Prosím o kontrolu - pomalé PC +

divine · Příspěvekod **divine** » 05 úno 2013 18:59

Ahoj,

moc prosím o kontrolu tohoto notebooku. Jedná se o pracovní notebook mé mámy, je tam hodně pracovních věcí(aplikace, kalkulačky atd.) o které nesmí přijít.

Teď k chování notebooku : je velice spomalený, dlouho se vše načítá. Videa na youtube.com se sekaj (po přepnutí na HD). Zřejmě si tam neopatrností natahala hodně havěti a zbytečností. Reinstal systému není možný, protože by přišla o programy, které nejdou stáhnout.

Jelikož to není můj notebook, tak na něm nebudu každý den. Tim pádem prosím o toleranci.

Děkuji

Tady je log z HijackThis :
__________________________________________________________________________________________________________________________________

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:26, on 5.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Kooperativa - PDF Server.lnk = C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Unknown owner - C:\windows\system32\SAsrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11225 bytes

Reklama

Příspěvekod **memphisto** » 05 úno 2013 21:12

Odinstaluj:
Ask Toolbar
Nero Toolbar
Daemon Tools Toolbar

v logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

divine · Příspěvekod **divine** » 10 úno 2013 19:31

Na pc jsem se dostal až teď :

LOG z Malwarebytes' Anti-Malware

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.10.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Zdeňka :: ZDEŇKA-PC [administrátor]

10.2.2013 19:19:35
mbam-log-2013-02-10 (19-19-35).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 229829
Uplynulý čas: 4 minut, 35 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

LOG z AdwCleaneru

# AdwCleaner v2.112 - Logfile created 02/10/2013 at 19:25:17
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Zdeňka - ZDEŇKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Zdeňka\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\ProgramData\Ask

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKU\S-1-5-21-3585178541-2772533623-869460312-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Users\Zdeňka\AppData\Roaming\Mozilla\Firefox\Profiles\m8i98mue.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Zdeňka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2057 octets] - [10/02/2013 19:25:17]

########## EOF - C:\AdwCleaner[R1].txt - [2117 octets] ##########

Příspěvekod **jaro3** » 10 úno 2013 20:37

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

divine · Příspěvekod **divine** » 10 úno 2013 22:16

LOG z AdwCleaneru :

# AdwCleaner v2.112 - Logfile created 02/10/2013 at 20:43:17
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Zdeňka - ZDEŇKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Zdeňka\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\ProgramData\Ask

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Users\Zdeňka\AppData\Roaming\Mozilla\Firefox\Profiles\m8i98mue.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Zdeňka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2180 octets] - [10/02/2013 19:25:17]
AdwCleaner[S1].txt - [1989 octets] - [10/02/2013 20:43:17]

########## EOF - C:\AdwCleaner[S1].txt - [2049 octets] ##########

LOG z ComboFixu :

ComboFix 13-02-07.02 - Zdeňka 10.02.2013 21:00:12.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2009.782 [GMT 1:00]
Spuštěný z: c:\users\Zde˛ka\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-10 do 2013-02-10 )))))))))))))))))))))))))))))))
.
.
2013-02-10 20:57 . 2013-02-10 20:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-10 19:46 . 2013-02-10 19:46 -------- d-----w- c:\users\Zdeňka\AppData\Local\Broadcom
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\users\Zdeňka\AppData\Roaming\Malwarebytes
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\programdata\Malwarebytes
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-10 18:18 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\users\Zdeňka\AppData\Local\Programs
2013-02-08 08:40 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4845B3C3-9D01-4363-A5B0-2BE8C474EBCD}\mpengine.dll
2013-02-07 11:09 . 2013-02-07 11:09 -------- d-----w- c:\program files (x86)\Foxit Software
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-05 17:50 . 2013-02-05 17:50 -------- d-----w- c:\program files (x86)\Trend Micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 10:22 . 2012-12-23 16:37 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-08 10:22 . 2011-12-23 16:57 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-17 00:28 . 2011-01-05 14:55 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 16:03 . 2011-01-05 14:20 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-26 08:44 . 2011-11-21 08:06 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-16 17:11 . 2012-12-23 16:39 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-23 16:39 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 16:39 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-23 16:39 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 15:29 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 15:29 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 15:29 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 15:29 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 15:29 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 15:29 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 15:29 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 15:29 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 15:29 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 15:29 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 15:29 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 15:29 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 15:29 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 15:29 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 15:29 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 15:29 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 15:29 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 15:29 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 15:29 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 15:29 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 15:29 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 15:29 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 15:29 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 15:29 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 15:29 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-07 10:46 . 2013-01-09 15:29 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-11-30 05:45 . 2013-01-09 15:28 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 15:28 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 15:28 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 15:28 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 15:28 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 15:28 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 15:28 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 15:28 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 15:28 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"T-Mobile Communication Centre"="c:\program files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" [2012-04-03 1364664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
c:\users\Zdeňka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2011-2-3 10300416]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [2010-03-25 445496]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-05 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-05 834544]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 funfrm;funfrm; [x]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-04-02 123800]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\bin\fbguard.exe [2007-12-12 65536]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 26128]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\bin\fbserver.exe [2007-12-12 1531989]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 197376]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 09:56 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 10:22]
.
2013-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 12:36]
.
2013-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 12:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-18 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-18 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-18 365592]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-09-29 4366704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Zdeňka\AppData\Roaming\Mozilla\Firefox\Profiles\m8i98mue.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-VeriFaceManager - c:\program files (x86)\Lenovo\VeriFace\PManage.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-10 22:01:38
ComboFix-quarantined-files.txt 2013-02-10 21:01
.
Před spuštěním: Volných bajtů: 404 569 202 688
Po spuštění: Volných bajtů: 403 945 582 592
.
- - End Of File - - 3FF1DB0FE17A73977A489DDE8D699830

divine · Příspěvekod **divine** » 10 úno 2013 22:16

LOG z TDSSKilleru :

20:50:39.0755 3028 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:50:40.0021 3028 ============================================================
20:50:40.0021 3028 Current date / time: 2013/02/10 20:50:40.0021
20:50:40.0021 3028 SystemInfo:
20:50:40.0021 3028
20:50:40.0021 3028 OS Version: 6.1.7601 ServicePack: 1.0
20:50:40.0021 3028 Product type: Workstation
20:50:40.0021 3028 ComputerName: ZDEŇKA-PC
20:50:40.0021 3028 UserName: Zdeňka
20:50:40.0021 3028 Windows directory: C:\windows
20:50:40.0021 3028 System windows directory: C:\windows
20:50:40.0021 3028 Running under WOW64
20:50:40.0021 3028 Processor architecture: Intel x64
20:50:40.0021 3028 Number of processors: 2
20:50:40.0021 3028 Page size: 0x1000
20:50:40.0021 3028 Boot type: Normal boot
20:50:40.0021 3028 ============================================================
20:50:40.0738 3028 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:50:40.0738 3028 ============================================================
20:50:40.0738 3028 \Device\Harddisk0\DR0:
20:50:40.0738 3028 MBR partitions:
20:50:40.0738 3028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
20:50:40.0738 3028 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34920980
20:50:40.0769 3028 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34985980, BlocksNum 0x3C7E000
20:50:40.0769 3028 ============================================================
20:50:40.0816 3028 C: <-> \Device\Harddisk0\DR0\Partition2
20:50:40.0863 3028 D: <-> \Device\Harddisk0\DR0\Partition3
20:50:40.0863 3028 ============================================================
20:50:40.0863 3028 Initialize success
20:50:40.0863 3028 ============================================================
20:50:42.0735 4392 ============================================================
20:50:42.0735 4392 Scan started
20:50:42.0735 4392 Mode: Manual;
20:50:42.0735 4392 ============================================================
20:50:43.0593 4392 ================ Scan system memory ========================
20:50:43.0593 4392 System memory - ok
20:50:43.0609 4392 ================ Scan services =============================
20:50:43.0921 4392 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:50:43.0921 4392 1394ohci - ok
20:50:43.0983 4392 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:50:43.0983 4392 ACPI - ok
20:50:44.0014 4392 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:50:44.0014 4392 AcpiPmi - ok
20:50:44.0077 4392 [ 2E68544BCE94DE6677F700CF1D582B6D ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
20:50:44.0077 4392 ACPIVPC - ok
20:50:44.0170 4392 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:50:44.0170 4392 AdobeARMservice - ok
20:50:44.0326 4392 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:50:44.0342 4392 AdobeFlashPlayerUpdateSvc - ok
20:50:44.0389 4392 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
20:50:44.0404 4392 adp94xx - ok
20:50:44.0451 4392 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
20:50:44.0467 4392 adpahci - ok
20:50:44.0513 4392 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
20:50:44.0513 4392 adpu320 - ok
20:50:44.0545 4392 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:50:44.0545 4392 AeLookupSvc - ok
20:50:44.0607 4392 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:50:44.0623 4392 AFD - ok
20:50:44.0654 4392 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:50:44.0669 4392 agp440 - ok
20:50:44.0701 4392 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:50:44.0716 4392 ALG - ok
20:50:44.0763 4392 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:50:44.0763 4392 aliide - ok
20:50:44.0794 4392 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:50:44.0794 4392 amdide - ok
20:50:44.0825 4392 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
20:50:44.0841 4392 AmdK8 - ok
20:50:44.0857 4392 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:50:44.0857 4392 AmdPPM - ok
20:50:44.0903 4392 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:50:44.0903 4392 amdsata - ok
20:50:44.0950 4392 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
20:50:44.0966 4392 amdsbs - ok
20:50:44.0997 4392 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:50:44.0997 4392 amdxata - ok
20:50:45.0091 4392 [ CA584273D6DB558C62CC2125D946DA8D ] ameisvc C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
20:50:45.0091 4392 ameisvc - ok
20:50:45.0153 4392 [ F7C36D620992FD7B5064603992C967EB ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
20:50:45.0153 4392 ApfiltrService - ok
20:50:45.0184 4392 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:50:45.0200 4392 AppID - ok
20:50:45.0231 4392 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:50:45.0231 4392 AppIDSvc - ok
20:50:45.0262 4392 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:50:45.0262 4392 Appinfo - ok
20:50:45.0309 4392 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
20:50:45.0309 4392 arc - ok
20:50:45.0340 4392 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
20:50:45.0340 4392 arcsas - ok
20:50:45.0449 4392 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:50:45.0496 4392 aspnet_state - ok
20:50:45.0543 4392 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
20:50:45.0543 4392 aswFsBlk - ok
20:50:45.0621 4392 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\windows\system32\drivers\aswKbd.sys
20:50:45.0621 4392 aswKbd - ok
20:50:45.0683 4392 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
20:50:45.0683 4392 aswMonFlt - ok
20:50:45.0746 4392 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
20:50:45.0746 4392 aswRdr - ok
20:50:45.0824 4392 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
20:50:45.0839 4392 aswSnx - ok
20:50:45.0871 4392 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
20:50:45.0886 4392 aswSP - ok
20:50:45.0917 4392 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
20:50:45.0917 4392 aswTdi - ok
20:50:45.0964 4392 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:50:45.0964 4392 AsyncMac - ok
20:50:46.0011 4392 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:50:46.0011 4392 atapi - ok
20:50:46.0073 4392 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:50:46.0089 4392 AudioEndpointBuilder - ok
20:50:46.0105 4392 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:50:46.0105 4392 AudioSrv - ok
20:50:46.0198 4392 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:50:46.0214 4392 avast! Antivirus - ok
20:50:46.0292 4392 avast! Firewall - ok
20:50:46.0354 4392 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:50:46.0354 4392 AxInstSV - ok
20:50:46.0385 4392 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
20:50:46.0385 4392 b06bdrv - ok
20:50:46.0448 4392 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:50:46.0448 4392 b57nd60a - ok
20:50:46.0588 4392 [ FB4FDA64F2E8552EAEB5986C3F34462C ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
20:50:46.0682 4392 BCM43XX - ok
20:50:46.0729 4392 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:50:46.0729 4392 BDESVC - ok
20:50:46.0775 4392 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:50:46.0775 4392 Beep - ok
20:50:46.0838 4392 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
20:50:46.0853 4392 BFE - ok
20:50:46.0916 4392 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
20:50:46.0947 4392 BITS - ok
20:50:46.0994 4392 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:50:46.0994 4392 blbdrive - ok
20:50:47.0041 4392 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:50:47.0041 4392 bowser - ok
20:50:47.0072 4392 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
20:50:47.0072 4392 BrFiltLo - ok
20:50:47.0087 4392 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
20:50:47.0103 4392 BrFiltUp - ok
20:50:47.0119 4392 [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys
20:50:47.0119 4392 Bridge0 - ok
20:50:47.0165 4392 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
20:50:47.0165 4392 Browser - ok
20:50:47.0228 4392 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:50:47.0243 4392 Brserid - ok
20:50:47.0290 4392 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:50:47.0306 4392 BrSerWdm - ok
20:50:47.0321 4392 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:50:47.0321 4392 BrUsbMdm - ok
20:50:47.0337 4392 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:50:47.0353 4392 BrUsbSer - ok
20:50:47.0399 4392 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
20:50:47.0399 4392 BthEnum - ok
20:50:47.0431 4392 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
20:50:47.0431 4392 BTHMODEM - ok
20:50:47.0462 4392 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
20:50:47.0462 4392 BthPan - ok
20:50:47.0509 4392 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
20:50:47.0524 4392 BTHPORT - ok
20:50:47.0571 4392 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:50:47.0587 4392 bthserv - ok
20:50:47.0618 4392 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
20:50:47.0618 4392 BTHUSB - ok
20:50:47.0665 4392 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\windows\system32\drivers\btwaudio.sys
20:50:47.0665 4392 btwaudio - ok
20:50:47.0696 4392 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
20:50:47.0696 4392 btwavdt - ok
20:50:47.0821 4392 [ C73EB036BFC5A27B9CB87B29F7ED88C3 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
20:50:47.0836 4392 btwdins - ok
20:50:47.0867 4392 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
20:50:47.0883 4392 btwl2cap - ok
20:50:47.0899 4392 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
20:50:47.0914 4392 btwrchid - ok
20:50:47.0945 4392 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:50:47.0945 4392 cdfs - ok
20:50:47.0992 4392 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:50:47.0992 4392 cdrom - ok
20:50:48.0039 4392 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:50:48.0039 4392 CertPropSvc - ok
20:50:48.0070 4392 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
20:50:48.0086 4392 circlass - ok
20:50:48.0117 4392 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:50:48.0133 4392 CLFS - ok
20:50:48.0289 4392 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:50:48.0304 4392 clr_optimization_v2.0.50727_32 - ok
20:50:48.0335 4392 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:50:48.0335 4392 clr_optimization_v2.0.50727_64 - ok
20:50:48.0476 4392 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:50:48.0569 4392 clr_optimization_v4.0.30319_32 - ok
20:50:48.0616 4392 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:50:48.0663 4392 clr_optimization_v4.0.30319_64 - ok
20:50:48.0694 4392 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:50:48.0710 4392 CmBatt - ok
20:50:48.0725 4392 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:50:48.0725 4392 cmdide - ok
20:50:48.0803 4392 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\windows\system32\Drivers\cng.sys
20:50:48.0819 4392 CNG - ok
20:50:48.0881 4392 [ 7247A4D0875F5F28919E0787E11B7B57 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
20:50:48.0881 4392 CnxtHdAudService - ok
20:50:48.0944 4392 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
20:50:48.0944 4392 Compbatt - ok
20:50:48.0975 4392 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
20:50:48.0975 4392 CompositeBus - ok
20:50:49.0006 4392 COMSysApp - ok
20:50:49.0037 4392 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
20:50:49.0037 4392 crcdisk - ok
20:50:49.0084 4392 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
20:50:49.0100 4392 CryptSvc - ok
20:50:49.0147 4392 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:50:49.0147 4392 DcomLaunch - ok
20:50:49.0178 4392 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:50:49.0193 4392 defragsvc - ok
20:50:49.0240 4392 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:50:49.0240 4392 DfsC - ok
20:50:49.0287 4392 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:50:49.0287 4392 Dhcp - ok
20:50:49.0318 4392 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:50:49.0318 4392 discache - ok
20:50:49.0365 4392 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
20:50:49.0365 4392 Disk - ok
20:50:49.0412 4392 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:50:49.0427 4392 Dnscache - ok
20:50:49.0474 4392 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:50:49.0490 4392 dot3svc - ok
20:50:49.0521 4392 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:50:49.0537 4392 DPS - ok
20:50:49.0568 4392 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:50:49.0568 4392 drmkaud - ok
20:50:49.0646 4392 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:50:49.0661 4392 DXGKrnl - ok
20:50:49.0724 4392 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:50:49.0724 4392 EapHost - ok
20:50:50.0036 4392 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
20:50:50.0161 4392 ebdrv - ok
20:50:50.0207 4392 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:50:50.0207 4392 EFS - ok
20:50:50.0285 4392 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:50:50.0317 4392 ehRecvr - ok
20:50:50.0348 4392 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:50:50.0348 4392 ehSched - ok
20:50:50.0395 4392 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
20:50:50.0410 4392 elxstor - ok
20:50:50.0441 4392 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:50:50.0441 4392 ErrDev - ok
20:50:50.0504 4392 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:50:50.0504 4392 EventSystem - ok
20:50:50.0566 4392 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:50:50.0582 4392 exfat - ok
20:50:50.0597 4392 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:50:50.0597 4392 fastfat - ok
20:50:50.0691 4392 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:50:50.0707 4392 Fax - ok
20:50:50.0738 4392 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
20:50:50.0753 4392 fdc - ok
20:50:50.0785 4392 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:50:50.0785 4392 fdPHost - ok
20:50:50.0816 4392 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:50:50.0816 4392 FDResPub - ok
20:50:50.0831 4392 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:50:50.0831 4392 FileInfo - ok
20:50:50.0847 4392 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:50:50.0863 4392 Filetrace - ok
20:50:50.0941 4392 FirebirdGuardianDefaultInstance - ok
20:50:50.0956 4392 FirebirdServerDefaultInstance - ok
20:50:50.0972 4392 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
20:50:50.0987 4392 flpydisk - ok
20:50:51.0034 4392 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:50:51.0050 4392 FltMgr - ok
20:50:51.0143 4392 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
20:50:51.0159 4392 FontCache - ok
20:50:51.0221 4392 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:50:51.0221 4392 FontCache3.0.0.0 - ok
20:50:51.0253 4392 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:50:51.0253 4392 FsDepends - ok
20:50:51.0299 4392 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:50:51.0299 4392 Fs_Rec - ok
20:50:51.0346 4392 [ 6CCF66BCA3D24146CB8B0930DBA1448F ] funfrm C:\windows\system32\drivers\funfrm.sys
20:50:51.0362 4392 funfrm - ok
20:50:51.0409 4392 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:50:51.0409 4392 fvevol - ok
20:50:51.0455 4392 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
20:50:51.0471 4392 gagp30kx - ok
20:50:51.0533 4392 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:50:51.0549 4392 gpsvc - ok
20:50:51.0674 4392 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:50:51.0689 4392 gupdate - ok
20:50:51.0736 4392 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:50:51.0736 4392 gupdatem - ok
20:50:51.0767 4392 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:50:51.0767 4392 hcw85cir - ok
20:50:51.0845 4392 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:50:51.0845 4392 HdAudAddService - ok
20:50:51.0892 4392 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
20:50:51.0892 4392 HDAudBus - ok
20:50:51.0923 4392 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
20:50:51.0939 4392 HidBatt - ok
20:50:51.0955 4392 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
20:50:51.0955 4392 HidBth - ok
20:50:51.0970 4392 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
20:50:51.0986 4392 HidIr - ok
20:50:52.0001 4392 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
20:50:52.0001 4392 hidserv - ok
20:50:52.0064 4392 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:50:52.0064 4392 HidUsb - ok
20:50:52.0126 4392 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:50:52.0126 4392 hkmsvc - ok
20:50:52.0173 4392 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:50:52.0173 4392 HomeGroupListener - ok
20:50:52.0220 4392 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:50:52.0220 4392 HomeGroupProvider - ok
20:50:52.0267 4392 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:50:52.0267 4392 HpSAMD - ok
20:50:52.0313 4392 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:50:52.0329 4392 HTTP - ok
20:50:52.0407 4392 [ 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
20:50:52.0407 4392 hwdatacard - ok
20:50:52.0438 4392 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:50:52.0454 4392 hwpolicy - ok
20:50:52.0485 4392 [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev C:\windows\system32\DRIVERS\ewusbdev.sys
20:50:52.0485 4392 hwusbdev - ok
20:50:52.0532 4392 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
20:50:52.0547 4392 i8042prt - ok
20:50:52.0625 4392 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:50:52.0625 4392 IAANTMON - ok
20:50:52.0672 4392 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
20:50:52.0672 4392 iaStor - ok
20:50:52.0735 4392 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:50:52.0766 4392 iaStorV - ok
20:50:52.0875 4392 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:50:52.0891 4392 idsvc - ok
20:50:53.0312 4392 [ AC4B14E985B2BB19386CC8203FE49BCD ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
20:50:53.0499 4392 igfx - ok
20:50:53.0561 4392 [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
20:50:53.0561 4392 IGRS - ok
20:50:53.0593 4392 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
20:50:53.0608 4392 iirsp - ok
20:50:53.0686 4392 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:50:53.0702 4392 IKEEXT - ok
20:50:53.0733 4392 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:50:53.0733 4392 intelide - ok
20:50:53.0764 4392 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
20:50:53.0780 4392 intelppm - ok
20:50:53.0811 4392 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:50:53.0811 4392 IPBusEnum - ok
20:50:53.0873 4392 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:50:53.0873 4392 IpFilterDriver - ok
20:50:53.0936 4392 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:50:53.0967 4392 iphlpsvc - ok
20:50:53.0998 4392 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:50:53.0998 4392 IPMIDRV - ok
20:50:54.0014 4392 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:50:54.0029 4392 IPNAT - ok
20:50:54.0061 4392 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:50:54.0061 4392 IRENUM - ok
20:50:54.0076 4392 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:50:54.0076 4392 isapnp - ok
20:50:54.0139 4392 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:50:54.0139 4392 iScsiPrt - ok
20:50:54.0217 4392 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
20:50:54.0232 4392 k57nd60a - ok
20:50:54.0248 4392 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
20:50:54.0248 4392 kbdclass - ok
20:50:54.0295 4392 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
20:50:54.0310 4392 kbdhid - ok
20:50:54.0326 4392 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:50:54.0326 4392 KeyIso - ok
20:50:54.0388 4392 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:50:54.0388 4392 KSecDD - ok
20:50:54.0497 4392 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:50:54.0497 4392 KSecPkg - ok
20:50:54.0560 4392 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:50:54.0560 4392 ksthunk - ok
20:50:54.0622 4392 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:50:54.0622 4392 KtmRm - ok
20:50:54.0700 4392 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
20:50:54.0716 4392 LanmanServer - ok
20:50:54.0747 4392 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:50:54.0778 4392 LanmanWorkstation - ok
20:50:54.0856 4392 [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
20:50:54.0856 4392 Lenovo ReadyComm AppSvc - ok
20:50:54.0887 4392 [ 5287074E79E4BA82510886F684DC5F72 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
20:50:54.0903 4392 Lenovo ReadyComm ConnSvc - ok
20:50:54.0950 4392 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:50:54.0950 4392 lltdio - ok
20:50:54.0997 4392 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:50:54.0997 4392 lltdsvc - ok
20:50:55.0028 4392 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:50:55.0028 4392 lmhosts - ok
20:50:55.0059 4392 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
20:50:55.0075 4392 LSI_FC - ok
20:50:55.0106 4392 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
20:50:55.0106 4392 LSI_SAS - ok
20:50:55.0153 4392 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
20:50:55.0153 4392 LSI_SAS2 - ok
20:50:55.0199 4392 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
20:50:55.0199 4392 LSI_SCSI - ok
20:50:55.0231 4392 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:50:55.0231 4392 luafv - ok
20:50:55.0293 4392 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:50:55.0293 4392 Mcx2Svc - ok
20:50:55.0324 4392 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
20:50:55.0324 4392 megasas - ok
20:50:55.0371 4392 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
20:50:55.0371 4392 MegaSR - ok
20:50:55.0496 4392 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:50:55.0511 4392 Microsoft Office Groove Audit Service - ok
20:50:55.0558 4392 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:50:55.0558 4392 MMCSS - ok
20:50:55.0589 4392 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:50:55.0589 4392 Modem - ok
20:50:55.0621 4392 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:50:55.0621 4392 monitor - ok
20:50:55.0667 4392 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:50:55.0667 4392 mouclass - ok

divine · Příspěvekod **divine** » 10 úno 2013 22:17

20:50:55.0699 4392 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:50:55.0699 4392 mouhid - ok
20:50:55.0745 4392 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:50:55.0745 4392 mountmgr - ok
20:50:55.0839 4392 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:50:55.0839 4392 MozillaMaintenance - ok
20:50:55.0870 4392 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:50:55.0886 4392 mpio - ok
20:50:55.0917 4392 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:50:55.0917 4392 mpsdrv - ok
20:50:56.0042 4392 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
20:50:56.0057 4392 MpsSvc - ok
20:50:56.0104 4392 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:50:56.0104 4392 MRxDAV - ok
20:50:56.0151 4392 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:50:56.0151 4392 mrxsmb - ok
20:50:56.0198 4392 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:50:56.0213 4392 mrxsmb10 - ok
20:50:56.0245 4392 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:50:56.0245 4392 mrxsmb20 - ok
20:50:56.0276 4392 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:50:56.0276 4392 msahci - ok
20:50:56.0323 4392 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:50:56.0323 4392 msdsm - ok
20:50:56.0338 4392 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:50:56.0354 4392 MSDTC - ok
20:50:56.0447 4392 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:50:56.0447 4392 Msfs - ok
20:50:56.0463 4392 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:50:56.0463 4392 mshidkmdf - ok
20:50:56.0494 4392 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:50:56.0494 4392 msisadrv - ok
20:50:56.0525 4392 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:50:56.0541 4392 MSiSCSI - ok
20:50:56.0541 4392 msiserver - ok
20:50:56.0572 4392 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:50:56.0588 4392 MSKSSRV - ok
20:50:56.0603 4392 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:50:56.0603 4392 MSPCLOCK - ok
20:50:56.0619 4392 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:50:56.0619 4392 MSPQM - ok
20:50:56.0666 4392 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:50:56.0666 4392 MsRPC - ok
20:50:56.0697 4392 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
20:50:56.0697 4392 mssmbios - ok
20:50:56.0744 4392 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:50:56.0744 4392 MSTEE - ok
20:50:56.0775 4392 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
20:50:56.0775 4392 MTConfig - ok
20:50:56.0806 4392 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:50:56.0806 4392 Mup - ok
20:50:56.0853 4392 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:50:56.0869 4392 napagent - ok
20:50:56.0900 4392 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:50:56.0900 4392 NativeWifiP - ok
20:50:57.0040 4392 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
20:50:57.0040 4392 NAUpdate - ok
20:50:57.0118 4392 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
20:50:57.0134 4392 NDIS - ok
20:50:57.0196 4392 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:50:57.0196 4392 NdisCap - ok
20:50:57.0227 4392 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:50:57.0227 4392 NdisTapi - ok
20:50:57.0290 4392 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:50:57.0290 4392 Ndisuio - ok
20:50:57.0352 4392 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:50:57.0352 4392 NdisWan - ok
20:50:57.0399 4392 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:50:57.0399 4392 NDProxy - ok
20:50:57.0461 4392 [ 2C723E42FC8D7B0209492828F921FB50 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:50:57.0461 4392 Net Driver HPZ12 - ok
20:50:57.0508 4392 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:50:57.0508 4392 NetBIOS - ok
20:50:57.0555 4392 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:50:57.0571 4392 NetBT - ok
20:50:57.0586 4392 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:50:57.0586 4392 Netlogon - ok
20:50:57.0633 4392 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:50:57.0633 4392 Netman - ok
20:50:57.0680 4392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:57.0727 4392 NetMsmqActivator - ok
20:50:57.0727 4392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:57.0742 4392 NetPipeActivator - ok
20:50:57.0758 4392 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:50:57.0758 4392 netprofm - ok
20:50:57.0773 4392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:57.0773 4392 NetTcpActivator - ok
20:50:57.0789 4392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:57.0789 4392 NetTcpPortSharing - ok
20:50:58.0351 4392 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
20:50:58.0507 4392 netw5v64 - ok
20:50:58.0553 4392 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
20:50:58.0553 4392 nfrd960 - ok
20:50:58.0585 4392 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
20:50:58.0600 4392 NlaSvc - ok
20:50:58.0631 4392 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\windows\system32\drivers\ccdcmbx64.sys
20:50:58.0631 4392 nmwcd - ok
20:50:58.0694 4392 [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc C:\windows\system32\drivers\ccdcmbox64.sys
20:50:58.0694 4392 nmwcdc - ok
20:50:58.0725 4392 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:50:58.0725 4392 Npfs - ok
20:50:58.0756 4392 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:50:58.0772 4392 nsi - ok
20:50:58.0787 4392 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:50:58.0803 4392 nsiproxy - ok
20:50:58.0865 4392 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:50:58.0912 4392 Ntfs - ok
20:50:58.0959 4392 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:50:58.0990 4392 Null - ok
20:50:59.0021 4392 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:50:59.0037 4392 nvraid - ok
20:50:59.0068 4392 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:50:59.0068 4392 nvstor - ok
20:50:59.0115 4392 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:50:59.0115 4392 nv_agp - ok
20:50:59.0209 4392 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:50:59.0224 4392 odserv - ok
20:50:59.0271 4392 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:50:59.0287 4392 ohci1394 - ok
20:50:59.0349 4392 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:50:59.0349 4392 ose - ok
20:50:59.0396 4392 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:50:59.0411 4392 p2pimsvc - ok
20:50:59.0427 4392 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:50:59.0443 4392 p2psvc - ok
20:50:59.0474 4392 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
20:50:59.0474 4392 Parport - ok
20:50:59.0521 4392 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:50:59.0521 4392 partmgr - ok
20:50:59.0552 4392 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:50:59.0552 4392 PcaSvc - ok
20:50:59.0583 4392 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:50:59.0599 4392 pci - ok
20:50:59.0614 4392 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
20:50:59.0614 4392 pciide - ok
20:50:59.0661 4392 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
20:50:59.0661 4392 pcmcia - ok
20:50:59.0692 4392 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:50:59.0692 4392 pcw - ok
20:50:59.0723 4392 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:50:59.0739 4392 PEAUTH - ok
20:50:59.0833 4392 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:50:59.0833 4392 PerfHost - ok
20:50:59.0973 4392 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:51:00.0004 4392 pla - ok
20:51:00.0082 4392 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:51:00.0082 4392 PlugPlay - ok
20:51:00.0129 4392 [ 171E6D91A20AAC8D02172A64E82CE90B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:51:00.0129 4392 Pml Driver HPZ12 - ok
20:51:00.0160 4392 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:51:00.0160 4392 PNRPAutoReg - ok
20:51:00.0191 4392 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:51:00.0191 4392 PNRPsvc - ok
20:51:00.0238 4392 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:51:00.0254 4392 PolicyAgent - ok
20:51:00.0285 4392 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:51:00.0301 4392 Power - ok
20:51:00.0347 4392 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:51:00.0347 4392 PptpMiniport - ok
20:51:00.0379 4392 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
20:51:00.0379 4392 Processor - ok
20:51:00.0425 4392 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
20:51:00.0425 4392 ProfSvc - ok
20:51:00.0457 4392 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:51:00.0457 4392 ProtectedStorage - ok
20:51:00.0503 4392 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:51:00.0519 4392 Psched - ok
20:51:00.0519 4392 PS_MDP - ok
20:51:00.0597 4392 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
20:51:00.0644 4392 ql2300 - ok
20:51:00.0675 4392 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
20:51:00.0675 4392 ql40xx - ok
20:51:00.0737 4392 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:51:00.0753 4392 QWAVE - ok
20:51:00.0769 4392 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:51:00.0769 4392 QWAVEdrv - ok
20:51:00.0800 4392 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:51:00.0800 4392 RasAcd - ok
20:51:00.0847 4392 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:51:00.0847 4392 RasAgileVpn - ok
20:51:00.0893 4392 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:51:00.0909 4392 RasAuto - ok
20:51:00.0940 4392 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:51:00.0940 4392 Rasl2tp - ok
20:51:01.0003 4392 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:51:01.0018 4392 RasMan - ok
20:51:01.0049 4392 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:51:01.0065 4392 RasPppoe - ok
20:51:01.0081 4392 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:51:01.0081 4392 RasSstp - ok
20:51:01.0127 4392 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:51:01.0143 4392 rdbss - ok
20:51:01.0174 4392 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
20:51:01.0174 4392 rdpbus - ok
20:51:01.0205 4392 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:51:01.0221 4392 RDPCDD - ok
20:51:01.0268 4392 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:51:01.0268 4392 RDPENCDD - ok
20:51:01.0283 4392 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:51:01.0299 4392 RDPREFMP - ok
20:51:01.0361 4392 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
20:51:01.0377 4392 RdpVideoMiniport - ok
20:51:01.0408 4392 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:51:01.0408 4392 RDPWD - ok
20:51:01.0455 4392 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:51:01.0471 4392 rdyboost - ok
20:51:01.0471 4392 ReadyComm.DirectRouter - ok
20:51:01.0517 4392 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:51:01.0533 4392 RemoteAccess - ok
20:51:01.0564 4392 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:51:01.0564 4392 RemoteRegistry - ok
20:51:01.0611 4392 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
20:51:01.0611 4392 RFCOMM - ok
20:51:01.0673 4392 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:51:01.0673 4392 RpcEptMapper - ok
20:51:01.0705 4392 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:51:01.0720 4392 RpcLocator - ok
20:51:01.0767 4392 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
20:51:01.0783 4392 RpcSs - ok
20:51:01.0814 4392 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:51:01.0814 4392 rspndr - ok
20:51:01.0845 4392 RSUSBSTOR - ok
20:51:01.0892 4392 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
20:51:01.0907 4392 RTL8167 - ok
20:51:01.0923 4392 RtsUIR - ok
20:51:01.0939 4392 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:51:01.0939 4392 SamSs - ok
20:51:02.0048 4392 [ F758025811001CBBDA8448A8AC29D73F ] SAService C:\windows\system32\SAsrv.exe
20:51:02.0063 4392 SAService - ok
20:51:02.0095 4392 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:51:02.0095 4392 sbp2port - ok
20:51:02.0126 4392 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:51:02.0126 4392 SCardSvr - ok
20:51:02.0173 4392 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:51:02.0173 4392 scfilter - ok
20:51:02.0219 4392 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:51:02.0282 4392 Schedule - ok
20:51:02.0313 4392 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:51:02.0313 4392 SCPolicySvc - ok
20:51:02.0360 4392 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:51:02.0360 4392 SDRSVC - ok
20:51:02.0407 4392 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:51:02.0407 4392 secdrv - ok
20:51:02.0453 4392 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:51:02.0453 4392 seclogon - ok
20:51:02.0485 4392 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
20:51:02.0485 4392 SENS - ok
20:51:02.0516 4392 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:51:02.0531 4392 SensrSvc - ok
20:51:02.0547 4392 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
20:51:02.0547 4392 Serenum - ok
20:51:02.0563 4392 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
20:51:02.0563 4392 Serial - ok
20:51:02.0578 4392 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
20:51:02.0594 4392 sermouse - ok
20:51:02.0641 4392 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:51:02.0656 4392 SessionEnv - ok
20:51:02.0687 4392 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:51:02.0687 4392 sffdisk - ok
20:51:02.0703 4392 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:51:02.0703 4392 sffp_mmc - ok
20:51:02.0719 4392 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:51:02.0719 4392 sffp_sd - ok
20:51:02.0750 4392 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
20:51:02.0750 4392 sfloppy - ok
20:51:02.0781 4392 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
20:51:02.0797 4392 SharedAccess - ok
20:51:02.0843 4392 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:51:02.0859 4392 ShellHWDetection - ok
20:51:02.0906 4392 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
20:51:02.0906 4392 SiSRaid2 - ok
20:51:02.0937 4392 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
20:51:02.0953 4392 SiSRaid4 - ok
20:51:03.0031 4392 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:51:03.0031 4392 Smb - ok
20:51:03.0077 4392 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:51:03.0093 4392 SNMPTRAP - ok
20:51:03.0109 4392 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:51:03.0109 4392 spldr - ok
20:51:03.0155 4392 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
20:51:03.0187 4392 Spooler - ok
20:51:03.0311 4392 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:51:03.0405 4392 sppsvc - ok
20:51:03.0436 4392 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:51:03.0436 4392 sppuinotify - ok
20:51:03.0530 4392 [ 602884696850C86434530790B110E8EB ] sptd C:\windows\system32\Drivers\sptd.sys
20:51:03.0530 4392 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
20:51:03.0530 4392 sptd ( LockedFile.Multi.Generic ) - warning
20:51:03.0530 4392 sptd - detected LockedFile.Multi.Generic (1)
20:51:03.0577 4392 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:51:03.0592 4392 srv - ok
20:51:03.0608 4392 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:51:03.0623 4392 srv2 - ok
20:51:03.0639 4392 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:51:03.0639 4392 srvnet - ok
20:51:03.0670 4392 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:51:03.0686 4392 SSDPSRV - ok
20:51:03.0686 4392 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:51:03.0701 4392 SstpSvc - ok
20:51:03.0733 4392 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
20:51:03.0733 4392 stexstor - ok
20:51:03.0779 4392 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:51:03.0795 4392 stisvc - ok
20:51:03.0826 4392 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
20:51:03.0826 4392 swenum - ok
20:51:03.0873 4392 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:51:03.0889 4392 swprv - ok
20:51:03.0967 4392 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:51:03.0998 4392 SysMain - ok
20:51:04.0045 4392 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:51:04.0060 4392 TabletInputService - ok
20:51:04.0107 4392 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:51:04.0107 4392 TapiSrv - ok
20:51:04.0138 4392 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:51:04.0154 4392 TBS - ok
20:51:04.0232 4392 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:51:04.0279 4392 Tcpip - ok
20:51:04.0325 4392 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:51:04.0341 4392 TCPIP6 - ok
20:51:04.0388 4392 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:51:04.0388 4392 tcpipreg - ok
20:51:04.0435 4392 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:51:04.0435 4392 TDPIPE - ok
20:51:04.0481 4392 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:51:04.0481 4392 TDTCP - ok
20:51:04.0528 4392 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:51:04.0544 4392 tdx - ok
20:51:04.0575 4392 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
20:51:04.0575 4392 TermDD - ok
20:51:04.0622 4392 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:51:04.0653 4392 TermService - ok
20:51:04.0684 4392 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:51:04.0700 4392 Themes - ok
20:51:04.0731 4392 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:51:04.0731 4392 THREADORDER - ok
20:51:04.0778 4392 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:51:04.0778 4392 TrkWks - ok
20:51:04.0840 4392 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:51:04.0840 4392 TrustedInstaller - ok
20:51:04.0887 4392 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:51:04.0887 4392 tssecsrv - ok
20:51:04.0934 4392 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:51:04.0934 4392 TsUsbFlt - ok
20:51:04.0996 4392 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:51:05.0012 4392 tunnel - ok
20:51:05.0043 4392 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
20:51:05.0043 4392 uagp35 - ok
20:51:05.0074 4392 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:51:05.0090 4392 udfs - ok
20:51:05.0137 4392 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:51:05.0137 4392 UI0Detect - ok
20:51:05.0152 4392 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:51:05.0168 4392 uliagpkx - ok
20:51:05.0199 4392 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
20:51:05.0199 4392 umbus - ok
20:51:05.0246 4392 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
20:51:05.0246 4392 UmPass - ok
20:51:05.0277 4392 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:51:05.0293 4392 upnphost - ok
20:51:05.0339 4392 [ 4E93C8496359E97830C75AC36393654D ] upperdev C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys
20:51:05.0339 4392 upperdev - ok
20:51:05.0386 4392 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:51:05.0386 4392 usbccgp - ok
20:51:05.0386 4392 USBCCID - ok
20:51:05.0433 4392 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:51:05.0433 4392 usbcir - ok
20:51:05.0464 4392 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:51:05.0480 4392 usbehci - ok
20:51:05.0542 4392 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:51:05.0558 4392 usbhub - ok
20:51:05.0605 4392 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
20:51:05.0620 4392 usbohci - ok
20:51:05.0651 4392 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:51:05.0651 4392 usbprint - ok
20:51:05.0714 4392 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\windows\system32\drivers\usbser.sys
20:51:05.0714 4392 usbser - ok
20:51:05.0745 4392 [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys
20:51:05.0745 4392 UsbserFilt - ok
20:51:05.0776 4392 [ DF4D962EC7D1C1109B121239712C1299 ] usbsmi C:\windows\system32\DRIVERS\SMIksdrv.sys
20:51:05.0792 4392 usbsmi - ok
20:51:05.0823 4392 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:51:05.0823 4392 USBSTOR - ok
20:51:05.0870 4392 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
20:51:05.0870 4392 usbuhci - ok
20:51:05.0932 4392 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
20:51:05.0932 4392 usbvideo - ok
20:51:05.0979 4392 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:51:05.0979 4392 UxSms - ok
20:51:05.0995 4392 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:51:05.0995 4392 VaultSvc - ok
20:51:06.0057 4392 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:51:06.0057 4392 vdrvroot - ok
20:51:06.0135 4392 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:51:06.0151 4392 vds - ok
20:51:06.0197 4392 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:51:06.0197 4392 vga - ok
20:51:06.0229 4392 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:51:06.0229 4392 VgaSave - ok
20:51:06.0260 4392 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:51:06.0275 4392 vhdmp - ok
20:51:06.0322 4392 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:51:06.0322 4392 viaide - ok
20:51:06.0369 4392 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:51:06.0369 4392 volmgr - ok
20:51:06.0431 4392 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:51:06.0431 4392 volmgrx - ok
20:51:06.0463 4392 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
20:51:06.0463 4392 volsnap - ok
20:51:06.0509 4392 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
20:51:06.0509 4392 vsmraid - ok
20:51:06.0587 4392 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:51:06.0634 4392 VSS - ok
20:51:06.0665 4392 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:51:06.0665 4392 vwifibus - ok
20:51:06.0697 4392 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:51:06.0697 4392 vwififlt - ok
20:51:06.0728 4392 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
20:51:06.0728 4392 vwifimp - ok
20:51:06.0775 4392 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:51:06.0790 4392 W32Time - ok
20:51:06.0821 4392 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
20:51:06.0837 4392 WacomPen - ok
20:51:06.0884 4392 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:51:06.0884 4392 WANARP - ok
20:51:06.0899 4392 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:51:06.0915 4392 Wanarpv6 - ok
20:51:07.0009 4392 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:51:07.0024 4392 WatAdminSvc - ok
20:51:07.0118 4392 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:51:07.0165 4392 wbengine - ok
20:51:07.0227 4392 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:51:07.0227 4392 WbioSrvc - ok
20:51:07.0274 4392 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:51:07.0274 4392 wcncsvc - ok
20:51:07.0305 4392 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:51:07.0321 4392 WcsPlugInService - ok
20:51:07.0336 4392 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
20:51:07.0336 4392 Wd - ok
20:51:07.0399 4392 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:51:07.0414 4392 Wdf01000 - ok
20:51:07.0445 4392 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:51:07.0445 4392 WdiServiceHost - ok
20:51:07.0461 4392 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:51:07.0461 4392 WdiSystemHost - ok
20:51:07.0508 4392 [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys
20:51:07.0523 4392 wdmirror - ok
20:51:07.0555 4392 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:51:07.0570 4392 WebClient - ok
20:51:07.0601 4392 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:51:07.0601 4392 Wecsvc - ok
20:51:07.0633 4392 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:51:07.0648 4392 wercplsupport - ok
20:51:07.0679 4392 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:51:07.0695 4392 WerSvc - ok
20:51:07.0726 4392 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:51:07.0726 4392 WfpLwf - ok
20:51:07.0804 4392 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
20:51:07.0820 4392 WimFltr - ok
20:51:07.0835 4392 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:51:07.0835 4392 WIMMount - ok
20:51:07.0867 4392 WinDefend - ok
20:51:07.0882 4392 WinHttpAutoProxySvc - ok
20:51:08.0007 4392 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:51:08.0007 4392 Winmgmt - ok
20:51:08.0085 4392 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:51:08.0147 4392 WinRM - ok
20:51:08.0225 4392 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
20:51:08.0225 4392 WinUsb - ok
20:51:08.0288 4392 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:51:08.0303 4392 Wlansvc - ok
20:51:08.0335 4392 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:51:08.0335 4392 WmiAcpi - ok
20:51:08.0381 4392 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:51:08.0381 4392 wmiApSrv - ok
20:51:08.0413 4392 WMPNetworkSvc - ok
20:51:08.0459 4392 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:51:08.0475 4392 WPCSvc - ok
20:51:08.0522 4392 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:51:08.0522 4392 WPDBusEnum - ok
20:51:08.0553 4392 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:51:08.0553 4392 ws2ifsl - ok
20:51:08.0569 4392 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
20:51:08.0584 4392 wscsvc - ok
20:51:08.0615 4392 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
20:51:08.0631 4392 WSDPrintDevice - ok
20:51:08.0631 4392 WSearch - ok
20:51:08.0678 4392 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
20:51:08.0678 4392 wsvd - ok
20:51:08.0787 4392 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
20:51:08.0818 4392 wuauserv - ok
20:51:08.0849 4392 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:51:08.0865 4392 WudfPf - ok
20:51:08.0896 4392 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:51:08.0912 4392 WUDFRd - ok
20:51:08.0943 4392 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:51:08.0943 4392 wudfsvc - ok
20:51:08.0974 4392 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:51:08.0974 4392 WwanSvc - ok
20:51:09.0021 4392 ================ Scan global ===============================
20:51:09.0052 4392 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:51:09.0099 4392 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
20:51:09.0130 4392 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
20:51:09.0161 4392 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:51:09.0208 4392 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
20:51:09.0208 4392 [Global] - ok
20:51:09.0208 4392 ================ Scan MBR ==================================
20:51:09.0255 4392 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:51:09.0489 4392 \Device\Harddisk0\DR0 - ok
20:51:09.0489 4392 ================ Scan VBR ==================================
20:51:09.0505 4392 [ 42EFC6F139CF95170C82FA06E09D1A86 ] \Device\Harddisk0\DR0\Partition1
20:51:09.0505 4392 \Device\Harddisk0\DR0\Partition1 - ok
20:51:09.0536 4392 [ 3D5B59E2F22FCED016915B1A90EF16FD ] \Device\Harddisk0\DR0\Partition2
20:51:09.0536 4392 \Device\Harddisk0\DR0\Partition2 - ok
20:51:09.0583 4392 [ 3A759415A546BC6BB9F1F53C27D35F3C ] \Device\Harddisk0\DR0\Partition3
20:51:09.0583 4392 \Device\Harddisk0\DR0\Partition3 - ok
20:51:09.0583 4392 ============================================================
20:51:09.0583 4392 Scan finished
20:51:09.0583 4392 ============================================================
20:51:09.0598 4416 Detected object count: 1
20:51:09.0598 4416 Actual detected object count: 1
20:51:40.0845 4416 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:51:40.0845 4416 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:51:53.0653 2024 Deinitialize success

Příspěvekod **memphisto** » 10 úno 2013 23:21

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

divine · Příspěvekod **divine** » 11 úno 2013 20:19

ComboFix 13-02-07.02 - Zdeňka 11.02.2013 19:14:35.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2009.1041 [GMT 1:00]
Spuštěný z: c:\users\Zde˛ka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Zde˛ka\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-11 do 2013-02-11 )))))))))))))))))))))))))))))))
.
.
2013-02-11 19:11 . 2013-02-11 19:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-11 19:11 . 2013-02-11 19:11 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-02-10 19:46 . 2013-02-10 19:46 -------- d-----w- c:\users\Zdeňka\AppData\Local\Broadcom
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\users\Zdeňka\AppData\Roaming\Malwarebytes
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\programdata\Malwarebytes
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-10 18:18 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\users\Zdeňka\AppData\Local\Programs
2013-02-08 08:40 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4845B3C3-9D01-4363-A5B0-2BE8C474EBCD}\mpengine.dll
2013-02-07 11:09 . 2013-02-07 11:09 -------- d-----w- c:\program files (x86)\Foxit Software
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-05 17:50 . 2013-02-05 17:50 -------- d-----w- c:\program files (x86)\Trend Micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 10:22 . 2012-12-23 16:37 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-08 10:22 . 2011-12-23 16:57 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-17 00:28 . 2011-01-05 14:55 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 16:03 . 2011-01-05 14:20 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-26 08:44 . 2011-11-21 08:06 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-16 17:11 . 2012-12-23 16:39 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-23 16:39 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 16:39 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-23 16:39 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 15:29 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 15:29 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 15:29 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 15:29 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 15:29 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 15:29 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 15:29 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 15:29 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 15:29 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 15:29 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 15:29 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 15:29 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 15:29 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 15:29 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 15:29 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 15:29 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 15:29 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 15:29 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 15:29 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 15:29 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 15:29 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 15:29 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 15:29 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 15:29 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 15:29 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-07 10:46 . 2013-01-09 15:29 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-11-30 05:45 . 2013-01-09 15:28 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 15:28 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 15:28 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 15:28 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 15:28 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 15:28 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 15:28 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 15:28 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 15:28 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"T-Mobile Communication Centre"="c:\program files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" [2012-04-03 1364664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
c:\users\Zdeňka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2011-2-3 10623488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [2010-03-25 445496]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-05 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-05 834544]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 funfrm;funfrm; [x]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-04-02 123800]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\bin\fbguard.exe [2007-12-12 65536]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 26128]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\bin\fbserver.exe [2007-12-12 1531989]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 197376]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 09:56 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 10:22]
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 12:36]
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 12:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-18 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-18 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-18 365592]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-09-29 4366704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Zdeňka\AppData\Roaming\Mozilla\Firefox\Profiles\m8i98mue.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-11 20:15:07
ComboFix-quarantined-files.txt 2013-02-11 19:15
ComboFix2.txt 2013-02-10 21:01
.
Před spuštěním: Volných bajtů: 402 260 205 568
Po spuštění: Volných bajtů: 401 739 685 888
.
- - End Of File - - 6EB79AC55651C4787B77DF75218ABB9D

Příspěvekod **memphisto** » 11 úno 2013 21:06

Nic se neprovedlo. Udělej to znovu akorát v nouzovém režimu

divine · Příspěvekod **divine** » 11 úno 2013 21:27

Jenom poznámka : normálně beží ComboFix asi 40 minut. V nouzáku asi 10 minut...

ComboFix 13-02-07.02 - Zdeňka 11.02.2013 21:18:01.3.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2009.968 [GMT 1:00]
Spuštěný z: c:\users\Zde˛ka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Zde˛ka\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-11 do 2013-02-11 )))))))))))))))))))))))))))))))
.
.
2013-02-11 20:22 . 2013-02-11 20:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-11 20:22 . 2013-02-11 20:22 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-02-10 19:46 . 2013-02-10 19:46 -------- d-----w- c:\users\Zdeňka\AppData\Local\Broadcom
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\users\Zdeňka\AppData\Roaming\Malwarebytes
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\programdata\Malwarebytes
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-10 18:18 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-10 18:18 . 2013-02-10 18:18 -------- d-----w- c:\users\Zdeňka\AppData\Local\Programs
2013-02-08 08:40 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4845B3C3-9D01-4363-A5B0-2BE8C474EBCD}\mpengine.dll
2013-02-07 11:09 . 2013-02-07 11:09 -------- d-----w- c:\program files (x86)\Foxit Software
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-05 17:50 . 2013-02-05 17:50 -------- d-----w- c:\program files (x86)\Trend Micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 10:22 . 2012-12-23 16:37 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-08 10:22 . 2011-12-23 16:57 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-05 17:50 . 2013-02-05 17:50 388096 ----a-r- c:\users\Zdeňka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-17 00:28 . 2011-01-05 14:55 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 16:03 . 2011-01-05 14:20 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-26 08:44 . 2011-11-21 08:06 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-16 17:11 . 2012-12-23 16:39 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-23 16:39 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 16:39 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-23 16:39 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 15:29 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 15:29 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 15:29 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 15:29 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 15:29 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 15:29 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 15:29 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 15:29 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 15:29 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 15:29 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 15:29 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 15:29 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 15:29 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 15:29 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 15:29 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 15:29 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 15:29 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 15:29 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 15:29 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 15:29 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 15:29 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 15:29 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 15:29 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 15:29 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 15:29 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 15:29 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 15:29 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-07 10:46 . 2013-01-09 15:29 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-11-30 05:45 . 2013-01-09 15:28 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 15:28 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 15:28 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 15:28 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 15:28 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 15:28 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 15:28 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 15:28 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 15:28 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:28 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"T-Mobile Communication Centre"="c:\program files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" [2012-04-03 1364664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
c:\users\Zdeňka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2011-2-3 10623488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-05 834544]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 funfrm;funfrm; [x]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-04-02 123800]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\bin\fbguard.exe [2007-12-12 65536]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [2010-03-25 445496]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\bin\fbserver.exe [2007-12-12 1531989]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 197376]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-05 1255736]
R3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S1 aswKbd;aswKbd; [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 26128]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 09:56 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 10:22]
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 12:36]
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 12:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-18 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-18 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-18 365592]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-09-29 4366704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Zdeňka\AppData\Roaming\Mozilla\Firefox\Profiles\m8i98mue.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-11 21:25:35
ComboFix-quarantined-files.txt 2013-02-11 20:25
ComboFix2.txt 2013-02-11 19:15
ComboFix3.txt 2013-02-10 21:01
.
Před spuštěním: Volných bajtů: 401 812 279 296
Po spuštění: Volných bajtů: 401 652 903 936
.
- - End Of File - - 19F2BFF84AC9DFB15E224B33167A6B6C

Příspěvekod **jaro3** » 12 úno 2013 10:05

stejně se ty zbytečnosti nesmazaly.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím o kontrolu - pomalé PC + Vyřešeno

Prosím o kontrolu - pomalé PC +

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Re: Prosím o kontrolu - pomalé PC

Kdo je online