Prosím o kontrolu logu + Vyřešeno

[misananuk]

Prosím o kontrolu logu z HiJackThis (mwav mi našel viry). Děkuji.



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:32, on 3.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Administráto\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [EEventManager] C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - Startup: Adobe Live.lnk = C:\Program Files (x86)\JRE\Folding@home.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Administráto\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.0.1 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14701 bytes

[Reklama]

[guest]

Patří k tomuto - viewtopic.php?f=47&t=102350

[misananuk]

Ano

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[misananuk]

Malwarebytes' Anti-Malware log

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.03.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Administráto :: MICHAL [administrátor]

Ochrana: Povolena

3.2.2013 20:39:34
mbam-log-2013-02-03 (20-39-34).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 284406
Uplynulý čas: 3 minut, 56 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[misananuk]

# AdwCleaner v2.110 - Logfile created 02/03/2013 at 20:46:59
# Updated 03/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Administráto - MICHAL
# Boot Mode : Normal
# Running from : C:\Users\Administráto\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\Administráto\AppData\Roaming\Mozilla\Firefox\Profiles\czp311v7.default\prefs.js

[OK] File is clean.

File : C:\Users\Mik\AppData\Roaming\Mozilla\Firefox\Profiles\a28ud50r.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26504 octets] - [30/01/2013 13:20:51]
AdwCleaner[R2].txt - [26565 octets] - [30/01/2013 14:01:47]
AdwCleaner[R3].txt - [1404 octets] - [30/01/2013 18:20:56]
AdwCleaner[R4].txt - [1464 octets] - [30/01/2013 23:42:13]
AdwCleaner[R5].txt - [1508 octets] - [31/01/2013 04:14:32]
AdwCleaner[R6].txt - [1568 octets] - [31/01/2013 04:17:13]
AdwCleaner[R7].txt - [1378 octets] - [03/02/2013 20:46:59]
AdwCleaner[S1].txt - [26366 octets] - [30/01/2013 14:01:59]
AdwCleaner[S2].txt - [1531 octets] - [30/01/2013 23:43:01]

########## EOF - C:\AdwCleaner[R7].txt - [1559 octets] ##########

[Žbeky]

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[misananuk]

22:32:00.0578 4236 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:32:00.0906 4236 ============================================================
22:32:00.0906 4236 Current date / time: 2013/02/03 22:32:00.0906
22:32:00.0906 4236 SystemInfo:
22:32:00.0906 4236
22:32:00.0906 4236 OS Version: 6.1.7601 ServicePack: 1.0
22:32:00.0906 4236 Product type: Workstation
22:32:00.0906 4236 ComputerName: MICHAL
22:32:00.0906 4236 UserName: Administráto
22:32:00.0906 4236 Windows directory: C:\Windows
22:32:00.0906 4236 System windows directory: C:\Windows
22:32:00.0906 4236 Running under WOW64
22:32:00.0906 4236 Processor architecture: Intel x64
22:32:00.0906 4236 Number of processors: 8
22:32:00.0906 4236 Page size: 0x1000
22:32:00.0906 4236 Boot type: Normal boot
22:32:00.0906 4236 ============================================================
22:32:01.0717 4236 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:32:01.0748 4236 ============================================================
22:32:01.0748 4236 \Device\Harddisk0\DR0:
22:32:01.0748 4236 MBR partitions:
22:32:01.0748 4236 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
22:32:01.0748 4236 ============================================================
22:32:01.0779 4236 C: <-> \Device\Harddisk0\DR0\Partition1
22:32:01.0779 4236 ============================================================
22:32:01.0779 4236 Initialize success
22:32:01.0779 4236 ============================================================
22:32:07.0988 1392 ============================================================
22:32:07.0988 1392 Scan started
22:32:07.0988 1392 Mode: Manual;
22:32:07.0988 1392 ============================================================
22:32:08.0441 1392 ================ Scan system memory ========================
22:32:08.0441 1392 System memory - ok
22:32:08.0441 1392 ================ Scan services =============================
22:32:08.0581 1392 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:32:08.0581 1392 1394ohci - ok
22:32:08.0612 1392 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:32:08.0628 1392 ACPI - ok
22:32:08.0659 1392 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:32:08.0659 1392 AcpiPmi - ok
22:32:08.0753 1392 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:32:08.0768 1392 AdobeFlashPlayerUpdateSvc - ok
22:32:08.0799 1392 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:32:08.0815 1392 adp94xx - ok
22:32:08.0831 1392 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:32:08.0846 1392 adpahci - ok
22:32:08.0862 1392 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:32:08.0862 1392 adpu320 - ok
22:32:08.0893 1392 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:32:08.0893 1392 AeLookupSvc - ok
22:32:08.0940 1392 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:32:08.0955 1392 AFD - ok
22:32:08.0987 1392 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:32:08.0987 1392 agp440 - ok
22:32:09.0002 1392 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:32:09.0002 1392 ALG - ok
22:32:09.0018 1392 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:32:09.0018 1392 aliide - ok
22:32:09.0049 1392 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:32:09.0065 1392 AMD External Events Utility - ok
22:32:09.0080 1392 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:32:09.0080 1392 amdide - ok
22:32:09.0096 1392 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:32:09.0096 1392 AmdK8 - ok
22:32:09.0377 1392 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:32:09.0533 1392 amdkmdag - ok
22:32:09.0564 1392 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:32:09.0564 1392 amdkmdap - ok
22:32:09.0579 1392 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:32:09.0579 1392 AmdPPM - ok
22:32:09.0611 1392 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:32:09.0611 1392 amdsata - ok
22:32:09.0642 1392 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:32:09.0673 1392 amdsbs - ok
22:32:09.0704 1392 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:32:09.0704 1392 amdxata - ok
22:32:09.0767 1392 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:32:09.0798 1392 AppID - ok
22:32:09.0813 1392 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:32:09.0813 1392 AppIDSvc - ok
22:32:09.0860 1392 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:32:09.0860 1392 Appinfo - ok
22:32:09.0876 1392 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:32:09.0876 1392 AppMgmt - ok
22:32:09.0891 1392 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:32:09.0907 1392 arc - ok
22:32:09.0907 1392 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:32:09.0907 1392 arcsas - ok
22:32:10.0001 1392 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:32:10.0001 1392 aspnet_state - ok
22:32:10.0016 1392 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:32:10.0016 1392 aswFsBlk - ok
22:32:10.0032 1392 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:32:10.0032 1392 aswMonFlt - ok
22:32:10.0047 1392 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
22:32:10.0047 1392 aswRdr - ok
22:32:10.0079 1392 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:32:10.0110 1392 aswSnx - ok
22:32:10.0125 1392 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:32:10.0141 1392 aswSP - ok
22:32:10.0157 1392 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:32:10.0157 1392 aswTdi - ok
22:32:10.0172 1392 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:32:10.0172 1392 AsyncMac - ok
22:32:10.0203 1392 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:32:10.0203 1392 atapi - ok
22:32:10.0250 1392 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:32:10.0250 1392 AtiHDAudioService - ok
22:32:10.0281 1392 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
22:32:10.0281 1392 AtiHdmiService - ok
22:32:10.0484 1392 [ 22A14DF59FB8D0BE918C597988AF4296 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:32:10.0515 1392 atikmdag - ok
22:32:10.0562 1392 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:32:10.0578 1392 AudioEndpointBuilder - ok
22:32:10.0593 1392 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:32:10.0593 1392 AudioSrv - ok
22:32:10.0656 1392 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:32:10.0656 1392 avast! Antivirus - ok
22:32:10.0687 1392 [ 95AED7BB68CF3381AF19DA81BC7DD3FB ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
22:32:10.0687 1392 avgtp - ok
22:32:10.0718 1392 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:32:10.0718 1392 AxInstSV - ok
22:32:10.0749 1392 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:32:10.0765 1392 b06bdrv - ok
22:32:10.0781 1392 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:32:10.0781 1392 b57nd60a - ok
22:32:10.0812 1392 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:32:10.0812 1392 BDESVC - ok
22:32:10.0827 1392 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:32:10.0827 1392 Beep - ok
22:32:10.0859 1392 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:32:10.0874 1392 BFE - ok
22:32:10.0921 1392 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
22:32:10.0937 1392 BITS - ok
22:32:10.0968 1392 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:32:10.0968 1392 blbdrive - ok
22:32:10.0999 1392 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:32:10.0999 1392 bowser - ok
22:32:11.0030 1392 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:32:11.0030 1392 BrFiltLo - ok
22:32:11.0030 1392 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:32:11.0030 1392 BrFiltUp - ok
22:32:11.0061 1392 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:32:11.0061 1392 BridgeMP - ok
22:32:11.0093 1392 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:32:11.0093 1392 Browser - ok
22:32:11.0124 1392 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:32:11.0124 1392 Brserid - ok
22:32:11.0139 1392 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:32:11.0139 1392 BrSerWdm - ok
22:32:11.0139 1392 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:32:11.0155 1392 BrUsbMdm - ok
22:32:11.0155 1392 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:32:11.0155 1392 BrUsbSer - ok
22:32:11.0186 1392 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:32:11.0186 1392 BthEnum - ok
22:32:11.0202 1392 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:32:11.0202 1392 BTHMODEM - ok
22:32:11.0217 1392 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:32:11.0217 1392 BthPan - ok
22:32:11.0264 1392 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:32:11.0280 1392 BTHPORT - ok
22:32:11.0311 1392 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:32:11.0311 1392 bthserv - ok
22:32:11.0342 1392 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:32:11.0342 1392 BTHUSB - ok
22:32:11.0358 1392 catchme - ok
22:32:11.0373 1392 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:32:11.0373 1392 cdfs - ok
22:32:11.0420 1392 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:32:11.0420 1392 cdrom - ok
22:32:11.0451 1392 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:32:11.0451 1392 CertPropSvc - ok
22:32:11.0467 1392 CFRMD - ok
22:32:11.0467 1392 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:32:11.0483 1392 circlass - ok
22:32:11.0498 1392 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:32:11.0514 1392 CLFS - ok
22:32:11.0592 1392 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:32:11.0592 1392 clr_optimization_v2.0.50727_32 - ok
22:32:11.0623 1392 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:32:11.0623 1392 clr_optimization_v2.0.50727_64 - ok
22:32:11.0685 1392 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:32:11.0685 1392 clr_optimization_v4.0.30319_32 - ok
22:32:11.0701 1392 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:32:11.0717 1392 clr_optimization_v4.0.30319_64 - ok
22:32:11.0717 1392 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:32:11.0732 1392 CmBatt - ok
22:32:11.0748 1392 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:32:11.0748 1392 cmdide - ok
22:32:11.0779 1392 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:32:11.0795 1392 CNG - ok
22:32:11.0810 1392 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:32:11.0810 1392 Compbatt - ok
22:32:11.0841 1392 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:32:11.0841 1392 CompositeBus - ok
22:32:11.0841 1392 COMSysApp - ok
22:32:11.0919 1392 [ AB82A8885AB9687D82AA51A4B4F62E2D ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
22:32:11.0919 1392 CoordinatorServiceHost - ok
22:32:11.0935 1392 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:32:11.0951 1392 crcdisk - ok
22:32:11.0997 1392 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:32:12.0013 1392 CryptSvc - ok
22:32:12.0060 1392 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
22:32:12.0075 1392 CSC - ok
22:32:12.0122 1392 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
22:32:12.0138 1392 CscService - ok
22:32:12.0200 1392 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:32:12.0216 1392 DcomLaunch - ok
22:32:12.0247 1392 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:32:12.0263 1392 defragsvc - ok
22:32:12.0294 1392 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:32:12.0294 1392 DfsC - ok
22:32:12.0325 1392 [ 867FA8B9E9E3078F68C4089904BBF4B0 ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys
22:32:12.0325 1392 dgderdrv - ok
22:32:12.0341 1392 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:32:12.0356 1392 Dhcp - ok
22:32:12.0372 1392 DIRECTIO - ok
22:32:12.0403 1392 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:32:12.0403 1392 discache - ok
22:32:12.0419 1392 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:32:12.0419 1392 Disk - ok
22:32:12.0450 1392 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:32:12.0450 1392 Dnscache - ok
22:32:12.0481 1392 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:32:12.0497 1392 dot3svc - ok
22:32:12.0528 1392 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:32:12.0528 1392 DPS - ok
22:32:12.0543 1392 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:32:12.0543 1392 drmkaud - ok
22:32:12.0606 1392 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:32:12.0637 1392 DXGKrnl - ok
22:32:12.0653 1392 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:32:12.0668 1392 EapHost - ok
22:32:12.0731 1392 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:32:12.0793 1392 ebdrv - ok
22:32:12.0840 1392 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:32:12.0840 1392 EFS - ok
22:32:12.0902 1392 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:32:12.0902 1392 ehRecvr - ok
22:32:12.0918 1392 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:32:12.0918 1392 ehSched - ok
22:32:12.0949 1392 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:32:12.0980 1392 elxstor - ok
22:32:12.0996 1392 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:32:13.0011 1392 ErrDev - ok
22:32:13.0027 1392 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:32:13.0043 1392 EventSystem - ok
22:32:13.0074 1392 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:32:13.0074 1392 exfat - ok
22:32:13.0089 1392 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:32:13.0089 1392 fastfat - ok
22:32:13.0136 1392 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:32:13.0152 1392 Fax - ok
22:32:13.0167 1392 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:32:13.0167 1392 fdc - ok
22:32:13.0183 1392 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:32:13.0183 1392 fdPHost - ok
22:32:13.0199 1392 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:32:13.0199 1392 FDResPub - ok
22:32:13.0214 1392 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:32:13.0214 1392 FileInfo - ok
22:32:13.0230 1392 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:32:13.0230 1392 Filetrace - ok
22:32:13.0277 1392 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:32:13.0292 1392 FLEXnet Licensing Service - ok
22:32:13.0355 1392 [ F1A9C61436E12A637A647870DD6D9EEF ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
22:32:13.0370 1392 FLEXnet Licensing Service 64 - ok
22:32:13.0386 1392 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:32:13.0386 1392 flpydisk - ok
22:32:13.0401 1392 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:32:13.0401 1392 FltMgr - ok
22:32:13.0448 1392 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:32:13.0479 1392 FontCache - ok
22:32:13.0511 1392 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:32:13.0511 1392 FontCache3.0.0.0 - ok
22:32:13.0526 1392 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:32:13.0542 1392 FsDepends - ok
22:32:13.0557 1392 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
22:32:13.0557 1392 fssfltr - ok
22:32:13.0620 1392 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:32:13.0635 1392 fsssvc - ok
22:32:13.0682 1392 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:32:13.0682 1392 Fs_Rec - ok
22:32:13.0713 1392 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:32:13.0713 1392 fvevol - ok
22:32:13.0729 1392 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:32:13.0729 1392 gagp30kx - ok
22:32:13.0776 1392 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:32:13.0791 1392 gpsvc - ok
22:32:13.0838 1392 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:32:13.0838 1392 gupdate - ok
22:32:13.0854 1392 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:32:13.0854 1392 gupdatem - ok
22:32:13.0869 1392 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:32:13.0869 1392 hcw85cir - ok
22:32:13.0901 1392 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:32:13.0916 1392 HdAudAddService - ok
22:32:13.0947 1392 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:32:13.0963 1392 HDAudBus - ok
22:32:13.0979 1392 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:32:13.0979 1392 HidBatt - ok
22:32:13.0994 1392 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:32:13.0994 1392 HidBth - ok
22:32:14.0010 1392 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:32:14.0010 1392 HidIr - ok
22:32:14.0041 1392 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
22:32:14.0041 1392 hidserv - ok
22:32:14.0072 1392 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:32:14.0072 1392 HidUsb - ok
22:32:14.0103 1392 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:32:14.0103 1392 hkmsvc - ok
22:32:14.0135 1392 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:32:14.0166 1392 HomeGroupListener - ok
22:32:14.0197 1392 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:32:14.0213 1392 HomeGroupProvider - ok
22:32:14.0244 1392 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:32:14.0244 1392 HpSAMD - ok
22:32:14.0275 1392 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:32:14.0291 1392 HTTP - ok
22:32:14.0322 1392 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:32:14.0322 1392 hwpolicy - ok
22:32:14.0353 1392 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:32:14.0353 1392 i8042prt - ok
22:32:14.0400 1392 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:32:14.0415 1392 iaStorV - ok
22:32:14.0462 1392 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:32:14.0478 1392 idsvc - ok
22:32:14.0493 1392 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:32:14.0493 1392 iirsp - ok
22:32:14.0540 1392 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:32:14.0556 1392 IKEEXT - ok
22:32:14.0571 1392 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:32:14.0571 1392 intelide - ok
22:32:14.0587 1392 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:32:14.0587 1392 intelppm - ok
22:32:14.0618 1392 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:32:14.0618 1392 IPBusEnum - ok
22:32:14.0634 1392 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:32:14.0634 1392 IpFilterDriver - ok
22:32:14.0665 1392 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:32:14.0696 1392 iphlpsvc - ok
22:32:14.0712 1392 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:32:14.0712 1392 IPMIDRV - ok
22:32:14.0743 1392 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:32:14.0743 1392 IPNAT - ok
22:32:14.0759 1392 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:32:14.0759 1392 IRENUM - ok
22:32:14.0790 1392 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:32:14.0790 1392 isapnp - ok
22:32:14.0868 1392 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:32:14.0868 1392 iScsiPrt - ok
22:32:14.0883 1392 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:32:14.0883 1392 kbdclass - ok
22:32:14.0930 1392 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:32:14.0930 1392 kbdhid - ok
22:32:14.0930 1392 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:32:14.0946 1392 KeyIso - ok
22:32:14.0977 1392 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:32:14.0977 1392 KSecDD - ok
22:32:14.0993 1392 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:32:14.0993 1392 KSecPkg - ok
22:32:15.0008 1392 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:32:15.0008 1392 ksthunk - ok
22:32:15.0039 1392 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:32:15.0055 1392 KtmRm - ok
22:32:15.0086 1392 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:32:15.0102 1392 LanmanServer - ok
22:32:15.0133 1392 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:32:15.0149 1392 LanmanWorkstation - ok
22:32:15.0211 1392 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:32:15.0211 1392 LightScribeService - ok
22:32:15.0211 1392 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:32:15.0227 1392 lltdio - ok
22:32:15.0258 1392 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:32:15.0273 1392 lltdsvc - ok
22:32:15.0289 1392 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:32:15.0289 1392 lmhosts - ok
22:32:15.0305 1392 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:32:15.0320 1392 LSI_FC - ok
22:32:15.0336 1392 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:32:15.0336 1392 LSI_SAS - ok
22:32:15.0351 1392 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:32:15.0351 1392 LSI_SAS2 - ok
22:32:15.0367 1392 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:32:15.0367 1392 LSI_SCSI - ok
22:32:15.0398 1392 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:32:15.0398 1392 luafv - ok
22:32:15.0429 1392 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
22:32:15.0429 1392 MarvinBus - ok
22:32:15.0476 1392 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:32:15.0476 1392 MBAMProtector - ok
22:32:15.0523 1392 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:32:15.0539 1392 MBAMScheduler - ok
22:32:15.0554 1392 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:32:15.0570 1392 MBAMService - ok
22:32:15.0601 1392 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:32:15.0601 1392 Mcx2Svc - ok
22:32:15.0617 1392 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:32:15.0617 1392 megasas - ok
22:32:15.0632 1392 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:32:15.0648 1392 MegaSR - ok
22:32:15.0695 1392 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:32:15.0695 1392 Microsoft Office Groove Audit Service - ok
22:32:15.0710 1392 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:32:15.0726 1392 MMCSS - ok
22:32:15.0726 1392 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:32:15.0726 1392 Modem - ok
22:32:15.0741 1392 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:32:15.0741 1392 monitor - ok
22:32:15.0773 1392 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:32:15.0773 1392 mouclass - ok
22:32:15.0788 1392 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:32:15.0788 1392 mouhid - ok
22:32:15.0819 1392 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:32:15.0819 1392 mountmgr - ok
22:32:15.0851 1392 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:32:15.0851 1392 MozillaMaintenance - ok
22:32:15.0897 1392 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:32:15.0897 1392 mpio - ok
22:32:15.0913 1392 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:32:15.0913 1392 mpsdrv - ok
22:32:15.0960 1392 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:32:15.0991 1392 MpsSvc - ok
22:32:16.0022 1392 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:32:16.0022 1392 MRxDAV - ok
22:32:16.0053 1392 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:32:16.0053 1392 mrxsmb - ok
22:32:16.0085 1392 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:32:16.0100 1392 mrxsmb10 - ok
22:32:16.0116 1392 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:32:16.0116 1392 mrxsmb20 - ok
22:32:16.0131 1392 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:32:16.0131 1392 msahci - ok
22:32:16.0163 1392 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:32:16.0163 1392 msdsm - ok
22:32:16.0178 1392 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:32:16.0194 1392 MSDTC - ok
22:32:16.0209 1392 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:32:16.0209 1392 Msfs - ok
22:32:16.0209 1392 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:32:16.0225 1392 mshidkmdf - ok
22:32:16.0225 1392 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:32:16.0225 1392 msisadrv - ok
22:32:16.0256 1392 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:32:16.0256 1392 MSiSCSI - ok
22:32:16.0256 1392 msiserver - ok
22:32:16.0272 1392 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:32:16.0272 1392 MSKSSRV - ok
22:32:16.0287 1392 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:32:16.0287 1392 MSPCLOCK - ok
22:32:16.0303 1392 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:32:16.0303 1392 MSPQM - ok
22:32:16.0334 1392 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:32:16.0334 1392 MsRPC - ok
22:32:16.0381 1392 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:32:16.0381 1392 mssmbios - ok
22:32:16.0428 1392 MSSQL$SQLEXPRESS - ok
22:32:16.0490 1392 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:32:16.0490 1392 MSSQLServerADHelper100 - ok
22:32:16.0506 1392 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:32:16.0506 1392 MSTEE - ok
22:32:16.0537 1392 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:32:16.0537 1392 MTConfig - ok
22:32:16.0553 1392 [ 6936198F2CC25B39CF5262436C80DF46 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
22:32:16.0553 1392 MTsensor - ok
22:32:16.0568 1392 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:32:16.0568 1392 Mup - ok
22:32:16.0599 1392 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:32:16.0615 1392 napagent - ok
22:32:16.0631 1392 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:32:16.0646 1392 NativeWifiP - ok
22:32:16.0724 1392 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
22:32:16.0740 1392 NAUpdate - ok
22:32:16.0787 1392 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:32:16.0818 1392 NDIS - ok
22:32:16.0818 1392 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:32:16.0833 1392 NdisCap - ok
22:32:16.0833 1392 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:32:16.0849 1392 NdisTapi - ok
22:32:16.0880 1392 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:32:16.0880 1392 Ndisuio - ok
22:32:16.0911 1392 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:32:16.0911 1392 NdisWan - ok
22:32:16.0927 1392 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:32:16.0927 1392 NDProxy - ok
22:32:16.0943 1392 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:32:16.0943 1392 NetBIOS - ok
22:32:16.0958 1392 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:32:16.0958 1392 NetBT - ok
22:32:16.0974 1392 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:32:16.0974 1392 Netlogon - ok
22:32:17.0005 1392 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:32:17.0021 1392 Netman - ok
22:32:17.0052 1392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:32:17.0052 1392 NetMsmqActivator - ok
22:32:17.0052 1392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:32:17.0052 1392 NetPipeActivator - ok
22:32:17.0067 1392 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:32:17.0083 1392 netprofm - ok
22:32:17.0083 1392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:32:17.0083 1392 NetTcpActivator - ok
22:32:17.0083 1392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:32:17.0083 1392 NetTcpPortSharing - ok
22:32:17.0114 1392 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:32:17.0114 1392 nfrd960 - ok
22:32:17.0145 1392 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:32:17.0161 1392 NlaSvc - ok
22:32:17.0192 1392 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
22:32:17.0192 1392 NPF - ok
22:32:17.0208 1392 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:32:17.0208 1392 Npfs - ok
22:32:17.0223 1392 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:32:17.0223 1392 nsi - ok
22:32:17.0239 1392 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:32:17.0239 1392 nsiproxy - ok
22:32:17.0301 1392 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:32:17.0333 1392 Ntfs - ok
22:32:17.0348 1392 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:32:17.0348 1392 Null - ok
22:32:17.0379 1392 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:32:17.0379 1392 nvraid - ok
22:32:17.0411 1392 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:32:17.0426 1392 nvstor - ok
22:32:17.0442 1392 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:32:17.0457 1392 nv_agp - ok
22:32:17.0520 1392 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:32:17.0520 1392 odserv - ok
22:32:17.0551 1392 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:32:17.0551 1392 ohci1394 - ok
22:32:17.0582 1392 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:32:17.0582 1392 ose - ok
22:32:17.0598 1392 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:32:17.0613 1392 p2pimsvc - ok
22:32:17.0629 1392 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:32:17.0645 1392 p2psvc - ok
22:32:17.0660 1392 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:32:17.0676 1392 Parport - ok
22:32:17.0707 1392 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:32:17.0707 1392 partmgr - ok
22:32:17.0723 1392 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:32:17.0723 1392 PcaSvc - ok
22:32:17.0754 1392 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:32:17.0769 1392 pccsmcfd - ok
22:32:17.0785 1392 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:32:17.0785 1392 pci - ok
22:32:17.0816 1392 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:32:17.0816 1392 pciide - ok
22:32:17.0832 1392 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:32:17.0847 1392 pcmcia - ok
22:32:17.0863 1392 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:32:17.0863 1392 pcw - ok
22:32:17.0879 1392 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:32:17.0910 1392 PEAUTH - ok
22:32:17.0941 1392 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:32:17.0988 1392 PeerDistSvc - ok
22:32:18.0066 1392 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:32:18.0066 1392 PerfHost - ok
22:32:18.0113 1392 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:32:18.0144 1392 pla - ok
22:32:18.0175 1392 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:32:18.0191 1392 PlugPlay - ok
22:32:18.0191 1392 PnkBstrA - ok
22:32:18.0206 1392 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:32:18.0206 1392 PNRPAutoReg - ok
22:32:18.0206 1392 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:32:18.0222 1392 PNRPsvc - ok
22:32:18.0253 1392 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:32:18.0269 1392 PolicyAgent - ok
22:32:18.0284 1392 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:32:18.0284 1392 Power - ok
22:32:18.0331 1392 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:32:18.0331 1392 PptpMiniport - ok
22:32:18.0347 1392 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:32:18.0347 1392 Processor - ok
22:32:18.0378 1392 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:32:18.0378 1392 ProfSvc - ok
22:32:18.0393 1392 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:32:18.0393 1392 ProtectedStorage - ok
22:32:18.0425 1392 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:32:18.0425 1392 Psched - ok
22:32:18.0456 1392 [ 0B6DEA0A1662CAB8F2BF339DC0752EF4 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
22:32:18.0456 1392 PSI_SVC_2 - ok
22:32:18.0503 1392 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:32:18.0518 1392 ql2300 - ok
22:32:18.0549 1392 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:32:18.0549 1392 ql40xx - ok
22:32:18.0565 1392 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:32:18.0581 1392 QWAVE - ok
22:32:18.0596 1392 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:32:18.0596 1392 QWAVEdrv - ok
22:32:18.0612 1392 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:32:18.0612 1392 RasAcd - ok
22:32:18.0627 1392 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:32:18.0627 1392 RasAgileVpn - ok
22:32:18.0643 1392 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:32:18.0643 1392 RasAuto - ok
22:32:18.0674 1392 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:32:18.0674 1392 Rasl2tp - ok
22:32:18.0690 1392 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:32:18.0705 1392 RasMan - ok
22:32:18.0721 1392 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:32:18.0721 1392 RasPppoe - ok
22:32:18.0737 1392 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:32:18.0737 1392 RasSstp - ok
22:32:18.0768 1392 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:32:18.0768 1392 rdbss - ok
22:32:18.0783 1392 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:32:18.0783 1392 rdpbus - ok
22:32:18.0799 1392 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:32:18.0799 1392 RDPCDD - ok
22:32:18.0830 1392 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:32:18.0846 1392 RDPDR - ok
22:32:18.0846 1392 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:32:18.0846 1392 RDPENCDD - ok
22:32:18.0861 1392 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:32:18.0861 1392 RDPREFMP - ok
22:32:18.0893 1392 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:32:18.0908 1392 RDPWD - ok
22:32:18.0924 1392 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:32:18.0924 1392 rdyboost - ok
22:32:18.0939 1392 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:32:18.0955 1392 RemoteAccess - ok
22:32:18.0955 1392 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:32:18.0971 1392 RemoteRegistry - ok
22:32:19.0002 1392 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:32:19.0002 1392 RFCOMM - ok
22:32:19.0080 1392 [ 8CFCA7E2FD4B57C2BEF929C1C1A4C56E ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
22:32:19.0080 1392 RichVideo - ok
22:32:19.0111 1392 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
22:32:19.0127 1392 rpcapd - ok
22:32:19.0127 1392 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:32:19.0142 1392 RpcEptMapper - ok
22:32:19.0158 1392 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:32:19.0158 1392 RpcLocator - ok
22:32:19.0205 1392 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:32:19.0220 1392 RpcSs - ok
22:32:19.0251 1392 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
22:32:19.0267 1392 RsFx0103 - ok
22:32:19.0267 1392 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:32:19.0283 1392 rspndr - ok
22:32:19.0298 1392 [ 68DD0457D18FCCEF7384AE84022F0C86 ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
22:32:19.0298 1392 RTL8023x64 - ok
22:32:19.0314 1392 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:32:19.0314 1392 RTL8167 - ok
22:32:19.0345 1392 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:32:19.0361 1392 s3cap - ok
22:32:19.0361 1392 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:32:19.0376 1392 SamSs - ok
22:32:19.0407 1392 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:32:19.0407 1392 sbp2port - ok
22:32:19.0423 1392 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:32:19.0439 1392 SCardSvr - ok
22:32:19.0470 1392 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:32:19.0470 1392 scfilter - ok
22:32:19.0517 1392 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:32:19.0548 1392 Schedule - ok
22:32:19.0579 1392 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:32:19.0579 1392 SCPolicySvc - ok
22:32:19.0641 1392 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:32:19.0657 1392 SDRSVC - ok
22:32:19.0704 1392 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:32:19.0719 1392 SeaPort - ok
22:32:19.0782 1392 [ F4BD8926AFB3B2067F2BD210032EC3BE ] SearchAnonymizer C:\Users\Administráto\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
22:32:19.0782 1392 SearchAnonymizer - ok
22:32:19.0813 1392 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:32:19.0813 1392 secdrv - ok
22:32:19.0813 1392 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:32:19.0829 1392 seclogon - ok
22:32:19.0829 1392 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
22:32:19.0844 1392 SENS - ok
22:32:19.0844 1392 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:32:19.0860 1392 SensrSvc - ok
22:32:19.0875 1392 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:32:19.0875 1392 Serenum - ok
22:32:19.0891 1392 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:32:19.0907 1392 Serial - ok
22:32:19.0938 1392 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:32:19.0938 1392 sermouse - ok
22:32:20.0000 1392 [ 58D5BFDF3ADF49FE9CABD78CC61D92F6 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:32:20.0016 1392 ServiceLayer - ok
22:32:20.0078 1392 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:32:20.0078 1392 SessionEnv - ok
22:32:20.0109 1392 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:32:20.0109 1392 sffdisk - ok
22:32:20.0141 1392 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:32:20.0141 1392 sffp_mmc - ok
22:32:20.0172 1392 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:32:20.0172 1392 sffp_sd - ok
22:32:20.0187 1392 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:32:20.0187 1392 sfloppy - ok
22:32:20.0219 1392 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:32:20.0250 1392 SharedAccess - ok
22:32:20.0281 1392 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:32:20.0297 1392 ShellHWDetection - ok
22:32:20.0312 1392 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:32:20.0312 1392 SiSRaid2 - ok
22:32:20.0328 1392 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:32:20.0328 1392 SiSRaid4 - ok
22:32:20.0359 1392 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:32:20.0359 1392 Smb - ok
22:32:20.0390 1392 [ 427C2B34BF4DD4F813DA4C0DF154CC94 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
22:32:20.0406 1392 snapman - ok
22:32:20.0421 1392 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:32:20.0421 1392 SNMPTRAP - ok
22:32:20.0468 1392 [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
22:32:20.0484 1392 SolidWorks Licensing Service - ok
22:32:20.0484 1392 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:32:20.0484 1392 spldr - ok
22:32:20.0531 1392 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:32:20.0546 1392 Spooler - ok
22:32:20.0640 1392 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:32:20.0702 1392 sppsvc - ok
22:32:20.0702 1392 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:32:20.0718 1392 sppuinotify - ok
22:32:20.0718 1392 ================ Scan global ===============================
22:32:20.0733 1392 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:32:20.0765 1392 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:32:20.0796 1392 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
22:32:20.0811 1392 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:32:20.0827 1392 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:32:20.0843 1392 [Global] - ok
22:32:20.0858 1392 ================ Scan MBR ==================================
22:32:20.0858 1392 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:32:21.0092 1392 \Device\Harddisk0\DR0 - ok
22:32:21.0092 1392 ================ Scan VBR ==================================
22:32:21.0092 1392 [ 899CF9145EC764FE57BBF2F22D784389 ] \Device\Harddisk0\DR0\Partition1
22:32:21.0108 1392 \Device\Harddisk0\DR0\Partition1 - ok
22:32:21.0108 1392 ============================================================
22:32:21.0108 1392 Scan finished
22:32:21.0108 1392 ============================================================
22:32:21.0108 4664 Detected object count: 0
22:32:21.0108 4664 Actual detected object count: 0
22:32:51.0637 3692 Deinitialize success

[misananuk]

ComboFix 13-02-03.03 - Administráto 03.02.2013 22:42:11.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4086.2386 [GMT 1:00]
Spuštěný z: c:\users\Administráto\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-03 do 2013-02-03 )))))))))))))))))))))))))))))))
.
.
2013-02-03 21:51 . 2013-02-03 21:51 -------- d-----w- c:\users\Mik\AppData\Local\temp
2013-02-03 21:51 . 2013-02-03 21:51 -------- d-----w- c:\users\M\AppData\Local\temp
2013-02-03 21:51 . 2013-02-03 21:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 21:44 . 2013-02-03 21:44 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2DC8B9F-89B7-42C1-A621-4DB1F0287043}\offreg.dll
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\users\Administráto\AppData\Roaming\Malwarebytes
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\programdata\Malwarebytes
2013-02-03 19:38 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-03 19:37 . 2013-02-03 19:37 -------- d-----w- c:\users\Administráto\AppData\Local\Programs
2013-02-03 17:49 . 2013-02-03 17:49 -------- d---a-w- c:\windows\rundll16.exe
2013-02-03 17:49 . 2013-02-03 17:49 -------- d---a-w- c:\windows\logo1_.exe
2013-02-02 15:28 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2DC8B9F-89B7-42C1-A621-4DB1F0287043}\mpengine.dll
2013-01-30 22:18 . 2013-01-30 22:18 -------- d-----w- c:\program files (x86)\Lavalys
2013-01-30 15:44 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-30 15:44 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-30 15:44 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-01-30 15:44 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-30 15:44 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-30 15:43 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-30 15:43 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-30 15:43 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-01-30 15:43 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-01-30 15:43 . 2013-01-30 15:43 -------- d-----w- c:\programdata\AVAST Software
2013-01-30 15:43 . 2013-01-30 15:43 -------- d-----w- c:\program files\AVAST Software
2013-01-30 13:02 . 2013-01-30 22:43 242 ----a-w- c:\windows\DeleteOnReboot.bat
2013-01-30 11:53 . 2013-01-30 11:53 -------- d-----w- c:\program files\trend micro
2013-01-30 11:53 . 2013-01-30 11:53 -------- d-----w- C:\rsit
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\VDLL.DLL
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\SysWow64\runouce.exe
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\RUNDL132.EXE
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\logo_1.exe
2013-01-29 22:19 . 2013-01-29 22:19 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2013-01-29 22:19 . 2013-01-29 22:19 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2013-01-29 22:19 . 2013-01-29 22:19 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2013-01-29 22:19 . 2013-01-29 22:19 -------- d-----w- c:\programdata\MicroWorld
2013-01-29 20:07 . 2013-01-29 20:07 -------- d-----w- c:\programdata\Local Settings
2013-01-29 20:07 . 2013-01-29 21:59 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-29 20:07 . 2013-01-30 21:57 -------- d-sh--r- c:\users\Administráto\6438640620394286720310355
2013-01-20 18:05 . 2013-01-20 18:05 -------- d-----w- c:\programdata\ATI
2013-01-20 18:05 . 2013-01-20 18:05 -------- d-----w- c:\program files (x86)\AMD AVT
2013-01-20 18:04 . 2013-01-20 18:04 -------- d-----w- c:\program files (x86)\AMD APP
2013-01-10 00:23 . 2013-01-10 00:26 -------- d-----w- C:\bbbe4d066e61f4ce11b743a7
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-30 13:41 . 2010-06-05 12:37 3090528 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2013-01-30 13:41 . 2011-01-20 11:22 3097056 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1029\ResourceCache.dll
2013-01-29 21:59 . 2013-01-29 20:07 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-29 21:59 . 2013-01-29 20:07 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-24 13:26 . 2012-08-29 14:29 37720 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-01-17 00:28 . 2009-11-25 08:45 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-10 00:23 . 2009-11-25 09:42 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 01:14 . 2012-10-16 09:41 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 01:14 . 2011-05-31 08:43 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-19 20:50 . 2009-11-25 02:55 5630200 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:09 . 2012-04-06 02:21 960512 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2012-04-06 02:20 1151488 ----a-w- c:\windows\system32\aticfx64.dll
2012-12-19 19:59 . 2012-11-11 13:02 5087744 ----a-w- c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-11-11 13:02 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-12-19 19:49 . 2009-11-25 03:04 7370752 ----a-w- c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2009-11-25 02:37 4162048 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-11-11 13:02 6786560 ----a-w- c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2012-11-11 13:02 619008 ----a-w- c:\windows\system32\atiadlxx.dll
2012-12-19 19:31 . 2012-04-06 01:09 130048 ----a-w- c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2012-11-11 13:02 104448 ----a-w- c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2012-04-06 01:09 83968 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-12-19 14:45 . 2012-12-19 14:45 222720 ----a-w- c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44 34518016 ----a-w- c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38 28732928 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-12-18 01:06 . 2011-12-23 18:58 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-12-18 01:06 . 2011-04-27 12:19 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-12-16 17:11 . 2012-12-21 00:08 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 00:08 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 00:08 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 00:08 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 11:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 23:36 . 2011-02-13 15:46 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-14 23:36 . 2010-03-10 13:04 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-14 07:06 . 2012-12-12 23:42 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 23:42 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 23:42 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 23:42 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 23:42 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 23:42 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 23:42 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 23:42 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 23:42 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 23:42 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 23:42 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 23:42 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 23:42 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 23:42 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 23:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 23:42 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 23:42 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 23:42 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 23:42 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 23:42 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 23:42 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 23:42 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-10 23:42 . 2010-03-10 13:04 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-09 05:45 . 2012-12-12 11:21 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 11:21 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-07 02:04 . 2010-03-10 13:04 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2010-02-20 306088]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-12-20 844296]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-04 1354736]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 2171904]
"EEventManager"="c:\program files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2006-03-17 102400]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-07-17 27760]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-29 210216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-05-12 202256]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\users\Administráto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Live.lnk - c:\program files (x86)\JRE\Folding@home.exe [2010-2-18 452608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LUMIX Simple Viewer.lnk - c:\program files (x86)\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2010-2-19 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R0 CFRMD;CFRMD; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-05-25 20568]
R3 DIRECTIO;DIRECTIO;c:\program files (x86)\BurnInTest\DirectIo.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-24 1315592]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-05-25 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-17 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-18 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-01-24 37720]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Administráto\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2010-05-17 40960]
S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [2013-01-24 945328]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-06-02 1207808]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 19:09 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-16 01:14]
.
2013-02-03 c:\windows\Tasks\COMODO System Cleaner Update.job
- c:\program files (x86)\COMODO\COMODO System-Cleaner\UpdateApplications.exe [2010-01-26 15:32]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-13 23:06]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-13 23:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Administráto\AppData\Roaming\Mozilla\Firefox\Profiles\czp311v7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - ExtSQL: 2013-01-30 16:49; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,38,12,78,38,4c,
81,00,23,88,0a,f5,40,f8,f6,90,c6,d4,52
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=hex:51,66,7a,6c,4c,1d,38,12,c2,99,1a,
36,00,8f,58,04,e1,8c,0d,76,4f,1c,0a,03
"{9384BD4C-DD14-4BE9-80F7-F6277511E4F5}"=hex:51,66,7a,6c,4c,1d,38,12,22,be,97,
97,26,93,87,0e,ff,e1,b5,67,70,4f,a0,e1
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:84,ec,eb,a1,5e,26,cd,01
.
[HKEY_USERS\S-1-5-21-1417383624-3162349305-401947947-1000\Software\SecuROM\License information*]
"datasecu"=hex:e7,48,8f,63,8c,58,0a,86,ac,ee,6c,d3,fc,6c,f6,a3,89,8b,a8,c0,4a,
1c,9e,2a,d5,0e,52,66,aa,a2,1b,14,aa,84,0a,48,cb,e9,c6,fd,41,91,ac,6d,74,db,\
"rkeysecu"=hex:3c,35,dd,a1,d3,b0,ec,30,29,e0,08,13,1b,7a,25,3e
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-03 22:55:20
ComboFix-quarantined-files.txt 2013-02-03 21:55
ComboFix2.txt 2013-01-30 15:21
.
Před spuštěním: Volných bajtů: 20 574 269 440
Po spuštění: Volných bajtů: 20 827 357 184
.
- - End Of File - - E65BF8CC207704DC75EB87462D138A16

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
c:\windows\rundll16.exe
c:\windows\logo1_.exe
c:\windows\SysWow64\runouce.exe
c:\windows\RUNDL132.EXE
c:\windows\logo_1.exe
c:\program files (x86)\Common Files\MicroWorld
c:\programdata\MicroWorld
c:\program files (x86)\Common Files\AVG Secure Search

File::
c:\windows\SysWow64\msvcp80.dll
c:\windows\SysWow64\eEmpty.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

DirLook::
c:\users\Administráto\6438640620394286720310355
C:\bbbe4d066e61f4ce11b743a7

Driver::
vToolbarUpdater14.0.1

Firefox::
FF - ProfilePath - c:\users\Administráto\AppData\Roaming\Mozilla\Firefox\Profiles\czp311v7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť?.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[misananuk]

ComboFix 13-02-03.03 - Administráto 04.02.2013 14:34:21.3.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4086.2217 [GMT 1:00]
Spuštěný z: c:\users\Administrßto\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Administrßto\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-04 do 2013-02-04 )))))))))))))))))))))))))))))))
.
.
2013-02-04 13:42 . 2013-02-04 13:42 -------- d-----w- c:\users\Mik\AppData\Local\temp
2013-02-04 13:42 . 2013-02-04 13:42 -------- d-----w- c:\users\M\AppData\Local\temp
2013-02-04 13:42 . 2013-02-04 13:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-04 13:32 . 2013-02-04 13:32 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2DC8B9F-89B7-42C1-A621-4DB1F0287043}\offreg.dll
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\users\Administráto\AppData\Roaming\Malwarebytes
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\programdata\Malwarebytes
2013-02-03 19:38 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-03 19:37 . 2013-02-03 19:37 -------- d-----w- c:\users\Administráto\AppData\Local\Programs
2013-02-03 17:49 . 2013-02-03 17:49 -------- d---a-w- c:\windows\rundll16.exe
2013-02-03 17:49 . 2013-02-03 17:49 -------- d---a-w- c:\windows\logo1_.exe
2013-02-02 15:28 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2DC8B9F-89B7-42C1-A621-4DB1F0287043}\mpengine.dll
2013-01-30 22:18 . 2013-01-30 22:18 -------- d-----w- c:\program files (x86)\Lavalys
2013-01-30 15:44 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-30 15:44 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-30 15:44 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-01-30 15:44 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-30 15:44 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-30 15:43 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-30 15:43 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-30 15:43 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-01-30 15:43 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-01-30 15:43 . 2013-01-30 15:43 -------- d-----w- c:\programdata\AVAST Software
2013-01-30 15:43 . 2013-01-30 15:43 -------- d-----w- c:\program files\AVAST Software
2013-01-30 13:02 . 2013-01-30 22:43 242 ----a-w- c:\windows\DeleteOnReboot.bat
2013-01-30 11:53 . 2013-01-30 11:53 -------- d-----w- c:\program files\trend micro
2013-01-30 11:53 . 2013-01-30 11:53 -------- d-----w- C:\rsit
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\VDLL.DLL
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\SysWow64\runouce.exe
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\RUNDL132.EXE
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\logo_1.exe
2013-01-29 22:19 . 2013-01-29 22:19 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2013-01-29 22:19 . 2013-01-29 22:19 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2013-01-29 22:19 . 2013-01-29 22:19 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2013-01-29 22:19 . 2013-01-29 22:19 -------- d-----w- c:\programdata\MicroWorld
2013-01-29 20:07 . 2013-01-29 20:07 -------- d-----w- c:\programdata\Local Settings
2013-01-29 20:07 . 2013-01-29 21:59 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-29 20:07 . 2013-01-30 21:57 -------- d-sh--r- c:\users\Administráto\6438640620394286720310355
2013-01-20 18:05 . 2013-01-20 18:05 -------- d-----w- c:\programdata\ATI
2013-01-20 18:05 . 2013-01-20 18:05 -------- d-----w- c:\program files (x86)\AMD AVT
2013-01-20 18:04 . 2013-01-20 18:04 -------- d-----w- c:\program files (x86)\AMD APP
2013-01-10 00:23 . 2013-01-10 00:26 -------- d-----w- C:\bbbe4d066e61f4ce11b743a7
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-30 13:41 . 2010-06-05 12:37 3090528 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2013-01-30 13:41 . 2011-01-20 11:22 3097056 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1029\ResourceCache.dll
2013-01-29 21:59 . 2013-01-29 20:07 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-29 21:59 . 2013-01-29 20:07 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-24 13:26 . 2012-08-29 14:29 37720 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-01-17 00:28 . 2009-11-25 08:45 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-10 00:23 . 2009-11-25 09:42 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 01:14 . 2012-10-16 09:41 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 01:14 . 2011-05-31 08:43 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-19 20:50 . 2009-11-25 02:55 5630200 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:09 . 2012-04-06 02:21 960512 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2012-04-06 02:20 1151488 ----a-w- c:\windows\system32\aticfx64.dll
2012-12-19 19:59 . 2012-11-11 13:02 5087744 ----a-w- c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-11-11 13:02 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-12-19 19:49 . 2009-11-25 03:04 7370752 ----a-w- c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2009-11-25 02:37 4162048 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-11-11 13:02 6786560 ----a-w- c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2012-11-11 13:02 619008 ----a-w- c:\windows\system32\atiadlxx.dll
2012-12-19 19:31 . 2012-04-06 01:09 130048 ----a-w- c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2012-11-11 13:02 104448 ----a-w- c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2012-04-06 01:09 83968 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-12-19 14:45 . 2012-12-19 14:45 222720 ----a-w- c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44 34518016 ----a-w- c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38 28732928 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-12-18 01:06 . 2011-12-23 18:58 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-12-18 01:06 . 2011-04-27 12:19 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-12-16 17:11 . 2012-12-21 00:08 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 00:08 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 00:08 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 00:08 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 11:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 23:36 . 2011-02-13 15:46 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-14 23:36 . 2010-03-10 13:04 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-14 07:06 . 2012-12-12 23:42 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 23:42 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 23:42 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 23:42 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 23:42 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 23:42 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 23:42 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 23:42 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 23:42 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 23:42 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 23:42 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 23:42 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 23:42 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 23:42 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 23:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 23:42 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 23:42 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 23:42 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 23:42 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 23:42 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 23:42 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 23:42 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-10 23:42 . 2010-03-10 13:04 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-09 05:45 . 2012-12-12 11:21 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 11:21 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-07 02:04 . 2010-03-10 13:04 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2010-02-20 306088]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-12-20 844296]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-04 1354736]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 2171904]
"EEventManager"="c:\program files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2006-03-17 102400]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-07-17 27760]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-29 210216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-05-12 202256]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\users\Administráto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Live.lnk - c:\program files (x86)\JRE\Folding@home.exe [2010-2-18 452608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LUMIX Simple Viewer.lnk - c:\program files (x86)\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2010-2-19 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R0 CFRMD;CFRMD; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-05-25 20568]
R3 DIRECTIO;DIRECTIO;c:\program files (x86)\BurnInTest\DirectIo.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-24 1315592]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-05-25 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-17 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-18 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-01-24 37720]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Administráto\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2010-05-17 40960]
S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [2013-01-24 945328]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-06-02 1207808]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 19:09 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-16 01:14]
.
2013-02-03 c:\windows\Tasks\COMODO System Cleaner Update.job
- c:\program files (x86)\COMODO\COMODO System-Cleaner\UpdateApplications.exe [2010-01-26 15:32]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-13 23:06]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-13 23:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Administráto\AppData\Roaming\Mozilla\Firefox\Profiles\czp311v7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - ExtSQL: 2013-01-30 16:49; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,38,12,78,38,4c,
81,00,23,88,0a,f5,40,f8,f6,90,c6,d4,52
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=hex:51,66,7a,6c,4c,1d,38,12,c2,99,1a,
36,00,8f,58,04,e1,8c,0d,76,4f,1c,0a,03
"{9384BD4C-DD14-4BE9-80F7-F6277511E4F5}"=hex:51,66,7a,6c,4c,1d,38,12,22,be,97,
97,26,93,87,0e,ff,e1,b5,67,70,4f,a0,e1
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:84,ec,eb,a1,5e,26,cd,01
.
[HKEY_USERS\S-1-5-21-1417383624-3162349305-401947947-1000\Software\SecuROM\License information*]
"datasecu"=hex:e7,48,8f,63,8c,58,0a,86,ac,ee,6c,d3,fc,6c,f6,a3,89,8b,a8,c0,4a,
1c,9e,2a,d5,0e,52,66,aa,a2,1b,14,aa,84,0a,48,cb,e9,c6,fd,41,91,ac,6d,74,db,\
"rkeysecu"=hex:3c,35,dd,a1,d3,b0,ec,30,29,e0,08,13,1b,7a,25,3e
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-04 14:45:43
ComboFix-quarantined-files.txt 2013-02-04 13:45
ComboFix2.txt 2013-02-03 21:55
ComboFix3.txt 2013-01-30 15:21
.
Před spuštěním: Volných bajtů: 20 486 852 608
Po spuštění: Volných bajtů: 20 405 252 096
.
- - End Of File - - 1D3A0AB187840B59E0AAFBF06FC864A8

[memphisto]

Nic se neprovedlo. Zkus to znovu v nouzovém režimu