Prosím o kontrolu, pomalý start PC, mrznutí PC

[Makrela]

Zdravím,
na mém ntb strašně dlouho trvá než celý kompletně najede, nejdéle to trvá při identifikaci připojení k internetu(to je asi 5 minut). Když však začnu používat PC ještě než všechno kompletně najede tak pak mi komp zamrzá. Zmáčknu klávesnici, a cca 5 sekund trvá než se provede akce.

Děkuju

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:15, on 12.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mobbcore bControl_1_0_809\bControlAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Pastorkov\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pastorkov\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pastorkov\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pastorkov\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pastorkov\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pastorkov\Desktop\fast\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [S-Bar] %PROGRAMFILES%\S-Bar\S-Bar.exe
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BControl_1_0_809] C:\Program Files (x86)\Mobbcore bControl_1_0_809\BControlAgent.exe /hide
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pastorkov\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GarenaMessenger] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -silentrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 11 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.11.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\S-Bar\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13129 bytes

[memphisto]

Odinstaluj Garenu jestli nepoužíváš.

v logu fixni:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[Makrela]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.08.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pastorkov :: PASTORKOV-MSI [administrátor]

Ochrana: Povolena

12.8.2012 22:44:21
mbam-log-2012-08-12 (22-52-08).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 195835
Uplynulý čas: 7 minut, 15 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\Pastorkov\AppData\Local\Temp\install.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Pastorkov\AppData\Local\Temp\$inst\17.tmp (Trojan.Genome) -> Žádná instrukce nebyla provedena.

(konec)

[Žbeky]

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[Makrela]

Psalo mi to, že to má moc znaků, tak jsem to dal takhle:

http://ladis.mzf.cz/TDSS.txt

http://ladis.mzf.cz/ComboFix.txt

[Žbeky]

Dej to sem na víc příspěvků

[Makrela]

TDSS:

12:29:44.0657 5560 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:29:44.0790 5560 ============================================================
12:29:44.0790 5560 Current date / time: 2012/08/13 12:29:44.0790
12:29:44.0790 5560 SystemInfo:
12:29:44.0790 5560
12:29:44.0790 5560 OS Version: 6.1.7601 ServicePack: 1.0
12:29:44.0790 5560 Product type: Workstation
12:29:44.0791 5560 ComputerName: PASTORKOV-MSI
12:29:44.0791 5560 UserName: Pastorkov
12:29:44.0791 5560 Windows directory: C:\windows
12:29:44.0791 5560 System windows directory: C:\windows
12:29:44.0791 5560 Running under WOW64
12:29:44.0791 5560 Processor architecture: Intel x64
12:29:44.0791 5560 Number of processors: 2
12:29:44.0791 5560 Page size: 0x1000
12:29:44.0791 5560 Boot type: Normal boot
12:29:44.0791 5560 ============================================================
12:29:46.0732 5560 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:29:46.0744 5560 ============================================================
12:29:46.0744 5560 \Device\Harddisk0\DR0:
12:29:46.0745 5560 MBR partitions:
12:29:46.0745 5560 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x172D000, BlocksNum 0x22100166
12:29:46.0745 5560 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2382D166, BlocksNum 0x16B586CA
12:29:46.0745 5560 ============================================================
12:29:46.0848 5560 C: <-> \Device\Harddisk0\DR0\Partition0
12:29:46.0985 5560 D: <-> \Device\Harddisk0\DR0\Partition1
12:29:46.0985 5560 ============================================================
12:29:46.0986 5560 Initialize success
12:29:46.0986 5560 ============================================================
12:30:06.0623 5216 ============================================================
12:30:06.0623 5216 Scan started
12:30:06.0623 5216 Mode: Manual;
12:30:06.0623 5216 ============================================================
12:30:08.0647 5216 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
12:30:08.0656 5216 1394ohci - ok
12:30:08.0875 5216 ABBYY.Licensing.FineReader.Corporate.11.0 (8912b38e7906bde9999e4bbdc4e65bdc) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
12:30:08.0907 5216 ABBYY.Licensing.FineReader.Corporate.11.0 - ok
12:30:08.0973 5216 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
12:30:08.0979 5216 ACPI - ok
12:30:09.0014 5216 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
12:30:09.0016 5216 AcpiPmi - ok
12:30:09.0335 5216 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
12:30:09.0370 5216 adp94xx - ok
12:30:09.0543 5216 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
12:30:09.0576 5216 adpahci - ok
12:30:09.0638 5216 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
12:30:09.0643 5216 adpu320 - ok
12:30:09.0700 5216 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
12:30:09.0702 5216 AeLookupSvc - ok
12:30:09.0813 5216 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
12:30:09.0868 5216 AFD - ok
12:30:09.0938 5216 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
12:30:09.0943 5216 agp440 - ok
12:30:10.0119 5216 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
12:30:10.0125 5216 ALG - ok
12:30:10.0169 5216 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
12:30:10.0172 5216 aliide - ok
12:30:10.0248 5216 AMD External Events Utility (02cd198502bbc03d47b386ee0fb27f8d) C:\windows\system32\atiesrxx.exe
12:30:10.0255 5216 AMD External Events Utility - ok
12:30:10.0385 5216 AMD FUEL Service - ok
12:30:10.0435 5216 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
12:30:10.0437 5216 amdide - ok
12:30:10.0466 5216 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\windows\system32\drivers\amdiox64.sys
12:30:10.0468 5216 amdiox64 - ok
12:30:10.0488 5216 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
12:30:10.0491 5216 AmdK8 - ok
12:30:11.0442 5216 amdkmdag (37a897969b0082dbbba7604a2149e7ed) C:\windows\system32\DRIVERS\atikmdag.sys
12:30:11.0660 5216 amdkmdag - ok
12:30:12.0752 5216 amdkmdap (bd9dc4508a27ca893527a5f42cf9570f) C:\windows\system32\DRIVERS\atikmpag.sys
12:30:12.0759 5216 amdkmdap - ok
12:30:12.0821 5216 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
12:30:12.0824 5216 AmdPPM - ok
12:30:12.0848 5216 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
12:30:12.0853 5216 amdsata - ok
12:30:12.0883 5216 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
12:30:12.0893 5216 amdsbs - ok
12:30:12.0907 5216 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
12:30:12.0910 5216 amdxata - ok
12:30:12.0930 5216 amd_sata (f9d46b6b322708bd5afcc8767ebdc901) C:\windows\system32\drivers\amd_sata.sys
12:30:12.0932 5216 amd_sata - ok
12:30:12.0941 5216 amd_xata (329cc9c7e20deebcd4cd10816193ef14) C:\windows\system32\drivers\amd_xata.sys
12:30:12.0943 5216 amd_xata - ok
12:30:13.0001 5216 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
12:30:13.0004 5216 AppID - ok
12:30:13.0051 5216 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
12:30:13.0054 5216 AppIDSvc - ok
12:30:13.0065 5216 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
12:30:13.0068 5216 Appinfo - ok
12:30:13.0127 5216 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
12:30:13.0132 5216 arc - ok
12:30:13.0147 5216 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
12:30:13.0154 5216 arcsas - ok
12:30:13.0222 5216 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\windows\system32\drivers\aswFsBlk.sys
12:30:13.0224 5216 aswFsBlk - ok
12:30:13.0294 5216 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\windows\system32\drivers\aswMonFlt.sys
12:30:13.0297 5216 aswMonFlt - ok
12:30:13.0350 5216 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\windows\System32\Drivers\aswrdr2.sys
12:30:13.0353 5216 aswRdr - ok
12:30:13.0489 5216 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\windows\system32\drivers\aswSnx.sys
12:30:13.0506 5216 aswSnx - ok
12:30:13.0560 5216 aswSP (3610ca74a69e380424f0452dec5c1317) C:\windows\system32\drivers\aswSP.sys
12:30:13.0569 5216 aswSP - ok
12:30:13.0586 5216 aswTdi (87de3e31cb0091d22351349869324065) C:\windows\system32\drivers\aswTdi.sys
12:30:13.0589 5216 aswTdi - ok
12:30:13.0636 5216 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
12:30:13.0639 5216 AsyncMac - ok
12:30:13.0667 5216 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
12:30:13.0669 5216 atapi - ok
12:30:13.0793 5216 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
12:30:13.0832 5216 athr - ok
12:30:14.0208 5216 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\windows\system32\drivers\AtihdW76.sys
12:30:14.0218 5216 AtiHDAudioService - ok
12:30:14.0315 5216 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
12:30:14.0349 5216 AudioEndpointBuilder - ok
12:30:14.0370 5216 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
12:30:14.0378 5216 AudioSrv - ok
12:30:14.0535 5216 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:30:14.0538 5216 avast! Antivirus - ok
12:30:14.0590 5216 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
12:30:14.0594 5216 AxInstSV - ok
12:30:14.0687 5216 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
12:30:14.0716 5216 b06bdrv - ok
12:30:14.0790 5216 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
12:30:14.0808 5216 b57nd60a - ok
12:30:15.0379 5216 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
12:30:15.0404 5216 BBSvc - ok
12:30:15.0491 5216 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
12:30:15.0496 5216 BDESVC - ok
12:30:15.0537 5216 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
12:30:15.0540 5216 Beep - ok
12:30:15.0861 5216 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
12:30:15.0900 5216 BFE - ok
12:30:16.0105 5216 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
12:30:16.0141 5216 BITS - ok
12:30:16.0475 5216 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\drivers\blbdrive.sys
12:30:16.0479 5216 blbdrive - ok
12:30:16.0544 5216 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
12:30:16.0548 5216 bowser - ok
12:30:16.0558 5216 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
12:30:16.0562 5216 BrFiltLo - ok
12:30:16.0572 5216 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
12:30:16.0575 5216 BrFiltUp - ok
12:30:16.0729 5216 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
12:30:16.0733 5216 Browser - ok
12:30:16.0862 5216 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
12:30:16.0874 5216 Brserid - ok
12:30:16.0890 5216 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
12:30:16.0918 5216 BrSerWdm - ok
12:30:16.0927 5216 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
12:30:16.0940 5216 BrUsbMdm - ok
12:30:16.0947 5216 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
12:30:16.0963 5216 BrUsbSer - ok
12:30:16.0975 5216 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
12:30:16.0987 5216 BTHMODEM - ok
12:30:17.0195 5216 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
12:30:17.0202 5216 bthserv - ok
12:30:17.0239 5216 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
12:30:17.0243 5216 cdfs - ok
12:30:17.0276 5216 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
12:30:17.0280 5216 cdrom - ok
12:30:17.0509 5216 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
12:30:17.0515 5216 CertPropSvc - ok
12:30:17.0564 5216 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
12:30:17.0567 5216 circlass - ok
12:30:17.0652 5216 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
12:30:17.0663 5216 CLFS - ok
12:30:17.0993 5216 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:30:18.0020 5216 clr_optimization_v2.0.50727_32 - ok
12:30:18.0254 5216 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:30:18.0261 5216 clr_optimization_v2.0.50727_64 - ok
12:30:18.0520 5216 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:30:18.0549 5216 clr_optimization_v4.0.30319_32 - ok
12:30:18.0794 5216 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:30:18.0810 5216 clr_optimization_v4.0.30319_64 - ok
12:30:18.0864 5216 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\drivers\CmBatt.sys
12:30:18.0867 5216 CmBatt - ok
12:30:18.0879 5216 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
12:30:18.0883 5216 cmdide - ok
12:30:19.0047 5216 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
12:30:19.0080 5216 CNG - ok
12:30:19.0154 5216 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
12:30:19.0157 5216 Compbatt - ok
12:30:19.0178 5216 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
12:30:19.0181 5216 CompositeBus - ok
12:30:19.0200 5216 COMSysApp - ok
12:30:19.0221 5216 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
12:30:19.0225 5216 crcdisk - ok
12:30:19.0439 5216 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
12:30:19.0464 5216 CryptSvc - ok
12:30:19.0564 5216 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
12:30:19.0587 5216 DcomLaunch - ok
12:30:19.0648 5216 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
12:30:19.0690 5216 defragsvc - ok
12:30:19.0721 5216 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
12:30:19.0725 5216 DfsC - ok
12:30:19.0876 5216 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
12:30:19.0889 5216 Dhcp - ok
12:30:19.0939 5216 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
12:30:19.0941 5216 discache - ok
12:30:19.0972 5216 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
12:30:19.0975 5216 Disk - ok
12:30:20.0019 5216 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
12:30:20.0025 5216 Dnscache - ok
12:30:20.0057 5216 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
12:30:20.0077 5216 dot3svc - ok
12:30:20.0101 5216 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
12:30:20.0113 5216 DPS - ok
12:30:20.0164 5216 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
12:30:20.0168 5216 drmkaud - ok
12:30:20.0335 5216 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\windows\system32\DRIVERS\dtsoftbus01.sys
12:30:20.0341 5216 dtsoftbus01 - ok
12:30:20.0545 5216 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
12:30:20.0557 5216 DXGKrnl - ok
12:30:20.0659 5216 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
12:30:20.0667 5216 EapHost - ok
12:30:21.0090 5216 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
12:30:21.0234 5216 ebdrv - ok
12:30:21.0597 5216 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
12:30:21.0607 5216 EFS - ok
12:30:21.0886 5216 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
12:30:21.0924 5216 ehRecvr - ok
12:30:21.0967 5216 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
12:30:21.0971 5216 ehSched - ok
12:30:22.0337 5216 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
12:30:22.0370 5216 elxstor - ok
12:30:22.0409 5216 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
12:30:22.0420 5216 ErrDev - ok
12:30:22.0598 5216 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
12:30:22.0623 5216 EventSystem - ok
12:30:22.0681 5216 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
12:30:22.0715 5216 exfat - ok
12:30:22.0845 5216 Fabs - ok
12:30:22.0888 5216 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
12:30:22.0895 5216 fastfat - ok
12:30:23.0033 5216 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
12:30:23.0064 5216 Fax - ok
12:30:23.0109 5216 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
12:30:23.0113 5216 fdc - ok
12:30:23.0167 5216 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
12:30:23.0171 5216 fdPHost - ok
12:30:23.0180 5216 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
12:30:23.0187 5216 FDResPub - ok
12:30:23.0233 5216 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
12:30:23.0237 5216 FileInfo - ok
12:30:23.0253 5216 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
12:30:23.0255 5216 Filetrace - ok
12:30:23.0874 5216 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
12:30:24.0015 5216 FirebirdServerMAGIXInstance - ok
12:30:24.0859 5216 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
12:30:24.0863 5216 flpydisk - ok
12:30:24.0937 5216 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
12:30:24.0948 5216 FltMgr - ok
12:30:25.0288 5216 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
12:30:25.0347 5216 FontCache - ok
12:30:25.0489 5216 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:30:25.0493 5216 FontCache3.0.0.0 - ok
12:30:25.0888 5216 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
12:30:25.0892 5216 FsDepends - ok
12:30:25.0915 5216 fspad_win764 (6d40aa5a82b87d1a0de96c3a297bc183) C:\windows\system32\drivers\fspad_win764.sys
12:30:25.0920 5216 fspad_win764 - ok
12:30:25.0955 5216 fspad_xp64 (6d40aa5a82b87d1a0de96c3a297bc183) C:\windows\system32\drivers\fspad_xp64.sys
12:30:25.0960 5216 fspad_xp64 - ok
12:30:26.0019 5216 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
12:30:26.0021 5216 Fs_Rec - ok
12:30:26.0226 5216 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
12:30:26.0237 5216 fvevol - ok
12:30:26.0271 5216 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
12:30:26.0274 5216 gagp30kx - ok
12:30:26.0461 5216 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
12:30:26.0509 5216 gpsvc - ok
12:30:26.0558 5216 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\windows\system32\DRIVERS\hamachi.sys
12:30:26.0561 5216 hamachi - ok
12:30:27.0084 5216 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:30:27.0262 5216 Hamachi2Svc - ok
12:30:28.0190 5216 hcmon (adb4348da1345877b04e22203afc8993) C:\windows\system32\drivers\hcmon.sys
12:30:28.0193 5216 hcmon - ok
12:30:28.0228 5216 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
12:30:28.0231 5216 hcw85cir - ok
12:30:28.0279 5216 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
12:30:28.0297 5216 HdAudAddService - ok
12:30:28.0330 5216 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
12:30:28.0333 5216 HDAudBus - ok
12:30:28.0349 5216 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
12:30:28.0351 5216 HidBatt - ok
12:30:28.0372 5216 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
12:30:28.0377 5216 HidBth - ok
12:30:28.0387 5216 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
12:30:28.0390 5216 HidIr - ok
12:30:28.0413 5216 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
12:30:28.0418 5216 hidserv - ok
12:30:28.0446 5216 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
12:30:28.0448 5216 HidUsb - ok
12:30:28.0484 5216 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
12:30:28.0491 5216 hkmsvc - ok
12:30:28.0587 5216 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
12:30:28.0602 5216 HomeGroupListener - ok
12:30:28.0649 5216 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
12:30:28.0683 5216 HomeGroupProvider - ok
12:30:28.0811 5216 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
12:30:28.0816 5216 HpSAMD - ok
12:30:28.0907 5216 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
12:30:28.0925 5216 HTTP - ok
12:30:28.0962 5216 Huawei - ok
12:30:29.0041 5216 hwdatacard - ok
12:30:29.0069 5216 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
12:30:29.0071 5216 hwpolicy - ok
12:30:29.0167 5216 hwusbdev (b45b3647ba32749b94fa689175ec8c26) C:\windows\system32\DRIVERS\ewusbdev.sys
12:30:29.0171 5216 hwusbdev - ok
12:30:29.0272 5216 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
12:30:29.0295 5216 i8042prt - ok
12:30:29.0397 5216 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
12:30:29.0410 5216 iaStorV - ok
12:30:29.0633 5216 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:30:29.0671 5216 idsvc - ok
12:30:29.0719 5216 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
12:30:29.0724 5216 iirsp - ok
12:30:29.0976 5216 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
12:30:30.0010 5216 IKEEXT - ok
12:30:30.0529 5216 IntcAzAudAddService (a9853214cc97796579d75b1f59c51dcd) C:\windows\system32\drivers\RTKVHD64.sys
12:30:30.0573 5216 IntcAzAudAddService - ok
12:30:31.0718 5216 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
12:30:31.0722 5216 intelide - ok
12:30:31.0771 5216 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\drivers\intelppm.sys
12:30:31.0776 5216 intelppm - ok
12:30:31.0976 5216 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
12:30:31.0989 5216 IPBusEnum - ok
12:30:32.0078 5216 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
12:30:32.0083 5216 IpFilterDriver - ok
12:30:32.0174 5216 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
12:30:32.0192 5216 iphlpsvc - ok
12:30:32.0279 5216 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
12:30:32.0314 5216 IPMIDRV - ok
12:30:32.0460 5216 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
12:30:32.0464 5216 IPNAT - ok
12:30:32.0493 5216 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
12:30:32.0496 5216 IRENUM - ok
12:30:32.0506 5216 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
12:30:32.0508 5216 isapnp - ok
12:30:32.0556 5216 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
12:30:32.0599 5216 iScsiPrt - ok
12:30:32.0621 5216 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
12:30:32.0624 5216 kbdclass - ok
12:30:32.0664 5216 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
12:30:32.0669 5216 kbdhid - ok
12:30:32.0698 5216 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:30:32.0705 5216 KeyIso - ok
12:30:32.0786 5216 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
12:30:32.0789 5216 KSecDD - ok
12:30:32.0904 5216 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
12:30:32.0910 5216 KSecPkg - ok
12:30:32.0974 5216 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
12:30:32.0978 5216 ksthunk - ok
12:30:33.0195 5216 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
12:30:33.0221 5216 KtmRm - ok
12:30:33.0322 5216 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
12:30:33.0340 5216 LanmanServer - ok
12:30:33.0395 5216 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
12:30:33.0407 5216 LanmanWorkstation - ok
12:30:33.0444 5216 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
12:30:33.0447 5216 lltdio - ok
12:30:33.0526 5216 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
12:30:33.0537 5216 lltdsvc - ok
12:30:33.0552 5216 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
12:30:33.0558 5216 lmhosts - ok
12:30:33.0592 5216 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
12:30:33.0596 5216 LSI_FC - ok
12:30:33.0625 5216 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
12:30:33.0629 5216 LSI_SAS - ok
12:30:33.0642 5216 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
12:30:33.0646 5216 LSI_SAS2 - ok
12:30:33.0667 5216 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
12:30:33.0671 5216 LSI_SCSI - ok
12:30:33.0696 5216 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
12:30:33.0700 5216 luafv - ok
12:30:33.0771 5216 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\windows\system32\drivers\mbam.sys
12:30:33.0773 5216 MBAMProtector - ok
12:30:34.0025 5216 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:30:34.0033 5216 MBAMService - ok
12:30:34.0203 5216 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
12:30:34.0210 5216 Mcx2Svc - ok
12:30:34.0366 5216 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
12:30:34.0371 5216 megasas - ok
12:30:34.0580 5216 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
12:30:34.0620 5216 MegaSR - ok
12:30:34.0755 5216 MGHwCtrl - ok
12:30:34.0920 5216 Micro Star SCM (71c6748ee8de938532057ef10b4b7e44) C:\Program Files (x86)\S-Bar\MSIService.exe
12:30:34.0925 5216 Micro Star SCM - ok
12:30:35.0458 5216 Microsoft SharePoint Workspace Audit Service - ok
12:30:35.0506 5216 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
12:30:35.0512 5216 MMCSS - ok
12:30:35.0530 5216 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
12:30:35.0534 5216 Modem - ok
12:30:35.0562 5216 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
12:30:35.0564 5216 monitor - ok
12:30:35.0588 5216 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
12:30:35.0590 5216 mouclass - ok
12:30:35.0623 5216 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
12:30:35.0626 5216 mouhid - ok
12:30:35.0639 5216 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
12:30:35.0644 5216 mountmgr - ok
12:30:35.0662 5216 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
12:30:35.0667 5216 mpio - ok
12:30:35.0770 5216 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
12:30:35.0775 5216 mpsdrv - ok
12:30:36.0542 5216 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
12:30:36.0588 5216 MpsSvc - ok
12:30:36.0617 5216 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
12:30:36.0630 5216 MRxDAV - ok
12:30:36.0661 5216 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
12:30:36.0666 5216 mrxsmb - ok
12:30:36.0871 5216 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
12:30:36.0890 5216 mrxsmb10 - ok
12:30:36.0959 5216 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
12:30:36.0966 5216 mrxsmb20 - ok
12:30:37.0032 5216 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
12:30:37.0037 5216 msahci - ok
12:30:37.0092 5216 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
12:30:37.0122 5216 msdsm - ok
12:30:37.0210 5216 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
12:30:37.0223 5216 MSDTC - ok
12:30:37.0329 5216 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
12:30:37.0333 5216 Msfs - ok
12:30:37.0343 5216 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
12:30:37.0347 5216 mshidkmdf - ok
12:30:37.0790 5216 MSI Foundation Service (87b9daf6d123ec06c19b41d5295441ad) C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
12:30:37.0792 5216 MSI Foundation Service - ok
12:30:37.0893 5216 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
12:30:37.0895 5216 msisadrv - ok
12:30:38.0172 5216 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
12:30:38.0214 5216 MSiSCSI - ok
12:30:38.0226 5216 msiserver - ok
12:30:38.0273 5216 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
12:30:38.0278 5216 MSKSSRV - ok
12:30:38.0289 5216 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
12:30:38.0293 5216 MSPCLOCK - ok
12:30:38.0310 5216 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
12:30:38.0313 5216 MSPQM - ok
12:30:38.0352 5216 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
12:30:38.0359 5216 MsRPC - ok
12:30:38.0381 5216 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
12:30:38.0383 5216 mssmbios - ok
12:30:38.0392 5216 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
12:30:38.0394 5216 MSTEE - ok
12:30:38.0406 5216 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
12:30:38.0409 5216 MTConfig - ok
12:30:38.0435 5216 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
12:30:38.0437 5216 Mup - ok
12:30:38.0576 5216 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
12:30:38.0599 5216 napagent - ok
12:30:38.0689 5216 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
12:30:38.0699 5216 NativeWifiP - ok
12:30:38.0842 5216 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
12:30:38.0865 5216 NDIS - ok
12:30:38.0890 5216 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
12:30:38.0894 5216 NdisCap - ok
12:30:38.0912 5216 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
12:30:38.0916 5216 NdisTapi - ok
12:30:38.0936 5216 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
12:30:38.0940 5216 Ndisuio - ok
12:30:38.0970 5216 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
12:30:38.0975 5216 NdisWan - ok
12:30:38.0988 5216 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
12:30:38.0991 5216 NDProxy - ok
12:30:39.0003 5216 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
12:30:39.0006 5216 NetBIOS - ok
12:30:39.0032 5216 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
12:30:39.0040 5216 NetBT - ok
12:30:39.0076 5216 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:30:39.0082 5216 Netlogon - ok
12:30:39.0147 5216 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
12:30:39.0174 5216 Netman - ok
12:30:39.0221 5216 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
12:30:39.0245 5216 netprofm - ok
12:30:39.0337 5216 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:30:39.0344 5216 NetTcpPortSharing - ok
12:30:39.0414 5216 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
12:30:39.0420 5216 nfrd960 - ok
12:30:39.0550 5216 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
12:30:39.0566 5216 NlaSvc - ok
12:30:39.0581 5216 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
12:30:39.0585 5216 Npfs - ok
12:30:39.0609 5216 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
12:30:39.0616 5216 nsi - ok
12:30:39.0624 5216 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
12:30:39.0627 5216 nsiproxy - ok
12:30:39.0820 5216 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
12:30:39.0888 5216 Ntfs - ok
12:30:40.0585 5216 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
12:30:40.0589 5216 Null - ok
12:30:40.0613 5216 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
12:30:40.0621 5216 nvraid - ok
12:30:40.0637 5216 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
12:30:40.0643 5216 nvstor - ok
12:30:40.0661 5216 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
12:30:40.0665 5216 nv_agp - ok
12:30:40.0828 5216 OberonGameConsoleService (6593c7089da97077c4059643d764ef64) C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
12:30:40.0830 5216 OberonGameConsoleService - ok
12:30:40.0873 5216 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
12:30:40.0876 5216 ohci1394 - ok
12:30:40.0995 5216 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:30:41.0001 5216 ose64 - ok
12:30:41.0749 5216 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:30:41.0926 5216 osppsvc - ok
12:30:42.0493 5216 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
12:30:42.0510 5216 p2pimsvc - ok
12:30:42.0679 5216 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
12:30:42.0694 5216 p2psvc - ok
12:30:43.0021 5216 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
12:30:43.0028 5216 Parport - ok
12:30:43.0090 5216 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
12:30:43.0093 5216 partmgr - ok
12:30:43.0146 5216 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
12:30:43.0157 5216 PcaSvc - ok
12:30:43.0194 5216 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
12:30:43.0199 5216 pci - ok
12:30:43.0208 5216 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
12:30:43.0210 5216 pciide - ok
12:30:43.0237 5216 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
12:30:43.0242 5216 pcmcia - ok
12:30:43.0254 5216 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
12:30:43.0256 5216 pcw - ok
12:30:43.0434 5216 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
12:30:43.0484 5216 PEAUTH - ok
12:30:43.0867 5216 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
12:30:43.0877 5216 PerfHost - ok
12:30:44.0256 5216 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
12:30:44.0318 5216 pla - ok
12:30:44.0411 5216 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
12:30:44.0435 5216 PlugPlay - ok
12:30:44.0465 5216 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
12:30:44.0472 5216 PNRPAutoReg - ok
12:30:44.0501 5216 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
12:30:44.0510 5216 PNRPsvc - ok
12:30:44.0581 5216 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
12:30:44.0612 5216 PolicyAgent - ok
12:30:44.0666 5216 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
12:30:44.0677 5216 Power - ok
12:30:44.0839 5216 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
12:30:44.0853 5216 PptpMiniport - ok
12:30:45.0005 5216 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
12:30:45.0011 5216 Processor - ok
12:30:45.0470 5216 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
12:30:45.0509 5216 ProfSvc - ok
12:30:45.0564 5216 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:30:45.0573 5216 ProtectedStorage - ok
12:30:45.0636 5216 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
12:30:45.0640 5216 Psched - ok
12:30:46.0384 5216 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
12:30:46.0442 5216 ql2300 - ok
12:30:47.0109 5216 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
12:30:47.0114 5216 ql40xx - ok
12:30:47.0193 5216 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
12:30:47.0224 5216 QWAVE - ok
12:30:47.0241 5216 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
12:30:47.0246 5216 QWAVEdrv - ok
12:30:47.0260 5216 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
12:30:47.0264 5216 RasAcd - ok
12:30:47.0316 5216 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
12:30:47.0320 5216 RasAgileVpn - ok
12:30:47.0361 5216 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
12:30:47.0378 5216 RasAuto - ok
12:30:47.0416 5216 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
12:30:47.0423 5216 Rasl2tp - ok
12:30:47.0502 5216 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
12:30:47.0529 5216 RasMan - ok
12:30:47.0559 5216 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
12:30:47.0565 5216 RasPppoe - ok
12:30:47.0583 5216 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
12:30:47.0587 5216 RasSstp - ok
12:30:47.0624 5216 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
12:30:47.0631 5216 rdbss - ok
12:30:47.0641 5216 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
12:30:47.0644 5216 rdpbus - ok
12:30:47.0654 5216 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
12:30:47.0657 5216 RDPCDD - ok
12:30:47.0673 5216 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
12:30:47.0675 5216 RDPENCDD - ok
12:30:47.0691 5216 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
12:30:47.0693 5216 RDPREFMP - ok
12:30:47.0765 5216 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
12:30:47.0773 5216 RDPWD - ok
12:30:47.0817 5216 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
12:30:47.0824 5216 rdyboost - ok
12:30:47.0867 5216 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
12:30:47.0882 5216 RemoteAccess - ok
12:30:47.0947 5216 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
12:30:47.0956 5216 RemoteRegistry - ok
12:30:47.0987 5216 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
12:30:47.0995 5216 RpcEptMapper - ok
12:30:48.0017 5216 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
12:30:48.0023 5216 RpcLocator - ok
12:30:48.0070 5216 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
12:30:48.0082 5216 RpcSs - ok
12:30:48.0122 5216 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
12:30:48.0125 5216 rspndr - ok
12:30:48.0201 5216 RSUSBVSTOR (e54a5586a28d0630a79a68bbab84bfcf) C:\windows\System32\Drivers\RtsUVStor.sys
12:30:48.0217 5216 RSUSBVSTOR - ok
12:30:48.0249 5216 RTHDMIAzAudService (116d03e901246ac7af006121e1e22842) C:\windows\system32\drivers\RtHDMIVX.sys
12:30:48.0254 5216 RTHDMIAzAudService - ok
12:30:48.0330 5216 RTL8167 (fcaf9c2c9eadf8f397c3350760ef500f) C:\windows\system32\DRIVERS\Rt64win7.sys
12:30:48.0336 5216 RTL8167 - ok
12:30:48.0471 5216 RTL8192Ce (09a8ba290db61d2d5c419a06a2e54d20) C:\windows\system32\DRIVERS\rtl8192Ce.sys
12:30:48.0486 5216 RTL8192Ce - ok
12:30:48.0593 5216 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:30:48.0605 5216 SamSs - ok
12:30:48.0708 5216 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
12:30:48.0899 5216 sbp2port - ok
12:30:49.0050 5216 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
12:30:49.0067 5216 SCardSvr - ok
12:30:49.0115 5216 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
12:30:49.0120 5216 scfilter - ok
12:30:49.0626 5216 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
12:30:49.0681 5216 Schedule - ok
12:30:49.0723 5216 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
12:30:49.0728 5216 SCPolicySvc - ok
12:30:49.0843 5216 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
12:30:49.0881 5216 SDRSVC - ok
12:30:50.0303 5216 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
12:30:50.0328 5216 SeaPort - ok
12:30:50.0547 5216 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
12:30:50.0551 5216 secdrv - ok
12:30:50.0586 5216 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
12:30:50.0609 5216 seclogon - ok
12:30:50.0653 5216 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
12:30:50.0671 5216 SENS - ok
12:30:50.0736 5216 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
12:30:50.0758 5216 SensrSvc - ok
12:30:50.0786 5216 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
12:30:50.0790 5216 Serenum - ok
12:30:50.0827 5216 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
12:30:50.0833 5216 Serial - ok
12:30:50.0849 5216 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
12:30:50.0854 5216 sermouse - ok
12:30:50.0978 5216 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
12:30:50.0993 5216 SessionEnv - ok
12:30:51.0021 5216 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
12:30:51.0026 5216 sffdisk - ok
12:30:51.0041 5216 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
12:30:51.0045 5216 sffp_mmc - ok
12:30:51.0061 5216 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
12:30:51.0065 5216 sffp_sd - ok
12:30:51.0073 5216 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
12:30:51.0076 5216 sfloppy - ok
12:30:51.0129 5216 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
12:30:51.0143 5216 SharedAccess - ok
12:30:51.0381 5216 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
12:30:51.0415 5216 ShellHWDetection - ok
12:30:51.0460 5216 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
12:30:51.0466 5216 SiSRaid2 - ok
12:30:51.0484 5216 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
12:30:51.0490 5216 SiSRaid4 - ok
12:30:51.0627 5216 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
12:30:51.0634 5216 SkypeUpdate - ok
12:30:51.0690 5216 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
12:30:51.0696 5216 Smb - ok
12:30:51.0746 5216 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
12:30:51.0761 5216 SNMPTRAP - ok
12:30:51.0779 5216 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
12:30:51.0782 5216 spldr - ok
12:30:51.0917 5216 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
12:30:51.0962 5216 Spooler - ok
12:30:52.0882 5216 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
12:30:53.0028 5216 sppsvc - ok
12:30:53.0645 5216 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
12:30:53.0660 5216 sppuinotify - ok
12:30:54.0127 5216 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
12:30:54.0136 5216 srv - ok
12:30:54.0201 5216 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
12:30:54.0209 5216 srv2 - ok
12:30:54.0232 5216 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
12:30:54.0237 5216 srvnet - ok
12:30:54.0376 5216 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
12:30:54.0387 5216 SSDPSRV - ok
12:30:54.0424 5216 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
12:30:54.0455 5216 SstpSvc - ok
12:30:54.0486 5216 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
12:30:54.0490 5216 stexstor - ok
12:30:54.0593 5216 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
12:30:54.0618 5216 stisvc - ok
12:30:54.0689 5216 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
12:30:54.0692 5216 swenum - ok
12:30:54.0938 5216 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:30:54.0949 5216 SwitchBoard - ok
12:30:55.0029 5216 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
12:30:55.0071 5216 swprv - ok
12:30:55.0807 5216 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
12:30:55.0900 5216 SysMain - ok
12:30:56.0723 5216 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
12:30:56.0742 5216 TabletInputService - ok
12:30:56.0893 5216 tap0901 (f0b9d3ed88e56d3cd713dff21e42aaf0) C:\windows\system32\DRIVERS\tap0901.sys
12:30:56.0898 5216 tap0901 - ok
12:30:56.0960 5216 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
12:30:56.0981 5216 TapiSrv - ok
12:30:57.0010 5216 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
12:30:57.0025 5216 TBS - ok
12:30:58.0240 5216 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
12:30:58.0336 5216 Tcpip - ok
12:30:59.0184 5216 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
12:30:59.0217 5216 TCPIP6 - ok
12:31:00.0096 5216 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
12:31:00.0100 5216 tcpipreg - ok
12:31:00.0151 5216 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
12:31:00.0156 5216 TDPIPE - ok
12:31:00.0204 5216 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
12:31:00.0209 5216 TDTCP - ok
12:31:00.0243 5216 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
12:31:00.0251 5216 tdx - ok
12:31:01.0138 5216 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
12:31:01.0177 5216 TeamViewer7 - ok
12:31:02.0070 5216 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
12:31:02.0076 5216 TermDD - ok
12:31:02.0400 5216 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
12:31:02.0450 5216 TermService - ok
12:31:02.0479 5216 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
12:31:02.0487 5216 Themes - ok
12:31:02.0528 5216 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
12:31:02.0534 5216 THREADORDER - ok
12:31:02.0577 5216 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
12:31:02.0615 5216 TrkWks - ok
12:31:02.0774 5216 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
12:31:02.0780 5216 TrustedInstaller - ok
12:31:02.0825 5216 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
12:31:02.0831 5216 tssecsrv - ok
12:31:02.0924 5216 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
12:31:02.0929 5216 TsUsbFlt - ok
12:31:02.0943 5216 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
12:31:02.0947 5216 TsUsbGD - ok
12:31:02.0986 5216 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
12:31:02.0990 5216 tunnel - ok
12:31:03.0003 5216 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
12:31:03.0007 5216 uagp35 - ok
12:31:03.0085 5216 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
12:31:03.0118 5216 udfs - ok
12:31:03.0163 5216 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
12:31:03.0172 5216 UI0Detect - ok
12:31:03.0191 5216 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
12:31:03.0195 5216 uliagpkx - ok
12:31:03.0221 5216 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
12:31:03.0224 5216 umbus - ok
12:31:03.0233 5216 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
12:31:03.0237 5216 UmPass - ok
12:31:03.0308 5216 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
12:31:03.0330 5216 upnphost - ok
12:31:03.0351 5216 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
12:31:03.0357 5216 usbccgp - ok
12:31:03.0380 5216 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
12:31:03.0385 5216 usbcir - ok
12:31:03.0397 5216 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
12:31:03.0401 5216 usbehci - ok
12:31:03.0424 5216 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\windows\system32\DRIVERS\usbfilter.sys
12:31:03.0428 5216 usbfilter - ok
12:31:03.0483 5216 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\drivers\usbhub.sys
12:31:03.0508 5216 usbhub - ok
12:31:03.0520 5216 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
12:31:03.0523 5216 usbohci - ok
12:31:03.0542 5216 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
12:31:03.0546 5216 usbprint - ok
12:31:03.0561 5216 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
12:31:03.0567 5216 USBSTOR - ok
12:31:03.0578 5216 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
12:31:03.0582 5216 usbuhci - ok
12:31:03.0739 5216 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
12:31:03.0747 5216 usbvideo - ok
12:31:03.0819 5216 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
12:31:03.0834 5216 UxSms - ok
12:31:03.0876 5216 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:31:03.0881 5216 VaultSvc - ok
12:31:03.0920 5216 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
12:31:03.0924 5216 vdrvroot - ok
12:31:03.0997 5216 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
12:31:04.0015 5216 vds - ok
12:31:04.0043 5216 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
12:31:04.0046 5216 vga - ok
12:31:04.0057 5216 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
12:31:04.0061 5216 VgaSave - ok
12:31:04.0086 5216 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
12:31:04.0091 5216 vhdmp - ok
12:31:04.0101 5216 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
12:31:04.0104 5216 viaide - ok
12:31:04.0535 5216 VMAuthdService (16073f2bc424558ebd277a15188d329e) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
12:31:04.0539 5216 VMAuthdService - ok
12:31:04.0565 5216 vmci - ok
12:31:04.0606 5216 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\windows\system32\DRIVERS\vmnetadapter.sys
12:31:04.0610 5216 VMnetAdapter - ok
12:31:04.0673 5216 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\windows\system32\DRIVERS\vmnetbridge.sys
12:31:04.0676 5216 VMnetBridge - ok
12:31:04.0689 5216 VMnetDHCP - ok
12:31:04.0762 5216 VMnetuserif (6b17d7fad2d61d5a2c2b6d3ea25bdca8) C:\windows\system32\drivers\vmnetuserif.sys
12:31:04.0766 5216 VMnetuserif - ok
12:31:05.0039 5216 VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

[Makrela]

12:31:05.0056 5216 VMUSBArbService - ok
12:31:05.0105 5216 VMware NAT Service - ok
12:31:09.0842 5216 VMwareHostd (d580c4edc87a6ac6c2e0607ccfa685f4) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
12:31:10.0146 5216 VMwareHostd - ok
12:31:10.0869 5216 vmx86 (e2a591ecc4525eb0b05c65a9b24cf05e) C:\windows\system32\drivers\vmx86.sys
12:31:10.0874 5216 vmx86 - ok
12:31:11.0030 5216 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
12:31:11.0036 5216 volmgr - ok
12:31:11.0227 5216 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
12:31:11.0239 5216 volmgrx - ok
12:31:11.0271 5216 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
12:31:11.0277 5216 volsnap - ok
12:31:11.0315 5216 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
12:31:11.0340 5216 vsmraid - ok
12:31:11.0888 5216 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
12:31:11.0968 5216 VSS - ok
12:31:12.0644 5216 vstor2-mntapi10-shared (6107e33a30c0b923f31c872e1980d2d1) C:\windows\syswow64\drivers\vstor2-mntapi10-shared.sys
12:31:12.0648 5216 vstor2-mntapi10-shared - ok
12:31:13.0324 5216 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
12:31:13.0328 5216 vwifibus - ok
12:31:13.0363 5216 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
12:31:13.0369 5216 vwififlt - ok
12:31:13.0606 5216 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
12:31:13.0647 5216 W32Time - ok
12:31:13.0785 5216 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
12:31:13.0790 5216 WacomPen - ok
12:31:13.0827 5216 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
12:31:13.0833 5216 WANARP - ok
12:31:13.0856 5216 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
12:31:13.0861 5216 Wanarpv6 - ok
12:31:14.0524 5216 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
12:31:14.0585 5216 WatAdminSvc - ok
12:31:14.0841 5216 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
12:31:14.0919 5216 wbengine - ok
12:31:15.0478 5216 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
12:31:15.0520 5216 WbioSrvc - ok
12:31:15.0578 5216 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
12:31:15.0600 5216 wcncsvc - ok
12:31:15.0651 5216 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
12:31:15.0660 5216 WcsPlugInService - ok
12:31:15.0937 5216 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
12:31:15.0942 5216 Wd - ok
12:31:16.0095 5216 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
12:31:16.0129 5216 Wdf01000 - ok
12:31:16.0404 5216 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
12:31:16.0413 5216 WdiServiceHost - ok
12:31:16.0420 5216 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
12:31:16.0429 5216 WdiSystemHost - ok
12:31:16.0480 5216 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
12:31:16.0498 5216 WebClient - ok
12:31:16.0536 5216 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
12:31:16.0625 5216 Wecsvc - ok
12:31:16.0690 5216 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
12:31:16.0701 5216 wercplsupport - ok
12:31:16.0724 5216 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
12:31:16.0735 5216 WerSvc - ok
12:31:16.0921 5216 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
12:31:16.0923 5216 WfpLwf - ok
12:31:16.0934 5216 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
12:31:16.0940 5216 WIMMount - ok
12:31:17.0058 5216 WinDefend - ok
12:31:17.0086 5216 WinHttpAutoProxySvc - ok
12:31:17.0393 5216 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
12:31:17.0415 5216 Winmgmt - ok
12:31:18.0211 5216 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
12:31:18.0305 5216 WinRM - ok
12:31:19.0178 5216 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
12:31:19.0204 5216 WinUsb - ok
12:31:19.0630 5216 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
12:31:19.0699 5216 Wlansvc - ok
12:31:19.0802 5216 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:31:19.0807 5216 wlcrasvc - ok
12:31:20.0622 5216 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:31:20.0731 5216 wlidsvc - ok
12:31:21.0332 5216 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
12:31:21.0336 5216 WmiAcpi - ok
12:31:21.0580 5216 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
12:31:21.0588 5216 wmiApSrv - ok
12:31:21.0693 5216 WMPNetworkSvc - ok
12:31:21.0751 5216 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
12:31:21.0770 5216 WPCSvc - ok
12:31:21.0789 5216 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
12:31:21.0801 5216 WPDBusEnum - ok
12:31:21.0845 5216 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
12:31:21.0848 5216 ws2ifsl - ok
12:31:21.0880 5216 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
12:31:21.0897 5216 wscsvc - ok
12:31:21.0905 5216 WSearch - ok
12:31:22.0849 5216 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
12:31:22.0977 5216 wuauserv - ok
12:31:23.0837 5216 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
12:31:23.0845 5216 WudfPf - ok
12:31:23.0872 5216 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
12:31:23.0880 5216 WUDFRd - ok
12:31:24.0040 5216 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
12:31:24.0058 5216 wudfsvc - ok
12:31:24.0107 5216 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
12:31:24.0138 5216 WwanSvc - ok
12:31:24.0211 5216 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:31:25.0267 5216 \Device\Harddisk0\DR0 - ok
12:31:25.0429 5216 Boot (0x1200) (297dcae84d5c389e895c3e87b03bd69a) \Device\Harddisk0\DR0\Partition0
12:31:25.0435 5216 \Device\Harddisk0\DR0\Partition0 - ok
12:31:25.0615 5216 Boot (0x1200) (526fe85d000312e66363e7bf9dbe585d) \Device\Harddisk0\DR0\Partition1
12:31:25.0624 5216 \Device\Harddisk0\DR0\Partition1 - ok
12:31:25.0626 5216 ============================================================
12:31:25.0626 5216 Scan finished
12:31:25.0626 5216 ============================================================
12:31:25.0661 5508 Detected object count: 0
12:31:25.0661 5508 Actual detected object count: 0

[Makrela]

A combofix:

ComboFix 12-08-10.02 - Pastorkov 13.08.2012 12:50:07.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3565.2064 [GMT 2:00]
Spuštěný z: c:\users\Pastorkov\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\SysWow64\tmpFAD3.tmp
c:\windows\SysWow64\tmpFBCE.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-13 do 2012-08-13 )))))))))))))))))))))))))))))))
.
.
2012-08-13 11:02 . 2012-08-13 11:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-12 19:51 . 2012-08-12 19:51 -------- d-----w- c:\users\Pastorkov\AppData\Roaming\Malwarebytes
2012-08-12 19:50 . 2012-08-12 19:50 -------- d-----w- c:\programdata\Malwarebytes
2012-08-12 19:50 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-12 19:50 . 2012-08-12 19:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-10 09:59 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7AB1028-91D7-4912-A618-D9CBB191977A}\mpengine.dll
2012-07-24 10:30 . 2011-10-03 21:49 2770944 ----a-w- c:\windows\system32\athrx.sys
2012-07-24 10:29 . 2012-07-24 10:29 -------- d-----w- c:\programdata\Qualcomm Atheros
2012-07-18 13:06 . 2012-08-13 10:36 -------- d-----w- c:\users\Pastorkov\AppData\Local\LogMeIn Hamachi
2012-07-18 13:05 . 2012-07-18 13:05 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-07-18 10:27 . 2012-08-13 08:53 -------- d-----w- c:\users\Pastorkov\AppData\Roaming\.minecraft
2012-07-18 10:01 . 2012-07-18 10:01 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-18 10:00 . 2012-07-18 10:00 -------- d-----w- c:\program files (x86)\Oracle
2012-07-18 09:59 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-18 09:59 . 2012-07-05 20:06 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-18 09:58 . 2012-07-18 09:58 -------- d-----w- c:\program files (x86)\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 06:31 . 2012-04-05 00:09 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 16:21 . 2012-04-04 15:20 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-04-04 15:20 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-04-04 15:20 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-04-04 15:20 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-04-04 15:20 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-04-04 15:20 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-04-04 15:19 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-04-04 15:19 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2012-04-04 15:20 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-12 03:08 . 2012-07-12 06:39 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 21:39 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 21:39 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 21:39 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 21:38 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 21:39 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 21:39 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 21:38 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-21 06:21 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:22 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:22 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:22 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:21 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:22 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:21 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:21 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:21 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-12 06:28 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:41 . 2012-06-02 12:41 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-06-02 12:41 . 2012-06-02 12:41 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2012-06-02 12:41 . 2012-06-02 12:41 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-06-02 12:41 . 2012-06-02 12:41 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-06-02 12:17 . 2012-07-12 06:28 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-12 06:28 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-12 06:28 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-12 06:28 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-12 06:28 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-12 06:28 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-12 06:28 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-12 06:28 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-12 06:28 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-12 06:28 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-12 06:28 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-12 06:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-12 06:28 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-12 06:28 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-12 06:28 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-12 06:28 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-12 06:28 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-12 06:28 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 21:39 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 21:39 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 21:39 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 21:39 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 21:39 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 21:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 21:39 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 21:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 21:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-20 10:32 . 2012-05-20 10:32 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-05-20 08:03 . 2012-05-20 08:03 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-05-20 08:03 . 2012-05-20 08:03 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-27 336384]
"S-Bar"="c:\program files (x86)\S-Bar\S-Bar.exe" [2011-02-25 5206016]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2011-11-13 103536]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"BControl_1_0_809"="c:\program files (x86)\Mobbcore bControl_1_0_809\BControlAgent.exe" [2010-11-13 147456]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Bonus.SSR.FR11"="c:\program files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" [2012-01-19 933640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS PC Sound.lnk - c:\program files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe [2010-12-6 1927528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-11-13 11839488]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys [2011-03-17 67072]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-06 283200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [2011-12-22 818952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-27 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-06-27 365568]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\S-Bar\MSIService.exe [2011-02-25 160768]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-16 12800]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [2010-01-27 44432]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-06-27 9883136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-06-27 307712]
S3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764;c:\windows\system32\drivers\fspad_win764.sys [2011-03-17 67072]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-11 408680]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-12-03 1105000]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001Core.job
- c:\users\Pastorkov\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-04 14:23]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001UA.job
- c:\users\Pastorkov\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-04 14:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-14 11697768]
"AutoKMS"="c:\windows\AutoKMS.exe" [2012-04-05 615936]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://msi.msn.com
mStart Page = hxxp://msi.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Toolbar-Locked - (no file)
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
AddRemove-Minecraft - c:\users\Pastorkov\AppData\Roaming\.minecraft\MC Uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\windows\SysWOW64\vmnetdhcp.exe
.
**************************************************************************
.
Celkový čas: 2012-08-13 13:15:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-13 11:15
.
Před spuštěním: Volných bajtů: 223 954 214 912
Po spuštění: Volných bajtů: 225 828 155 392
.
- - End Of File - - 21692656AF0DEAE262A4B6FBAD697C16

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001Core.job
c:\users\Pastorkov\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001UA.job

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Makrela]

Combofix:

ComboFix 12-08-14.05 - Pastorkov 15.08.2012 14:45:29.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3565.2202 [GMT 2:00]
Spuštěný z: c:\users\Pastorkov\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pastorkov\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Skype\Updater\Updater.exe"
"c:\users\Pastorkov\AppData\Local\Google\Update\GoogleUpdate.exe"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-15 do 2012-08-15 )))))))))))))))))))))))))))))))
.
.
2012-08-15 12:57 . 2012-08-15 12:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-15 12:49 . 2012-08-15 12:49 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D08F8E37-33EA-430B-A620-057A5CECCBE0}\offreg.dll
2012-08-14 08:36 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D08F8E37-33EA-430B-A620-057A5CECCBE0}\mpengine.dll
2012-08-12 19:51 . 2012-08-12 19:51 -------- d-----w- c:\users\Pastorkov\AppData\Roaming\Malwarebytes
2012-08-12 19:50 . 2012-08-12 19:50 -------- d-----w- c:\programdata\Malwarebytes
2012-08-12 19:50 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-12 19:50 . 2012-08-12 19:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-24 10:30 . 2011-10-03 21:49 2770944 ----a-w- c:\windows\system32\athrx.sys
2012-07-24 10:29 . 2012-07-24 10:29 -------- d-----w- c:\programdata\Qualcomm Atheros
2012-07-18 13:06 . 2012-08-15 12:37 -------- d-----w- c:\users\Pastorkov\AppData\Local\LogMeIn Hamachi
2012-07-18 13:05 . 2012-07-18 13:05 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-07-18 10:27 . 2012-08-15 11:01 -------- d-----w- c:\users\Pastorkov\AppData\Roaming\.minecraft
2012-07-18 10:01 . 2012-07-18 10:01 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-18 10:00 . 2012-07-18 10:00 -------- d-----w- c:\program files (x86)\Oracle
2012-07-18 09:59 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-18 09:59 . 2012-07-05 20:06 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-18 09:58 . 2012-07-18 09:58 -------- d-----w- c:\program files (x86)\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 06:31 . 2012-04-05 00:09 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 16:21 . 2012-04-04 15:20 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-04-04 15:20 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-04-04 15:20 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-04-04 15:20 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-04-04 15:20 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-04-04 15:20 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-04-04 15:19 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-04-04 15:19 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2012-04-04 15:20 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-12 03:08 . 2012-07-12 06:39 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 21:39 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 21:39 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 21:39 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 21:38 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 21:39 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 21:39 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 21:38 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-21 06:21 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:22 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:22 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:22 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:21 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:22 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:21 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:21 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:21 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-12 06:28 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:41 . 2012-06-02 12:41 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-06-02 12:41 . 2012-06-02 12:41 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2012-06-02 12:41 . 2012-06-02 12:41 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-06-02 12:41 . 2012-06-02 12:41 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-06-02 12:17 . 2012-07-12 06:28 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-12 06:28 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-12 06:28 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-12 06:28 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-12 06:28 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-12 06:28 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-12 06:28 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-12 06:28 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-12 06:28 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-12 06:28 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-12 06:28 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-12 06:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-12 06:28 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-12 06:28 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-12 06:28 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-12 06:28 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-12 06:28 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-12 06:28 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 21:39 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 21:39 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 21:39 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 21:39 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 21:39 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 21:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 21:39 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 21:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 21:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-20 10:32 . 2012-05-20 10:32 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-05-20 08:03 . 2012-05-20 08:03 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-05-20 08:03 . 2012-05-20 08:03 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-13_11.07.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-08-13 11:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-15 13:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-08-13 11:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-15 13:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-13 11:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-15 13:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-21 03:09 . 2012-08-14 17:27 45692 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2012-04-05 16:45 . 2012-08-15 12:58 11066 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-04-05 16:45 . 2012-08-09 13:26 11066 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2009-07-14 05:10 . 2012-08-15 13:01 53936 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-04-04 12:49 . 2012-08-15 13:01 10144 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-822336958-359810633-1448332817-1001_UserData.bin
- 2012-04-04 12:50 . 2012-07-12 11:54 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-04-04 12:50 . 2012-08-15 08:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-04-04 12:50 . 2012-07-12 11:54 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-04-04 12:50 . 2012-08-15 08:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-12 11:54 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-15 08:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-08-13 11:04 . 2012-08-13 11:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-15 12:58 . 2012-08-15 12:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-15 12:58 . 2012-08-15 12:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-13 11:04 . 2012-08-13 11:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-04 13:57 . 2012-08-15 09:51 279960 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-08-19 03:24 . 2012-08-15 10:59 634864 c:\windows\system32\perfh00E.dat
- 2011-08-19 03:24 . 2012-08-12 20:38 634864 c:\windows\system32\perfh00E.dat
- 2009-07-14 02:36 . 2012-08-12 20:38 618692 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-08-15 10:59 618692 c:\windows\system32\perfh009.dat
- 2011-08-19 03:03 . 2012-08-12 20:38 633976 c:\windows\system32\perfh005.dat
+ 2011-08-19 03:03 . 2012-08-15 10:59 633976 c:\windows\system32\perfh005.dat
- 2011-08-19 03:24 . 2012-08-12 20:38 149520 c:\windows\system32\perfc00E.dat
+ 2011-08-19 03:24 . 2012-08-15 10:59 149520 c:\windows\system32\perfc00E.dat
+ 2009-07-14 02:36 . 2012-08-15 10:59 107598 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-08-12 20:38 107598 c:\windows\system32\perfc009.dat
- 2011-08-19 03:03 . 2012-08-12 20:38 123124 c:\windows\system32\perfc005.dat
+ 2011-08-19 03:03 . 2012-08-15 10:59 123124 c:\windows\system32\perfc005.dat
- 2012-06-13 21:45 . 2012-08-13 11:03 569728 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-06-13 21:45 . 2012-08-15 12:58 569728 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-08-13 11:03 502684 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-15 12:58 502684 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-04-04 13:02 . 2012-08-13 11:03 7183028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-822336958-359810633-1448332817-1001-8192.dat
+ 2012-04-04 13:02 . 2012-08-15 12:58 7183028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-822336958-359810633-1448332817-1001-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-27 336384]
"S-Bar"="c:\program files (x86)\S-Bar\S-Bar.exe" [2011-02-25 5206016]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2011-11-13 103536]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"BControl_1_0_809"="c:\program files (x86)\Mobbcore bControl_1_0_809\BControlAgent.exe" [2010-11-13 147456]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Bonus.SSR.FR11"="c:\program files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" [2012-01-19 933640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS PC Sound.lnk - c:\program files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe [2010-12-6 1927528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-11-13 11839488]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys [2011-03-17 67072]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-06 283200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [2011-12-22 818952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-27 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-06-27 365568]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\S-Bar\MSIService.exe [2011-02-25 160768]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-16 12800]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [2010-01-27 44432]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-06-27 9883136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-06-27 307712]
S3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764;c:\windows\system32\drivers\fspad_win764.sys [2011-03-17 67072]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-11 408680]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-12-03 1105000]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001Core.job
- c:\users\Pastorkov\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-04 14:23]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-822336958-359810633-1448332817-1001UA.job
- c:\users\Pastorkov\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-04 14:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-14 11697768]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"AutoKMS"="c:\windows\AutoKMS.exe" [2012-04-05 615936]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"combofix"="c:\combofix\CF28187.3XE" [2010-11-21 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://msi.msn.com
mStart Page = hxxp://msi.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\windows\SysWOW64\vmnetdhcp.exe
.
**************************************************************************
.
Celkový čas: 2012-08-15 15:07:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-15 13:07
ComboFix2.txt 2012-08-13 11:15
.
Před spuštěním: Volných bajtů: 225 968 484 352
Po spuštění: Volných bajtů: 225 360 941 056
.
- - End Of File - - C92286059F7928559A1E7C09D85A10B3

--------------------------------------------------------------------------------

HJT:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:32:22, on 15.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Users\Pastorkov\Desktop\HJT.exe
C:\windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [S-Bar] %PROGRAMFILES%\S-Bar\S-Bar.exe
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BControl_1_0_809] C:\Program Files (x86)\Mobbcore bControl_1_0_809\BControlAgent.exe /hide
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 11 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.11.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\S-Bar\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11160 bytes

-----------------------------------------------------

aswMBR:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-15 15:34:53
-----------------------------
15:34:53.147 OS Version: Windows x64 6.1.7601 Service Pack 1
15:34:53.147 Number of processors: 2 586 0x200
15:34:53.147 ComputerName: PASTORKOV-MSI UserName: Pastorkov
15:34:54.738 Initialize success
15:34:55.409 AVAST engine defs: 12081501
15:35:04.254 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000070
15:35:04.254 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 11
15:35:04.285 Disk 0 MBR read successfully
15:35:04.285 Disk 0 MBR scan
15:35:04.285 Disk 0 Windows 7 default MBR code
15:35:04.301 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 11765 MB offset 2048
15:35:04.317 Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS 100 MB offset 24096768
15:35:04.348 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 279040 MB offset 24301568
15:35:04.379 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 186032 MB offset 595775846
15:35:04.426 Disk 0 scanning C:\windows\system32\drivers
15:35:14.535 Service scanning
15:35:44.783 Modules scanning
15:35:44.799 Disk 0 trace - called modules:
15:35:44.830 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
15:35:44.845 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004be8330]
15:35:44.861 3 CLASSPNP.SYS[fffff88001bcc43f] -> nt!IofCallDriver -> [0xfffffa8004699040]
15:35:44.861 5 amd_xata.sys[fffff880010eca1d] -> nt!IofCallDriver -> \Device\00000070[0xfffffa8004695060]
15:35:45.641 AVAST engine scan C:\windows
15:35:50.337 AVAST engine scan C:\windows\system32
15:38:42.031 AVAST engine scan C:\windows\system32\drivers
15:39:01.967 AVAST engine scan C:\Users\Pastorkov
15:46:46.053 AVAST engine scan C:\ProgramData
15:49:15.392 Scan finished successfully
15:52:52.872 Disk 0 MBR has been saved successfully to "C:\Users\Pastorkov\Desktop\MBR.dat"
15:52:52.887 The log file has been saved successfully to "C:\Users\Pastorkov\Desktop\aswMBR.txt"

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Nainstaluj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Jak to vypadá nyní?