prosím o kontrolu logu - díky Vyřešeno

[Dubák]

Zdravím,
pořídil jsem včera v kamarádově PC log pomocí RSIT. Ten je myslím částečně stejný s HJT. Teď nemám k pc přístup.
Nevadí to příliš? Mrknete se někdo?
Moc dík.

PC se totiž chová divně. Napracují některé součásti win, nejde instalovat nový soft., nepřehrává zvuky atd. atd., je toho víc.


Logfile of random's system information tool 1.09 (written by random/random)
Run by Miloš at 2012-10-04 18:37:58
WIN_7 Service Pack 1
System drive C: has 164 GB (34%) free of 477 GB
Total RAM: 2047 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:38:11, on 4.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Eye 312S\Monitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\explorer.exe
C:\Windows\system32\taskeng.exe
C:\Users\Miloš\Downloads\RSIT.exe
C:\Program Files\trend micro\Miloš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.7\pdfforgeToolbarIE.dll
R3 - URLSearchHook: (no name) - {5786d022-540e-4699-b350-b4be0ae94b79} - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.7\pdfforgeToolbarIE.dll
O2 - BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\MILO~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.7\pdfforgeToolbarIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2146031217-198812667-510708698-1001\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User '?')
O4 - Global Startup: Monitor.lnk = C:\Program Files\Eye 312S\Monitor.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 11581 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Miloš\AppData\Roaming\Mozilla\Firefox\Profiles\9rhuu4uy.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.bearshare.com/web?src=ffb&systemid=2&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
BearShareWebSearch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Miloš\AppData\Roaming\Mozilla\Firefox\Profiles\9rhuu4uy.default\extensions\
2020Player_IKEA@2020Technologies.com
yasearch@yandex.ru
{5786d022-540e-4699-b350-b4be0ae94b79}
{E84D42CA-64EB-11DE-A65F-8C3656D89593}
{ea614400-e918-4741-9a97-7a972ff7c30b}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

C:\Users\Miloš\AppData\Roaming\Mozilla\Firefox\Profiles\9rhuu4uy.default\searchplugins\
askcom.xml
BearShareWebSearch.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-07-04 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\5.7\pdfforgeToolbarIE.dll [2012-05-16 1125256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Vizuální záložky - C:\Program Files\Yandex\YandexBarIE\fastdial.dll [2011-10-13 2697528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}]
Help the General-Search Project - C:\Users\MILO~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL [2012-03-06 431104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-05-25 1145888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_P.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-07-04 798771]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Yandex.Bar - C:\Program Files\Yandex\YandexBarIE\yndbar.dll [2011-10-20 12336440]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\5.7\pdfforgeToolbarIE.dll [2012-05-16 1125256]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_P.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2011-09-08 77824]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-05-16 992648]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-02-10 399736]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Monitor.lnk - C:\Program Files\Eye 312S\Monitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux9"=wdmaud.drv
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-04 18:37:58 ----D---- C:\rsit
2012-10-04 18:37:58 ----D---- C:\Program Files\trend micro
2012-10-04 17:53:44 ----D---- C:\Program Files\xp-AntiSpy
2012-10-04 10:15:30 ----HDC---- C:\ProgramData\{A471C4AE-B27B-4761-9BCF-82FAAAAA2D01}
2012-10-04 10:11:42 ----D---- C:\Program Files\CrystalDiskInfo
2012-10-04 09:53:39 ----D---- C:\Program Files\Combined Community Codec Pack
2012-10-04 09:45:59 ----D---- C:\Program Files\GSpot
2012-10-03 16:30:26 ----D---- C:\Program Files\BS_Player
2012-10-03 14:37:22 ----D---- C:\Program Files\BearShare Applications
2012-10-02 16:15:03 ----D---- C:\Program Files\Black_Box
2012-09-30 18:46:23 ----D---- C:\Users\Miloš\AppData\Roaming\AlawarEntertainment
2012-09-30 18:43:54 ----D---- C:\ProgramData\AlawarWrapper
2012-09-29 17:34:07 ----D---- C:\Program Files\Bohemia Interactive
2012-09-06 21:08:24 ----D---- C:\Users\Miloš\AppData\Roaming\Media Finder
2012-09-05 16:23:59 ----D---- C:\ProgramData\TrackMania

======List of files/folders modified in the last 1 month======

2012-10-04 18:38:10 ----D---- C:\Windows\Prefetch
2012-10-04 18:38:02 ----D---- C:\Windows\Temp
2012-10-04 18:37:58 ----RD---- C:\Program Files
2012-10-04 18:28:03 ----D---- C:\Users\Miloš\AppData\Roaming\Vso
2012-10-04 18:27:59 ----D---- C:\Windows\Panther
2012-10-04 18:27:59 ----D---- C:\Windows\ModemLogs
2012-10-04 18:27:59 ----D---- C:\Windows\inf
2012-10-04 18:27:41 ----D---- C:\Windows\system32\Tasks
2012-10-04 18:27:40 ----D---- C:\Program Files\CCleaner
2012-10-04 18:25:28 ----D---- C:\Users\Miloš\AppData\Roaming\DAEMON Tools Lite
2012-10-04 18:25:27 ----D---- C:\Users\Miloš\AppData\Roaming\uTorrent
2012-10-04 18:25:09 ----D---- C:\Windows\Logs
2012-10-04 18:25:09 ----D---- C:\Windows
2012-10-04 18:23:11 ----AD---- C:\ProgramData\TEMP
2012-10-04 18:03:41 ----D---- C:\Users\Miloš\AppData\Roaming\Skype
2012-10-04 17:50:08 ----D---- C:\Windows\system32\wdi
2012-10-04 10:49:35 ----D---- C:\Windows\Tasks
2012-10-04 10:15:30 ----HD---- C:\ProgramData
2012-10-04 10:06:07 ----D---- C:\Users\Miloš\AppData\Roaming\vlc
2012-10-03 16:31:50 ----D---- C:\Users\Miloš\AppData\Roaming\BSplayer
2012-10-03 16:30:21 ----D---- C:\Windows\System32
2012-10-03 16:11:38 ----D---- C:\Windows\system32\NDF
2012-10-03 16:09:00 ----D---- C:\Windows\system32\catroot2
2012-10-03 14:55:30 ----SHD---- C:\System Volume Information
2012-10-03 14:40:50 ----D---- C:\Users\Miloš\AppData\Roaming\Mozilla
2012-10-03 14:37:38 ----SHD---- C:\Windows\Installer
2012-10-03 09:34:16 ----D---- C:\Windows\system32\config
2012-10-02 16:25:47 ----RD---- C:\Program Files (x86)
2012-09-29 17:42:55 ----RSD---- C:\Windows\assembly
2012-09-22 15:19:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-22 07:41:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-09-18 21:06:46 ----D---- C:\Windows\system32\drivers
2012-09-17 18:13:29 ----D---- C:\Users\Miloš\AppData\Roaming\AVG
2012-09-14 12:57:17 ----SD---- C:\Users\Miloš\AppData\Roaming\Microsoft
2012-09-13 06:15:32 ----D---- C:\ProgramData\Adobe
2012-09-09 09:22:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-09-08 21:36:41 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2011-07-27 20872]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 Pnp680r;Silicon Image SiI 0680 Medley Raid Controller; C:\Windows\system32\DRIVERS\pnp680r.sys [2007-07-19 110120]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-08 239168]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 58680]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 8758784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-28 296448]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 PAC7302;Eye 312; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2011-07-07 32408]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 8758784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 btaudio;Bluetooth Audio Device; C:\Windows\system32\drivers\btaudio.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\Windows\system32\DRIVERS\btport.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 25864]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\Windows\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\Windows\system32\DRIVERS\btwhid.sys []
S3 btwmodem;Bluetooth Modem; C:\Windows\system32\DRIVERS\btwmodem.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\Windows\System32\Drivers\btwusb.sys []
S3 Ca2001v;CA2001 WebCam Driver; C:\Windows\System32\Drivers\Ca2001v.sys []
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 10752]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 23048]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2011-07-07 15896]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\Windows\system32\DRIVERS\zghsmdm.sys [2011-09-13 113688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-28 217600]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 291840]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2012-05-16 785344]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-05 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2012-01-05 189248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-25 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-22 250288]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-25 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2011-09-08 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2011-09-08 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-05 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

[Reklama]

[jaro3]

V RSIT se nedá fixovat , použij HJT.

Odinstaluj:
pdfforge Toolbar
BS Player Toolbar
Yandex
Spigot\Search Settings
Media Finder
BEARSH~1\MediaBar


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.7\pdfforgeToolbarIE.dll
R3 - URLSearchHook: (no name) - {5786d022-540e-4699-b350-b4be0ae94b79} - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.7\pdfforgeToolbarIE.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.7\pdfforgeToolbarIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Dubák]

Win už natolik stávkoval (nebylo možné ani instalovat některý soft. včetně HJT), že pomohlo až Obnovení systému spuštěné z instalačního CD.

Takže tady je nový log:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:29:44, on 6.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Eye 312S\Monitor.exe
C:\Program Files\trend micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15768
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\MILO~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2146031217-198812667-510708698-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LogMeInRemoteUser')
O4 - HKUS\S-1-5-21-2146031217-198812667-510708698-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LogMeInRemoteUser')
O4 - Global Startup: Monitor.lnk = C:\Program Files\Eye 312S\Monitor.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9706 bytes

ještě MBAM Rychlý test:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.0.1400
www.malwarebytes.org

Verze databáze: v2012.10.06.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Miloš :: MILOŠ-PC [administrátor]

Ochrana: Zakázána

6.10.2012 11:49:25
mbam-log-2012-10-04 (21-22-1.txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216913
Uplynulý čas: 6 minut, 2 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 5
HKCR\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Žádná instrukce nebyla provedena.
HKCR\gencrawler_gc.GenCrawler (Trojan.Downloader) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\Miloš\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll (Trojan.Downloader) -> Žádná instrukce nebyla provedena.

(konec)

[Orcus]

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected

Fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\MILO~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

[Dubák]

ComboFix 12-10-04.02 - Miloš 07.10.2012 20:37:19.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2047.895 [GMT 2:00]
Spuštěný z: c:\users\MiloÜ\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-07 do 2012-10-07 )))))))))))))))))))))))))))))))
.
.
2012-10-07 18:44 . 2012-10-07 18:47 -------- d-----w- c:\users\Miloš\AppData\Local\temp
2012-10-07 18:44 . 2012-10-07 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-07 15:35 . 2012-10-07 15:35 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D46ED81A-13F0-431B-B81C-4DC98E78DECB}\offreg.dll
2012-10-06 09:48 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-06 09:09 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-10-06 07:50 . 2012-10-06 07:50 388096 ----a-r- c:\users\Miloš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-06 07:45 . 2012-10-06 07:45 -------- d-----w- c:\program files\CCleaner
2012-10-05 15:40 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D46ED81A-13F0-431B-B81C-4DC98E78DECB}\mpengine.dll
2012-10-05 15:39 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-10-05 15:39 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-05 15:39 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-10-05 15:39 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-10-05 15:38 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-10-05 15:34 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-10-05 15:34 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-10-05 15:34 . 2012-06-02 04:40 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-10-05 15:34 . 2012-06-02 04:45 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-10-05 15:34 . 2012-06-02 04:39 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-10-05 15:34 . 2012-06-02 04:40 225280 ----a-w- c:\windows\system32\schannel.dll
2012-10-05 15:34 . 2012-06-02 04:45 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-10-05 15:33 . 2012-06-06 05:05 1019904 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-10-05 15:33 . 2012-06-06 05:05 57344 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2012-10-05 15:33 . 2012-06-06 05:05 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2012-10-05 15:33 . 2012-06-06 05:03 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-10-05 15:33 . 2012-06-06 05:05 143360 ----a-w- c:\program files\Common Files\System\ado\msjro.dll
2012-10-05 15:33 . 2012-06-06 05:05 212992 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2012-10-05 15:33 . 2012-06-06 05:05 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2012-10-05 15:33 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-10-05 15:33 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-10-05 15:31 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-10-05 15:31 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-10-05 15:31 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-10-05 15:31 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-10-05 15:31 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-10-05 15:31 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-05 15:31 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-10-05 15:31 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-05 15:25 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-10-05 15:07 . 2012-10-06 08:26 -------- d-----w- c:\users\LogMeInRemoteUser
2012-10-05 14:53 . 2012-10-05 14:53 -------- d-----w- c:\users\Miloš\AppData\Local\LogMeIn
2012-10-05 14:53 . 2012-07-05 16:09 52128 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2012-10-05 14:53 . 2012-07-05 16:09 30624 ----a-w- c:\windows\system32\LMIport.dll
2012-10-05 14:53 . 2012-07-05 16:10 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-10-05 14:53 . 2012-06-08 10:06 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2012-10-05 14:53 . 2012-07-05 16:09 87456 ----a-w- c:\windows\system32\LMIinit.dll
2012-10-05 14:53 . 2012-10-07 15:16 -------- d-----w- c:\programdata\LogMeIn
2012-10-05 14:52 . 2012-10-05 15:07 -------- d-----w- c:\program files\LogMeIn
2012-10-05 14:25 . 2012-10-05 14:25 -------- d-----w- C:\$WINDOWS.~BT
2012-10-04 19:22 . 2012-10-04 19:22 -------- d-----w- c:\users\Miloš\AppData\Roaming\Malwarebytes
2012-10-04 19:21 . 2012-10-04 19:21 -------- d-----w- c:\programdata\Malwarebytes
2012-10-04 19:21 . 2012-10-06 09:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-04 16:37 . 2012-10-06 07:50 -------- d-----w- c:\program files\trend micro
2012-10-04 16:37 . 2012-10-04 16:38 -------- d-----w- C:\rsit
2012-10-04 08:15 . 2012-10-04 08:44 -------- dc-h--w- c:\programdata\{A471C4AE-B27B-4761-9BCF-82FAAAAA2D01}
2012-10-04 08:11 . 2012-10-05 15:44 -------- d-----w- c:\program files\CrystalDiskInfo
2012-10-04 07:53 . 2012-10-05 15:44 -------- d-----w- c:\program files\Combined Community Codec Pack
2012-10-04 07:45 . 2012-10-05 15:44 -------- d-----w- c:\program files\GSpot
2012-10-03 12:40 . 2012-10-03 13:46 -------- d-----w- c:\users\Miloš\AppData\Local\BearShare
2012-10-03 12:37 . 2012-10-03 14:07 -------- d-----w- c:\program files\BearShare Applications
2012-10-03 12:36 . 2012-10-03 12:36 -------- d-----w- c:\users\Miloš\AppData\Local\PackageAware
2012-10-02 14:15 . 2012-10-05 15:45 -------- d-----w- c:\program files\Black_Box
2012-10-02 10:17 . 2012-10-02 10:17 5171904 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-10-01 17:21 . 2012-10-05 15:45 -------- d-----w- c:\program files\SCANIA Truck Driving Simulator
2012-09-30 16:46 . 2012-09-30 16:46 -------- d-----w- c:\users\Miloš\AppData\Roaming\AlawarEntertainment
2012-09-30 16:43 . 2012-09-30 16:44 -------- d-----w- c:\programdata\AlawarWrapper
2012-09-30 16:40 . 2012-10-05 15:45 -------- d-----w- c:\program files\Alawarhry.cz
2012-09-29 15:34 . 2012-09-30 10:00 -------- d-----w- c:\program files\Bohemia Interactive
2012-09-08 19:36 . 2012-09-08 19:36 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-06 07:50 . 2012-10-06 07:50 388096 ----a-r- c:\users\Miloš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-06 07:50 . 2012-10-06 07:50 388096 ----a-r- c:\users\Miloš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-22 05:41 . 2012-04-02 15:44 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-22 05:41 . 2011-07-04 09:10 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-21 09:13 . 2011-09-19 09:24 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-09-19 09:24 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2011-09-19 09:24 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-03-02 10:00 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-09-19 09:24 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-09-19 09:24 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-09-19 09:23 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-09-19 09:23 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-28 04:09 . 2011-04-20 01:38 5538984 ----a-w- c:\windows\system32\atiumdag.dll
2012-07-28 04:06 . 2012-07-28 04:06 8758784 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 58880 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\system32\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2011-04-20 02:09 931328 ----a-w- c:\windows\system32\aticfx32.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 469504 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-07-28 02:08 . 2012-07-28 02:08 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-07-28 02:07 . 2011-04-20 01:59 6430208 ----a-w- c:\windows\system32\atidxx32.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-07-28 01:32 . 2011-04-20 01:30 4751872 ----a-w- c:\windows\system32\atiumdva.dll
2012-07-28 01:30 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\system32\aticaldd.dll
2012-07-28 01:15 . 2012-07-28 01:15 368640 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:14 . 2012-07-28 01:14 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-07-28 01:14 . 2012-07-28 01:14 296448 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2011-04-20 01:21 109568 ----a-w- c:\windows\system32\atiuxpag.dll
2012-07-28 01:13 . 2011-04-20 01:21 83456 ----a-w- c:\windows\system32\atiu9pag.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\system32\amdocl.dll
2012-07-27 20:44 . 2012-07-27 20:44 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-08 19:36 . 2011-12-01 16:58 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2011-05-25 491040]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-02-10 399736]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2011-09-08 77824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2012-06-08 63048]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor.lnk - c:\program files\Eye 312S\Monitor.exe [2007-10-16 249856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^Users^Miloš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Miloš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-12 11:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-09 16:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 Ca2001v;CA2001 WebCam Driver;c:\windows\system32\Drivers\Ca2001v.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 05:41]
.
2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-25 19:26]
.
2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-25 19:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Miloš\AppData\Roaming\Mozilla\Firefox\Profiles\9rhuu4uy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =827316&p=
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2146031217-198812667-510708698-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:2d,cd,a5,5d,5b,96,d5,74,1a,f1,02,ef,c0,9d,bf,0c,55,28,64,da,79,a1,2d,
b4,04,30,be,f7,37,f9,7b,1b,4d,f0,8a,59,77,86,41,5f,62,e4,a2,31,a5,62,0f,36,\
"??"=hex:e5,f7,13,76,18,03,3f,43,fa,be,25,89,83,53,18,dd
.
[HKEY_USERS\S-1-5-21-2146031217-198812667-510708698-1001\Software\SecuROM\License information*]
"datasecu"=hex:dd,ea,ad,52,34,06,bc,33,98,8c,b9,b1,bc,a2,b9,59,c5,bc,16,6a,87,
e0,bc,97,15,b1,53,81,ea,f9,8f,89,54,5b,74,88,93,70,8d,8a,82,d8,5c,ee,74,a1,\
"rkeysecu"=hex:46,b3,f9,30,63,75,ac,77,b8,3d,41,28,8e,3e,f7,1f
.
[HKEY_USERS\S-1-5-21-2146031217-198812667-510708698-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\c:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T17:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T17:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T17:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-2146031217-198812667-510708698-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
.
**************************************************************************
.
Celkový čas: 2012-10-07 20:50:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-07 18:50
ComboFix2.txt 2012-10-05 13:56
.
Před spuštěním: Volných bajtů: 169 875 824 640
Po spuštění: Volných bajtů: 169 556 271 104
.
- - End Of File - - BC70992D4A4176016E7D0651C52E0D77

[Dubák]

20:20:29.0893 7528 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:20:30.0233 7528 ============================================================
20:20:30.0233 7528 Current date / time: 2012/10/07 20:20:30.0233
20:20:30.0233 7528 SystemInfo:
20:20:30.0233 7528
20:20:30.0233 7528 OS Version: 6.1.7601 ServicePack: 1.0
20:20:30.0233 7528 Product type: Workstation
20:20:30.0233 7528 ComputerName: MILOŠ-PC
20:20:30.0233 7528 UserName: Miloš
20:20:30.0233 7528 Windows directory: C:\Windows
20:20:30.0233 7528 System windows directory: C:\Windows
20:20:30.0233 7528 Processor architecture: Intel x86
20:20:30.0233 7528 Number of processors: 2
20:20:30.0233 7528 Page size: 0x1000
20:20:30.0233 7528 Boot type: Normal boot
20:20:30.0233 7528 ============================================================
20:20:31.0634 7528 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x4C87E, SectorsPerTrack: 0x13, TracksPerCylinder: 0xA4, Type 'K0', Flags 0x00000050
20:20:31.0647 7528 ============================================================
20:20:31.0647 7528 \Device\Harddisk0\DR0:
20:20:31.0648 7528 MBR partitions:
20:20:31.0648 7528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:20:31.0648 7528 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
20:20:31.0648 7528 ============================================================
20:20:31.0685 7528 C: <-> \Device\Harddisk0\DR0\Partition2
20:20:31.0685 7528 ============================================================
20:20:31.0685 7528 Initialize success
20:20:31.0685 7528 ============================================================
20:20:43.0943 6924 ============================================================
20:20:43.0943 6924 Scan started
20:20:43.0943 6924 Mode: Manual;
20:20:43.0943 6924 ============================================================
20:20:44.0753 6924 ================ Scan system memory ========================
20:20:44.0753 6924 System memory - ok
20:20:44.0753 6924 ================ Scan services =============================
20:20:45.0153 6924 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:20:45.0153 6924 1394ohci - ok
20:20:45.0203 6924 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:20:45.0213 6924 ACPI - ok
20:20:45.0243 6924 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:20:45.0243 6924 AcpiPmi - ok
20:20:45.0353 6924 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:45.0353 6924 AdobeARMservice - ok
20:20:45.0463 6924 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:20:45.0473 6924 AdobeFlashPlayerUpdateSvc - ok
20:20:45.0533 6924 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:20:45.0533 6924 adp94xx - ok
20:20:45.0553 6924 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:20:45.0553 6924 adpahci - ok
20:20:45.0573 6924 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:20:45.0573 6924 adpu320 - ok
20:20:45.0613 6924 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:20:45.0613 6924 AeLookupSvc - ok
20:20:45.0663 6924 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:20:45.0663 6924 AFD - ok
20:20:45.0703 6924 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:20:45.0703 6924 agp440 - ok
20:20:45.0723 6924 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:20:45.0723 6924 aic78xx - ok
20:20:45.0743 6924 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:20:45.0743 6924 ALG - ok
20:20:45.0753 6924 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:20:45.0753 6924 aliide - ok
20:20:45.0813 6924 [ 87F8E98FCD859D2F0C291DCF9F1A5543 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:20:45.0823 6924 AMD External Events Utility - ok
20:20:45.0893 6924 AMD FUEL Service - ok
20:20:45.0923 6924 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:20:45.0923 6924 amdagp - ok
20:20:45.0933 6924 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:20:45.0933 6924 amdide - ok
20:20:45.0973 6924 [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86 C:\Windows\system32\DRIVERS\amdiox86.sys
20:20:45.0973 6924 amdiox86 - ok
20:20:45.0993 6924 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:20:45.0993 6924 AmdK8 - ok
20:20:46.0153 6924 [ 6617FED21C91E821E3D00484741B302F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:20:46.0203 6924 amdkmdag - ok
20:20:46.0273 6924 [ 0CD80C1ABE5507B4ADBFC8338E3698E0 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:20:46.0283 6924 amdkmdap - ok
20:20:46.0333 6924 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys
20:20:46.0333 6924 AmdLLD - ok
20:20:46.0363 6924 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:20:46.0363 6924 AmdPPM - ok
20:20:46.0393 6924 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:20:46.0393 6924 amdsata - ok
20:20:46.0413 6924 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:20:46.0413 6924 amdsbs - ok
20:20:46.0423 6924 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:20:46.0423 6924 amdxata - ok
20:20:46.0463 6924 [ 0E46FDA73FD47FA4C61223E45187F7D5 ] androidusb C:\Windows\system32\Drivers\androidusb.sys
20:20:46.0463 6924 androidusb - ok
20:20:46.0483 6924 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:20:46.0483 6924 AppID - ok
20:20:46.0523 6924 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:20:46.0523 6924 AppIDSvc - ok
20:20:46.0563 6924 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:20:46.0573 6924 Appinfo - ok
20:20:46.0583 6924 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:20:46.0583 6924 arc - ok
20:20:46.0593 6924 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:20:46.0603 6924 arcsas - ok
20:20:46.0693 6924 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:20:46.0693 6924 aspnet_state - ok
20:20:46.0753 6924 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:20:46.0763 6924 aswFsBlk - ok
20:20:46.0823 6924 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:20:46.0823 6924 aswMonFlt - ok
20:20:46.0873 6924 [ 924819669AFD0EDF5C067193D371FAB0 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:20:46.0873 6924 aswRdr - ok
20:20:46.0903 6924 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:20:46.0903 6924 aswSnx - ok
20:20:46.0923 6924 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:20:46.0923 6924 aswSP - ok
20:20:46.0943 6924 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:20:46.0943 6924 aswTdi - ok
20:20:46.0963 6924 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:46.0963 6924 AsyncMac - ok
20:20:47.0003 6924 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:20:47.0003 6924 atapi - ok
20:20:47.0073 6924 [ 434192D027A6A11E32E1C74C7C43E1ED ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
20:20:47.0083 6924 AtiHDAudioService - ok
20:20:47.0275 6924 [ 6617FED21C91E821E3D00484741B302F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:20:47.0325 6924 atikmdag - ok
20:20:47.0345 6924 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:20:47.0355 6924 AudioEndpointBuilder - ok
20:20:47.0375 6924 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:20:47.0375 6924 Audiosrv - ok
20:20:47.0445 6924 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:20:47.0455 6924 avast! Antivirus - ok
20:20:47.0485 6924 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:20:47.0485 6924 AxInstSV - ok
20:20:47.0515 6924 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:20:47.0515 6924 b06bdrv - ok
20:20:47.0535 6924 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:20:47.0535 6924 b57nd60x - ok
20:20:47.0555 6924 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:20:47.0565 6924 BDESVC - ok
20:20:47.0575 6924 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:20:47.0575 6924 Beep - ok
20:20:47.0625 6924 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:20:47.0635 6924 BFE - ok
20:20:47.0655 6924 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:20:47.0675 6924 BITS - ok
20:20:47.0685 6924 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:47.0695 6924 blbdrive - ok
20:20:47.0715 6924 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:20:47.0725 6924 bowser - ok
20:20:47.0735 6924 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:20:47.0735 6924 BrFiltLo - ok
20:20:47.0755 6924 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:20:47.0755 6924 BrFiltUp - ok
20:20:47.0785 6924 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:20:47.0795 6924 Browser - ok
20:20:47.0805 6924 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:20:47.0805 6924 Brserid - ok
20:20:47.0825 6924 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:47.0825 6924 BrSerWdm - ok
20:20:47.0835 6924 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:47.0835 6924 BrUsbMdm - ok
20:20:47.0855 6924 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:20:47.0855 6924 BrUsbSer - ok
20:20:47.0865 6924 BT - ok
20:20:47.0885 6924 btaudio - ok
20:20:47.0895 6924 BTCOM - ok
20:20:47.0905 6924 BTCOMBUS - ok
20:20:47.0935 6924 Btcsrusb - ok
20:20:47.0955 6924 BTDriver - ok
20:20:47.0985 6924 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:20:47.0995 6924 BthEnum - ok
20:20:48.0035 6924 [ 4CA977B7F361AABA7E7B17F95413A87D ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys
20:20:48.0035 6924 BtHidBus - ok
20:20:48.0055 6924 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:20:48.0055 6924 BTHMODEM - ok
20:20:48.0085 6924 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:20:48.0085 6924 BthPan - ok
20:20:48.0135 6924 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:20:48.0135 6924 BTHPORT - ok
20:20:48.0155 6924 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:20:48.0165 6924 bthserv - ok
20:20:48.0205 6924 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:20:48.0205 6924 BTHUSB - ok
20:20:48.0235 6924 [ 7BB8AC22BC9E6A1E7707DAECADA95CD9 ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
20:20:48.0235 6924 btnetBUs - ok
20:20:48.0265 6924 BTWDNDIS - ok
20:20:48.0275 6924 btwhid - ok
20:20:48.0285 6924 btwmodem - ok
20:20:48.0295 6924 BTWUSB - ok
20:20:48.0325 6924 Ca2001v - ok
20:20:48.0335 6924 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:20:48.0335 6924 cdfs - ok
20:20:48.0385 6924 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:20:48.0385 6924 cdrom - ok
20:20:48.0435 6924 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:20:48.0435 6924 CertPropSvc - ok
20:20:48.0445 6924 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:20:48.0445 6924 circlass - ok
20:20:48.0465 6924 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:20:48.0475 6924 CLFS - ok
20:20:48.0535 6924 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:48.0545 6924 clr_optimization_v2.0.50727_32 - ok
20:20:48.0595 6924 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:48.0605 6924 clr_optimization_v4.0.30319_32 - ok
20:20:48.0615 6924 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:20:48.0625 6924 CmBatt - ok
20:20:48.0635 6924 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:20:48.0635 6924 cmdide - ok
20:20:48.0695 6924 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:20:48.0695 6924 CNG - ok
20:20:48.0705 6924 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:20:48.0705 6924 Compbatt - ok
20:20:48.0755 6924 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:20:48.0755 6924 CompositeBus - ok
20:20:48.0775 6924 COMSysApp - ok
20:20:48.0795 6924 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:20:48.0795 6924 crcdisk - ok
20:20:48.0845 6924 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:20:48.0845 6924 CryptSvc - ok
20:20:48.0905 6924 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:20:48.0915 6924 DcomLaunch - ok
20:20:48.0935 6924 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:20:48.0945 6924 defragsvc - ok
20:20:48.0985 6924 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:20:48.0985 6924 DfsC - ok
20:20:49.0005 6924 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:20:49.0015 6924 Dhcp - ok
20:20:49.0025 6924 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:20:49.0025 6924 discache - ok
20:20:49.0045 6924 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:20:49.0045 6924 Disk - ok
20:20:49.0085 6924 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:20:49.0095 6924 Dnscache - ok
20:20:49.0115 6924 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:20:49.0125 6924 dot3svc - ok
20:20:49.0175 6924 [ B5E479EB83707DD698F66953E922042C ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:20:49.0185 6924 dot4 - ok
20:20:49.0245 6924 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:20:49.0245 6924 Dot4Print - ok
20:20:49.0275 6924 [ 9F7DE667C505CE6500BECDD8E11644D7 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
20:20:49.0285 6924 Dot4Scan - ok
20:20:49.0295 6924 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:20:49.0295 6924 dot4usb - ok
20:20:49.0345 6924 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:20:49.0355 6924 DPS - ok
20:20:49.0385 6924 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:20:49.0385 6924 drmkaud - ok
20:20:49.0425 6924 [ FB38473835476A6FB272215A1D972AF9 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:20:49.0425 6924 dtsoftbus01 - ok
20:20:49.0485 6924 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:20:49.0505 6924 DXGKrnl - ok
20:20:49.0525 6924 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:20:49.0525 6924 EapHost - ok
20:20:49.0585 6924 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:20:49.0605 6924 ebdrv - ok
20:20:49.0635 6924 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:20:49.0635 6924 EFS - ok
20:20:49.0705 6924 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:20:49.0715 6924 ehRecvr - ok
20:20:49.0725 6924 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:20:49.0735 6924 ehSched - ok
20:20:49.0755 6924 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:20:49.0765 6924 elxstor - ok
20:20:49.0775 6924 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:20:49.0775 6924 ErrDev - ok
20:20:49.0805 6924 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:20:49.0815 6924 EventSystem - ok
20:20:49.0835 6924 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:20:49.0835 6924 exfat - ok
20:20:49.0855 6924 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:20:49.0855 6924 fastfat - ok
20:20:49.0875 6924 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:20:49.0895 6924 Fax - ok
20:20:49.0915 6924 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:20:49.0915 6924 fdc - ok
20:20:49.0935 6924 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:20:49.0935 6924 fdPHost - ok
20:20:49.0955 6924 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:20:49.0955 6924 FDResPub - ok
20:20:49.0975 6924 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:20:49.0975 6924 FileInfo - ok
20:20:49.0985 6924 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:20:49.0985 6924 Filetrace - ok
20:20:49.0995 6924 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:20:49.0995 6924 flpydisk - ok
20:20:50.0015 6924 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:20:50.0015 6924 FltMgr - ok
20:20:50.0095 6924 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:20:50.0125 6924 FontCache - ok
20:20:50.0205 6924 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:20:50.0205 6924 FontCache3.0.0.0 - ok
20:20:50.0225 6924 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:20:50.0225 6924 FsDepends - ok
20:20:50.0255 6924 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:20:50.0255 6924 Fs_Rec - ok
20:20:50.0315 6924 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:20:50.0315 6924 fvevol - ok
20:20:50.0365 6924 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:20:50.0365 6924 gagp30kx - ok
20:20:50.0415 6924 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:20:50.0425 6924 gpsvc - ok
20:20:50.0535 6924 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:50.0535 6924 gupdate - ok
20:20:50.0555 6924 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:50.0565 6924 gupdatem - ok
20:20:50.0575 6924 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:20:50.0575 6924 hcw85cir - ok
20:20:50.0615 6924 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:20:50.0625 6924 HdAudAddService - ok
20:20:50.0665 6924 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:20:50.0665 6924 HDAudBus - ok
20:20:50.0675 6924 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:20:50.0675 6924 HidBatt - ok
20:20:50.0695 6924 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:20:50.0695 6924 HidBth - ok
20:20:50.0705 6924 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:20:50.0715 6924 HidIr - ok
20:20:50.0725 6924 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:20:50.0725 6924 hidserv - ok
20:20:50.0755 6924 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:20:50.0755 6924 HidUsb - ok
20:20:50.0805 6924 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:20:50.0815 6924 hkmsvc - ok
20:20:50.0845 6924 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:20:50.0855 6924 HomeGroupListener - ok
20:20:50.0875 6924 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:20:50.0885 6924 HomeGroupProvider - ok
20:20:50.0915 6924 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:20:50.0915 6924 HpSAMD - ok
20:20:50.0943 6924 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:20:50.0947 6924 HTTP - ok
20:20:50.0957 6924 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:20:50.0957 6924 hwpolicy - ok
20:20:51.0007 6924 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:20:51.0007 6924 i8042prt - ok
20:20:51.0047 6924 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:20:51.0047 6924 iaStorV - ok
20:20:51.0107 6924 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:20:51.0107 6924 IDriverT - ok
20:20:51.0197 6924 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:20:51.0217 6924 idsvc - ok
20:20:51.0227 6924 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:20:51.0237 6924 iirsp - ok
20:20:51.0259 6924 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:20:51.0276 6924 IKEEXT - ok
20:20:51.0289 6924 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:20:51.0289 6924 intelide - ok
20:20:51.0309 6924 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:20:51.0309 6924 intelppm - ok
20:20:51.0361 6924 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:20:51.0361 6924 IPBusEnum - ok
20:20:51.0381 6924 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:51.0381 6924 IpFilterDriver - ok
20:20:51.0421 6924 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:20:51.0431 6924 iphlpsvc - ok
20:20:51.0451 6924 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:20:51.0451 6924 IPMIDRV - ok
20:20:51.0471 6924 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:20:51.0481 6924 IPNAT - ok
20:20:51.0491 6924 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:20:51.0491 6924 IRENUM - ok
20:20:51.0501 6924 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:20:51.0501 6924 isapnp - ok
20:20:51.0531 6924 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:20:51.0531 6924 iScsiPrt - ok
20:20:51.0571 6924 [ 132EB047E3F94DC9EAB83C74E8C2E85A ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys
20:20:51.0571 6924 IvtBtBUs - ok
20:20:51.0591 6924 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:20:51.0591 6924 kbdclass - ok
20:20:51.0601 6924 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:20:51.0601 6924 kbdhid - ok
20:20:51.0621 6924 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:20:51.0621 6924 KeyIso - ok
20:20:51.0651 6924 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:20:51.0651 6924 KSecDD - ok
20:20:51.0701 6924 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:20:51.0701 6924 KSecPkg - ok
20:20:51.0751 6924 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:20:51.0761 6924 KtmRm - ok
20:20:51.0801 6924 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:20:51.0811 6924 LanmanServer - ok
20:20:51.0851 6924 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:20:51.0851 6924 LanmanWorkstation - ok
20:20:51.0891 6924 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:20:51.0891 6924 lltdio - ok
20:20:51.0911 6924 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:20:51.0921 6924 lltdsvc - ok
20:20:51.0961 6924 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:20:51.0961 6924 lmhosts - ok
20:20:52.0031 6924 [ 63DAF163D1617DD611BD0AB8E41A43E8 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
20:20:52.0051 6924 LMIGuardianSvc - ok
20:20:52.0081 6924 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
20:20:52.0091 6924 LMIInfo - ok
20:20:52.0101 6924 [ 175F50F37EEAA1D4D744BCCCBB7CF68C ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
20:20:52.0111 6924 LMIMaint - ok
20:20:52.0131 6924 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
20:20:52.0131 6924 lmimirr - ok
20:20:52.0151 6924 LMIRfsClientNP - ok
20:20:52.0201 6924 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
20:20:52.0201 6924 LMIRfsDriver - ok
20:20:52.0241 6924 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
20:20:52.0251 6924 LogMeIn - ok
20:20:52.0271 6924 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:20:52.0281 6924 LSI_FC - ok
20:20:52.0291 6924 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:20:52.0291 6924 LSI_SAS - ok
20:20:52.0311 6924 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:20:52.0311 6924 LSI_SAS2 - ok
20:20:52.0321 6924 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:20:52.0331 6924 LSI_SCSI - ok
20:20:52.0341 6924 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:20:52.0341 6924 luafv - ok
20:20:52.0391 6924 [ 3C7B3072C3C5CC23F5FD46F8DFDA7480 ] massfilter_hs C:\Windows\system32\drivers\massfilter_hs.sys
20:20:52.0391 6924 massfilter_hs - ok
20:20:52.0441 6924 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:20:52.0441 6924 MBAMProtector - ok
20:20:52.0501 6924 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:20:52.0531 6924 MBAMScheduler - ok
20:20:52.0631 6924 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:20:52.0641 6924 MBAMService - ok
20:20:52.0688 6924 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:20:52.0693 6924 Mcx2Svc - ok
20:20:52.0713 6924 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:20:52.0713 6924 megasas - ok
20:20:52.0723 6924 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:20:52.0733 6924 MegaSR - ok
20:20:52.0813 6924 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:20:52.0823 6924 Microsoft Office Groove Audit Service - ok
20:20:52.0873 6924 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:20:52.0883 6924 MMCSS - ok
20:20:52.0893 6924 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:20:52.0893 6924 Modem - ok
20:20:52.0913 6924 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:20:52.0913 6924 monitor - ok
20:20:52.0953 6924 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:20:52.0953 6924 mouclass - ok
20:20:52.0973 6924 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:20:52.0973 6924 mouhid - ok
20:20:53.0023 6924 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:20:53.0023 6924 mountmgr - ok
20:20:53.0093 6924 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:20:53.0103 6924 MozillaMaintenance - ok
20:20:53.0123 6924 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:20:53.0133 6924 mpio - ok
20:20:53.0143 6924 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:20:53.0153 6924 mpsdrv - ok
20:20:53.0213 6924 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:20:53.0223 6924 MpsSvc - ok
20:20:53.0273 6924 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:20:53.0273 6924 MRxDAV - ok
20:20:53.0323 6924 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:53.0323 6924 mrxsmb - ok
20:20:53.0383 6924 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:53.0383 6924 mrxsmb10 - ok
20:20:53.0413 6924 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:53.0413 6924 mrxsmb20 - ok
20:20:53.0433 6924 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:20:53.0433 6924 msahci - ok
20:20:53.0453 6924 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:20:53.0463 6924 msdsm - ok
20:20:53.0473 6924 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:20:53.0483 6924 MSDTC - ok
20:20:53.0493 6924 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:20:53.0503 6924 Msfs - ok
20:20:53.0513 6924 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:20:53.0523 6924 mshidkmdf - ok
20:20:53.0533 6924 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:20:53.0543 6924 msisadrv - ok
20:20:53.0583 6924 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:20:53.0583 6924 MSiSCSI - ok
20:20:53.0593 6924 msiserver - ok
20:20:53.0623 6924 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:20:53.0623 6924 MSKSSRV - ok
20:20:53.0643 6924 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:53.0643 6924 MSPCLOCK - ok
20:20:53.0653 6924 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:20:53.0653 6924 MSPQM - ok
20:20:53.0673 6924 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:20:53.0673 6924 MsRPC - ok
20:20:53.0693 6924 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:20:53.0693 6924 mssmbios - ok
20:20:53.0703 6924 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:20:53.0703 6924 MSTEE - ok
20:20:53.0713 6924 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:20:53.0713 6924 MTConfig - ok
20:20:53.0733 6924 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
20:20:53.0733 6924 MTsensor - ok
20:20:53.0753 6924 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:20:53.0753 6924 Mup - ok
20:20:53.0783 6924 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:20:53.0803 6924 napagent - ok
20:20:53.0823 6924 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:20:53.0833 6924 NativeWifiP - ok
20:20:53.0933 6924 [ 89844C3D3A7AAE8999E229C88E452633 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
20:20:53.0963 6924 NBService - ok
20:20:54.0023 6924 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:20:54.0023 6924 NDIS - ok
20:20:54.0043 6924 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:54.0043 6924 NdisCap - ok
20:20:54.0053 6924 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:54.0053 6924 NdisTapi - ok
20:20:54.0103 6924 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:54.0103 6924 Ndisuio - ok
20:20:54.0133 6924 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:54.0133 6924 NdisWan - ok
20:20:54.0153 6924 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:20:54.0163 6924 NDProxy - ok
20:20:54.0163 6924 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:20:54.0173 6924 NetBIOS - ok
20:20:54.0193 6924 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:20:54.0193 6924 NetBT - ok
20:20:54.0203 6924 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:20:54.0213 6924 Netlogon - ok
20:20:54.0303 6924 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:20:54.0323 6924 Netman - ok
20:20:54.0373 6924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:54.0383 6924 NetMsmqActivator - ok

[Dubák]

20:20:54.0383 6924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:54.0393 6924 NetPipeActivator - ok
20:20:54.0413 6924 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:20:54.0433 6924 netprofm - ok
20:20:54.0443 6924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:54.0443 6924 NetTcpActivator - ok
20:20:54.0453 6924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:54.0453 6924 NetTcpPortSharing - ok
20:20:54.0483 6924 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:20:54.0483 6924 nfrd960 - ok
20:20:54.0493 6924 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:20:54.0503 6924 NlaSvc - ok
20:20:54.0563 6924 [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
20:20:54.0573 6924 NMIndexingService - ok
20:20:54.0583 6924 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:20:54.0583 6924 Npfs - ok
20:20:54.0593 6924 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:20:54.0603 6924 nsi - ok
20:20:54.0613 6924 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:20:54.0613 6924 nsiproxy - ok
20:20:54.0693 6924 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:20:54.0703 6924 Ntfs - ok
20:20:54.0723 6924 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:20:54.0723 6924 Null - ok
20:20:54.0773 6924 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
20:20:54.0773 6924 NVENETFD - ok
20:20:54.0963 6924 [ B0881DDA5A8160422561FFAB7F0008B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:20:55.0023 6924 nvlddmkm - ok
20:20:55.0043 6924 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:20:55.0043 6924 nvraid - ok
20:20:55.0073 6924 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:20:55.0083 6924 nvstor - ok
20:20:55.0123 6924 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:20:55.0123 6924 nv_agp - ok
20:20:55.0233 6924 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:20:55.0243 6924 odserv - ok
20:20:55.0283 6924 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:20:55.0283 6924 ohci1394 - ok
20:20:55.0323 6924 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:55.0333 6924 ose - ok
20:20:55.0393 6924 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:20:55.0403 6924 p2pimsvc - ok
20:20:55.0443 6924 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:20:55.0453 6924 p2psvc - ok
20:20:55.0503 6924 [ AD66BC56DD6A030174C03395B3DC0720 ] PAC7302 C:\Windows\system32\DRIVERS\PAC7302.SYS
20:20:55.0503 6924 PAC7302 - ok
20:20:55.0523 6924 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:20:55.0523 6924 Parport - ok
20:20:55.0563 6924 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:20:55.0563 6924 partmgr - ok
20:20:55.0573 6924 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:20:55.0573 6924 Parvdm - ok
20:20:55.0593 6924 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:20:55.0603 6924 PcaSvc - ok
20:20:55.0653 6924 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:20:55.0653 6924 pccsmcfd - ok
20:20:55.0703 6924 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:20:55.0703 6924 pci - ok
20:20:55.0713 6924 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:20:55.0713 6924 pciide - ok
20:20:55.0763 6924 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:20:55.0763 6924 pcmcia - ok
20:20:55.0783 6924 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:20:55.0783 6924 pcw - ok
20:20:55.0813 6924 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:20:55.0823 6924 PEAUTH - ok
20:20:55.0923 6924 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:20:55.0963 6924 pla - ok
20:20:56.0003 6924 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:20:56.0013 6924 PlugPlay - ok
20:20:56.0063 6924 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
20:20:56.0073 6924 PnkBstrA - ok
20:20:56.0113 6924 [ 27F1BE4A53441C9F1F48B9ADC145B0A5 ] PnkBstrB C:\Windows\system32\PnkBstrB.exe
20:20:56.0123 6924 PnkBstrB - ok
20:20:56.0163 6924 [ C10F672B794DC67C96AE1392BFEC8585 ] Pnp680r C:\Windows\system32\DRIVERS\pnp680r.sys
20:20:56.0163 6924 Pnp680r - ok
20:20:56.0173 6924 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:20:56.0183 6924 PNRPAutoReg - ok
20:20:56.0193 6924 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:20:56.0203 6924 PNRPsvc - ok
20:20:56.0243 6924 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:20:56.0253 6924 PolicyAgent - ok
20:20:56.0293 6924 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:20:56.0303 6924 Power - ok
20:20:56.0323 6924 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:20:56.0323 6924 PptpMiniport - ok
20:20:56.0363 6924 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:20:56.0363 6924 Processor - ok
20:20:56.0443 6924 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:20:56.0473 6924 ProfSvc - ok
20:20:56.0513 6924 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:20:56.0513 6924 ProtectedStorage - ok
20:20:56.0553 6924 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:20:56.0563 6924 Psched - ok
20:20:56.0603 6924 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:20:56.0603 6924 ql2300 - ok
20:20:56.0623 6924 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:20:56.0623 6924 ql40xx - ok
20:20:56.0673 6924 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:20:56.0683 6924 QWAVE - ok
20:20:56.0693 6924 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:20:56.0693 6924 QWAVEdrv - ok
20:20:56.0703 6924 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:20:56.0703 6924 RasAcd - ok
20:20:56.0743 6924 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:56.0743 6924 RasAgileVpn - ok
20:20:56.0753 6924 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:20:56.0753 6924 RasAuto - ok
20:20:56.0763 6924 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:56.0773 6924 Rasl2tp - ok
20:20:56.0793 6924 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:20:56.0803 6924 RasMan - ok
20:20:56.0813 6924 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:56.0823 6924 RasPppoe - ok
20:20:56.0833 6924 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:20:56.0833 6924 RasSstp - ok
20:20:56.0853 6924 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:20:56.0863 6924 rdbss - ok
20:20:56.0873 6924 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:20:56.0873 6924 rdpbus - ok
20:20:56.0913 6924 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:56.0913 6924 RDPCDD - ok
20:20:56.0933 6924 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:20:56.0933 6924 RDPENCDD - ok
20:20:56.0943 6924 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:20:56.0943 6924 RDPREFMP - ok
20:20:56.0983 6924 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:20:56.0993 6924 RDPWD - ok
20:20:57.0013 6924 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:20:57.0013 6924 rdyboost - ok
20:20:57.0053 6924 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:20:57.0053 6924 RemoteAccess - ok
20:20:57.0063 6924 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:20:57.0073 6924 RemoteRegistry - ok
20:20:57.0113 6924 [ B9BB8E2093C1615AD6EA55AD96214354 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
20:20:57.0123 6924 Revoflt - ok
20:20:57.0163 6924 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:20:57.0163 6924 RFCOMM - ok
20:20:57.0183 6924 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:20:57.0193 6924 RpcEptMapper - ok
20:20:57.0223 6924 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:20:57.0233 6924 RpcLocator - ok
20:20:57.0283 6924 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:20:57.0293 6924 RpcSs - ok
20:20:57.0313 6924 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:20:57.0313 6924 rspndr - ok
20:20:57.0363 6924 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
20:20:57.0363 6924 RTL8167 - ok
20:20:57.0383 6924 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:20:57.0383 6924 SamSs - ok
20:20:57.0423 6924 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:20:57.0423 6924 sbp2port - ok
20:20:57.0433 6924 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:20:57.0453 6924 SCardSvr - ok
20:20:57.0483 6924 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:20:57.0483 6924 scfilter - ok
20:20:57.0513 6924 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:20:57.0533 6924 Schedule - ok
20:20:57.0573 6924 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:20:57.0573 6924 SCPolicySvc - ok
20:20:57.0603 6924 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:20:57.0613 6924 SDRSVC - ok
20:20:57.0623 6924 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:20:57.0623 6924 secdrv - ok
20:20:57.0643 6924 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:20:57.0653 6924 seclogon - ok
20:20:57.0663 6924 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:20:57.0673 6924 SENS - ok
20:20:57.0683 6924 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:20:57.0693 6924 SensrSvc - ok
20:20:57.0723 6924 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:20:57.0723 6924 Serenum - ok
20:20:57.0753 6924 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:20:57.0753 6924 Serial - ok
20:20:57.0773 6924 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:20:57.0783 6924 sermouse - ok
20:20:57.0863 6924 [ 3334DE016FDCDE5C98E30A405A72DD8D ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:20:57.0873 6924 ServiceLayer - ok
20:20:57.0913 6924 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:20:57.0923 6924 SessionEnv - ok
20:20:57.0963 6924 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:20:57.0963 6924 sffdisk - ok
20:20:57.0983 6924 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:20:57.0983 6924 sffp_mmc - ok
20:20:57.0993 6924 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:20:57.0993 6924 sffp_sd - ok
20:20:58.0013 6924 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:20:58.0013 6924 sfloppy - ok
20:20:58.0053 6924 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:20:58.0063 6924 SharedAccess - ok
20:20:58.0073 6924 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:20:58.0083 6924 ShellHWDetection - ok
20:20:58.0103 6924 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:20:58.0103 6924 sisagp - ok
20:20:58.0113 6924 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:20:58.0113 6924 SiSRaid2 - ok
20:20:58.0133 6924 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:20:58.0133 6924 SiSRaid4 - ok
20:20:58.0283 6924 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:20:58.0423 6924 Skype C2C Service - ok
20:20:58.0483 6924 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:20:58.0493 6924 SkypeUpdate - ok
20:20:58.0503 6924 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:20:58.0513 6924 Smb - ok
20:20:58.0563 6924 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:20:58.0573 6924 SNMPTRAP - ok
20:20:58.0583 6924 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:20:58.0583 6924 spldr - ok
20:20:58.0643 6924 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:20:58.0653 6924 Spooler - ok
20:20:58.0753 6924 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:20:58.0813 6924 sppsvc - ok
20:20:58.0853 6924 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:20:58.0863 6924 sppuinotify - ok
20:20:58.0913 6924 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:20:58.0913 6924 srv - ok
20:20:58.0923 6924 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:20:58.0933 6924 srv2 - ok
20:20:58.0973 6924 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:20:58.0973 6924 srvnet - ok
20:20:58.0993 6924 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:20:58.0993 6924 SSDPSRV - ok
20:20:59.0013 6924 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:20:59.0023 6924 SstpSvc - ok
20:20:59.0033 6924 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:20:59.0033 6924 stexstor - ok
20:20:59.0063 6924 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:20:59.0083 6924 StiSvc - ok
20:20:59.0113 6924 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:20:59.0113 6924 swenum - ok
20:20:59.0133 6924 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:20:59.0153 6924 swprv - ok
20:20:59.0213 6924 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:20:59.0253 6924 SysMain - ok
20:20:59.0283 6924 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:20:59.0283 6924 TabletInputService - ok
20:20:59.0323 6924 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:20:59.0333 6924 TapiSrv - ok
20:20:59.0343 6924 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:20:59.0343 6924 TBS - ok
20:20:59.0423 6924 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:20:59.0443 6924 Tcpip - ok
20:20:59.0473 6924 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:20:59.0483 6924 TCPIP6 - ok
20:20:59.0533 6924 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:20:59.0533 6924 tcpipreg - ok
20:20:59.0573 6924 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:20:59.0573 6924 TDPIPE - ok
20:20:59.0603 6924 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:20:59.0603 6924 TDTCP - ok
20:20:59.0623 6924 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:20:59.0623 6924 tdx - ok
20:20:59.0633 6924 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:20:59.0633 6924 TermDD - ok
20:20:59.0683 6924 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:20:59.0683 6924 TermService - ok
20:20:59.0703 6924 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:20:59.0703 6924 Themes - ok
20:20:59.0723 6924 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:20:59.0723 6924 THREADORDER - ok
20:20:59.0743 6924 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:20:59.0743 6924 TrkWks - ok
20:20:59.0793 6924 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:20:59.0803 6924 TrustedInstaller - ok
20:20:59.0843 6924 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:59.0843 6924 tssecsrv - ok
20:20:59.0903 6924 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:20:59.0903 6924 TsUsbFlt - ok
20:20:59.0923 6924 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:20:59.0923 6924 tunnel - ok
20:20:59.0943 6924 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:20:59.0943 6924 uagp35 - ok
20:20:59.0973 6924 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:20:59.0983 6924 udfs - ok
20:21:00.0003 6924 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:21:00.0013 6924 UI0Detect - ok
20:21:00.0023 6924 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:21:00.0023 6924 uliagpkx - ok
20:21:00.0053 6924 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:21:00.0053 6924 umbus - ok
20:21:00.0073 6924 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:21:00.0073 6924 UmPass - ok
20:21:00.0093 6924 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:21:00.0113 6924 upnphost - ok
20:21:00.0153 6924 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:21:00.0153 6924 usbaudio - ok
20:21:00.0183 6924 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:21:00.0193 6924 usbccgp - ok
20:21:00.0223 6924 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:21:00.0223 6924 usbcir - ok
20:21:00.0253 6924 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:21:00.0253 6924 usbehci - ok
20:21:00.0283 6924 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:21:00.0283 6924 usbhub - ok
20:21:00.0323 6924 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:21:00.0323 6924 usbohci - ok
20:21:00.0373 6924 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:21:00.0383 6924 usbprint - ok
20:21:00.0403 6924 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:21:00.0413 6924 USBSTOR - ok
20:21:00.0423 6924 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:21:00.0423 6924 usbuhci - ok
20:21:00.0443 6924 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:21:00.0453 6924 UxSms - ok
20:21:00.0463 6924 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:21:00.0463 6924 VaultSvc - ok
20:21:00.0483 6924 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:21:00.0483 6924 vdrvroot - ok
20:21:00.0523 6924 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:21:00.0533 6924 vds - ok
20:21:00.0573 6924 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:21:00.0583 6924 vga - ok
20:21:00.0593 6924 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:21:00.0593 6924 VgaSave - ok
20:21:00.0613 6924 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:21:00.0613 6924 vhdmp - ok
20:21:00.0643 6924 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:21:00.0643 6924 viaagp - ok
20:21:00.0653 6924 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:21:00.0653 6924 ViaC7 - ok
20:21:00.0673 6924 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:21:00.0673 6924 viaide - ok
20:21:00.0683 6924 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:21:00.0683 6924 volmgr - ok
20:21:00.0713 6924 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:21:00.0713 6924 volmgrx - ok
20:21:00.0733 6924 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:21:00.0733 6924 volsnap - ok
20:21:00.0753 6924 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:21:00.0753 6924 vsmraid - ok
20:21:00.0783 6924 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:21:00.0813 6924 VSS - ok
20:21:00.0833 6924 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:21:00.0833 6924 vwifibus - ok
20:21:00.0873 6924 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:21:00.0883 6924 W32Time - ok
20:21:00.0913 6924 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:21:00.0913 6924 WacomPen - ok
20:21:00.0943 6924 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:21:00.0943 6924 WANARP - ok
20:21:00.0963 6924 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:21:00.0963 6924 Wanarpv6 - ok
20:21:01.0043 6924 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:21:01.0083 6924 WatAdminSvc - ok
20:21:01.0143 6924 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:21:01.0173 6924 wbengine - ok
20:21:01.0193 6924 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:21:01.0203 6924 WbioSrvc - ok
20:21:01.0243 6924 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:21:01.0263 6924 wcncsvc - ok
20:21:01.0283 6924 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:21:01.0293 6924 WcsPlugInService - ok
20:21:01.0303 6924 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:21:01.0303 6924 Wd - ok
20:21:01.0323 6924 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:21:01.0333 6924 Wdf01000 - ok
20:21:01.0343 6924 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:21:01.0353 6924 WdiServiceHost - ok
20:21:01.0353 6924 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:21:01.0363 6924 WdiSystemHost - ok
20:21:01.0373 6924 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:21:01.0383 6924 WebClient - ok
20:21:01.0403 6924 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:21:01.0413 6924 Wecsvc - ok
20:21:01.0423 6924 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:21:01.0433 6924 wercplsupport - ok
20:21:01.0453 6924 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:21:01.0463 6924 WerSvc - ok
20:21:01.0493 6924 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:21:01.0503 6924 WfpLwf - ok
20:21:01.0503 6924 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:21:01.0503 6924 WIMMount - ok
20:21:01.0563 6924 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:21:01.0593 6924 WinDefend - ok
20:21:01.0623 6924 WinHttpAutoProxySvc - ok
20:21:01.0703 6924 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:21:01.0713 6924 Winmgmt - ok
20:21:01.0763 6924 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:21:01.0793 6924 WinRM - ok
20:21:01.0853 6924 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:21:01.0853 6924 WinUsb - ok
20:21:01.0873 6924 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:21:01.0903 6924 Wlansvc - ok
20:21:02.0013 6924 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:21:02.0053 6924 wlidsvc - ok
20:21:02.0103 6924 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:21:02.0113 6924 WmiAcpi - ok
20:21:02.0143 6924 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:21:02.0143 6924 wmiApSrv - ok
20:21:02.0193 6924 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:21:02.0213 6924 WMPNetworkSvc - ok
20:21:02.0233 6924 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:21:02.0243 6924 WPCSvc - ok
20:21:02.0273 6924 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:21:02.0283 6924 WPDBusEnum - ok
20:21:02.0303 6924 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:21:02.0303 6924 ws2ifsl - ok
20:21:02.0363 6924 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:21:02.0383 6924 wscsvc - ok
20:21:02.0393 6924 WSearch - ok
20:21:02.0493 6924 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:21:02.0543 6924 wuauserv - ok
20:21:02.0583 6924 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:21:02.0583 6924 WudfPf - ok
20:21:02.0603 6924 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:21:02.0603 6924 WUDFRd - ok
20:21:02.0623 6924 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:21:02.0633 6924 wudfsvc - ok
20:21:02.0653 6924 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:21:02.0673 6924 WwanSvc - ok
20:21:02.0713 6924 [ 6CABA3992E8D2939CAA6AAE0431BA7FB ] zghsmdm C:\Windows\system32\DRIVERS\zghsmdm.sys
20:21:02.0713 6924 zghsmdm - ok
20:21:02.0743 6924 ================ Scan global ===============================
20:21:02.0793 6924 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:21:02.0823 6924 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
20:21:02.0853 6924 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
20:21:02.0883 6924 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:21:02.0903 6924 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:21:02.0923 6924 [Global] - ok
20:21:02.0923 6924 ================ Scan MBR ==================================
20:21:02.0933 6924 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:21:03.0323 6924 \Device\Harddisk0\DR0 - ok
20:21:03.0323 6924 ================ Scan VBR ==================================
20:21:03.0323 6924 [ 3D2D9C984B2630D83A58B1460EFC6401 ] \Device\Harddisk0\DR0\Partition1
20:21:03.0333 6924 \Device\Harddisk0\DR0\Partition1 - ok
20:21:03.0343 6924 [ 2CCD359C18E579ED9F3D3F7951AEC487 ] \Device\Harddisk0\DR0\Partition2
20:21:03.0343 6924 \Device\Harddisk0\DR0\Partition2 - ok
20:21:03.0343 6924 ============================================================
20:21:03.0343 6924 Scan finished
20:21:03.0343 6924 ============================================================
20:21:03.0373 2000 Detected object count: 0
20:21:03.0373 2000 Actual detected object count: 0
20:32:57.0852 4164 Deinitialize success

[Orcus]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\Adobe Flash Player Updater.job

Firefox::
FF - ProfilePath - c:\users\Miloš\AppData\Roaming\Mozilla\Firefox\Profiles\9rhuu4uy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =827316&p=


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Dubák]

ComboFix 12-10-04.02 - Miloš 08.10.2012 18:51:12.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2047.1178 [GMT 2:00]
Spuštěný z: c:\users\MiloÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MiloÜ\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-08 do 2012-10-08 )))))))))))))))))))))))))))))))
.
.
2012-10-08 16:59 . 2012-10-08 16:59 -------- d-----w- c:\users\Miloš\AppData\Local\temp
2012-10-08 16:59 . 2012-10-08 16:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-07 15:35 . 2012-10-08 05:55 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D46ED81A-13F0-431B-B81C-4DC98E78DECB}\offreg.dll
2012-10-06 09:48 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-06 09:09 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-10-06 07:50 . 2012-10-06 07:50 388096 ----a-r- c:\users\Miloš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-06 07:45 . 2012-10-06 07:45 -------- d-----w- c:\program files\CCleaner
2012-10-05 15:40 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D46ED81A-13F0-431B-B81C-4DC98E78DECB}\mpengine.dll
2012-10-05 15:39 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-10-05 15:39 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-05 15:39 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-10-05 15:39 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-10-05 15:38 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-10-05 15:34 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-10-05 15:34 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-10-05 15:34 . 2012-06-02 04:40 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-10-05 15:34 . 2012-06-02 04:45 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-10-05 15:34 . 2012-06-02 04:39 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-10-05 15:34 . 2012-06-02 04:40 225280 ----a-w- c:\windows\system32\schannel.dll
2012-10-05 15:34 . 2012-06-02 04:45 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-10-05 15:33 . 2012-06-06 05:05 1019904 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-10-05 15:33 . 2012-06-06 05:05 57344 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2012-10-05 15:33 . 2012-06-06 05:05 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2012-10-05 15:33 . 2012-06-06 05:03 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-10-05 15:33 . 2012-06-06 05:05 143360 ----a-w- c:\program files\Common Files\System\ado\msjro.dll
2012-10-05 15:33 . 2012-06-06 05:05 212992 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2012-10-05 15:33 . 2012-06-06 05:05 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2012-10-05 15:33 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-10-05 15:33 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-10-05 15:31 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-10-05 15:31 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-10-05 15:31 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-10-05 15:31 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-10-05 15:31 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-10-05 15:31 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-05 15:31 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-10-05 15:31 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-05 15:25 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-10-05 15:07 . 2012-10-06 08:26 -------- d-----w- c:\users\LogMeInRemoteUser
2012-10-05 14:53 . 2012-10-05 14:53 -------- d-----w- c:\users\Miloš\AppData\Local\LogMeIn
2012-10-05 14:53 . 2012-07-05 16:09 52128 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2012-10-05 14:53 . 2012-07-05 16:09 30624 ----a-w- c:\windows\system32\LMIport.dll
2012-10-05 14:53 . 2012-07-05 16:10 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-10-05 14:53 . 2012-06-08 10:06 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2012-10-05 14:53 . 2012-07-05 16:09 87456 ----a-w- c:\windows\system32\LMIinit.dll
2012-10-05 14:53 . 2012-10-08 16:40 -------- d-----w- c:\programdata\LogMeIn
2012-10-05 14:52 . 2012-10-05 15:07 -------- d-----w- c:\program files\LogMeIn
2012-10-05 14:25 . 2012-10-05 14:25 -------- d-----w- C:\$WINDOWS.~BT
2012-10-04 19:22 . 2012-10-04 19:22 -------- d-----w- c:\users\Miloš\AppData\Roaming\Malwarebytes
2012-10-04 19:21 . 2012-10-04 19:21 -------- d-----w- c:\programdata\Malwarebytes
2012-10-04 19:21 . 2012-10-06 09:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-04 16:37 . 2012-10-06 07:50 -------- d-----w- c:\program files\trend micro
2012-10-04 16:37 . 2012-10-04 16:38 -------- d-----w- C:\rsit
2012-10-04 08:15 . 2012-10-04 08:44 -------- dc-h--w- c:\programdata\{A471C4AE-B27B-4761-9BCF-82FAAAAA2D01}
2012-10-04 08:11 . 2012-10-05 15:44 -------- d-----w- c:\program files\CrystalDiskInfo
2012-10-04 07:53 . 2012-10-05 15:44 -------- d-----w- c:\program files\Combined Community Codec Pack
2012-10-04 07:45 . 2012-10-05 15:44 -------- d-----w- c:\program files\GSpot
2012-10-03 12:40 . 2012-10-03 13:46 -------- d-----w- c:\users\Miloš\AppData\Local\BearShare
2012-10-03 12:37 . 2012-10-03 14:07 -------- d-----w- c:\program files\BearShare Applications
2012-10-03 12:36 . 2012-10-03 12:36 -------- d-----w- c:\users\Miloš\AppData\Local\PackageAware
2012-10-02 14:15 . 2012-10-05 15:45 -------- d-----w- c:\program files\Black_Box
2012-10-02 10:17 . 2012-10-02 10:17 5171904 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-10-01 17:21 . 2012-10-05 15:45 -------- d-----w- c:\program files\SCANIA Truck Driving Simulator
2012-09-30 16:46 . 2012-09-30 16:46 -------- d-----w- c:\users\Miloš\AppData\Roaming\AlawarEntertainment
2012-09-30 16:43 . 2012-09-30 16:44 -------- d-----w- c:\programdata\AlawarWrapper
2012-09-30 16:40 . 2012-10-05 15:45 -------- d-----w- c:\program files\Alawarhry.cz
2012-09-29 15:34 . 2012-09-30 10:00 -------- d-----w- c:\program files\Bohemia Interactive
2012-09-08 19:36 . 2012-09-08 19:36 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-06 07:50 . 2012-10-06 07:50 388096 ----a-r- c:\users\Miloš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-06 07:50 . 2012-10-06 07:50 388096 ----a-r- c:\users\Miloš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-22 05:41 . 2012-04-02 15:44 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-22 05:41 . 2011-07-04 09:10 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-21 09:13 . 2011-09-19 09:24 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-09-19 09:24 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2011-09-19 09:24 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-03-02 10:00 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-09-19 09:24 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-09-19 09:24 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-09-19 09:23 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-09-19 09:23 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-28 04:09 . 2011-04-20 01:38 5538984 ----a-w- c:\windows\system32\atiumdag.dll
2012-07-28 04:06 . 2012-07-28 04:06 8758784 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 58880 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\system32\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2011-04-20 02:09 931328 ----a-w- c:\windows\system32\aticfx32.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 469504 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-07-28 02:08 . 2012-07-28 02:08 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-07-28 02:07 . 2011-04-20 01:59 6430208 ----a-w- c:\windows\system32\atidxx32.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-07-28 01:32 . 2011-04-20 01:30 4751872 ----a-w- c:\windows\system32\atiumdva.dll
2012-07-28 01:30 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\system32\aticaldd.dll
2012-07-28 01:15 . 2012-07-28 01:15 368640 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:14 . 2012-07-28 01:14 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-07-28 01:14 . 2012-07-28 01:14 296448 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2011-04-20 01:21 109568 ----a-w- c:\windows\system32\atiuxpag.dll
2012-07-28 01:13 . 2011-04-20 01:21 83456 ----a-w- c:\windows\system32\atiu9pag.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\system32\amdocl.dll
2012-07-27 20:44 . 2012-07-27 20:44 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-08 19:36 . 2011-12-01 16:58 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2011-05-25 491040]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-02-10 399736]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2011-04-19 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2011-09-08 77824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2012-06-08 63048]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor.lnk - c:\program files\Eye 312S\Monitor.exe [2007-10-16 249856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^Users^Miloš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Miloš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-12 11:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-09 16:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 Ca2001v;CA2001 WebCam Driver;c:\windows\system32\Drivers\Ca2001v.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 05:41]
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-25 19:26]
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-25 19:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Miloš\AppData\Roaming\Mozilla\Firefox\Profiles\9rhuu4uy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =827316&p=
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2146031217-198812667-510708698-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:2d,cd,a5,5d,5b,96,d5,74,1a,f1,02,ef,c0,9d,bf,0c,55,28,64,da,79,a1,2d,
b4,04,30,be,f7,37,f9,7b,1b,4d,f0,8a,59,77,86,41,5f,62,e4,a2,31,a5,62,0f,36,\
"??"=hex:e5,f7,13,76,18,03,3f,43,fa,be,25,89,83,53,18,dd
.
[HKEY_USERS\S-1-5-21-2146031217-198812667-510708698-1001\Software\SecuROM\License information*]
"datasecu"=hex:dd,ea,ad,52,34,06,bc,33,98,8c,b9,b1,bc,a2,b9,59,c5,bc,16,6a,87,
e0,bc,97,15,b1,53,81,ea,f9,8f,89,54,5b,74,88,93,70,8d,8a,82,d8,5c,ee,74,a1,\
"rkeysecu"=hex:46,b3,f9,30,63,75,ac,77,b8,3d,41,28,8e,3e,f7,1f
.
[HKEY_USERS\S-1-5-21-2146031217-198812667-510708698-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\c:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T17:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T17:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T17:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-2146031217-198812667-510708698-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-10-08 19:00:19
ComboFix-quarantined-files.txt 2012-10-08 17:00
ComboFix2.txt 2012-10-07 18:50
ComboFix3.txt 2012-10-05 13:56
.
Před spuštěním: Volných bajtů: 174 360 195 072
Po spuštění: Volných bajtů: 174 298 533 888
.
- - End Of File - - 228C1999F2FB512A6577B7A447EC7B60

[Orcus]

Combofix se neprovedl, zkus ho provést v nouzáku.

[Dubák]

K tomu pc se teď nějakou dobu bohužel nedostanu, takže to asi uzavřeme tak jak to je...

Díky moc..

[Žbeky]

No to zas ne, minimálně se musí CF odinstalovat