
2012-07-21 10:17 . 2012-07-21 10:17 -------- d-----w- c:\users\Uživatel\AppData\Local\{3733905C-2EEC-47E2-9D81-A22BA596488F}
2012-07-21 10:17 . 2012-07-21 10:17 -------- d-----w- c:\users\Uživatel\AppData\Local\{71E8679B-4FFB-43CE-AA22-825B80C3DDF0}
2012-07-20 19:15 . 2012-07-20 19:15 -------- d-----w- c:\users\Uživatel\AppData\Local\{CEA5CC87-466D-46CB-B54F-35BD134F68D0}
2012-07-20 19:15 . 2012-07-20 19:15 -------- d-----w- c:\users\Uživatel\AppData\Local\{E0DAAEBD-89DC-4EE5-88FF-8CD135ED5242}
2012-07-19 18:50 . 2012-07-19 18:50 -------- d-----w- c:\users\Uživatel\AppData\Local\{80515EAF-CF8B-4AF4-B12E-CFDB3F6365F0}
2012-07-19 18:50 . 2012-07-19 18:50 -------- d-----w- c:\users\Uživatel\AppData\Local\{04F70C9B-0F63-4F92-81C9-177F2DBB2042}
2012-07-19 05:34 . 2012-07-19 05:34 -------- d-----w- c:\users\Uživatel\AppData\Local\{FF1267F8-6281-4B90-B471-5E7458F65B04}
2012-07-19 05:34 . 2012-07-19 05:34 -------- d-----w- c:\users\Uživatel\AppData\Local\{3C876C22-C389-49EE-9675-1E271D038A03}
2012-07-18 16:06 . 2012-07-18 16:06 -------- d-----w- c:\users\Uživatel\AppData\Local\{00AF698B-7C5F-44E2-917C-2F9CA8DCD91A}
2012-07-18 16:05 . 2012-07-18 16:06 -------- d-----w- c:\users\Uživatel\AppData\Local\{33CE4350-C4C5-4860-874A-B1E345F95EE4}
2012-07-17 17:52 . 2012-07-17 17:52 -------- d-----w- c:\users\Uživatel\AppData\Local\{D5C8A00B-6B6A-4180-8826-B1ADC6E19E1E}
2012-07-17 17:51 . 2012-07-17 17:52 -------- d-----w- c:\users\Uživatel\AppData\Local\{1DB6DFB0-2CAE-4E67-A99C-D4EEE1F6F873}
2012-07-16 17:19 . 2012-07-16 17:19 515664 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-07-16 16:41 . 2012-07-16 16:41 -------- d-----w- c:\users\Uživatel\AppData\Local\{356AED55-EC0C-4356-8876-4E68DFC96274}
2012-07-16 16:41 . 2012-07-16 16:41 -------- d-----w- c:\users\Uživatel\AppData\Local\{4A66747A-9AB4-4EAA-9250-EF2CE1A96BC4}
2012-07-15 15:50 . 2012-07-15 15:50 -------- d-----w- c:\users\Uživatel\AppData\Local\{D8B281F2-F539-44DE-BA5E-473388CE2ABB}
2012-07-15 15:49 . 2012-07-15 15:50 -------- d-----w- c:\users\Uživatel\AppData\Local\{CE078F0D-07B9-4CE3-BCDD-5CC22E65B486}
2012-07-14 05:51 . 2012-07-14 05:51 -------- d-----w- c:\users\Uživatel\AppData\Local\{20E695D3-5927-4A05-BE6F-B5B8D0EE0944}
2012-07-14 05:51 . 2012-07-14 05:51 -------- d-----w- c:\users\Uživatel\AppData\Local\{14E1C6DC-D9EE-4500-9641-2DD5FE73B770}
2012-07-12 16:18 . 2012-07-12 16:18 -------- d-----w- c:\users\Uživatel\AppData\Local\{68BD74F6-1533-45C4-8B36-8719A9975CCA}
2012-07-12 16:17 . 2012-07-12 16:18 -------- d-----w- c:\users\Uživatel\AppData\Local\{78A5B2EB-A245-4308-9627-0D16F11E6CD5}
2012-07-11 16:28 . 2012-07-11 16:28 -------- d-----w- c:\users\Uživatel\AppData\Local\{EA57450B-D409-466E-9A6A-A3A0DDF5B779}
2012-07-11 16:28 . 2012-07-11 16:28 -------- d-----w- c:\users\Uživatel\AppData\Local\{372B1C36-2403-4E2A-AFE5-142CCC8B0617}
2012-07-09 17:32 . 2012-07-09 17:32 -------- d-----w- c:\users\Uživatel\AppData\Local\{AE479568-E9B0-4AA2-A181-139BE7EFAECE}
2012-07-09 17:31 . 2012-07-09 17:32 -------- d-----w- c:\users\Uživatel\AppData\Local\{F4EC198E-6DD1-430A-BAA0-B597ED453F2F}
2012-07-09 05:31 . 2012-07-09 05:31 -------- d-----w- c:\users\Uživatel\AppData\Local\{F466FE54-97EA-4DE0-8420-C55C43436CF6}
2012-07-09 05:31 . 2012-07-09 05:31 -------- d-----w- c:\users\Uživatel\AppData\Local\{21AD1D7B-589B-40F3-995B-C8C2CA4A2013}
2012-07-08 08:10 . 2012-07-08 08:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{61BD0DC5-AF31-4C53-82AD-A7CEB37CFC22}
2012-07-08 08:09 . 2012-07-08 08:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{629BA10D-953E-4652-9031-502939498540}
2012-07-07 08:29 . 2012-07-07 08:29 -------- d-----w- c:\users\Uživatel\AppData\Local\{9508DAD1-A079-4C83-BBF4-A75169B6359F}
2012-07-07 08:29 . 2012-07-07 08:29 -------- d-----w- c:\users\Uživatel\AppData\Local\{36027DA0-28E0-4387-BC89-0A5410874DDE}
2012-07-07 08:17 . 2012-07-07 08:17 -------- d-----w- C:\CFLog
2012-07-06 20:40 . 2012-07-06 20:40 -------- d-----w- c:\program files\Z8Games
2012-07-06 09:55 . 2012-07-06 09:55 -------- d-----w- c:\programdata\Sony
2012-07-06 09:55 . 2012-07-06 09:55 -------- d-----w- c:\program files\Sony
2012-07-06 09:10 . 2012-07-06 09:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{393C4EF8-92CE-4629-956B-CEA00B823C3B}
2012-07-06 09:10 . 2012-07-06 09:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{052D4988-F96B-47D4-A0F6-D3B11E025635}
2012-07-05 20:00 . 2012-07-05 20:00 -------- d-----w- c:\program files\BP DOWNLOADER
2012-07-05 07:34 . 2012-07-05 07:34 -------- d-----w- c:\users\Uživatel\AppData\Local\{49ED8C67-A559-4A7B-ABD3-C787EC448FAF}
2012-07-05 07:34 . 2012-07-05 07:34 -------- d-----w- c:\users\Uživatel\AppData\Local\{BF6A360C-79AD-4F8D-99DA-859435206FE3}
2012-07-04 17:53 . 2012-07-04 17:53 -------- d-----w- c:\users\Uživatel\AppData\Local\{6C552A2B-64B9-4955-9100-2A8E31D7025B}
2012-07-04 17:53 . 2012-07-04 17:53 -------- d-----w- c:\users\Uživatel\AppData\Local\{C96EB99B-9FF5-4A10-B52F-CA21D0737185}
2012-07-04 05:38 . 2012-07-04 05:38 -------- d-----w- c:\users\Uživatel\AppData\Local\{D404ED52-D293-47AA-ADE6-7B40B4CDDDC9}
2012-07-04 05:38 . 2012-07-04 05:38 -------- d-----w- c:\users\Uživatel\AppData\Local\{2A8289E8-9505-4110-A066-4879099FFDEA}
2012-07-03 17:37 . 2012-07-03 17:37 -------- d-----w- c:\users\Uživatel\AppData\Local\{F3D986AA-94BC-4FAF-AFF3-D0FA091CFE57}
2012-07-03 17:37 . 2012-07-03 17:37 -------- d-----w- c:\users\Uživatel\AppData\Local\{49F59A3C-3790-4FFE-BAC9-60A177C51B31}
2012-07-03 16:25 . 2012-05-06 10:42 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B674A5B5-C187-4210-9847-3FE5306C5621}\gapaengine.dll
2012-07-03 05:36 . 2012-07-03 05:36 -------- d-----w- c:\users\Uživatel\AppData\Local\{B9578744-0DAD-4904-BF22-ABB39D8FEA8E}
2012-07-03 05:36 . 2012-07-03 05:36 -------- d-----w- c:\users\Uživatel\AppData\Local\{C3000E3F-0E39-4EE7-B07E-CA7C07089129}
2012-07-02 16:53 . 2012-07-02 16:53 -------- d-----w- c:\users\Uživatel\AppData\Local\{B631F201-AD76-4D94-B56E-9241CD80E367}
2012-07-02 16:52 . 2012-07-02 16:53 -------- d-----w- c:\users\Uživatel\AppData\Local\{6B7F787A-5C80-4C57-AE78-43E6A499B249}
2012-06-30 08:55 . 2012-06-30 08:55 -------- d-----w- c:\windows\system32\xlive
2012-06-30 08:54 . 2012-06-30 08:55 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2012-06-30 08:12 . 2012-06-30 08:12 -------- d-----w- c:\users\Uživatel\AppData\Local\{A5D43B00-B24F-4544-8F19-7ABB127C6442}
2012-06-30 08:12 . 2012-06-30 08:12 -------- d-----w- c:\users\Uživatel\AppData\Local\{F48E1DD7-F1AF-476E-A767-4BB2B4D0F10F}
2012-06-28 20:06 . 2012-06-28 20:07 -------- d-----w- c:\users\Uživatel\AppData\Roaming\WinRAR
2012-06-28 19:32 . 2012-06-28 19:32 -------- d-----w- c:\users\Uživatel\AppData\Local\{FF255391-06B8-48B5-8241-0A1E57F37836}
2012-06-28 19:31 . 2012-06-28 19:32 -------- d-----w- c:\users\Uživatel\AppData\Local\{CB7564F2-1667-4B9F-B9BD-48927F3263F3}
2012-06-27 20:08 . 2012-06-27 20:08 -------- d-----w- c:\users\Uživatel\AppData\Local\{BA4F8268-AEA2-44FF-88C0-056C43628F6B}
2012-06-27 20:08 . 2012-06-27 20:08 -------- d-----w- c:\users\Uživatel\AppData\Local\{13A2DC30-F7D4-44A2-A39A-B2D5388D3490}
2012-06-26 20:54 . 2012-06-26 20:54 -------- d-----w- c:\users\Uživatel\AppData\Local\Nero
2012-06-26 20:53 . 2012-06-26 20:53 -------- d-----w- c:\users\Uživatel\AppData\Roaming\Nero
2012-06-26 20:21 . 2012-06-26 20:46 -------- d-----w- c:\programdata\Nero
2012-06-26 20:06 . 2012-06-26 20:06 -------- d-----w- c:\programdata\LightScribe
2012-06-26 20:06 . 2012-06-26 21:44 -------- dc----w- c:\windows\system32\DRVSTORE
2012-06-26 20:06 . 2012-06-26 21:42 -------- d-----w- c:\program files\Nero
2012-06-26 20:03 . 2012-06-26 20:11 -------- d-----w- c:\program files\Common Files\LightScribe
2012-06-26 18:57 . 2012-06-26 18:58 -------- d-----w- c:\users\Uživatel\AppData\Local\{1D3A4B4A-62F4-47FC-B1D7-DB377EC6DF2E}
2012-06-26 16:36 . 2012-06-26 16:36 -------- d-----w- c:\users\Uživatel\AppData\Local\{0C49AA8C-0ECD-440A-BD09-3BDFB8873F97}
2012-06-26 16:35 . 2012-06-26 16:36 -------- d-----w- c:\users\Uživatel\AppData\Local\{C346D012-0655-4E4A-8D0C-E4C013E8084F}
2012-06-25 17:48 . 2012-06-25 17:48 -------- d-----w- c:\users\Uživatel\AppData\Local\{D67DCC18-377E-4DAB-B9B3-A7E9188208B8}
2012-06-25 17:48 . 2012-06-25 17:48 -------- d-----w- c:\users\Uživatel\AppData\Local\{4002A769-7ABC-4EE3-9F50-28E5A0FAA5D2}
2012-06-25 05:48 . 2012-06-25 05:48 -------- d-----w- c:\users\Uživatel\AppData\Local\{CD181621-A55D-4DA6-A35D-0FC1985F8FBE}
2012-06-25 05:48 . 2012-06-25 05:48 -------- d-----w- c:\users\Uživatel\AppData\Local\{176014A5-EF8F-49B1-B6DB-53487B7592CC}
2012-06-24 10:05 . 2012-06-24 10:05 -------- d-----w- c:\users\Uživatel\AppData\Local\{646BA9A2-0D65-4796-B81E-F82484ABCBA1}
2012-06-24 10:05 . 2012-06-24 10:05 -------- d-----w- c:\users\Uživatel\AppData\Local\{DB7155B7-33B2-4316-BC72-648B9A9167DB}
2012-06-23 22:45 . 2012-06-23 22:45 -------- d-----w- c:\users\Uživatel\AppData\Roaming\KompoZer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 19:22 . 2012-05-03 11:16 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-11 19:22 . 2012-05-03 11:16 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 22:19 . 2012-06-22 05:39 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 05:39 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 05:38 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 05:38 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-22 05:39 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-22 05:39 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-22 05:38 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 05:38 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-22 05:38 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-05-17 22:45 . 2012-06-17 06:30 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35 . 2012-06-17 06:30 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35 . 2012-06-17 06:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29 . 2012-06-17 06:30 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-17 22:24 . 2012-06-17 06:30 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-05-15 19:51 . 2012-06-17 06:25 2045440 ----a-w- c:\windows\system32\win32k.sys
2012-05-06 10:42 . 2012-06-12 16:18 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-05-05 12:57 . 2011-03-28 16:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-04 17:29 . 2012-06-20 18:52 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-04 17:29 . 2012-05-03 12:21 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-04 11:58 . 2012-05-04 11:58 477240 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-05-03 02:55 . 2012-05-03 02:55 42392 ----a-w- c:\windows\system32\xfcodec.dll
2012-05-01 14:03 . 2012-06-17 06:25 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 12:04 . 2012-04-26 12:04 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-04-26 12:04 . 2012-04-26 12:04 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-04-26 12:04 . 2012-04-26 12:04 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-04-26 12:04 . 2012-04-26 12:04 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-04-26 12:04 . 2012-04-26 12:04 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-04-26 12:04 . 2012-04-26 12:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-04-26 12:04 . 2012-04-26 12:04 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-04-26 12:04 . 2012-04-26 12:04 367104 ----a-w- c:\windows\system32\html.iec
2012-04-26 12:04 . 2012-04-26 12:04 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-04-26 12:04 . 2012-04-26 12:04 161792 ----a-w- c:\windows\system32\msls31.dll
2012-04-26 12:04 . 2012-04-26 12:04 152064 ----a-w- c:\windows\system32\wextract.exe
2012-04-26 12:04 . 2012-04-26 12:04 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-04-26 12:04 . 2012-04-26 12:04 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-04-26 12:04 . 2012-04-26 12:04 11776 ----a-w- c:\windows\system32\mshta.exe
2012-04-26 12:04 . 2012-04-26 12:04 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-04-26 12:04 . 2012-04-26 12:04 101888 ----a-w- c:\windows\system32\admparse.dll
2012-04-26 12:03 . 2012-04-26 12:03 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-04-26 12:03 . 2012-04-26 12:03 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2012-04-26 12:03 . 2012-04-26 12:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2012-04-26 12:03 . 2012-04-26 12:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-04-26 12:03 . 2012-04-26 12:03 2873344 ----a-w- c:\windows\system32\mf.dll
2012-04-26 12:03 . 2012-04-26 12:03 98816 ----a-w- c:\windows\system32\mfps.dll
2012-04-26 12:03 . 2012-04-26 12:03 586240 ----a-w- c:\windows\system32\stobject.dll
2012-04-26 12:03 . 2012-04-26 12:03 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2012-04-26 12:03 . 2012-04-26 12:03 209920 ----a-w- c:\windows\system32\mfplat.dll
2012-04-26 12:03 . 2012-04-26 12:03 189952 ----a-w- c:\windows\system32\d3d10core.dll
2012-04-26 12:03 . 2012-04-26 12:03 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-04-26 12:03 . 2012-04-26 12:03 847360 ----a-w- c:\windows\system32\OpcServices.dll
2012-04-26 12:03 . 2012-04-26 12:03 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2012-04-26 12:03 . 2012-04-26 12:03 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-04-26 12:03 . 2012-04-26 12:03 478720 ----a-w- c:\windows\system32\dxgi.dll
2012-04-26 12:03 . 2012-04-26 12:03 37376 ----a-w- c:\windows\system32\cdd.dll
2012-04-26 12:03 . 2012-04-26 12:03 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2012-04-26 12:03 . 2012-04-26 12:03 258048 ----a-w- c:\windows\system32\winspool.drv
2012-04-26 12:03 . 2012-04-26 12:03 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2012-04-26 12:03 . 2012-04-26 12:03 1029120 ----a-w- c:\windows\system32\d3d10.dll
2012-04-26 12:03 . 2012-04-26 12:03 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2012-04-26 12:03 . 2012-04-26 12:03 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-04-26 12:03 . 2012-04-26 12:03 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-04-26 12:03 . 2012-04-26 12:03 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-04-26 12:03 . 2012-04-26 12:03 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-04-26 12:03 . 2012-04-26 12:03 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-04-26 12:03 . 2012-04-26 12:03 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-04-26 12:03 . 2012-04-26 12:03 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-04-26 09:45 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2012-04-26 09:44 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2012-04-26 08:08 . 2012-04-26 08:08 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-04-21 01:18 . 2012-05-08 19:55 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2011-08-12 2433024]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-06-20 2736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"snpstd2"="c:\windows\vsnpstd2.exe" [2007-04-13 307200]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
c:\users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FastStone Capture.lnk - c:\users\Uživatel\PortableApps\FSCapture69\FSCapture.exe [2012-5-3 1099264]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinTV Recording Status.lnk - c:\program files\WinTV\WinTV7\WinTVTray.exe [2012-5-4 146944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL206CB11F
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 13:05 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 19:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.111.1 212.158.128.2 195.250.128.34
FF - ProfilePath - c:\users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\dcj8k8ud.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-23 21:01
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-07-23 21:10:59
ComboFix-quarantined-files.txt 2012-07-23 19:10
.
Před spuštěním: Volných bajtů: 34 167 304 192
Po spuštění: Volných bajtů: 34 138 746 880
.
- - End Of File - - EF082398444A370E47B084D01AF094A7

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Folder::
c:\users\Uživatel\AppData\Local\{3EE1ABFC-2431-4041-A7AE-5689F5B1222E}
c:\users\Uživatel\AppData\Local\{49A35902-F297-4AAC-9B52-B33DAD627EB7}
c:\users\Uživatel\AppData\Local\{4D720026-0B02-45A1-A1AA-94F80F36F315}
c:\users\Uživatel\AppData\Local\{883AB47C-2EDF-45BF-A748-D448E64FAB1E}
c:\users\Uživatel\AppData\Local\{3733905C-2EEC-47E2-9D81-A22BA596488F}
c:\users\Uživatel\AppData\Local\{71E8679B-4FFB-43CE-AA22-825B80C3DDF0}
c:\users\Uživatel\AppData\Local\{CEA5CC87-466D-46CB-B54F-35BD134F68D0}
c:\users\Uživatel\AppData\Local\{E0DAAEBD-89DC-4EE5-88FF-8CD135ED5242}
c:\users\Uživatel\AppData\Local\{80515EAF-CF8B-4AF4-B12E-CFDB3F6365F0}
c:\users\Uživatel\AppData\Local\{04F70C9B-0F63-4F92-81C9-177F2DBB2042}
c:\users\Uživatel\AppData\Local\{FF1267F8-6281-4B90-B471-5E7458F65B04}
c:\users\Uživatel\AppData\Local\{3C876C22-C389-49EE-9675-1E271D038A03}
c:\users\Uživatel\AppData\Local\{00AF698B-7C5F-44E2-917C-2F9CA8DCD91A}
c:\users\Uživatel\AppData\Local\{33CE4350-C4C5-4860-874A-B1E345F95EE4}
c:\users\Uživatel\AppData\Local\{D5C8A00B-6B6A-4180-8826-B1ADC6E19E1E}
c:\users\Uživatel\AppData\Local\{1DB6DFB0-2CAE-4E67-A99C-D4EEE1F6F873}
c:\users\Uživatel\AppData\Local\{356AED55-EC0C-4356-8876-4E68DFC96274}
c:\users\Uživatel\AppData\Local\{4A66747A-9AB4-4EAA-9250-EF2CE1A96BC4}
c:\users\Uživatel\AppData\Local\{D8B281F2-F539-44DE-BA5E-473388CE2ABB}
c:\users\Uživatel\AppData\Local\{CE078F0D-07B9-4CE3-BCDD-5CC22E65B486}
c:\users\Uživatel\AppData\Local\{20E695D3-5927-4A05-BE6F-B5B8D0EE0944}
c:\users\Uživatel\AppData\Local\{14E1C6DC-D9EE-4500-9641-2DD5FE73B770}
c:\users\Uživatel\AppData\Local\{68BD74F6-1533-45C4-8B36-8719A9975CCA}
c:\users\Uživatel\AppData\Local\{78A5B2EB-A245-4308-9627-0D16F11E6CD5}
c:\users\Uživatel\AppData\Local\{EA57450B-D409-466E-9A6A-A3A0DDF5B779}
c:\users\Uživatel\AppData\Local\{372B1C36-2403-4E2A-AFE5-142CCC8B0617}
c:\users\Uživatel\AppData\Local\{AE479568-E9B0-4AA2-A181-139BE7EFAECE}
c:\users\Uživatel\AppData\Local\{F4EC198E-6DD1-430A-BAA0-B597ED453F2F}
c:\users\Uživatel\AppData\Local\{F466FE54-97EA-4DE0-8420-C55C43436CF6}
c:\users\Uživatel\AppData\Local\{21AD1D7B-589B-40F3-995B-C8C2CA4A2013}
c:\users\Uživatel\AppData\Local\{61BD0DC5-AF31-4C53-82AD-A7CEB37CFC22}
c:\users\Uživatel\AppData\Local\{629BA10D-953E-4652-9031-502939498540}
c:\users\Uživatel\AppData\Local\{9508DAD1-A079-4C83-BBF4-A75169B6359F}
c:\users\Uživatel\AppData\Local\{36027DA0-28E0-4387-BC89-0A5410874DDE}
c:\users\Uživatel\AppData\Local\{393C4EF8-92CE-4629-956B-CEA00B823C3B}
c:\users\Uživatel\AppData\Local\{052D4988-F96B-47D4-A0F6-D3B11E025635}
c:\users\Uživatel\AppData\Local\{49ED8C67-A559-4A7B-ABD3-C787EC448FAF}
c:\users\Uživatel\AppData\Local\{BF6A360C-79AD-4F8D-99DA-859435206FE3}
c:\users\Uživatel\AppData\Local\{6C552A2B-64B9-4955-9100-2A8E31D7025B}
c:\users\Uživatel\AppData\Local\{C96EB99B-9FF5-4A10-B52F-CA21D0737185}
c:\users\Uživatel\AppData\Local\{D404ED52-D293-47AA-ADE6-7B40B4CDDDC9}
c:\users\Uživatel\AppData\Local\{2A8289E8-9505-4110-A066-4879099FFDEA}
c:\users\Uživatel\AppData\Local\{F3D986AA-94BC-4FAF-AFF3-D0FA091CFE57}
c:\users\Uživatel\AppData\Local\{49F59A3C-3790-4FFE-BAC9-60A177C51B31}
c:\users\Uživatel\AppData\Local\{B9578744-0DAD-4904-BF22-ABB39D8FEA8E}
c:\users\Uživatel\AppData\Local\{C3000E3F-0E39-4EE7-B07E-CA7C07089129}
c:\users\Uživatel\AppData\Local\{B631F201-AD76-4D94-B56E-9241CD80E367}
c:\users\Uživatel\AppData\Local\{6B7F787A-5C80-4C57-AE78-43E6A499B249}
c:\users\Uživatel\AppData\Local\{A5D43B00-B24F-4544-8F19-7ABB127C6442}
c:\users\Uživatel\AppData\Local\{F48E1DD7-F1AF-476E-A767-4BB2B4D0F10F}
c:\users\Uživatel\AppData\Local\{FF255391-06B8-48B5-8241-0A1E57F37836}
c:\users\Uživatel\AppData\Local\{CB7564F2-1667-4B9F-B9BD-48927F3263F3}
c:\users\Uživatel\AppData\Local\{BA4F8268-AEA2-44FF-88C0-056C43628F6B}
c:\users\Uživatel\AppData\Local\{13A2DC30-F7D4-44A2-A39A-B2D5388D3490}
c:\users\Uživatel\AppData\Local\{1D3A4B4A-62F4-47FC-B1D7-DB377EC6DF2E}
c:\users\Uživatel\AppData\Local\{0C49AA8C-0ECD-440A-BD09-3BDFB8873F97}
c:\users\Uživatel\AppData\Local\{C346D012-0655-4E4A-8D0C-E4C013E8084F}
c:\users\Uživatel\AppData\Local\{D67DCC18-377E-4DAB-B9B3-A7E9188208B8}
c:\users\Uživatel\AppData\Local\{4002A769-7ABC-4EE3-9F50-28E5A0FAA5D2}
c:\users\Uživatel\AppData\Local\{CD181621-A55D-4DA6-A35D-0FC1985F8FBE}
c:\users\Uživatel\AppData\Local\{176014A5-EF8F-49B1-B6DB-53487B7592CC}
c:\users\Uživatel\AppData\Local\{646BA9A2-0D65-4796-B81E-F82484ABCBA1}
c:\users\Uživatel\AppData\Local\{DB7155B7-33B2-4316-BC72-648B9A9167DB}

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si RogueKiller
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Až se objeví úvodní okno programu , klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“, celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[masterbill]

ComboFix 12-07-24.01 - Uživatel 24.07.2012 18:21:53.2.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3326.2007 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\U×ivatel\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-24 do 2012-07-24 )))))))))))))))))))))))))))))))
.
.
2012-07-24 17:02 . 2012-07-24 17:02 -------- d-----w- c:\users\Uživatel\AppData\Local\temp
2012-07-24 17:02 . 2012-07-24 17:02 -------- d-----w- c:\users\U§ivatel\AppData\Local\temp
2012-07-24 17:02 . 2012-07-24 17:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-24 17:02 . 2012-07-24 17:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-22 20:10 . 2012-07-22 20:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{3EE1ABFC-2431-4041-A7AE-5689F5B1222E}
2012-07-22 20:10 . 2012-07-22 20:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{49A35902-F297-4AAC-9B52-B33DAD627EB7}
2012-07-22 17:46 . 2012-07-22 17:46 -------- d-----w- c:\users\Uživatel\AppData\Roaming\Malwarebytes
2012-07-22 17:45 . 2012-07-22 17:45 -------- d-----w- c:\programdata\Malwarebytes
2012-07-22 17:45 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-22 17:45 . 2012-07-22 17:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-22 16:31 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-21 22:18 . 2012-07-21 22:18 -------- d-----w- c:\users\Uživatel\AppData\Local\{4D720026-0B02-45A1-A1AA-94F80F36F315}
2012-07-21 22:18 . 2012-07-21 22:18 -------- d-----w- c:\users\Uživatel\AppData\Local\{883AB47C-2EDF-45BF-A748-D448E64FAB1E}
2012-07-21 10:17 . 2012-07-21 10:17 -------- d-----w- c:\users\Uživatel\AppData\Local\{3733905C-2EEC-47E2-9D81-A22BA596488F}
2012-07-21 10:17 . 2012-07-21 10:17 -------- d-----w- c:\users\Uživatel\AppData\Local\{71E8679B-4FFB-43CE-AA22-825B80C3DDF0}
2012-07-20 19:15 . 2012-07-20 19:15 -------- d-----w- c:\users\Uživatel\AppData\Local\{CEA5CC87-466D-46CB-B54F-35BD134F68D0}
2012-07-20 19:15 . 2012-07-20 19:15 -------- d-----w- c:\users\Uživatel\AppData\Local\{E0DAAEBD-89DC-4EE5-88FF-8CD135ED5242}
2012-07-19 18:50 . 2012-07-19 18:50 -------- d-----w- c:\users\Uživatel\AppData\Local\{80515EAF-CF8B-4AF4-B12E-CFDB3F6365F0}
2012-07-19 18:50 . 2012-07-19 18:50 -------- d-----w- c:\users\Uživatel\AppData\Local\{04F70C9B-0F63-4F92-81C9-177F2DBB2042}
2012-07-19 05:34 . 2012-07-19 05:34 -------- d-----w- c:\users\Uživatel\AppData\Local\{FF1267F8-6281-4B90-B471-5E7458F65B04}
2012-07-19 05:34 . 2012-07-19 05:34 -------- d-----w- c:\users\Uživatel\AppData\Local\{3C876C22-C389-49EE-9675-1E271D038A03}
2012-07-18 16:06 . 2012-07-18 16:06 -------- d-----w- c:\users\Uživatel\AppData\Local\{00AF698B-7C5F-44E2-917C-2F9CA8DCD91A}
2012-07-18 16:05 . 2012-07-18 16:06 -------- d-----w- c:\users\Uživatel\AppData\Local\{33CE4350-C4C5-4860-874A-B1E345F95EE4}
2012-07-17 17:52 . 2012-07-17 17:52 -------- d-----w- c:\users\Uživatel\AppData\Local\{D5C8A00B-6B6A-4180-8826-B1ADC6E19E1E}
2012-07-17 17:51 . 2012-07-17 17:52 -------- d-----w- c:\users\Uživatel\AppData\Local\{1DB6DFB0-2CAE-4E67-A99C-D4EEE1F6F873}
2012-07-16 17:19 . 2012-07-16 17:19 515664 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-07-16 16:41 . 2012-07-16 16:41 -------- d-----w- c:\users\Uživatel\AppData\Local\{356AED55-EC0C-4356-8876-4E68DFC96274}
2012-07-16 16:41 . 2012-07-16 16:41 -------- d-----w- c:\users\Uživatel\AppData\Local\{4A66747A-9AB4-4EAA-9250-EF2CE1A96BC4}
2012-07-15 15:50 . 2012-07-15 15:50 -------- d-----w- c:\users\Uživatel\AppData\Local\{D8B281F2-F539-44DE-BA5E-473388CE2ABB}
2012-07-15 15:49 . 2012-07-15 15:50 -------- d-----w- c:\users\Uživatel\AppData\Local\{CE078F0D-07B9-4CE3-BCDD-5CC22E65B486}
2012-07-14 05:51 . 2012-07-14 05:51 -------- d-----w- c:\users\Uživatel\AppData\Local\{20E695D3-5927-4A05-BE6F-B5B8D0EE0944}
2012-07-14 05:51 . 2012-07-14 05:51 -------- d-----w- c:\users\Uživatel\AppData\Local\{14E1C6DC-D9EE-4500-9641-2DD5FE73B770}
2012-07-12 16:18 . 2012-07-12 16:18 -------- d-----w- c:\users\Uživatel\AppData\Local\{68BD74F6-1533-45C4-8B36-8719A9975CCA}
2012-07-12 16:17 . 2012-07-12 16:18 -------- d-----w- c:\users\Uživatel\AppData\Local\{78A5B2EB-A245-4308-9627-0D16F11E6CD5}
2012-07-11 16:28 . 2012-07-11 16:28 -------- d-----w- c:\users\Uživatel\AppData\Local\{EA57450B-D409-466E-9A6A-A3A0DDF5B779}
2012-07-11 16:28 . 2012-07-11 16:28 -------- d-----w- c:\users\Uživatel\AppData\Local\{372B1C36-2403-4E2A-AFE5-142CCC8B0617}
2012-07-09 17:32 . 2012-07-09 17:32 -------- d-----w- c:\users\Uživatel\AppData\Local\{AE479568-E9B0-4AA2-A181-139BE7EFAECE}
2012-07-09 17:31 . 2012-07-09 17:32 -------- d-----w- c:\users\Uživatel\AppData\Local\{F4EC198E-6DD1-430A-BAA0-B597ED453F2F}
2012-07-09 05:31 . 2012-07-09 05:31 -------- d-----w- c:\users\Uživatel\AppData\Local\{F466FE54-97EA-4DE0-8420-C55C43436CF6}
2012-07-09 05:31 . 2012-07-09 05:31 -------- d-----w- c:\users\Uživatel\AppData\Local\{21AD1D7B-589B-40F3-995B-C8C2CA4A2013}
2012-07-08 08:10 . 2012-07-08 08:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{61BD0DC5-AF31-4C53-82AD-A7CEB37CFC22}
2012-07-08 08:09 . 2012-07-08 08:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{629BA10D-953E-4652-9031-502939498540}
2012-07-07 08:29 . 2012-07-07 08:29 -------- d-----w- c:\users\Uživatel\AppData\Local\{9508DAD1-A079-4C83-BBF4-A75169B6359F}
2012-07-07 08:29 . 2012-07-07 08:29 -------- d-----w- c:\users\Uživatel\AppData\Local\{36027DA0-28E0-4387-BC89-0A5410874DDE}
2012-07-07 08:17 . 2012-07-07 08:17 -------- d-----w- C:\CFLog
2012-07-06 20:40 . 2012-07-06 20:40 -------- d-----w- c:\program files\Z8Games
2012-07-06 09:55 . 2012-07-06 09:55 -------- d-----w- c:\programdata\Sony
2012-07-06 09:55 . 2012-07-06 09:55 -------- d-----w- c:\program files\Sony
2012-07-06 09:10 . 2012-07-06 09:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{393C4EF8-92CE-4629-956B-CEA00B823C3B}
2012-07-06 09:10 . 2012-07-06 09:10 -------- d-----w- c:\users\Uživatel\AppData\Local\{052D4988-F96B-47D4-A0F6-D3B11E025635}
2012-07-05 20:00 . 2012-07-05 20:00 -------- d-----w- c:\program files\BP DOWNLOADER
2012-07-05 07:34 . 2012-07-05 07:34 -------- d-----w- c:\users\Uživatel\AppData\Local\{49ED8C67-A559-4A7B-ABD3-C787EC448FAF}
2012-07-05 07:34 . 2012-07-05 07:34 -------- d-----w- c:\users\Uživatel\AppData\Local\{BF6A360C-79AD-4F8D-99DA-859435206FE3}
2012-07-04 17:53 . 2012-07-04 17:53 -------- d-----w- c:\users\Uživatel\AppData\Local\{6C552A2B-64B9-4955-9100-2A8E31D7025B}
2012-07-04 17:53 . 2012-07-04 17:53 -------- d-----w- c:\users\Uživatel\AppData\Local\{C96EB99B-9FF5-4A10-B52F-CA21D0737185}
2012-07-04 05:38 . 2012-07-04 05:38 -------- d-----w- c:\users\Uživatel\AppData\Local\{D404ED52-D293-47AA-ADE6-7B40B4CDDDC9}
2012-07-04 05:38 . 2012-07-04 05:38 -------- d-----w- c:\users\Uživatel\AppData\Local\{2A8289E8-9505-4110-A066-4879099FFDEA}
2012-07-03 17:37 . 2012-07-03 17:37 -------- d-----w- c:\users\Uživatel\AppData\Local\{F3D986AA-94BC-4FAF-AFF3-D0FA091CFE57}
2012-07-03 17:37 . 2012-07-03 17:37 -------- d-----w- c:\users\Uživatel\AppData\Local\{49F59A3C-3790-4FFE-BAC9-60A177C51B31}
2012-07-03 16:25 . 2012-05-06 10:42 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B674A5B5-C187-4210-9847-3FE5306C5621}\gapaengine.dll
2012-07-03 05:36 . 2012-07-03 05:36 -------- d-----w- c:\users\Uživatel\AppData\Local\{B9578744-0DAD-4904-BF22-ABB39D8FEA8E}
2012-07-03 05:36 . 2012-07-03 05:36 -------- d-----w- c:\users\Uživatel\AppData\Local\{C3000E3F-0E39-4EE7-B07E-CA7C07089129}
2012-07-02 16:53 . 2012-07-02 16:53 -------- d-----w- c:\users\Uživatel\AppData\Local\{B631F201-AD76-4D94-B56E-9241CD80E367}
2012-07-02 16:52 . 2012-07-02 16:53 -------- d-----w- c:\users\Uživatel\AppData\Local\{6B7F787A-5C80-4C57-AE78-43E6A499B249}
2012-06-30 08:55 . 2012-06-30 08:55 -------- d-----w- c:\windows\system32\xlive
2012-06-30 08:54 . 2012-06-30 08:55 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2012-06-30 08:12 . 2012-06-30 08:12 -------- d-----w- c:\users\Uživatel\AppData\Local\{A5D43B00-B24F-4544-8F19-7ABB127C6442}
2012-06-30 08:12 . 2012-06-30 08:12 -------- d-----w- c:\users\Uživatel\AppData\Local\{F48E1DD7-F1AF-476E-A767-4BB2B4D0F10F}
2012-06-28 20:06 . 2012-06-28 20:07 -------- d-----w- c:\users\Uživatel\AppData\Roaming\WinRAR
2012-06-28 19:32 . 2012-06-28 19:32 -------- d-----w- c:\users\Uživatel\AppData\Local\{FF255391-06B8-48B5-8241-0A1E57F37836}
2012-06-28 19:31 . 2012-06-28 19:32 -------- d-----w- c:\users\Uživatel\AppData\Local\{CB7564F2-1667-4B9F-B9BD-48927F3263F3}
2012-06-27 20:08 . 2012-06-27 20:08 -------- d-----w- c:\users\Uživatel\AppData\Local\{BA4F8268-AEA2-44FF-88C0-056C43628F6B}
2012-06-27 20:08 . 2012-06-27 20:08 -------- d-----w- c:\users\Uživatel\AppData\Local\{13A2DC30-F7D4-44A2-A39A-B2D5388D3490}
2012-06-26 20:54 . 2012-06-26 20:54 -------- d-----w- c:\users\Uživatel\AppData\Local\Nero
2012-06-26 20:53 . 2012-06-26 20:53 -------- d-----w- c:\users\Uživatel\AppData\Roaming\Nero
2012-06-26 20:21 . 2012-06-26 20:46 -------- d-----w- c:\programdata\Nero
2012-06-26 20:06 . 2012-06-26 20:06 -------- d-----w- c:\programdata\LightScribe
2012-06-26 20:06 . 2012-06-26 21:44 -------- dc----w- c:\windows\system32\DRVSTORE
2012-06-26 20:06 . 2012-06-26 21:42 -------- d-----w- c:\program files\Nero
2012-06-26 20:03 . 2012-06-26 20:11 -------- d-----w- c:\program files\Common Files\LightScribe
2012-06-26 18:57 . 2012-06-26 18:58 -------- d-----w- c:\users\Uživatel\AppData\Local\{1D3A4B4A-62F4-47FC-B1D7-DB377EC6DF2E}
2012-06-26 16:36 . 2012-06-26 16:36 -------- d-----w- c:\users\Uživatel\AppData\Local\{0C49AA8C-0ECD-440A-BD09-3BDFB8873F97}
2012-06-26 16:35 . 2012-06-26 16:36 -------- d-----w- c:\users\Uživatel\AppData\Local\{C346D012-0655-4E4A-8D0C-E4C013E8084F}
2012-06-25 17:48 . 2012-06-25 17:48 -------- d-----w- c:\users\Uživatel\AppData\Local\{D67DCC18-377E-4DAB-B9B3-A7E9188208B8}
2012-06-25 17:48 . 2012-06-25 17:48 -------- d-----w- c:\users\Uživatel\AppData\Local\{4002A769-7ABC-4EE3-9F50-28E5A0FAA5D2}
2012-06-25 05:48 . 2012-06-25 05:48 -------- d-----w- c:\users\Uživatel\AppData\Local\{CD181621-A55D-4DA6-A35D-0FC1985F8FBE}
2012-06-25 05:48 . 2012-06-25 05:48 -------- d-----w- c:\users\Uživatel\AppData\Local\{176014A5-EF8F-49B1-B6DB-53487B7592CC}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 19:22 . 2012-05-03 11:16 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-11 19:22 . 2012-05-03 11:16 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 22:19 . 2012-06-22 05:39 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 05:39 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 05:38 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 05:38 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-22 05:39 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-22 05:39 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-22 05:38 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 05:38 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-22 05:38 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-05-17 22:45 . 2012-06-17 06:30 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35 . 2012-06-17 06:30 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35 . 2012-06-17 06:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29 . 2012-06-17 06:30 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-17 22:24 . 2012-06-17 06:30 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-05-15 19:51 . 2012-06-17 06:25 2045440 ----a-w- c:\windows\system32\win32k.sys
2012-05-06 10:42 . 2012-06-12 16:18 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-05-05 12:57 . 2011-03-28 16:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-04 17:29 . 2012-06-20 18:52 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-04 17:29 . 2012-05-03 12:21 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-04 11:58 . 2012-05-04 11:58 477240 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-05-03 02:55 . 2012-05-03 02:55 42392 ----a-w- c:\windows\system32\xfcodec.dll
2012-05-01 14:03 . 2012-06-17 06:25 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 12:04 . 2012-04-26 12:04 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-04-26 12:04 . 2012-04-26 12:04 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-04-26 12:04 . 2012-04-26 12:04 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-04-26 12:04 . 2012-04-26 12:04 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-04-26 12:04 . 2012-04-26 12:04 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-04-26 12:04 . 2012-04-26 12:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-04-26 12:04 . 2012-04-26 12:04 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-04-26 12:04 . 2012-04-26 12:04 367104 ----a-w- c:\windows\system32\html.iec
2012-04-26 12:04 . 2012-04-26 12:04 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-04-26 12:04 . 2012-04-26 12:04 161792 ----a-w- c:\windows\system32\msls31.dll
2012-04-26 12:04 . 2012-04-26 12:04 152064 ----a-w- c:\windows\system32\wextract.exe
2012-04-26 12:04 . 2012-04-26 12:04 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-04-26 12:04 . 2012-04-26 12:04 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-04-26 12:04 . 2012-04-26 12:04 11776 ----a-w- c:\windows\system32\mshta.exe
2012-04-26 12:04 . 2012-04-26 12:04 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-04-26 12:04 . 2012-04-26 12:04 101888 ----a-w- c:\windows\system32\admparse.dll
2012-04-26 12:03 . 2012-04-26 12:03 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-04-26 12:03 . 2012-04-26 12:03 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2012-04-26 12:03 . 2012-04-26 12:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2012-04-26 12:03 . 2012-04-26 12:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-04-26 12:03 . 2012-04-26 12:03 2873344 ----a-w- c:\windows\system32\mf.dll
2012-04-26 12:03 . 2012-04-26 12:03 98816 ----a-w- c:\windows\system32\mfps.dll
2012-04-26 12:03 . 2012-04-26 12:03 586240 ----a-w- c:\windows\system32\stobject.dll
2012-04-26 12:03 . 2012-04-26 12:03 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2012-04-26 12:03 . 2012-04-26 12:03 209920 ----a-w- c:\windows\system32\mfplat.dll
2012-04-26 12:03 . 2012-04-26 12:03 189952 ----a-w- c:\windows\system32\d3d10core.dll
2012-04-26 12:03 . 2012-04-26 12:03 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-04-26 12:03 . 2012-04-26 12:03 847360 ----a-w- c:\windows\system32\OpcServices.dll
2012-04-26 12:03 . 2012-04-26 12:03 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2012-04-26 12:03 . 2012-04-26 12:03 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-04-26 12:03 . 2012-04-26 12:03 478720 ----a-w- c:\windows\system32\dxgi.dll
2012-04-26 12:03 . 2012-04-26 12:03 37376 ----a-w- c:\windows\system32\cdd.dll
2012-04-26 12:03 . 2012-04-26 12:03 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2012-04-26 12:03 . 2012-04-26 12:03 258048 ----a-w- c:\windows\system32\winspool.drv
2012-04-26 12:03 . 2012-04-26 12:03 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2012-04-26 12:03 . 2012-04-26 12:03 1029120 ----a-w- c:\windows\system32\d3d10.dll
2012-04-26 12:03 . 2012-04-26 12:03 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2012-04-26 12:03 . 2012-04-26 12:03 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-04-26 12:03 . 2012-04-26 12:03 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-04-26 12:03 . 2012-04-26 12:03 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-04-26 12:03 . 2012-04-26 12:03 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-04-26 12:03 . 2012-04-26 12:03 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-04-26 12:03 . 2012-04-26 12:03 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-04-26 12:03 . 2012-04-26 12:03 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-04-26 09:45 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2012-04-26 09:44 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2012-04-26 08:08 . 2012-04-26 08:08 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-04-21 01:18 . 2012-05-08 19:55 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2011-08-12 2433024]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-06-20 2736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"snpstd2"="c:\windows\vsnpstd2.exe" [2007-04-13 307200]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
c:\users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FastStone Capture.lnk - c:\users\Uživatel\PortableApps\FSCapture69\FSCapture.exe [2012-5-3 1099264]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinTV Recording Status.lnk - c:\program files\WinTV\WinTV7\WinTVTray.exe [2012-5-4 146944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 13:05 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 19:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.111.1 212.158.128.2 195.250.128.34
FF - ProfilePath - c:\users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\dcj8k8ud.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-24 19:02
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-07-24 19:14:37
ComboFix-quarantined-files.txt 2012-07-24 17:14
ComboFix2.txt 2012-07-23 19:11
.
Před spuštěním: Volných bajtů: 35 621 183 488
Po spuštění: Volných bajtů: 35 609 022 464
.
- - End Of File - - 07031DE947E97104978E1F4BCFDA1EF6


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:32:57, on 24.7.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\vsnpstd2.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WinTV\WinTV7\WinTVTray.exe
C:\Users\Uživatel\PortableApps\FSCapture69\FSCapture.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskmgr.exe
C:\Users\Uživatel\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-21-1799270022-2577491155-1398509358-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1799270022-2577491155-1398509358-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - Startup: FastStone Capture.lnk = ?
O4 - Global Startup: WinTV Recording Status.lnk = C:\Program Files\WinTV\WinTV7\WinTVTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe

--
End of file - 7814 bytes

aswMBR a RogueKiller hází BSOD

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[masterbill]

píše mi to že systém Windows nemůže najít soubor ComboFix /Uninstall

[jaro3]

Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou & překlad: Damned )
Na plochu a spusť ho.
Klikni na Bod obnovení a poté na OK , OK.
Klikni na Koš a poté na OK.
Klikni na Dočasné soubory a poté na OK.
Klikni na Vyhledat[b] a nech Cleaner pracovat. Může se během čištění zastavit (neodpovídá), ale nech ho pokračovat.
Když program skončí , klikni na [b]Odstranit a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)


Pak stáhni OTL a pokračuj podle návodu výše.

[masterbill]

log z TC2: http://screen.rubes.eu/2012-07-25_192605.png

OTL:

OTL logfile created on: 25.7.2012 19:27:44 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Uživatel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 65,80% Memory free
6,78 Gb Paging File | 5,18 Gb Available in Paging File | 76,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 36,49 Gb Free Space | 7,83% Space Free | Partition Type: NTFS

Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Uživatel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
PRC - C:\Program Files\WinTV\TVServer\CaptureGenPCI.exe (Hauppauge Computer Works)
PRC - C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Rainlendar2\Rainlendar2.exe ()
PRC - C:\Users\Uživatel\PortableApps\FSCapture69\FSCapture.exe (FastStone Soft)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\vsnpstd2.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Users\Uživatel\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Uživatel\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll ()
MOD - C:\Users\Uživatel\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll ()
MOD - C:\Users\Uživatel\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll ()
MOD - C:\Users\Uživatel\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0f53d229b1cf67af5a638010a8f332d7\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\272ea1c4abc9f1a0165200ae2c5ce62f\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\WinTV\TVServer\HauppaugeTVServerps.dll ()
MOD - C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll ()
MOD - C:\Program Files\Rainlendar2\Rainlendar2.exe ()
MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Rainlendar2\wxmsw28u_xrc_vc_rny.dll ()
MOD - C:\Program Files\Rainlendar2\wxbase28u_xml_vc_rny.dll ()
MOD - C:\Program Files\Rainlendar2\wxmsw28u_html_vc_rny.dll ()
MOD - C:\Program Files\Rainlendar2\wxmsw28u_adv_vc_rny.dll ()
MOD - C:\Program Files\Rainlendar2\wxmsw28u_core_vc_rny.dll ()
MOD - C:\Program Files\Rainlendar2\wxbase28u_vc_rny.dll ()
MOD - C:\Program Files\Last.fm\srv_rtaudioplayback.dll ()
MOD - C:\Program Files\Last.fm\ext_messengernotify.dll ()
MOD - C:\Program Files\Last.fm\ext_skypenotify.dll ()
MOD - C:\Program Files\Last.fm\srv_madtranscode.dll ()
MOD - C:\Program Files\Last.fm\srv_httpinput.dll ()
MOD - C:\Program Files\Last.fm\LastFmFingerprint1.dll ()
MOD - C:\Program Files\Last.fm\breakpad.dll ()
MOD - C:\Program Files\Last.fm\Moose1.dll ()
MOD - C:\Program Files\Last.fm\LastFmTools1.dll ()
MOD - C:\Program Files\Last.fm\libfftw3f-3.dll ()
MOD - C:\Program Files\Last.fm\zlibwapi.dll ()
MOD - C:\Program Files\Rainlendar2\lfs.dll ()
MOD - C:\Program Files\Rainlendar2\lua51.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files\Last.fm\QtNetwork4.dll ()
MOD - C:\Program Files\Last.fm\QtSql4.dll ()
MOD - C:\Program Files\Last.fm\QtGui4.dll ()
MOD - C:\Program Files\Last.fm\QtXml4.dll ()
MOD - C:\Program Files\Last.fm\QtCore4.dll ()
MOD - C:\Program Files\Last.fm\imageformats\qmng4.dll ()
MOD - C:\Program Files\Last.fm\imageformats\qgif4.dll ()
MOD - C:\Program Files\Last.fm\imageformats\qjpeg4.dll ()
MOD - C:\Windows\vsnpstd2.exe ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PanService) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (wampmysqld) -- c:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe ()
SRV - (Sony PC Companion) -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (HauppaugeTVServer) -- C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (wampapache) -- c:\wamp\bin\apache\Apache2.2.21\bin\httpd.exe (Apache Software Foundation)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (XDva398) -- C:\Windows\system32\XDva398.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (MpKsl841a3bb1) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6BE85108-25B0-45ED-BD2B-627A808A9FB5}\MpKsl841a3bb1.sys File not found
DRV - (MpKsl83ae2a61) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6BE85108-25B0-45ED-BD2B-627A808A9FB5}\MpKsl83ae2a61.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\UIVATE~1\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (au2yfmne) -- File not found
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (HCW85BDA) -- C:\Windows\System32\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (snpstd2) -- C:\Windows\System32\drivers\snpstd2.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2012.05.05 09:18:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.08 21:55:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.05.08 21:56:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Extensions
[2012.05.30 18:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\dcj8k8ud.default\extensions
[2012.05.15 07:55:32 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\dcj8k8ud.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.05.30 18:10:48 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\dcj8k8ud.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.05.30 18:10:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\dcj8k8ud.default\extensions\staged
[2012.05.08 21:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.05.08 21:55:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.21 05:17:43 | 000,003,413 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012.04.21 05:17:43 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.21 05:17:43 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.21 05:17:44 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.21 05:17:44 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.21 05:17:44 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\U\u017Eivatel\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\U\u017Eivatel\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\U\u017Eivatel\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\U\u017Eivatel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\U\u017Eivatel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Turn Off the Lights = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1_0\
CHR - Extension: YouTube = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Tampermonkey = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.5.29_0\
CHR - Extension: F.B. Purity - Cleans Up Facebook = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl\7.6.0_1\
CHR - Extension: Gmail = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.23 21:01:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [snpstd2] C:\Windows\vsnpstd2.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk = C:\Users\Uživatel\PortableApps\FSCapture69\FSCapture.exe (FastStone Soft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.111.1 212.158.128.2 195.250.128.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F3C19E0-22C6-45C5-B54F-8AF0E7AF5ECF}: DhcpNameServer = 10.0.111.1 212.158.128.2 195.250.128.34
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.07.25 18:13:32 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Recent
[2012.07.24 21:00:21 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{955CFD35-A04E-49DB-8193-D4A0A35C50ED}
[2012.07.24 21:00:07 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{5DF33A7F-627F-4C58-BE53-0A8B80C0F5D0}
[2012.07.24 20:59:36 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Uživatel\Desktop\OTL.exe
[2012.07.24 20:51:26 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Adobe
[2012.07.24 20:10:26 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\RK_Quarantine
[2012.07.24 19:14:45 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\temp
[2012.07.24 19:11:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.07.23 20:11:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.07.23 20:11:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.07.23 20:11:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.07.23 20:09:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.07.23 20:08:27 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.07.23 20:07:02 | 004,583,914 | R--- | C] (Swearware) -- C:\Users\Uživatel\Desktop\ComboFix.exe
[2012.07.23 19:30:33 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\backups
[2012.07.23 19:25:36 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Uživatel\Desktop\TFC.exe
[2012.07.22 22:10:22 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{3EE1ABFC-2431-4041-A7AE-5689F5B1222E}
[2012.07.22 22:10:05 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{49A35902-F297-4AAC-9B52-B33DAD627EB7}
[2012.07.22 19:46:07 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Malwarebytes
[2012.07.22 19:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.22 19:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.22 19:45:26 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.22 19:45:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.22 00:18:18 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{4D720026-0B02-45A1-A1AA-94F80F36F315}
[2012.07.22 00:18:03 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{883AB47C-2EDF-45BF-A748-D448E64FAB1E}
[2012.07.21 12:17:42 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{3733905C-2EEC-47E2-9D81-A22BA596488F}
[2012.07.21 12:17:27 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{71E8679B-4FFB-43CE-AA22-825B80C3DDF0}
[2012.07.20 21:15:34 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{CEA5CC87-466D-46CB-B54F-35BD134F68D0}
[2012.07.20 21:15:18 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{E0DAAEBD-89DC-4EE5-88FF-8CD135ED5242}
[2012.07.20 20:38:48 | 002,136,152 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Uživatel\Desktop\TDSSKiller.exe
[2012.07.19 20:50:32 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{80515EAF-CF8B-4AF4-B12E-CFDB3F6365F0}
[2012.07.19 20:50:16 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{04F70C9B-0F63-4F92-81C9-177F2DBB2042}
[2012.07.19 07:34:32 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{FF1267F8-6281-4B90-B471-5E7458F65B04}
[2012.07.19 07:34:19 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{3C876C22-C389-49EE-9675-1E271D038A03}
[2012.07.18 18:06:05 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{00AF698B-7C5F-44E2-917C-2F9CA8DCD91A}
[2012.07.18 18:05:51 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{33CE4350-C4C5-4860-874A-B1E345F95EE4}
[2012.07.17 19:52:10 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{D5C8A00B-6B6A-4180-8826-B1ADC6E19E1E}
[2012.07.17 19:51:56 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{1DB6DFB0-2CAE-4E67-A99C-D4EEE1F6F873}
[2012.07.16 18:58:19 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\prezentace vdf
[2012.07.16 18:41:41 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{356AED55-EC0C-4356-8876-4E68DFC96274}
[2012.07.16 18:41:28 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{4A66747A-9AB4-4EAA-9250-EF2CE1A96BC4}
[2012.07.15 17:50:04 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{D8B281F2-F539-44DE-BA5E-473388CE2ABB}
[2012.07.15 17:49:51 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{CE078F0D-07B9-4CE3-BCDD-5CC22E65B486}
[2012.07.14 07:51:23 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{20E695D3-5927-4A05-BE6F-B5B8D0EE0944}
[2012.07.14 07:51:10 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{14E1C6DC-D9EE-4500-9641-2DD5FE73B770}
[2012.07.12 18:18:12 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{68BD74F6-1533-45C4-8B36-8719A9975CCA}
[2012.07.12 18:17:58 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{78A5B2EB-A245-4308-9627-0D16F11E6CD5}
[2012.07.11 18:28:46 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{EA57450B-D409-466E-9A6A-A3A0DDF5B779}
[2012.07.11 18:28:43 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{372B1C36-2403-4E2A-AFE5-142CCC8B0617}
[2012.07.10 19:25:22 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\4632012
[2012.07.09 19:32:11 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{AE479568-E9B0-4AA2-A181-139BE7EFAECE}
[2012.07.09 19:31:56 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{F4EC198E-6DD1-430A-BAA0-B597ED453F2F}
[2012.07.09 07:31:30 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{F466FE54-97EA-4DE0-8420-C55C43436CF6}
[2012.07.09 07:31:09 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{21AD1D7B-589B-40F3-995B-C8C2CA4A2013}
[2012.07.09 07:28:55 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\hovory 234
[2012.07.08 12:04:47 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\sap na iprima
[2012.07.08 10:10:03 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{61BD0DC5-AF31-4C53-82AD-A7CEB37CFC22}
[2012.07.08 10:09:50 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{629BA10D-953E-4652-9031-502939498540}
[2012.07.07 10:29:42 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{9508DAD1-A079-4C83-BBF4-A75169B6359F}
[2012.07.07 10:29:28 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{36027DA0-28E0-4387-BC89-0A5410874DDE}
[2012.07.07 10:17:03 | 000,000,000 | ---D | C] -- C:\CFLog
[2012.07.06 22:55:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.06 22:40:18 | 000,000,000 | ---D | C] -- C:\Program Files\Z8Games
[2012.07.06 11:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012.07.06 11:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012.07.06 11:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012.07.06 11:10:58 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{393C4EF8-92CE-4629-956B-CEA00B823C3B}
[2012.07.06 11:10:44 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{052D4988-F96B-47D4-A0F6-D3B11E025635}
[2012.07.05 22:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\BP DOWNLOADER
[2012.07.05 09:34:53 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{49ED8C67-A559-4A7B-ABD3-C787EC448FAF}
[2012.07.05 09:34:40 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{BF6A360C-79AD-4F8D-99DA-859435206FE3}
[2012.07.04 19:53:50 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{6C552A2B-64B9-4955-9100-2A8E31D7025B}
[2012.07.04 19:53:36 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{C96EB99B-9FF5-4A10-B52F-CA21D0737185}
[2012.07.04 19:53:14 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\nav
[2012.07.04 07:38:34 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{D404ED52-D293-47AA-ADE6-7B40B4CDDDC9}
[2012.07.04 07:38:21 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{2A8289E8-9505-4110-A066-4879099FFDEA}
[2012.07.03 19:37:51 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{F3D986AA-94BC-4FAF-AFF3-D0FA091CFE57}
[2012.07.03 19:37:35 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{49F59A3C-3790-4FFE-BAC9-60A177C51B31}
[2012.07.03 07:36:25 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{B9578744-0DAD-4904-BF22-ABB39D8FEA8E}
[2012.07.03 07:36:11 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{C3000E3F-0E39-4EE7-B07E-CA7C07089129}
[2012.07.02 18:53:05 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{B631F201-AD76-4D94-B56E-9241CD80E367}
[2012.07.02 18:52:50 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{6B7F787A-5C80-4C57-AE78-43E6A499B249}
[2012.06.30 21:08:44 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\2012-06-30-memorial
[2012.06.30 11:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios
[2012.06.30 10:55:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012.06.30 10:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012.06.30 10:54:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2012.06.30 10:12:35 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{A5D43B00-B24F-4544-8F19-7ABB127C6442}
[2012.06.30 10:12:22 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{F48E1DD7-F1AF-476E-A767-4BB2B4D0F10F}
[2012.06.28 22:06:29 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\WinRAR
[2012.06.28 22:06:28 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.06.28 22:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.06.28 22:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.06.28 21:32:02 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{FF255391-06B8-48B5-8241-0A1E57F37836}
[2012.06.28 21:31:46 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{CB7564F2-1667-4B9F-B9BD-48927F3263F3}
[2012.06.27 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{BA4F8268-AEA2-44FF-88C0-056C43628F6B}
[2012.06.27 22:08:28 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{13A2DC30-F7D4-44A2-A39A-B2D5388D3490}
[2012.06.26 22:54:20 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Documents\NeroVideo
[2012.06.26 22:54:02 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Nero
[2012.06.26 22:53:42 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Nero
[2012.06.26 22:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012.06.26 22:11:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2012.06.26 22:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2012.06.26 22:06:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012.06.26 22:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012.06.26 22:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2012.06.26 20:57:17 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{1D3A4B4A-62F4-47FC-B1D7-DB377EC6DF2E}
[2012.06.26 19:43:18 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\2012-06-23-lamborghini
[2012.06.26 18:36:05 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{0C49AA8C-0ECD-440A-BD09-3BDFB8873F97}
[2012.06.26 18:35:52 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{C346D012-0655-4E4A-8D0C-E4C013E8084F}
[2012.06.25 19:48:54 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{D67DCC18-377E-4DAB-B9B3-A7E9188208B8}
[2012.06.25 19:48:39 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\{4002A769-7ABC-4EE3-9F50-28E5A0FAA5D2}

========== Files - Modified Within 30 Days ==========

[2012.07.25 19:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.25 18:01:57 | 000,455,680 | ---- | M] () -- C:\Users\Uživatel\Desktop\ToolsCleaner2.exe
[2012.07.25 17:56:43 | 000,004,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.25 17:56:43 | 000,004,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.25 17:56:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.25 17:56:19 | 3488,825,344 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.24 20:59:46 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Desktop\OTL.exe
[2012.07.24 20:21:16 | 000,644,250 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.24 20:21:16 | 000,633,804 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.24 20:21:16 | 000,136,872 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.24 20:21:16 | 000,119,330 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.24 20:11:47 | 531,080,922 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.24 20:10:34 | 000,014,080 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012.07.23 21:01:42 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.07.23 20:07:24 | 004,583,914 | R--- | M] (Swearware) -- C:\Users\Uživatel\Desktop\ComboFix.exe
[2012.07.23 19:26:23 | 002,136,152 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Uživatel\Desktop\TDSSKiller.exe
[2012.07.23 19:25:41 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Desktop\TFC.exe
[2012.07.22 19:45:36 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.17 14:56:14 | 001,403,701 | ---- | M] () -- C:\Users\Uživatel\Desktop\data-2012-7-17-14-43-13.3gp
[2012.07.11 21:22:13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.11 21:22:12 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.07 21:12:48 | 000,000,456 | ---- | M] () -- C:\Users\Uživatel\Documents\cc_20120707_211244.reg
[2012.07.07 21:10:27 | 000,010,302 | ---- | M] () -- C:\Users\Uživatel\Documents\cc_20120707_211022.reg
[2012.07.07 10:49:43 | 000,098,400 | ---- | M] () -- C:\Users\Uživatel\Desktop\rozkvetle.jpg
[2012.07.07 10:48:11 | 000,478,885 | ---- | M] () -- C:\Users\Uživatel\Desktop\file.pdf
[2012.07.06 12:56:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2012.07.06 11:56:01 | 000,001,881 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012.07.05 09:36:13 | 004,513,874 | ---- | M] () -- C:\Users\Uživatel\Desktop\DSC_0228.JPG
[2012.07.04 23:51:41 | 000,020,992 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.27 07:07:19 | 000,419,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012.07.25 18:01:52 | 000,455,680 | ---- | C] () -- C:\Users\Uživatel\Desktop\ToolsCleaner2.exe
[2012.07.24 20:10:34 | 000,014,080 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012.07.23 20:11:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.07.23 20:11:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.23 20:11:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.07.23 20:11:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.07.22 19:45:36 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.17 19:27:53 | 001,403,701 | ---- | C] () -- C:\Users\Uživatel\Desktop\data-2012-7-17-14-43-13.3gp
[2012.07.07 21:12:46 | 000,000,456 | ---- | C] () -- C:\Users\Uživatel\Documents\cc_20120707_211244.reg
[2012.07.07 21:10:25 | 000,010,302 | ---- | C] () -- C:\Users\Uživatel\Documents\cc_20120707_211022.reg
[2012.07.07 10:49:42 | 000,098,400 | ---- | C] () -- C:\Users\Uživatel\Desktop\rozkvetle.jpg
[2012.07.07 10:48:08 | 000,478,885 | ---- | C] () -- C:\Users\Uživatel\Desktop\file.pdf
[2012.07.06 22:55:43 | 531,080,922 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.06 12:56:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2012.07.06 11:56:01 | 000,001,881 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012.07.05 09:36:10 | 004,513,874 | ---- | C] () -- C:\Users\Uživatel\Desktop\DSC_0228.JPG
[2012.05.05 16:04:35 | 000,307,200 | ---- | C] () -- C:\Windows\vsnpstd2.exe
[2012.05.05 16:04:34 | 000,015,532 | ---- | C] () -- C:\Windows\snpstd2.ini
[2012.05.05 16:04:33 | 000,343,680 | ---- | C] () -- C:\Windows\System32\drivers\snpstd2.sys
[2012.05.05 16:04:31 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd2.dll
[2012.05.05 16:04:30 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd2.dll
[2012.05.05 16:04:30 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd2.dll
[2012.05.04 18:32:39 | 000,020,992 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.04 14:20:44 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012.05.04 14:20:44 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.05.04 14:19:16 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe
[2012.05.04 14:18:37 | 000,005,005 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2012.05.04 14:06:04 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2012.05.04 07:37:54 | 000,206,111 | ---- | C] () -- C:\Users\Uživatel\pracovni-smlouva-jindrich-rubes.pdf
[2012.05.04 07:37:54 | 000,102,890 | ---- | C] () -- C:\Users\Uživatel\MilitiaChristi.jpg
[2012.05.04 07:37:54 | 000,079,876 | ---- | C] () -- C:\Users\Uživatel\stredocesky_Zlatý erb - výsledky krajského kola 2008.htm
[2012.05.04 07:37:54 | 000,051,169 | ---- | C] () -- C:\Users\Uživatel\stredocesky_Zlatý erb - výsledky krajského kola 2011.htm
[2012.05.04 07:37:54 | 000,021,582 | ---- | C] () -- C:\Users\Uživatel\FileZilla.xml
[2012.05.04 07:37:54 | 000,008,337 | ---- | C] () -- C:\Users\Uživatel\rubes.ged
[2012.05.04 07:37:54 | 000,004,588 | ---- | C] () -- C:\Users\Uživatel\RUBEŠ_JINDŘICH.p12
[2012.05.04 07:37:53 | 001,059,593 | ---- | C] () -- C:\Users\Uživatel\putujeme-po vesnicich-vitov-touzebne-cekaji-na-silnicni-obchvat.jpg
[2012.05.04 07:37:53 | 000,759,582 | ---- | C] () -- C:\Users\Uživatel\slanske-listy-2011-v-zizicich-udelali-misto-stare-pozarni-nadrze-novou naves.jpg
[2012.05.04 07:37:53 | 000,282,950 | ---- | C] () -- C:\Users\Uživatel\slanaci-penize-na-pripravu-obchvatu-dostanou.png
[2012.05.03 13:40:40 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.05.03 04:55:52 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2012.04.26 14:38:43 | 000,003,072 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\file__0.localstorage
[2012.04.26 12:07:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.04.26 12:07:08 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.04.26 12:07:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.04.26 10:07:58 | 000,150,996 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

========== LOP Check ==========

[2012.05.03 14:07:47 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Ashampoo
[2012.05.04 14:05:34 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2012.05.03 12:23:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Dropbox
[2012.06.24 00:45:31 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\KompoZer
[2012.05.03 14:22:47 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\LibreOffice
[2012.05.08 21:54:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Opera
[2012.05.07 19:49:59 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\PhotoFiltre
[2012.05.12 15:03:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\TeamViewer
[2012.05.13 20:07:11 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\VitySoft
[2012.05.08 10:49:16 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\wargaming.net
[2012.05.06 15:59:53 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Windows Live Writer
[2012.07.25 07:34:05 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

[masterbill]

OTL Extras logfile created on: 25.7.2012 19:27:44 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Uživatel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 65,80% Memory free
6,78 Gb Paging File | 5,18 Gb Available in Paging File | 76,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 36,49 Gb Free Space | 7,83% Space Free | Partition Type: NTFS

Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1452A0CC-6C04-42EA-8777-AA8C64370FCF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{645D4DED-A4C5-4B40-B4BC-588805D29B2E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7857D867-524F-44C8-BBDC-7746F1AC8DD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7BD4949A-2000-4F06-8E6E-394490E570CF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{A5D9C392-34AD-437D-841B-104C16761143}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AA092CD9-4427-4122-8E78-E0D1FCD206A5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1551E5F-D167-4A4D-A0CC-0C85DF561297}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6DAB2A8-9C8E-467E-8F2B-1578B8132B84}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C230AC95-9C95-4CB8-BCF2-0002387D396F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C87C457D-2E47-425B-AB7D-5ECFA0599510}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D2DD78BF-0FF3-4C75-8307-069F0884F92A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{EBE60DBC-53AA-4E6E-99FD-607E05DECB41}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EF64203B-6813-46EC-A6B9-2EB444CE3AC1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0890BDA7-E0DB-4839-87E0-9D9208F476EC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{0C2EFB89-F7F5-4121-8D0B-48F3482D645E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{18230604-98A2-4C62-B484-22729B6EFDFF}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{25A6E576-1322-4B41-BF67-5EDDFF10E797}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{355ADE4D-6D79-4183-B885-1C5DBB27E404}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39C1BEC4-EA8F-4EA5-81EC-8F844082CC30}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{3BA0CFDF-C56D-4CEA-945C-8CEC350E513C}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{3BE3AF5A-0074-4D07-9CF0-55EF48D6C68B}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{3E276AAC-AAD8-4171-8EB5-93BC501B295E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3F71302F-EF2F-4357-AC65-795BE17629F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43F00542-C465-4920-8D73-BB9BE5508A9B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{44DFDCBA-D251-40AE-BC37-883802731658}" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{4667D574-01DB-4180-8A08-E15DF97FD8DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{539A4A23-8096-4A93-A970-03874805E4EF}" = protocol=6 | dir=in | app=c:\program files\zaklínač - rozšířená edice\launcher.exe |
"{58191D5C-262F-4CCF-82AA-A1457F7E4783}" = dir=in | app=c:\program files\microsoft games\age of empires online\spartan.exe |
"{5CC1073A-5AF6-495A-8DD4-A1A37EB9DF73}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{60203513-025A-48D4-887D-70002B5385D0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{602CE1B0-0A2F-45B0-BF75-CB1F9A5B5979}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{68E343BE-64CA-4A15-AAEA-7772D6A25812}" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{69AE3C80-DCDD-43B0-AE10-6AA60F8C7F7B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6DCDF5F9-8DB7-4E4C-B480-F33B6810D39D}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{75C46BBB-2942-4E25-A1BF-F76FD81CC133}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{764F945A-814A-4A3A-A1FA-973B61BE75F4}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{8EE83F50-18B2-4E4E-88B7-16959817D9EE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\risen 2\system\risen2.exe |
"{9DD5E356-1352-4DD1-9F26-B62BF85CBF66}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A4C51007-8D58-4963-8329-2FDA014EA382}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A648EC33-FA3D-4B04-84C9-F60A5DAD5959}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B48EE2C6-8449-4661-AA26-2DF86506DC1A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\risen 2\system\risen2.exe |
"{C1A56CCE-8E0B-40A0-B65D-5E26C272480B}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{CEC69B90-74B8-4527-91E7-9B38CFF127ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CF828A12-05C4-4A22-A664-C1D1921BC1E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7FD95C3-CD33-4FC3-8C28-6E3BBF5277DC}" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{DBB45727-735F-46C0-9E74-964578F2B7D7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E495B2B0-D1E2-42C8-B7D1-602E335F137B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ECDFECEB-43FE-4EE6-AF40-4647D545CB17}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{EE009EDE-342B-4D14-8E1B-953B7B0C01FB}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{F960CF21-F574-40D8-BA72-CCC5B0CDF39B}" = protocol=17 | dir=in | app=c:\program files\zaklínač - rozšířená edice\launcher.exe |
"{FC5CC9DD-4285-43A7-8FB4-F932283871F2}" = protocol=6 | dir=out | app=system |
"{FD31C793-B06B-4597-BDDE-ABFD026DBB55}" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"TCP Query User{03AA5C03-1C40-48E7-B077-142CC5998B89}C:\program files\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\program files\world_of_tanks\wotlauncher.exe |
"TCP Query User{11E74E2C-9C1F-4F1B-B277-6E4C52A716ED}C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe |
"TCP Query User{1A4A81F1-44C2-4092-A1C5-EFBA36F92F6D}C:\program files\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files\the witcher 2\bin\witcher2.exe |
"TCP Query User{1D5533D9-46F5-461B-A087-A587AD8049B9}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{91C7E306-3781-4D21-B488-83C220F68306}C:\users\uživatel\downloads\crossfire_downloader.exe" = protocol=6 | dir=in | app=c:\users\uživatel\downloads\crossfire_downloader.exe |
"TCP Query User{C2E8E334-6D60-4945-8EE7-3266F10403E4}C:\program files\wintv\wintv7\wintv7.exe" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"TCP Query User{D953C6FD-C827-473A-BB66-C3F40230A642}C:\program files\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\program files\world_of_tanks\worldoftanks.exe |
"TCP Query User{F36BF045-DAD8-4268-B817-015EC66250BD}C:\users\uživatel\portableapps\fscapture69\fscapture.exe" = protocol=6 | dir=in | app=c:\users\uživatel\portableapps\fscapture69\fscapture.exe |
"UDP Query User{2169FDE4-9D5A-4364-A8FF-C9915EE8B225}C:\users\uživatel\downloads\crossfire_downloader.exe" = protocol=17 | dir=in | app=c:\users\uživatel\downloads\crossfire_downloader.exe |
"UDP Query User{268A4B37-812A-4DC6-8C0B-5CFA6E071712}C:\users\uživatel\portableapps\fscapture69\fscapture.exe" = protocol=17 | dir=in | app=c:\users\uživatel\portableapps\fscapture69\fscapture.exe |
"UDP Query User{5A82F475-3644-4B2D-A7EC-F5CB6DC9B03A}C:\program files\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files\the witcher 2\bin\witcher2.exe |
"UDP Query User{A18C464D-D035-4F43-B5DE-257EA2BEBD1F}C:\program files\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\program files\world_of_tanks\worldoftanks.exe |
"UDP Query User{A3CF3F33-3AFE-42C8-93BC-0D5C49DC7B6B}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{A40B39E4-AED6-413B-8ABF-998F88A46A3D}C:\program files\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\program files\world_of_tanks\wotlauncher.exe |
"UDP Query User{DEFC41E4-D1A2-468D-B758-4454C4532431}C:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe |
"UDP Query User{FA0AF8A2-1352-44AB-8846-B08885788535}C:\program files\wintv\wintv7\wintv7.exe" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{09D72100-CAC9-42BF-AD52-47F784C92DB6}" = LibreOffice 3.5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}" = LightScribe System Software
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{53111B7E-1339-4318-9C08-4A987ED3845F}" = LibreOffice 3.5 Help Pack (Czech)
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1" = Poedit
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86ACE727-A4F2-4B28-A37D-254D9CC03156}" = Zaklínač - Rozšířená edice
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}" = VideoCAM Look
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.079
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow v1.2.4436 [2012-04-22]
"GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.28104)
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.00.1467" = Opera 12.00
"Picasa 3" = Picasa 3
"Rainlendar2" = Rainlendar2 (remove only)
"Steam App 40390" = Risen 2 - Dark Waters
"Steam App 72850" = The Elder Scrolls V: Skyrim
"The KMPlayer" = The KMPlayer (remove only)
"The Witcher 2 Enhanced Edition_is1" = The Witcher 2 Enhanced Edition verze 3.0
"Unigine Heaven DX11 Benchmark (Basic Edition)_is1" = Heaven DX11 Benchmark version 3.0
"WampServer 2_is1" = WampServer 2.2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.7.2012 13:49:07 | Computer Name = Uživatel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 24.7.2012 13:49:07 | Computer Name = Uživatel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 24.7.2012 13:49:08 | Computer Name = Uživatel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 24.7.2012 13:49:08 | Computer Name = Uživatel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 24.7.2012 13:49:16 | Computer Name = Uživatel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 24.7.2012 13:49:16 | Computer Name = Uživatel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 24.7.2012 13:49:17 | Computer Name = Uživatel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 24.7.2012 13:49:17 | Computer Name = Uživatel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 24.7.2012 14:52:52 | Computer Name = Uživatel-PC | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 9.0.8112.16446 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: 16d0 Čas zahájení: 01cd69cd1e5d692c Čas ukončení: 375

Error - 25.7.2012 12:12:19 | Computer Name = Uživatel-PC | Source = VSS | ID = 8194
Description =

[ OSession Events ]
Error - 15.6.2012 17:31:50 | Computer Name = Uživatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 148
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 22.6.2012 1:40:25 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 22.6.2012 1:40:25 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 22.6.2012 1:40:25 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 22.6.2012 1:40:25 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 22.6.2012 1:40:25 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 22.6.2012 1:40:25 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 22.6.2012 1:40:25 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 22.6.2012 1:40:25 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 22.6.2012 14:46:34 | Computer Name = Uživatel-PC | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 22.6.2012 15:52:35 | Computer Name = Uživatel-PC | Source = WMPNetworkSvc | ID = 866333
Description =


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (XDva398) -- C:\Windows\system32\XDva398.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (MpKsl841a3bb1) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6BE85108-25B0-45ED-BD2B-627A808A9FB5}\MpKsl841a3bb1.sys File not found
DRV - (MpKsl83ae2a61) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6BE85108-25B0-45ED-BD2B-627A808A9FB5}\MpKsl83ae2a61.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\UIVATE~1\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (au2yfmne) -- File not found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
[2012.05.08 21:56:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Extensions
[2012.05.30 18:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\dcj8k8ud.default\extensions
[2012.05.08 21:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2012.07.23 21:01:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2012.07.24 20:21:16 | 000,644,250 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.24 20:21:16 | 000,633,804 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.24 20:21:16 | 000,136,872 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.24 20:21:16 | 000,119,330 | ---- | M] () -- C:\Windows\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Users\Uživatel\AppData\Local\{955CFD35-A04E-49DB-8193-D4A0A35C50ED}
C:\Users\Uživatel\AppData\Local\{5DF33A7F-627F-4C58-BE53-0A8B80C0F5D0}
C:\Users\Uživatel\Desktop\RK_Quarantine
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe
C:\Windows\NIRCMD.exe
C:\Qoobox
C:\Users\Uživatel\Desktop\ComboFix.exe
C:\Users\Uživatel\Desktop\TFC.exe
C:\Users\Uživatel\AppData\Local\{3EE1ABFC-2431-4041-A7AE-5689F5B1222E}
C:\Users\Uživatel\AppData\Local\{49A35902-F297-4AAC-9B52-B33DAD627EB7}
C:\Users\Uživatel\AppData\Local\{4D720026-0B02-45A1-A1AA-94F80F36F315}
C:\Users\Uživatel\AppData\Local\{883AB47C-2EDF-45BF-A748-D448E64FAB1E}
C:\Users\Uživatel\AppData\Local\{3733905C-2EEC-47E2-9D81-A22BA596488F}
C:\Users\Uživatel\AppData\Local\{71E8679B-4FFB-43CE-AA22-825B80C3DDF0}
C:\Users\Uživatel\AppData\Local\{CEA5CC87-466D-46CB-B54F-35BD134F68D0}
C:\Users\Uživatel\AppData\Local\{E0DAAEBD-89DC-4EE5-88FF-8CD135ED5242}
C:\Users\Uživatel\Desktop\TDSSKiller.exe
C:\Users\Uživatel\AppData\Local\{80515EAF-CF8B-4AF4-B12E-CFDB3F6365F0}
C:\Users\Uživatel\AppData\Local\{04F70C9B-0F63-4F92-81C9-177F2DBB2042}
C:\Users\Uživatel\AppData\Local\{FF1267F8-6281-4B90-B471-5E7458F65B04}
C:\Users\Uživatel\AppData\Local\{3C876C22-C389-49EE-9675-1E271D038A03}
C:\Users\Uživatel\AppData\Local\{00AF698B-7C5F-44E2-917C-2F9CA8DCD91A}
C:\Users\Uživatel\AppData\Local\{33CE4350-C4C5-4860-874A-B1E345F95EE4}
C:\Users\Uživatel\AppData\Local\{D5C8A00B-6B6A-4180-8826-B1ADC6E19E1E}
C:\Users\Uživatel\AppData\Local\{1DB6DFB0-2CAE-4E67-A99C-D4EEE1F6F873}
C:\Users\Uživatel\AppData\Local\{356AED55-EC0C-4356-8876-4E68DFC96274}
C:\Users\Uživatel\AppData\Local\{4A66747A-9AB4-4EAA-9250-EF2CE1A96BC4}
C:\Users\Uživatel\AppData\Local\{D8B281F2-F539-44DE-BA5E-473388CE2ABB}
C:\Users\Uživatel\AppData\Local\{CE078F0D-07B9-4CE3-BCDD-5CC22E65B486}
C:\Users\Uživatel\AppData\Local\{20E695D3-5927-4A05-BE6F-B5B8D0EE0944}
C:\Users\Uživatel\AppData\Local\{14E1C6DC-D9EE-4500-9641-2DD5FE73B770}
C:\Users\Uživatel\AppData\Local\{68BD74F6-1533-45C4-8B36-8719A9975CCA}
C:\Users\Uživatel\AppData\Local\{78A5B2EB-A245-4308-9627-0D16F11E6CD5}
C:\Users\Uživatel\AppData\Local\{EA57450B-D409-466E-9A6A-A3A0DDF5B779}
C:\Users\Uživatel\AppData\Local\{372B1C36-2403-4E2A-AFE5-142CCC8B0617}
C:\Users\Uživatel\AppData\Local\{AE479568-E9B0-4AA2-A181-139BE7EFAECE}
C:\Users\Uživatel\AppData\Local\{F4EC198E-6DD1-430A-BAA0-B597ED453F2F}
C:\Users\Uživatel\AppData\Local\{F466FE54-97EA-4DE0-8420-C55C43436CF6}
C:\Users\Uživatel\AppData\Local\{21AD1D7B-589B-40F3-995B-C8C2CA4A2013}
C:\Users\Uživatel\AppData\Local\{61BD0DC5-AF31-4C53-82AD-A7CEB37CFC22}
C:\Users\Uživatel\AppData\Local\{629BA10D-953E-4652-9031-502939498540}
C:\Users\Uživatel\AppData\Local\{9508DAD1-A079-4C83-BBF4-A75169B6359F}
C:\Users\Uživatel\AppData\Local\{36027DA0-28E0-4387-BC89-0A5410874DDE}
C:\Users\Uživatel\AppData\Local\{393C4EF8-92CE-4629-956B-CEA00B823C3B}
C:\Users\Uživatel\AppData\Local\{052D4988-F96B-47D4-A0F6-D3B11E025635}
C:\Users\Uživatel\AppData\Local\{49ED8C67-A559-4A7B-ABD3-C787EC448FAF}
C:\Users\Uživatel\AppData\Local\{BF6A360C-79AD-4F8D-99DA-859435206FE3}
C:\Users\Uživatel\AppData\Local\{6C552A2B-64B9-4955-9100-2A8E31D7025B}
C:\Users\Uživatel\AppData\Local\{C96EB99B-9FF5-4A10-B52F-CA21D0737185}
C:\Users\Uživatel\AppData\Local\{D404ED52-D293-47AA-ADE6-7B40B4CDDDC9}
C:\Users\Uživatel\AppData\Local\{2A8289E8-9505-4110-A066-4879099FFDEA}
C:\Users\Uživatel\AppData\Local\{F3D986AA-94BC-4FAF-AFF3-D0FA091CFE57}
C:\Users\Uživatel\AppData\Local\{49F59A3C-3790-4FFE-BAC9-60A177C51B31}
C:\Users\Uživatel\AppData\Local\{B9578744-0DAD-4904-BF22-ABB39D8FEA8E}
C:\Users\Uživatel\AppData\Local\{C3000E3F-0E39-4EE7-B07E-CA7C07089129}
C:\Users\Uživatel\AppData\Local\{B631F201-AD76-4D94-B56E-9241CD80E367}
C:\Users\Uživatel\AppData\Local\{6B7F787A-5C80-4C57-AE78-43E6A499B249}
C:\Users\Uživatel\AppData\Local\{A5D43B00-B24F-4544-8F19-7ABB127C6442}
C:\Users\Uživatel\AppData\Local\{F48E1DD7-F1AF-476E-A767-4BB2B4D0F10F}
C:\Users\Uživatel\AppData\Local\{FF255391-06B8-48B5-8241-0A1E57F37836}
C:\Users\Uživatel\AppData\Local\{CB7564F2-1667-4B9F-B9BD-48927F3263F3}
C:\Users\Uživatel\AppData\Local\{BA4F8268-AEA2-44FF-88C0-056C43628F6B}
C:\Users\Uživatel\AppData\Local\{13A2DC30-F7D4-44A2-A39A-B2D5388D3490}
C:\Users\Uživatel\AppData\Local\{1D3A4B4A-62F4-47FC-B1D7-DB377EC6DF2E}
C:\Users\Uživatel\AppData\Local\{0C49AA8C-0ECD-440A-BD09-3BDFB8873F97}
C:\Users\Uživatel\AppData\Local\{C346D012-0655-4E4A-8D0C-E4C013E8084F}
C:\Users\Uživatel\AppData\Local\{D67DCC18-377E-4DAB-B9B3-A7E9188208B8}
C:\Users\Uživatel\AppData\Local\{4002A769-7ABC-4EE3-9F50-28E5A0FAA5D2}
C:\Users\Uživatel\Desktop\ComboFix.exe
C:\Users\Uživatel\Desktop\TDSSKiller.exe
C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\PEV.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.


C:\Users\Uživatel\Desktop\4632012
C:\Users\Uživatel\Desktop\hovory 234
Znáš ty složky??

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\System32\Wait.exe
C:\Windows\System32\hcwxds.dll
C:\Windows\system32\svchost.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Drive C: | 465,76 Gb Total Space | 36,49 Gb Free Space | 7,83% Space Free | Partition Type: NTFS
Nedostatek místa na systémovém disku!! Něco odinstaluj , smaž. Máš mít pro windows alespoň 15% volného místa