Prosím o kotrolu, něco vytěžuje RAM +

cmuch · Příspěvekod **cmuch** » 20 pro 2012 16:39

Ahoj,

poslední dobou strašně dlouho trvá než se načtou internetové stránky,
normálně jsem mohl mít otevřeno několik oken a bylo to v poho a teď sotva jednu.

Projížděl jsem i MBAM a ten nic nenašel.

Tady HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:37:59, on 20.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Programy\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Programy\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Programy\totalcmd\TOTALCMD.EXE
C:\Users\Cmuch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cmuch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cmuch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Users\Cmuch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cmuch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Programy\HJT\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programy\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Programy\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Cmuch\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programy\AVG\AVG2012\avgdtiex.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programy\AVG\AVG2012\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Programy\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Programy\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Programy\AVG\AVG2012\avgwdsvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 4541 bytes

Děkuji

Reklama

Příspěvekod **Žbeky** » 20 pro 2012 18:22

Fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Cmuch\AppData\Local\Google\Update\GoogleUpdate.exe" /c

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

cmuch · Příspěvekod **cmuch** » 20 pro 2012 20:56

Tak ten Combo fix se mi nechce provést,
vyřadiljsm antivir a spustil, tak 2min chřoupal disk a pak už moc ne, nechal jsem to 10min jak je psáno, že by mělo trvat a pořád tam bylo to okno tak jsem to nechal běžet dál a po půl hodině jsem chtěl pohýbat myší a ono to bylo seklé.
Skusil jsem od instalovat Antivir a pustit znovu , ale dopadlo to uplně stejně.

Tak tady je alespoň TDSKILLER kterej proběhl před tí bez problému.

Z důvodu omezení znaku jsem to rozdělil
Čast1:

18:33:28.0460 4832 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:33:30.0519 4832 ============================================================
18:33:30.0519 4832 Current date / time: 2012/12/20 18:33:30.0519
18:33:30.0519 4832 SystemInfo:
18:33:30.0519 4832
18:33:30.0519 4832 OS Version: 6.1.7601 ServicePack: 1.0
18:33:30.0519 4832 Product type: Workstation
18:33:30.0519 4832 ComputerName: CMUCH-PC
18:33:30.0519 4832 UserName: Cmuch
18:33:30.0519 4832 Windows directory: C:\Windows
18:33:30.0519 4832 System windows directory: C:\Windows
18:33:30.0519 4832 Processor architecture: Intel x86
18:33:30.0519 4832 Number of processors: 2
18:33:30.0519 4832 Page size: 0x1000
18:33:30.0519 4832 Boot type: Normal boot
18:33:30.0519 4832 ============================================================
18:33:32.0531 4832 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1D9265, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
18:33:32.0547 4832 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:33:33.0249 4832 ============================================================
18:33:33.0249 4832 \Device\Harddisk0\DR0:
18:33:33.0249 4832 MBR partitions:
18:33:33.0249 4832 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3E19E31
18:33:33.0280 4832 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3E19EAF, BlocksNum 0x708ECF01
18:33:33.0280 4832 \Device\Harddisk1\DR1:
18:33:33.0280 4832 MBR partitions:
18:33:33.0280 4832 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
18:33:33.0280 4832 ============================================================
18:33:33.0296 4832 C: <-> \Device\Harddisk0\DR0\Partition1
18:33:33.0327 4832 D: <-> \Device\Harddisk0\DR0\Partition2
18:33:33.0374 4832 F: <-> \Device\Harddisk1\DR1\Partition1
18:33:33.0405 4832 ============================================================
18:33:33.0405 4832 Initialize success
18:33:33.0405 4832 ============================================================
18:33:43.0311 5600 ============================================================
18:33:43.0311 5600 Scan started
18:33:43.0311 5600 Mode: Manual;
18:33:43.0311 5600 ============================================================

cmuch · Příspěvekod **cmuch** » 20 pro 2012 20:58

Část2:

18:33:45.0058 5600 ================ Scan system memory ========================
18:33:45.0058 5600 System memory - ok
18:33:45.0074 5600 ================ Scan services =============================
18:33:45.0432 5600 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:33:45.0432 5600 1394ohci - ok
18:33:45.0464 5600 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:33:45.0479 5600 ACPI - ok
18:33:45.0495 5600 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:33:45.0495 5600 AcpiPmi - ok
18:33:45.0557 5600 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:33:45.0557 5600 AdobeFlashPlayerUpdateSvc - ok
18:33:45.0604 5600 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:33:45.0620 5600 adp94xx - ok
18:33:45.0635 5600 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:33:45.0651 5600 adpahci - ok
18:33:45.0666 5600 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:33:45.0666 5600 adpu320 - ok
18:33:45.0713 5600 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:33:45.0713 5600 AeLookupSvc - ok
18:33:45.0744 5600 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:33:45.0744 5600 AFD - ok
18:33:45.0791 5600 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:33:45.0791 5600 agp440 - ok
18:33:45.0822 5600 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:33:45.0822 5600 aic78xx - ok
18:33:45.0838 5600 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:33:45.0854 5600 ALG - ok
18:33:45.0885 5600 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:33:45.0885 5600 aliide - ok
18:33:45.0932 5600 [ E608D708EFE1F8AE7160DB7C0DE4D8E6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:33:45.0932 5600 AMD External Events Utility - ok
18:33:46.0025 5600 AMD FUEL Service - ok
18:33:46.0056 5600 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:33:46.0056 5600 amdagp - ok
18:33:46.0088 5600 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:33:46.0088 5600 amdide - ok
18:33:46.0103 5600 [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86 C:\Windows\system32\DRIVERS\amdiox86.sys
18:33:46.0103 5600 amdiox86 - ok
18:33:46.0119 5600 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:33:46.0119 5600 AmdK8 - ok
18:33:46.0322 5600 [ F611C341A8B0926D6C2D6417464BD11E ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:33:46.0415 5600 amdkmdag - ok
18:33:46.0446 5600 [ C08F6E9987D2AACFF9653ADB30C4DA3D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:33:46.0446 5600 amdkmdap - ok
18:33:46.0462 5600 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:33:46.0462 5600 AmdPPM - ok
18:33:46.0493 5600 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:33:46.0493 5600 amdsata - ok
18:33:46.0524 5600 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:33:46.0524 5600 amdsbs - ok
18:33:46.0540 5600 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:33:46.0540 5600 amdxata - ok
18:33:46.0571 5600 [ 3E59DF4984FBD6800D6621480B38A34E ] Andbus C:\Windows\system32\DRIVERS\lgandbus.sys
18:33:46.0571 5600 Andbus - ok
18:33:46.0602 5600 [ 8E0BF6F3B2C9C292BC7CE0DE727CDD56 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag.sys
18:33:46.0602 5600 AndDiag - ok
18:33:46.0618 5600 [ 1D2C90E25483363D54B652898BBC8F2A ] AndGps C:\Windows\system32\DRIVERS\lgandgps.sys
18:33:46.0618 5600 AndGps - ok
18:33:46.0665 5600 [ B1B06A95DA2CAC7FA19832C60C348C85 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem.sys
18:33:46.0665 5600 ANDModem - ok
18:33:46.0696 5600 [ 7686F0B4539A8C3EEC4201961B68FEED ] andnetadb C:\Windows\system32\Drivers\lgandnetadb.sys
18:33:46.0712 5600 andnetadb - ok
18:33:46.0743 5600 [ 54A40A58FF71936026F2E49ECFD487B8 ] androidusb C:\Windows\system32\Drivers\lgandadb.sys
18:33:46.0743 5600 androidusb - ok
18:33:46.0805 5600 [ 66F4DE5876DC1A47BA1ACE909FA9AEEF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
18:33:46.0805 5600 AODDriver4.2 - ok
18:33:46.0852 5600 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:33:46.0852 5600 AppID - ok
18:33:46.0883 5600 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:33:46.0883 5600 AppIDSvc - ok
18:33:46.0946 5600 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:33:46.0946 5600 Appinfo - ok
18:33:46.0992 5600 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:33:46.0992 5600 AppMgmt - ok
18:33:47.0008 5600 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:33:47.0008 5600 arc - ok
18:33:47.0039 5600 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:33:47.0039 5600 arcsas - ok
18:33:47.0055 5600 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:47.0055 5600 AsyncMac - ok
18:33:47.0055 5600 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:33:47.0055 5600 atapi - ok
18:33:47.0117 5600 [ 434192D027A6A11E32E1C74C7C43E1ED ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
18:33:47.0117 5600 AtiHDAudioService - ok
18:33:47.0180 5600 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:33:47.0180 5600 AudioEndpointBuilder - ok
18:33:47.0195 5600 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:33:47.0195 5600 Audiosrv - ok
18:33:47.0242 5600 [ C46BA2C177DF0B84F9C0BFC1E4574DC7 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
18:33:47.0242 5600 Avgfwfd - ok
18:33:47.0398 5600 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] avgfws C:\Programy\AVG\AVG2012\avgfws.exe
18:33:47.0445 5600 avgfws - ok
18:33:47.0554 5600 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Programy\AVG\AVG2012\avgidsagent.exe
18:33:47.0601 5600 AVGIDSAgent - ok
18:33:47.0632 5600 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
18:33:47.0632 5600 AVGIDSDriver - ok
18:33:47.0648 5600 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys
18:33:47.0648 5600 AVGIDSFilter - ok
18:33:47.0663 5600 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
18:33:47.0663 5600 AVGIDSHX - ok
18:33:47.0663 5600 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
18:33:47.0663 5600 AVGIDSShim - ok
18:33:47.0694 5600 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
18:33:47.0694 5600 Avgldx86 - ok
18:33:47.0726 5600 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
18:33:47.0757 5600 Avgmfx86 - ok
18:33:47.0788 5600 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
18:33:47.0788 5600 Avgrkx86 - ok
18:33:47.0819 5600 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
18:33:47.0819 5600 Avgtdix - ok
18:33:47.0850 5600 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Programy\AVG\AVG2012\avgwdsvc.exe
18:33:47.0850 5600 avgwd - ok
18:33:47.0897 5600 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:33:47.0897 5600 AxInstSV - ok
18:33:47.0928 5600 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:33:47.0928 5600 b06bdrv - ok
18:33:47.0960 5600 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:33:47.0960 5600 b57nd60x - ok
18:33:47.0991 5600 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:33:47.0991 5600 BDESVC - ok
18:33:48.0022 5600 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:33:48.0022 5600 Beep - ok
18:33:48.0053 5600 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:33:48.0053 5600 BFE - ok
18:33:48.0084 5600 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:33:48.0100 5600 BITS - ok
18:33:48.0116 5600 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:33:48.0116 5600 blbdrive - ok
18:33:48.0131 5600 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:33:48.0131 5600 bowser - ok
18:33:48.0162 5600 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:33:48.0162 5600 BrFiltLo - ok
18:33:48.0178 5600 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:33:48.0178 5600 BrFiltUp - ok
18:33:48.0209 5600 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:33:48.0225 5600 Browser - ok
18:33:48.0240 5600 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:33:48.0240 5600 Brserid - ok
18:33:48.0272 5600 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:33:48.0272 5600 BrSerWdm - ok
18:33:48.0287 5600 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:33:48.0287 5600 BrUsbMdm - ok
18:33:48.0303 5600 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:33:48.0303 5600 BrUsbSer - ok
18:33:48.0318 5600 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:33:48.0318 5600 BTHMODEM - ok
18:33:48.0350 5600 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:33:48.0350 5600 bthserv - ok
18:33:48.0350 5600 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:33:48.0350 5600 cdfs - ok
18:33:48.0381 5600 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:33:48.0381 5600 cdrom - ok
18:33:48.0428 5600 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:33:48.0428 5600 CertPropSvc - ok
18:33:48.0443 5600 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:33:48.0443 5600 circlass - ok
18:33:48.0490 5600 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:33:48.0490 5600 CLFS - ok
18:33:48.0568 5600 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:33:48.0568 5600 clr_optimization_v2.0.50727_32 - ok
18:33:48.0662 5600 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:33:48.0662 5600 clr_optimization_v4.0.30319_32 - ok
18:33:48.0693 5600 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:33:48.0693 5600 CmBatt - ok
18:33:48.0708 5600 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:33:48.0708 5600 cmdide - ok
18:33:48.0755 5600 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:33:48.0771 5600 CNG - ok
18:33:48.0771 5600 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:33:48.0786 5600 Compbatt - ok
18:33:48.0802 5600 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:33:48.0802 5600 CompositeBus - ok
18:33:48.0818 5600 COMSysApp - ok
18:33:48.0833 5600 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:33:48.0833 5600 crcdisk - ok
18:33:48.0880 5600 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:33:48.0880 5600 CryptSvc - ok
18:33:48.0958 5600 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:33:48.0958 5600 CSC - ok
18:33:48.0989 5600 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:33:49.0005 5600 CscService - ok
18:33:49.0020 5600 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:33:49.0036 5600 DcomLaunch - ok
18:33:49.0098 5600 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:33:49.0098 5600 defragsvc - ok
18:33:49.0145 5600 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:33:49.0145 5600 DfsC - ok
18:33:49.0176 5600 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:33:49.0176 5600 Dhcp - ok
18:33:49.0223 5600 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:33:49.0223 5600 discache - ok
18:33:49.0254 5600 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:33:49.0254 5600 Disk - ok
18:33:49.0270 5600 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:33:49.0286 5600 Dnscache - ok
18:33:49.0317 5600 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:33:49.0332 5600 dot3svc - ok
18:33:49.0348 5600 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:33:49.0348 5600 DPS - ok
18:33:49.0395 5600 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:33:49.0395 5600 drmkaud - ok
18:33:49.0442 5600 [ C0C7CECCB6C85994C2BC92D58E52D3F2 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:33:49.0442 5600 dtsoftbus01 - ok
18:33:49.0488 5600 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:33:49.0504 5600 DXGKrnl - ok
18:33:49.0535 5600 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:33:49.0535 5600 EapHost - ok
18:33:49.0598 5600 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:33:49.0629 5600 ebdrv - ok
18:33:49.0660 5600 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:33:49.0660 5600 EFS - ok
18:33:49.0863 5600 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:33:49.0878 5600 ehRecvr - ok
18:33:49.0910 5600 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:33:49.0910 5600 ehSched - ok
18:33:49.0941 5600 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:33:49.0941 5600 elxstor - ok
18:33:50.0003 5600 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:33:50.0003 5600 ErrDev - ok
18:33:50.0034 5600 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:33:50.0050 5600 EventSystem - ok
18:33:50.0565 5600 [ FE7C318E302FD69D765A4FC6873C3935 ] EverestDriver F:\Programy\__UsB\Everest-Ultimate-Edition-4.60.1601\kerneld.wnt
18:33:50.0565 5600 EverestDriver - ok
18:33:50.0596 5600 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:33:50.0596 5600 exfat - ok
18:33:50.0627 5600 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:33:50.0627 5600 fastfat - ok
18:33:50.0674 5600 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:33:50.0674 5600 Fax - ok
18:33:50.0705 5600 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:33:50.0705 5600 fdc - ok
18:33:50.0705 5600 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:33:50.0721 5600 fdPHost - ok
18:33:50.0752 5600 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:33:50.0752 5600 FDResPub - ok
18:33:50.0752 5600 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:33:50.0768 5600 FileInfo - ok
18:33:50.0783 5600 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:33:50.0783 5600 Filetrace - ok
18:33:50.0799 5600 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:33:50.0799 5600 flpydisk - ok
18:33:50.0814 5600 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:33:50.0814 5600 FltMgr - ok
18:33:50.0861 5600 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
18:33:50.0861 5600 FontCache - ok
18:33:50.0924 5600 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:33:50.0924 5600 FontCache3.0.0.0 - ok
18:33:50.0924 5600 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:33:50.0924 5600 FsDepends - ok
18:33:50.0939 5600 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:33:50.0939 5600 Fs_Rec - ok
18:33:50.0955 5600 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:33:50.0955 5600 fvevol - ok
18:33:50.0986 5600 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:33:50.0986 5600 gagp30kx - ok
18:33:51.0033 5600 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:33:51.0048 5600 gpsvc - ok
18:33:51.0064 5600 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:33:51.0064 5600 hcw85cir - ok
18:33:51.0111 5600 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:33:51.0111 5600 HdAudAddService - ok
18:33:51.0142 5600 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:33:51.0142 5600 HDAudBus - ok
18:33:51.0173 5600 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:33:51.0173 5600 HidBatt - ok
18:33:51.0189 5600 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:33:51.0189 5600 HidBth - ok
18:33:51.0204 5600 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:33:51.0204 5600 HidIr - ok
18:33:51.0220 5600 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:33:51.0236 5600 hidserv - ok
18:33:51.0267 5600 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:33:51.0267 5600 HidUsb - ok
18:33:51.0298 5600 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:33:51.0298 5600 hkmsvc - ok
18:33:51.0329 5600 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:33:51.0329 5600 HomeGroupListener - ok
18:33:51.0360 5600 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:33:51.0360 5600 HomeGroupProvider - ok
18:33:51.0392 5600 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:33:51.0392 5600 HpSAMD - ok
18:33:51.0423 5600 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:33:51.0423 5600 HTTP - ok
18:33:51.0438 5600 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:33:51.0438 5600 hwpolicy - ok
18:33:51.0470 5600 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:33:51.0485 5600 i8042prt - ok
18:33:51.0516 5600 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:33:51.0516 5600 iaStorV - ok
18:33:51.0563 5600 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:33:51.0579 5600 idsvc - ok
18:33:51.0610 5600 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:33:51.0610 5600 iirsp - ok
18:33:51.0641 5600 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:33:51.0641 5600 IKEEXT - ok
18:33:51.0672 5600 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:33:51.0672 5600 intelide - ok
18:33:51.0688 5600 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:33:51.0688 5600 intelppm - ok
18:33:51.0719 5600 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:33:51.0719 5600 IPBusEnum - ok
18:33:51.0735 5600 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:33:51.0735 5600 IpFilterDriver - ok
18:33:51.0797 5600 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:33:51.0813 5600 iphlpsvc - ok
18:33:51.0813 5600 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:33:51.0828 5600 IPMIDRV - ok
18:33:51.0844 5600 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:33:51.0844 5600 IPNAT - ok
18:33:51.0860 5600 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:33:51.0860 5600 IRENUM - ok
18:33:51.0875 5600 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:33:51.0875 5600 isapnp - ok
18:33:51.0906 5600 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:33:51.0906 5600 iScsiPrt - ok
18:33:51.0938 5600 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:33:51.0938 5600 kbdclass - ok
18:33:51.0969 5600 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:33:51.0969 5600 kbdhid - ok
18:33:51.0984 5600 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:33:51.0984 5600 KeyIso - ok
18:33:52.0016 5600 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:33:52.0016 5600 KSecDD - ok
18:33:52.0031 5600 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:33:52.0031 5600 KSecPkg - ok
18:33:52.0062 5600 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:33:52.0062 5600 KtmRm - ok
18:33:52.0109 5600 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:33:52.0109 5600 LanmanServer - ok
18:33:52.0140 5600 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:33:52.0140 5600 LanmanWorkstation - ok
18:33:52.0156 5600 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:33:52.0156 5600 lltdio - ok
18:33:52.0172 5600 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:33:52.0187 5600 lltdsvc - ok
18:33:52.0203 5600 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:33:52.0203 5600 lmhosts - ok
18:33:52.0234 5600 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:33:52.0234 5600 LSI_FC - ok
18:33:52.0250 5600 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:33:52.0250 5600 LSI_SAS - ok
18:33:52.0281 5600 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:33:52.0281 5600 LSI_SAS2 - ok
18:33:52.0296 5600 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:33:52.0296 5600 LSI_SCSI - ok
18:33:52.0312 5600 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:33:52.0312 5600 luafv - ok
18:33:52.0343 5600 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:33:52.0343 5600 MBAMProtector - ok
18:33:52.0390 5600 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:33:52.0390 5600 MBAMScheduler - ok
18:33:52.0421 5600 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe
18:33:52.0437 5600 MBAMService - ok
18:33:52.0452 5600 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:33:52.0468 5600 Mcx2Svc - ok
18:33:52.0484 5600 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:33:52.0484 5600 megasas - ok
18:33:52.0499 5600 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:33:52.0499 5600 MegaSR - ok
18:33:52.0515 5600 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:33:52.0515 5600 MMCSS - ok
18:33:52.0530 5600 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:33:52.0530 5600 Modem - ok
18:33:52.0546 5600 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:33:52.0546 5600 monitor - ok
18:33:52.0562 5600 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:33:52.0562 5600 mouclass - ok
18:33:52.0593 5600 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:33:52.0593 5600 mouhid - ok
18:33:52.0624 5600 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:33:52.0624 5600 mountmgr - ok
18:33:52.0655 5600 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:33:52.0655 5600 mpio - ok
18:33:52.0671 5600 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:33:52.0671 5600 mpsdrv - ok
18:33:52.0702 5600 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:33:52.0718 5600 MpsSvc - ok
18:33:52.0718 5600 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:33:52.0733 5600 MRxDAV - ok
18:33:52.0749 5600 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:33:52.0749 5600 mrxsmb - ok
18:33:52.0764 5600 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:33:52.0764 5600 mrxsmb10 - ok
18:33:52.0796 5600 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:33:52.0796 5600 mrxsmb20 - ok
18:33:52.0827 5600 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:33:52.0827 5600 msahci - ok
18:33:52.0842 5600 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:33:52.0842 5600 msdsm - ok
18:33:52.0858 5600 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:33:52.0858 5600 MSDTC - ok
18:33:52.0874 5600 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:33:52.0874 5600 Msfs - ok
18:33:52.0905 5600 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:33:52.0905 5600 mshidkmdf - ok
18:33:52.0920 5600 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:33:52.0920 5600 msisadrv - ok
18:33:52.0952 5600 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:33:52.0967 5600 MSiSCSI - ok
18:33:52.0967 5600 msiserver - ok
18:33:52.0998 5600 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:33:52.0998 5600 MSKSSRV - ok
18:33:53.0014 5600 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:33:53.0014 5600 MSPCLOCK - ok
18:33:53.0014 5600 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:33:53.0014 5600 MSPQM - ok
18:33:53.0030 5600 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:33:53.0045 5600 MsRPC - ok
18:33:53.0061 5600 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:33:53.0061 5600 mssmbios - ok
18:33:53.0061 5600 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:33:53.0061 5600 MSTEE - ok
18:33:53.0076 5600 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:33:53.0076 5600 MTConfig - ok
18:33:53.0108 5600 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:33:53.0108 5600 Mup - ok
18:33:53.0123 5600 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:33:53.0139 5600 napagent - ok
18:33:53.0154 5600 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:33:53.0154 5600 NativeWifiP - ok
18:33:53.0186 5600 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:33:53.0201 5600 NDIS - ok
18:33:53.0232 5600 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:33:53.0232 5600 NdisCap - ok
18:33:53.0248 5600 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:33:53.0248 5600 NdisTapi - ok
18:33:53.0279 5600 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:33:53.0279 5600 Ndisuio - ok
18:33:53.0295 5600 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:33:53.0295 5600 NdisWan - ok
18:33:53.0310 5600 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:33:53.0310 5600 NDProxy - ok
18:33:53.0326 5600 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:33:53.0326 5600 NetBIOS - ok
18:33:53.0357 5600 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:33:53.0357 5600 NetBT - ok
18:33:53.0357 5600 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:33:53.0373 5600 Netlogon - ok
18:33:53.0404 5600 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:33:53.0404 5600 Netman - ok
18:33:53.0420 5600 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:33:53.0435 5600 netprofm - ok
18:33:53.0451 5600 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:33:53.0451 5600 NetTcpPortSharing - ok
18:33:53.0482 5600 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:33:53.0482 5600 nfrd960 - ok
18:33:53.0513 5600 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:33:53.0513 5600 NlaSvc - ok
18:33:53.0544 5600 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:33:53.0544 5600 Npfs - ok
18:33:53.0544 5600 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:33:53.0544 5600 nsi - ok
18:33:53.0560 5600 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:33:53.0560 5600 nsiproxy - ok
18:33:53.0622 5600 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:33:53.0654 5600 Ntfs - ok
18:33:53.0685 5600 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:33:53.0685 5600 Null - ok
18:33:53.0700 5600 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
18:33:53.0716 5600 NVENETFD - ok
18:33:53.0934 5600 [ 377140A534D013BD661C69F1741DE43C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:33:54.0075 5600 nvlddmkm - ok
18:33:54.0106 5600 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:33:54.0106 5600 nvraid - ok
18:33:54.0122 5600 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:33:54.0122 5600 nvstor - ok
18:33:54.0153 5600 [ 4ED813EFD77A9B7E57E341CDC1C5CBC4 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:33:54.0153 5600 nvsvc - ok
18:33:54.0168 5600 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:33:54.0168 5600 nv_agp - ok
18:33:54.0200 5600 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:33:54.0200 5600 ohci1394 - ok
18:33:54.0262 5600 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:33:54.0262 5600 ose - ok
18:33:54.0418 5600 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:33:54.0449 5600 osppsvc - ok
18:33:54.0512 5600 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:33:54.0527 5600 p2pimsvc - ok
18:33:54.0558 5600 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:33:54.0574 5600 p2psvc - ok
18:33:54.0605 5600 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:33:54.0621 5600 Parport - ok
18:33:54.0636 5600 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:33:54.0636 5600 partmgr - ok
18:33:54.0652 5600 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:33:54.0652 5600 Parvdm - ok
18:33:54.0668 5600 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:33:54.0668 5600 PcaSvc - ok
18:33:54.0699 5600 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:33:54.0699 5600 pci - ok
18:33:54.0730 5600 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:33:54.0730 5600 pciide - ok
18:33:54.0746 5600 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:33:54.0746 5600 pcmcia - ok
18:33:54.0761 5600 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:33:54.0761 5600 pcw - ok
18:33:54.0792 5600 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:33:54.0792 5600 PEAUTH - ok
18:33:54.0855 5600 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:33:54.0870 5600 PeerDistSvc - ok
18:33:54.0995 5600 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:33:55.0011 5600 pla - ok
18:33:55.0073 5600 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:33:55.0089 5600 PlugPlay - ok
18:33:55.0104 5600 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:33:55.0120 5600 PNRPAutoReg - ok
18:33:55.0120 5600 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:33:55.0136 5600 PNRPsvc - ok
18:33:55.0151 5600 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:33:55.0151 5600 PolicyAgent - ok
18:33:55.0167 5600 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:33:55.0182 5600 Power - ok

cmuch · Příspěvekod **cmuch** » 20 pro 2012 20:58

Část3:

18:33:55.0198 5600 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:33:55.0198 5600 PptpMiniport - ok
18:33:55.0214 5600 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:33:55.0214 5600 Processor - ok
18:33:55.0260 5600 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:33:55.0260 5600 ProfSvc - ok
18:33:55.0276 5600 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:33:55.0276 5600 ProtectedStorage - ok
18:33:55.0323 5600 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:33:55.0338 5600 Psched - ok
18:33:55.0385 5600 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:33:55.0401 5600 ql2300 - ok
18:33:55.0432 5600 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:33:55.0448 5600 ql40xx - ok
18:33:55.0494 5600 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:33:55.0510 5600 QWAVE - ok
18:33:55.0541 5600 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:33:55.0541 5600 QWAVEdrv - ok
18:33:55.0557 5600 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:33:55.0557 5600 RasAcd - ok
18:33:55.0572 5600 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:33:55.0572 5600 RasAgileVpn - ok
18:33:55.0604 5600 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:33:55.0604 5600 RasAuto - ok
18:33:55.0635 5600 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:33:55.0635 5600 Rasl2tp - ok
18:33:55.0666 5600 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:33:55.0666 5600 RasMan - ok
18:33:55.0697 5600 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:33:55.0697 5600 RasPppoe - ok
18:33:55.0713 5600 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:33:55.0713 5600 RasSstp - ok
18:33:55.0744 5600 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:33:55.0744 5600 rdbss - ok
18:33:55.0760 5600 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:33:55.0775 5600 rdpbus - ok
18:33:55.0806 5600 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:33:55.0822 5600 RDPCDD - ok
18:33:55.0853 5600 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:33:55.0853 5600 RDPDR - ok
18:33:55.0869 5600 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:33:55.0869 5600 RDPENCDD - ok
18:33:55.0884 5600 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:33:55.0884 5600 RDPREFMP - ok
18:33:55.0947 5600 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:33:55.0947 5600 RdpVideoMiniport - ok
18:33:55.0994 5600 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:33:56.0009 5600 RDPWD - ok
18:33:56.0040 5600 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:33:56.0056 5600 rdyboost - ok
18:33:56.0087 5600 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:33:56.0103 5600 RemoteAccess - ok
18:33:56.0118 5600 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:33:56.0134 5600 RemoteRegistry - ok
18:33:56.0150 5600 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:33:56.0150 5600 RpcEptMapper - ok
18:33:56.0165 5600 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:33:56.0165 5600 RpcLocator - ok
18:33:56.0181 5600 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:33:56.0181 5600 RpcSs - ok
18:33:56.0196 5600 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:33:56.0196 5600 rspndr - ok
18:33:56.0228 5600 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:33:56.0228 5600 s3cap - ok
18:33:56.0243 5600 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:33:56.0259 5600 SamSs - ok
18:33:56.0290 5600 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:33:56.0290 5600 sbp2port - ok
18:33:56.0321 5600 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:33:56.0321 5600 SCardSvr - ok
18:33:56.0337 5600 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:33:56.0337 5600 scfilter - ok
18:33:56.0399 5600 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:33:56.0430 5600 Schedule - ok
18:33:56.0446 5600 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:33:56.0446 5600 SCPolicySvc - ok
18:33:56.0493 5600 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:33:56.0508 5600 SDRSVC - ok
18:33:56.0524 5600 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:33:56.0524 5600 secdrv - ok
18:33:56.0540 5600 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:33:56.0555 5600 seclogon - ok
18:33:56.0571 5600 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:33:56.0571 5600 SENS - ok
18:33:56.0586 5600 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:33:56.0602 5600 SensrSvc - ok
18:33:56.0633 5600 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:33:56.0633 5600 Serenum - ok
18:33:56.0649 5600 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:33:56.0649 5600 Serial - ok
18:33:56.0680 5600 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:33:56.0680 5600 sermouse - ok
18:33:56.0727 5600 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:33:56.0727 5600 SessionEnv - ok
18:33:56.0742 5600 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:33:56.0742 5600 sffdisk - ok
18:33:56.0758 5600 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:33:56.0758 5600 sffp_mmc - ok
18:33:56.0758 5600 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:33:56.0774 5600 sffp_sd - ok
18:33:56.0789 5600 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:33:56.0789 5600 sfloppy - ok
18:33:56.0820 5600 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:33:56.0836 5600 SharedAccess - ok
18:33:56.0852 5600 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:33:56.0867 5600 ShellHWDetection - ok
18:33:56.0883 5600 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:33:56.0883 5600 sisagp - ok
18:33:56.0898 5600 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:33:56.0898 5600 SiSRaid2 - ok
18:33:56.0914 5600 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:33:56.0914 5600 SiSRaid4 - ok
18:33:56.0945 5600 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:33:56.0961 5600 Smb - ok
18:33:56.0976 5600 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:33:56.0992 5600 SNMPTRAP - ok
18:33:57.0008 5600 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:33:57.0008 5600 spldr - ok
18:33:57.0039 5600 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:33:57.0039 5600 Spooler - ok
18:33:57.0117 5600 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:33:57.0148 5600 sppsvc - ok
18:33:57.0179 5600 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:33:57.0179 5600 sppuinotify - ok
18:33:57.0210 5600 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:33:57.0210 5600 srv - ok
18:33:57.0226 5600 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:33:57.0226 5600 srv2 - ok
18:33:57.0242 5600 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:33:57.0257 5600 srvnet - ok
18:33:57.0273 5600 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:33:57.0273 5600 SSDPSRV - ok
18:33:57.0288 5600 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:33:57.0288 5600 SstpSvc - ok
18:33:57.0320 5600 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:33:57.0320 5600 stexstor - ok
18:33:57.0351 5600 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:33:57.0366 5600 StiSvc - ok
18:33:57.0398 5600 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:33:57.0398 5600 storflt - ok
18:33:57.0429 5600 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:33:57.0429 5600 storvsc - ok
18:33:57.0444 5600 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:33:57.0444 5600 swenum - ok
18:33:57.0460 5600 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:33:57.0476 5600 swprv - ok
18:33:57.0491 5600 Synth3dVsc - ok
18:33:57.0554 5600 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:33:57.0569 5600 SysMain - ok
18:33:57.0600 5600 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:33:57.0600 5600 TabletInputService - ok
18:33:57.0632 5600 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:33:57.0632 5600 TapiSrv - ok
18:33:57.0647 5600 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:33:57.0663 5600 TBS - ok
18:33:57.0725 5600 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:33:57.0741 5600 Tcpip - ok
18:33:57.0772 5600 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:33:57.0772 5600 TCPIP6 - ok
18:33:57.0803 5600 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:33:57.0803 5600 tcpipreg - ok
18:33:57.0819 5600 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:33:57.0819 5600 TDPIPE - ok
18:33:57.0834 5600 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:33:57.0834 5600 TDTCP - ok
18:33:57.0850 5600 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:33:57.0850 5600 tdx - ok
18:33:57.0866 5600 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:33:57.0866 5600 TermDD - ok
18:33:57.0897 5600 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:33:57.0897 5600 TermService - ok
18:33:57.0928 5600 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:33:57.0928 5600 Themes - ok
18:33:57.0928 5600 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:33:57.0928 5600 THREADORDER - ok
18:33:57.0959 5600 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:33:57.0959 5600 TrkWks - ok
18:33:58.0006 5600 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:33:58.0006 5600 TrustedInstaller - ok
18:33:58.0037 5600 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:33:58.0053 5600 tssecsrv - ok
18:33:58.0053 5600 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:33:58.0068 5600 TsUsbFlt - ok
18:33:58.0068 5600 tsusbhub - ok
18:33:58.0100 5600 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:33:58.0100 5600 tunnel - ok
18:33:58.0131 5600 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:33:58.0146 5600 uagp35 - ok
18:33:58.0162 5600 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:33:58.0162 5600 udfs - ok
18:33:58.0193 5600 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:33:58.0193 5600 UI0Detect - ok
18:33:58.0209 5600 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:33:58.0209 5600 uliagpkx - ok
18:33:58.0224 5600 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
18:33:58.0224 5600 umbus - ok
18:33:58.0240 5600 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:33:58.0240 5600 UmPass - ok
18:33:58.0271 5600 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:33:58.0271 5600 UmRdpService - ok
18:33:58.0302 5600 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:33:58.0302 5600 upnphost - ok
18:33:58.0318 5600 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:33:58.0318 5600 usbccgp - ok
18:33:58.0349 5600 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:33:58.0349 5600 usbcir - ok
18:33:58.0365 5600 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:33:58.0365 5600 usbehci - ok
18:33:58.0396 5600 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:33:58.0396 5600 usbhub - ok
18:33:58.0412 5600 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:33:58.0412 5600 usbohci - ok
18:33:58.0427 5600 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:33:58.0427 5600 usbprint - ok
18:33:58.0458 5600 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:33:58.0458 5600 USBSTOR - ok
18:33:58.0474 5600 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:33:58.0474 5600 usbuhci - ok
18:33:58.0490 5600 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:33:58.0490 5600 UxSms - ok
18:33:58.0505 5600 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:33:58.0505 5600 VaultSvc - ok
18:33:58.0521 5600 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:33:58.0521 5600 vdrvroot - ok
18:33:58.0536 5600 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:33:58.0552 5600 vds - ok
18:33:58.0568 5600 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:33:58.0568 5600 vga - ok
18:33:58.0583 5600 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:33:58.0583 5600 VgaSave - ok
18:33:58.0599 5600 VGPU - ok
18:33:58.0614 5600 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:33:58.0614 5600 vhdmp - ok
18:33:58.0630 5600 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:33:58.0646 5600 viaagp - ok
18:33:58.0661 5600 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:33:58.0661 5600 ViaC7 - ok
18:33:58.0677 5600 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:33:58.0677 5600 viaide - ok
18:33:58.0692 5600 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:33:58.0692 5600 vmbus - ok
18:33:58.0708 5600 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:33:58.0708 5600 VMBusHID - ok
18:33:58.0708 5600 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:33:58.0708 5600 volmgr - ok
18:33:58.0724 5600 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:33:58.0724 5600 volmgrx - ok
18:33:58.0755 5600 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:33:58.0755 5600 volsnap - ok
18:33:58.0786 5600 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:33:58.0786 5600 vsmraid - ok
18:33:58.0817 5600 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:33:58.0833 5600 VSS - ok
18:33:58.0833 5600 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:33:58.0833 5600 vwifibus - ok
18:33:58.0864 5600 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:33:58.0864 5600 W32Time - ok
18:33:58.0880 5600 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:33:58.0880 5600 WacomPen - ok
18:33:58.0911 5600 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:33:58.0911 5600 WANARP - ok
18:33:58.0911 5600 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:33:58.0911 5600 Wanarpv6 - ok
18:33:58.0973 5600 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:33:58.0989 5600 WatAdminSvc - ok
18:33:59.0020 5600 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:33:59.0036 5600 wbengine - ok
18:33:59.0067 5600 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:33:59.0067 5600 WbioSrvc - ok
18:33:59.0098 5600 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:33:59.0098 5600 wcncsvc - ok
18:33:59.0114 5600 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:33:59.0129 5600 WcsPlugInService - ok
18:33:59.0145 5600 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:33:59.0145 5600 Wd - ok
18:33:59.0176 5600 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:33:59.0176 5600 Wdf01000 - ok
18:33:59.0176 5600 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:33:59.0192 5600 WdiServiceHost - ok
18:33:59.0192 5600 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:33:59.0192 5600 WdiSystemHost - ok
18:33:59.0223 5600 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:33:59.0223 5600 WebClient - ok
18:33:59.0238 5600 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:33:59.0254 5600 Wecsvc - ok
18:33:59.0270 5600 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:33:59.0270 5600 wercplsupport - ok
18:33:59.0285 5600 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:33:59.0285 5600 WerSvc - ok
18:33:59.0316 5600 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:33:59.0316 5600 WfpLwf - ok
18:33:59.0332 5600 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:33:59.0332 5600 WIMMount - ok
18:33:59.0394 5600 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:33:59.0410 5600 WinDefend - ok
18:33:59.0426 5600 WinHttpAutoProxySvc - ok
18:33:59.0457 5600 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:33:59.0472 5600 Winmgmt - ok
18:33:59.0504 5600 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:33:59.0504 5600 WinRM - ok
18:33:59.0550 5600 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:33:59.0566 5600 Wlansvc - ok
18:33:59.0566 5600 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:33:59.0566 5600 WmiAcpi - ok
18:33:59.0597 5600 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:33:59.0597 5600 wmiApSrv - ok
18:33:59.0628 5600 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:33:59.0644 5600 WMPNetworkSvc - ok
18:33:59.0660 5600 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:33:59.0660 5600 WPCSvc - ok
18:33:59.0691 5600 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:33:59.0691 5600 WPDBusEnum - ok
18:33:59.0706 5600 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:33:59.0706 5600 ws2ifsl - ok
18:33:59.0722 5600 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:33:59.0722 5600 wscsvc - ok
18:33:59.0738 5600 WSearch - ok
18:33:59.0800 5600 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:33:59.0816 5600 wuauserv - ok
18:33:59.0847 5600 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:33:59.0847 5600 WudfPf - ok
18:33:59.0878 5600 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:33:59.0878 5600 WUDFRd - ok
18:33:59.0894 5600 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:33:59.0894 5600 wudfsvc - ok
18:33:59.0925 5600 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:33:59.0925 5600 WwanSvc - ok
18:33:59.0956 5600 ================ Scan global ===============================
18:33:59.0987 5600 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:34:00.0003 5600 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
18:34:00.0018 5600 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
18:34:00.0050 5600 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:34:00.0065 5600 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:34:00.0065 5600 [Global] - ok
18:34:00.0081 5600 ================ Scan MBR ==================================
18:34:00.0081 5600 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:34:00.0362 5600 \Device\Harddisk0\DR0 - ok
18:34:00.0362 5600 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:34:00.0362 5600 \Device\Harddisk1\DR1 - ok
18:34:00.0362 5600 ================ Scan VBR ==================================
18:34:00.0362 5600 [ 0ED5E741788BE3F3AB65EB46285CF62A ] \Device\Harddisk0\DR0\Partition1
18:34:00.0377 5600 \Device\Harddisk0\DR0\Partition1 - ok
18:34:00.0377 5600 [ 1BF66A7637F08521D2DC80FDBA1135C2 ] \Device\Harddisk0\DR0\Partition2
18:34:00.0377 5600 \Device\Harddisk0\DR0\Partition2 - ok
18:34:00.0393 5600 [ 5B4659F726B21D34634EC821580AD3F9 ] \Device\Harddisk1\DR1\Partition1
18:34:00.0393 5600 \Device\Harddisk1\DR1\Partition1 - ok
18:34:00.0393 5600 ============================================================
18:34:00.0393 5600 Scan finished
18:34:00.0393 5600 ============================================================
18:34:00.0393 5232 Detected object count: 0
18:34:00.0393 5232 Actual detected object count: 0

Příspěvekod **Žbeky** » 20 pro 2012 22:18

Zkus ho v nouzovém režimu

cmuch · Příspěvekod **cmuch** » 23 pro 2012 17:04

Tak ani po několika pokusech v nouzovém režimu se to nepovedlo.
Vždy po nějakém čase pc vytuhlo.

Příspěvekod **memphisto** » 23 pro 2012 21:20

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken mùže trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

cmuch · Příspěvekod **cmuch** » 24 pro 2012 14:11

OTL logfile created on: 24.12.2012 14:08:08 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cmuch\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 60,10% Memory free
3,75 Gb Paging File | 2,73 Gb Available in Paging File | 72,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,05 Gb Total Space | 5,74 Gb Free Space | 18,47% Space Free | Partition Type: NTFS
Drive D: | 900,46 Gb Total Space | 22,91 Gb Free Space | 2,54% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 0,16 Gb Free Space | 0,11% Space Free | Partition Type: NTFS

Computer Name: CMUCH-PC | User Name: Cmuch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Cmuch\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programy\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\AVG\AVG2012\avgcfgex.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\1352c3e5dd49f3bf8c2f8e106ceb79fb\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9fedec1f005f9e39f8dde611c4c27cab\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4209aa9559e29ce30e4e92f31ac3472f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()

========== Services (SafeList) ==========

SRV - (PEVSystemStart) -- C:\ComboFix\pev.3XE EXEC /i C:\ComboFix\HIDEC.3XE C:\ComboFix\SWREG.3XE ACL HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_Beep /RESET /Q File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AVGIDSAgent) -- C:\Programy\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws) -- C:\Programy\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Programy\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (catchme) -- C:\Users\Cmuch\AppData\Local\Temp\catchme.sys ()
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AODDriver4.2) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (ANDModem) -- C:\Windows\System32\drivers\lgandmodem.sys (LG Electronics Inc.)
DRV - (AndGps) -- C:\Windows\System32\drivers\lgandgps.sys (LG Electronics Inc.)
DRV - (AndDiag) -- C:\Windows\System32\drivers\lganddiag.sys (LG Electronics Inc.)
DRV - (Andbus) -- C:\Windows\System32\drivers\lgandbus.sys (LG Electronics Inc.)
DRV - (andnetadb) -- C:\Windows\System32\drivers\lgandnetadb.sys (Google Inc)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\lgandadb.sys (Google Inc)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (EverestDriver) -- F:\Programy\__UsB\Everest-Ultimate-Edition-4.60.1601\kerneld.wnt ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7BF53C93F1-07D5-430c-86D4-C9531B27DFAF%7D:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Programy\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Cmuch\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Cmuch\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Programy\AVG\AVG2012\Firefox\DoNotTrack\ [2012.12.23 16:43:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Programy\Mozilla Firefox\components [2012.12.10 09:59:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2012.12.10 09:59:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Programy\Mozilla Firefox\components [2012.12.10 09:59:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2012.12.10 09:59:42 | 000,000,000 | ---D | M]

[2012.09.28 14:17:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cmuch\AppData\Roaming\Mozilla\Extensions
[2012.12.20 16:28:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cmuch\AppData\Roaming\Mozilla\Firefox\Profiles\ujww7x9e.default\extensions
[2012.12.23 16:43:32 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAMY\AVG\AVG2012\FIREFOX\DONOTTRACK

========== Chrome ==========

CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Cmuch\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Cmuch\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Cmuch\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Programy\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Cmuch\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - Extension: YouTube = C:\Users\Cmuch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Cmuch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AVG Do Not Track = C:\Users\Cmuch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\Cmuch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programy\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programy\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programy\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.96.161.6 212.96.160.7
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D315665-5250-499B-A641-BB5F54F431BD}: DhcpNameServer = 212.96.161.6 212.96.160.7
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programy\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8ca50aaf-0967-11e2-9b7f-001fd0310735}\Shell - "" = AutoRun
O33 - MountPoints2\{8ca50aaf-0967-11e2-9b7f-001fd0310735}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\Programy\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.24 13:50:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cmuch\Desktop\OTL.exe
[2012.12.24 13:45:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012.12.23 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\Cmuch\AppData\Roaming\AVG2012
[2012.12.23 16:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.12.23 16:43:25 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012.12.23 16:43:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2012.12.23 16:38:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.22 15:26:20 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.22 15:26:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.20 18:43:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.20 18:43:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.20 18:43:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.20 18:42:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.20 16:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.12.15 14:19:30 | 000,000,000 | ---D | C] -- C:\Users\Cmuch\AppData\Roaming\EurekaLog
[2012.12.15 14:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\save2pc
[2012.12.15 14:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.12.15 14:12:10 | 000,000,000 | ---D | C] -- C:\Users\Cmuch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
[2012.12.15 14:08:00 | 000,000,000 | ---D | C] -- C:\Users\Cmuch\AppData\Roaming\uTorrent
[2012.12.13 15:48:47 | 000,000,000 | ---D | C] -- C:\Users\Cmuch\AppData\Roaming\Malwarebytes
[2012.12.13 15:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.13 08:02:23 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.13 08:02:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.13 08:02:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.13 08:02:21 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.13 08:02:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.13 08:02:20 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.13 08:02:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.13 08:02:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.12 17:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2012.12.12 08:11:41 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.12 08:11:28 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.12.12 08:11:28 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.12.12 08:11:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 08:11:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 08:11:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 08:11:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 08:11:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 08:11:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 08:11:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 08:11:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 08:11:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 08:11:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 08:11:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 08:11:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 08:11:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 08:11:16 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.12 08:11:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.07 17:20:10 | 000,000,000 | ---D | C] -- C:\Users\Cmuch\Documents\Criterion Games
[2012.12.07 17:19:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\EAInstaller
[2012.12.07 17:19:27 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012.12.07 17:19:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012.12.07 17:19:26 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012.12.07 17:19:23 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012.12.07 17:19:21 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012.12.07 17:19:20 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012.12.07 17:19:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012.12.07 17:18:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2012.12.07 17:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2012.12.07 16:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.12.07 16:36:56 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
[2012.12.07 16:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012.12.07 16:36:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012.11.28 12:07:11 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll

========== Files - Modified Within 30 Days ==========

[2012.12.24 13:52:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2797463646-3709196127-1650634221-1000UA.job
[2012.12.24 13:50:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cmuch\Desktop\OTL.exe
[2012.12.24 12:13:34 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.24 12:13:34 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.24 12:12:23 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.12.24 12:12:23 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.24 12:12:23 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.12.24 12:12:23 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.24 12:10:08 | 104,152,118 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.12.24 12:06:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.24 12:06:21 | 1508,810,752 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.23 16:52:04 | 000,629,730 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2012.12.23 16:44:19 | 000,000,801 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.12.23 12:05:39 | 000,338,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.20 18:33:08 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Cmuch\Desktop\TDSSKiller.exe
[2012.12.20 16:21:55 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.20 15:52:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2797463646-3709196127-1650634221-1000Core.job
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.15 14:19:02 | 000,000,721 | ---- | M] () -- C:\Users\Cmuch\Desktop\save2pc Ultimate.lnk
[2012.12.15 14:08:17 | 000,000,695 | ---- | M] () -- C:\Users\Cmuch\Desktop\µTorrent.lnk
[2012.12.12 19:54:46 | 000,002,449 | ---- | M] () -- C:\Users\Cmuch\Desktop\Google Chrome.lnk
[2012.12.12 17:38:22 | 000,027,520 | ---- | M] () -- C:\Users\Cmuch\AppData\Local\dt.dat
[2012.12.12 17:36:15 | 000,000,761 | ---- | M] () -- C:\Users\Cmuch\Desktop\WhoCrashed.lnk
[2012.12.07 17:18:53 | 000,001,769 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed Most Wanted.lnk

========== Files Created - No Company Name ==========

[2012.12.24 12:10:08 | 104,152,118 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.12.23 16:52:04 | 000,629,730 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2012.12.23 16:44:19 | 000,000,801 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.12.20 18:43:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.20 18:43:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.20 18:43:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.20 18:43:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.20 18:43:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.20 16:21:55 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.15 14:19:02 | 000,000,721 | ---- | C] () -- C:\Users\Cmuch\Desktop\save2pc Ultimate.lnk
[2012.12.15 14:08:17 | 000,000,695 | ---- | C] () -- C:\Users\Cmuch\Desktop\µTorrent.lnk
[2012.12.12 17:38:22 | 000,027,520 | ---- | C] () -- C:\Users\Cmuch\AppData\Local\dt.dat
[2012.12.12 17:36:15 | 000,000,761 | ---- | C] () -- C:\Users\Cmuch\Desktop\WhoCrashed.lnk
[2012.12.07 17:16:49 | 000,001,769 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed Most Wanted.lnk
[2012.09.30 16:34:11 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.09.30 16:33:10 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.09.28 15:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.09.28 14:58:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.28 13:46:43 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.07.28 02:30:54 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.07.28 02:30:54 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.05.23 16:31:02 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.12.23 16:44:39 | 000,000,000 | ---D | M] -- C:\Users\Cmuch\AppData\Roaming\AVG2012
[2012.12.20 16:25:32 | 000,000,000 | ---D | M] -- C:\Users\Cmuch\AppData\Roaming\DAEMON Tools Lite
[2012.12.15 14:19:30 | 000,000,000 | ---D | M] -- C:\Users\Cmuch\AppData\Roaming\EurekaLog
[2012.10.08 16:51:59 | 000,000,000 | ---D | M] -- C:\Users\Cmuch\AppData\Roaming\Foxit Software
[2012.10.14 16:43:47 | 000,000,000 | ---D | M] -- C:\Users\Cmuch\AppData\Roaming\GetRightToGo
[2012.09.28 13:28:58 | 000,000,000 | ---D | M] -- C:\Users\Cmuch\AppData\Roaming\GHISLER
[2012.12.20 16:25:32 | 000,000,000 | ---D | M] -- C:\Users\Cmuch\AppData\Roaming\uTorrent

========== Purity Check ==========

< End of report >

cmuch · Příspěvekod **cmuch** » 24 pro 2012 14:12

OTL Extras logfile created on: 24.12.2012 13:52:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cmuch\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 64,38% Memory free
3,75 Gb Paging File | 2,77 Gb Available in Paging File | 74,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,05 Gb Total Space | 5,74 Gb Free Space | 18,48% Space Free | Partition Type: NTFS
Drive D: | 900,46 Gb Total Space | 22,91 Gb Free Space | 2,54% Space Free | Partition Type: NTFS
Drive F: | 149,05 Gb Total Space | 0,16 Gb Free Space | 0,11% Space Free | Partition Type: NTFS

Computer Name: CMUCH-PC | User Name: Cmuch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03AFA0F4-EAD0-4393-A28B-220AE424DDC3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{19193C41-EDE0-4834-B616-418091C0A296}" = lport=10243 | protocol=6 | dir=in | app=system |
"{28846F7E-EA55-4EC5-8639-12E77C7EC233}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3A7A8B6F-BC5D-4B29-AAC8-813DF4D5110E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{48B55888-28A1-4FA5-A3CD-E5D3BFE3C43B}" = lport=138 | protocol=17 | dir=in | app=system |
"{5DD537E3-332F-4F52-8373-F25CAC744FF6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FBC7954-5D3E-404F-9D4A-0D47EB2EA83B}" = rport=137 | protocol=17 | dir=out | app=system |
"{6897953B-1F98-4D3F-9309-EE666EEACBC8}" = lport=445 | protocol=6 | dir=in | app=system |
"{6D774B73-A401-476D-8B4F-09CD2D226D90}" = lport=137 | protocol=17 | dir=in | app=system |
"{6E890547-326B-412D-906F-10C9DB9D8F56}" = rport=139 | protocol=6 | dir=out | app=system |
"{72766474-1E8D-484D-A53B-691DAB17997F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{96D0FDE2-8A9D-42BD-9D95-4DB20EAE07F5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97908AEE-1520-4503-A638-9B054DD952C0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9FDD97F0-D4C2-4BC6-8DF1-AA001CD48570}" = rport=138 | protocol=17 | dir=out | app=system |
"{C5689744-CBD3-40DA-8C99-84A8292D6D07}" = lport=139 | protocol=6 | dir=in | app=system |
"{D27BC75C-532E-4BCF-8F89-C5E1724B9397}" = rport=445 | protocol=6 | dir=out | app=system |
"{D4AF7578-2084-41B0-9B25-D37AAF8B96D7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D87133C0-65FC-4957-B425-F60F362F68B7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EBB19B59-1E2E-4F07-988E-134C28A19E19}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F3EA64A8-5147-492D-9AE2-1A7D0B85F238}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FC68A389-4910-492B-9A2C-21B1E9EF395A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00CE7CCF-BF78-4744-8BD8-46B3F4C84DDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{028ED512-8744-4846-9FB5-5D4ADB4D04FB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{07BA5C8D-74C6-48E5-B037-3049AAA8ADD1}" = protocol=6 | dir=out | app=system |
"{150B9C73-CFE2-49F1-9CDD-E8631A402BF0}" = protocol=17 | dir=in | app=c:\programy\avg\avg2012\avgdiagex.exe |
"{22EBB9DC-51CC-47A2-B1FA-95C492762952}" = protocol=17 | dir=in | app=c:\programy\avg\avg2012\avgemcx.exe |
"{26D3CACC-6D07-4C3E-839B-98BE00F8AEB7}" = protocol=6 | dir=in | app=c:\programy\avg\avg2012\avgemcx.exe |
"{2EDEAF8B-5A4A-4D00-BBA8-538693B69C22}" = protocol=6 | dir=in | app=c:\programy\avg\avg2012\avgdiagex.exe |
"{3274FC33-1D4C-4F62-8669-DEC5062D375D}" = protocol=6 | dir=in | app=c:\programy\avg\avg2012\avgdiagex.exe |
"{3362BF0C-D11C-47F3-96CD-453EDDC0D684}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3D1E4AC3-3A22-440B-A0D6-3699E1C60701}" = protocol=6 | dir=in | app=d:\hry instalovane\need for speed most wanted 2\nfs13.exe |
"{401E24DD-FE54-47BC-91B6-FFEBF91E42FB}" = protocol=6 | dir=in | app=c:\programy\avg\avg2012\avgmfapx.exe |
"{537BA8C1-7C5E-413A-9B9A-F65CEB32F268}" = protocol=17 | dir=in | app=d:\hry instalovane\need for speed most wanted 2\nfs13.exe |
"{5A8C056C-5A5F-46DF-A6A5-186E9166A199}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E5ABC5B-056E-43AE-8E95-73894AF38A3E}" = protocol=6 | dir=in | app=c:\programy\avg\avg2012\avgmfapx.exe |
"{64127A9F-1AB2-499F-A3D8-D3AD05C2A585}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{690F1D2D-4B8B-427D-B51C-9CBDFD1EB992}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{72B83F90-37DE-472D-8BAE-60F9B5E7C3BF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{733B0189-DDA3-4221-9B72-5F56C802F8C0}" = protocol=6 | dir=in | app=c:\programy\avg\avg2012\avgnsx.exe |
"{80F18803-89D6-481F-895E-37CDA060966B}" = protocol=17 | dir=in | app=c:\programy\avg\avg2012\avgdiagex.exe |
"{8D260FCF-C0DB-45F5-AAE7-0146BBDB3787}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{93259D38-661F-4161-AEFC-9F1D2C05880E}" = protocol=17 | dir=in | app=c:\programy\avg\avg2012\avgnsx.exe |
"{9C12AB76-5D94-46BF-A9A2-77D2ED915433}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A0132615-8F2D-4093-BD29-597F67BDFC9C}" = protocol=17 | dir=in | app=c:\programy\avg\avg2012\avgmfapx.exe |
"{A10C6383-ED27-47A0-B367-65495C610843}" = protocol=6 | dir=in | app=c:\programy\avg\avg2012\avgemcx.exe |
"{A1925323-4BAF-46D8-82F4-E001C35AAB3C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA8E6FFB-7844-4AAE-8EA8-31FCB697C701}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4AD5FAC-660A-495E-986C-EB9876007CA8}" = protocol=17 | dir=in | app=c:\programy\avg\avg2012\avgnsx.exe |
"{C63145E5-BBA4-4186-86AC-50D66E7AB0BB}" = protocol=6 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"{C6D57617-1103-4675-9EEB-4437EA1C85D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7831D3D-D984-45BF-999B-D9CC0DFA5957}" = protocol=6 | dir=in | app=c:\programy\avg\avg2012\avgnsx.exe |
"{E7F9C6A6-A5A8-4C13-BED6-F707CE6D056F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EB51F0E4-8960-45DE-87AD-B010D1DAA68E}" = protocol=17 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"{EC2070D9-15E7-4B7E-BBBD-2925B0AA6012}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EF584089-EFBF-454F-8458-7200997291D6}" = protocol=17 | dir=in | app=c:\programy\avg\avg2012\avgmfapx.exe |
"{F5648920-3CF9-43A6-AFED-544E1E39F304}" = protocol=17 | dir=in | app=c:\programy\avg\avg2012\avgemcx.exe |
"{FBD5F379-0498-4059-8FDB-154285C16982}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{F0D6FAAC-9A61-4FDC-9289-B8B1420B629E}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{05C17D25-1FCA-42E0-8E9F-FE4819F1F1C7}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{32A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9
"{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{430912D2-51D8-1CB9-3B38-79D570F034DC}" = AMD Accelerated Video Transcoding
"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy
"{4856D36C-43EB-4D9C-B2EA-CFEE7B945E4F}" = AVG 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5285F904-1577-5F06-FF04-4FA4EBA52966}" = AMD Media Foundation Decoders
"{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German
"{759E97EC-9E3D-4F55-C321-7819C93F0887}" = ccc-utility
"{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese
"{86095E92-1959-8364-920E-82E81F64F8FB}" = AMD VISION Engine Control Center
"{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech
"{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish
"{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish
"{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian
"{9AD6518A-539D-8E0D-2C72-E51A62978096}" = AMD Drag and Drop Transcoding
"{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2EAE643-8804-9420-5DBE-2752D6957964}" = AMD Catalyst Install Manager
"{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese
"{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard
"{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian
"{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish
"{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai
"{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish
"{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish
"{FA042EF2-5103-2F7E-C313-976C6F761EBE}" = AMD Fuel
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FBA0CA60-8BF2-4381-B819-74F020E165A9}" = LG USB WML Modem Driver
"{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Android SDK Tools" = Android SDK Tools
"AVG" = AVG 2012
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Foxit Reader_is1" = Foxit Reader 5.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 10.0 (x86 cs)" = Mozilla Firefox 10.0 (x86 cs)
"Need for Speed Most Wanted_is1" = Need for Speed Most Wanted
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"save2pc Ultimate_is1" = save2pc Ultimate 5.11
"Totalcmd" = Total Commander (Remove or Repair)
"WhoCrashed_is1" = WhoCrashed 4.01
"Winamp" = Winamp

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Mozilla Firefox 17.0.1 (x86 cs)" = Mozilla Firefox 17.0.1 (x86 cs)
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20.12.2012 3:19:58 | Computer Name = Cmuch-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 22.12.2012 3:47:42 | Computer Name = Cmuch-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 22.12.2012 7:18:30 | Computer Name = Cmuch-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 23.12.2012 7:32:28 | Computer Name = Cmuch-PC | Source = System Restore | ID = 8193
Description =

Error - 23.12.2012 7:32:37 | Computer Name = Cmuch-PC | Source = System Restore | ID = 8193
Description =

Error - 23.12.2012 7:33:08 | Computer Name = Cmuch-PC | Source = System Restore | ID = 8193
Description =

Error - 23.12.2012 7:33:08 | Computer Name = Cmuch-PC | Source = System Restore | ID = 8193
Description =

Error - 23.12.2012 7:40:45 | Computer Name = Cmuch-PC | Source = VSS | ID = 18
Description =

Error - 23.12.2012 7:40:45 | Computer Name = Cmuch-PC | Source = VSS | ID = 8193
Description =

Error - 23.12.2012 7:40:45 | Computer Name = Cmuch-PC | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 23.12.2012 7:40:10 | Computer Name = Cmuch-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 23.12.2012 7:40:10 | Computer Name = Cmuch-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 23.12.2012 7:40:10 | Computer Name = Cmuch-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 23.12.2012 7:40:10 | Computer Name = Cmuch-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 23.12.2012 7:40:10 | Computer Name = Cmuch-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 23.12.2012 7:40:10 | Computer Name = Cmuch-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 23.12.2012 7:40:45 | Computer Name = Cmuch-PC | Source = DCOM | ID = 10005
Description =

Error - 23.12.2012 11:42:10 | Computer Name = Cmuch-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 23.12.2012 13:47:03 | Computer Name = Cmuch-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = Firmware platformy při předchozím přechodu systémového napájení poškodil
paměť. Zkontrolujte dostupnost aktualizovaného firmwaru pro váš systém.

Error - 23.12.2012 14:56:41 | Computer Name = Cmuch-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

< End of report >

Příspěvekod **jaro3** » 25 pro 2012 19:51

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (PEVSystemStart) -- C:\ComboFix\pev.3XE EXEC /i C:\ComboFix\HIDEC.3XE C:\ComboFix\SWREG.3XE ACL HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_Beep /RESET /Q File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..extensions.enabledAddons: %7BF53C93F1-07D5-430c-86D4-C9531B27DFAF%7D:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2012.09.28 14:17:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cmuch\AppData\Roaming\Mozilla\Extensions
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{8ca50aaf-0967-11e2-9b7f-001fd0310735}\Shell - "" = AutoRun
O33 - MountPoints2\{8ca50aaf-0967-11e2-9b7f-001fd0310735}\Shell\AutoRun\command - "" = G:\Setup.exe
[2012.12.24 12:12:23 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.12.24 12:12:23 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.24 12:12:23 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.12.24 12:12:23 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe
C:\Windows\NIRCMD.exe
C:\ProgramData\Tarma Installer
C:\Users\Cmuch\AppData\Local\dt.dat
C:\Windows\PEV.exe
C:\Windows\MBR.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\Windows\ativpsrm.bin
C:\Windows\AutoKMS.ini

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

cmuch · Příspěvekod **cmuch** » 26 pro 2012 10:36

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service PEVSystemStart stopped successfully!
Service PEVSystemStart deleted successfully!
File C:\ComboFix\pev.3XE EXEC /i C:\ComboFix\HIDEC.3XE C:\ComboFix\SWREG.3XE ACL HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_Beep /RESET /Q File not found not found.
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys File not found not found.
Service tsusbhub stopped successfully!
Service tsusbhub deleted successfully!
File system32\drivers\tsusbhub.sys File not found not found.
Service Synth3dVsc stopped successfully!
Service Synth3dVsc deleted successfully!
File System32\drivers\synth3dvsc.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: %7BF53C93F1-07D5-430c-86D4-C9531B27DFAF%7D:12.0.0.2189 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 removed from extensions.enabledAddons
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Cmuch\AppData\Roaming\Mozilla\Extensions folder moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ca50aaf-0967-11e2-9b7f-001fd0310735}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ca50aaf-0967-11e2-9b7f-001fd0310735}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ca50aaf-0967-11e2-9b7f-001fd0310735}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ca50aaf-0967-11e2-9b7f-001fd0310735}\ not found.
File G:\Setup.exe not found.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2797463646-3709196127-1650634221-1000Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2797463646-3709196127-1650634221-1000UA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Windows\SWREG.exe moved successfully.
C:\Windows\SWSC.exe moved successfully.
C:\Windows\NIRCMD.exe moved successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache folder moved successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} folder moved successfully.
C:\ProgramData\Tarma Installer folder moved successfully.
C:\Users\Cmuch\AppData\Local\dt.dat moved successfully.
C:\Windows\PEV.exe moved successfully.
C:\Windows\MBR.exe moved successfully.
C:\Windows\sed.exe moved successfully.
C:\Windows\grep.exe moved successfully.
C:\Windows\zip.exe moved successfully.
C:\Windows\ativpsrm.bin moved successfully.
C:\Windows\AutoKMS.ini moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Cmuch
->Temp folder emptied: 1317078 bytes
->Temporary Internet Files folder emptied: 2651261 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 368489298 bytes
->Google Chrome cache emptied: 165530050 bytes
->Flash cache emptied: 1477 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 524434 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 514,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12262012_103302

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Prosím o kotrolu, něco vytěžuje RAM + Vyřešeno

Prosím o kotrolu, něco vytěžuje RAM +

Re: Prosím o kotrolu, něco vytěžuje RAM

Re: Prosím o kotrolu, něco vytěžuje RAM

Re: Prosím o kotrolu, něco vytěžuje RAM

Re: Prosím o kotrolu, něco vytěžuje RAM

Re: Prosím o kotrolu, něco vytěžuje RAM

Re: Prosím o kotrolu, něco vytěžuje RAM

Re: Prosím o kotrolu, něco vytěžuje RAM

Re: Prosím o kotrolu, něco vytěžuje RAM +

Re: Prosím o kotrolu, něco vytěžuje RAM +

Re: Prosím o kotrolu, něco vytěžuje RAM +

Re: Prosím o kotrolu, něco vytěžuje RAM +

Kdo je online