Prosím o kontrolu logu Vyřešeno

[Kotik]

Zdravím,
prosím Vás o zkontrolování ntb, cca před 10 dny jsem obnovil ntb do původního nastavení, s vymazáním obsahu na C:, D: na kterém mám svá data, zůstalo nedotknuté, nešlo to v průběhu obnovy smazat. Po "reinstalu" vše fungovalo bezvadně, řekněme 3 dny, teď ovšem se mi Sedmičky načítají pomalu ještě hůř jak předtím, hlavně načítání plochy (mohu případně natočit video pro názornost). Nevím čemu to přisoudit, jestli něco zůstalo na déčku, což si já osobně nemyslím, nebo mi do ntb něco vtáhl kamarád ze svého externího disku, čemuž bych se bohužel nedivil..

Systém jsem obnovil z důvodu zrychlení systému po téměř 3 letech těžkého provozu, a jsem tam, kde jsem byl, zde jsou logy. Díky moc.

EDIT: Zapomněl jsem napsat, že na herním portálu Gamepark.cz se mi každá stránka otevře jakoby 4x a více, ve smyslu, když se chci vrátit o jedno zpět, musel bych klikat 4x a více, prostě ta aktuální stránka je otevřená jakoby vícekrát na stejné kartě. (Používám Chrome, dělá to ale i IE)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:46:13, on 12.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Users\Kotik\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 213.108.31.215 tz-ac.com
O1 - Hosts: 213.108.31.215 http://www.tz-ac.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12306 bytes
___________________________________________________________________________________________________________________________________

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org
Verze: v2013.05.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Kotik :: KOTIK-PC [administrátor]

Ochrana: Povolena

12.5.2013 10:50:02
mbam-log-2013-05-12 (10-50-02).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 210282
Uplynulý čas: 4 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Kotik]

AFT Cleaner proveden a AdwClener log:

# AdwCleaner v2.300 - Log vytvooen 12/05/2013 v 20:07:17
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Kotik - KOTIK-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Kotik\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\ProgramData\Partner

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKLM\Software\PIP

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16537

[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Kotik\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1269 octets] - [12/05/2013 20:07:17]

########## EOF - C:\AdwCleaner[R1].txt - [1329 octets] ##########

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[Kotik]

# AdwCleaner v2.300 - Log vytvooen 13/05/2013 v 21:43:13
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Kotik - KOTIK-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Kotik\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\ProgramData\boost_interprocess
Složka Vymazáno : C:\ProgramData\Partner

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKLM\Software\PIP

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16537

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Kotik\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1398 octets] - [12/05/2013 20:07:17]
AdwCleaner[S1].txt - [1512 octets] - [13/05/2013 21:43:13]

########## EOF - C:\AdwCleaner[S1].txt - [1572 octets] ##########

___________________________________________________________________________________________________________________________________


RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Kotik [Práva správce]
Mód : Kontrola -- Datum : 05/13/2013 21:51:05
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[RUN][BLACKLISTDLL] HKLM\[...]\Run : Cm106Sound (C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts


213.108.31.215 tz-ac.com
213.108.31.215 www.tz-ac.com


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD7500BPVT-22HXZT1 +++++
--- User ---
[MBR] 152106e33c4fdfe1bbc7449fae6d7768
[BSP] df575fbd5af600dd015b331276cfb809 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 351057 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 746434560 | Size: 350933 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_05132013_02d2151.txt >>
RKreport[1]_S_05132013_02d2151.txt

____________________________________________________________________________________________________________________________________

----------------------------------------------------------------------------
CrystalDiskInfo 5.6.1 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2013/05/13 22:01:00

-- Controller Map ----------------------------------------------------------
+ Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
- WDC WD7500BPVT-22HXZT1
- HL-DT-ST DVDRAM GU10N

-- Disk List ---------------------------------------------------------------
(1) WDC WD7500BPVT-22HXZT1 : 750,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD7500BPVT-22HXZT1
----------------------------------------------------------------------------
Model : WDC WD7500BPVT-22HXZT1
Firmware : 01.01A01
Serial Number : WD-WX11A5048520
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 6239 hod.
Power On Count : 2370 krát
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 00FEh [OFF]
AAM Level : 80FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 205 154 _21 0000000002DD Čas na roztočení ploten
04 _89 _89 __0 000000002DC1 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _92 _92 __0 00000000185F Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000942 Počet cyklů zapnutí zařízení
BF __1 __1 __0 0000000003B7 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000013 Počet vypnutí disku
C1 _58 _58 __0 000000068472 Počet cyklů načítání/vymazání
C2 111 100 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3131 4135 3034 3835 3230
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3735 3030 4250 5654 2D32 3248 585A 5431 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7F09 6123 7469 BE01 6123 407F 004F
090: 004F 00FE FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5001 4EE2
110: AF3B 0860 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 012D 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F7A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 CD 9A DD 02 00 00 00 00 00 04 32 00 59 59 C1
020: 2D 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5C 5C 5F 18 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 42 09 00 00 00 00 00 BF 32
070: 00 01 01 B7 03 00 00 00 00 00 C0 32 00 C8 C8 13
080: 00 00 00 00 00 00 C1 32 00 3A 3A 72 84 06 00 00
090: 00 00 C2 22 00 6F 64 24 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 F0 3C 01 7B
170: 03 00 01 00 02 B5 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 92

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BE

[Kotik]

21:54:18.0858 3408 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:54:18.0986 3408 ============================================================
21:54:18.0986 3408 Current date / time: 2013/05/13 21:54:18.0986
21:54:18.0986 3408 SystemInfo:
21:54:18.0986 3408
21:54:18.0986 3408 OS Version: 6.1.7601 ServicePack: 1.0
21:54:18.0986 3408 Product type: Workstation
21:54:18.0987 3408 ComputerName: KOTIK-PC
21:54:18.0987 3408 UserName: Kotik
21:54:18.0987 3408 Windows directory: C:\Windows
21:54:18.0987 3408 System windows directory: C:\Windows
21:54:18.0987 3408 Running under WOW64
21:54:18.0987 3408 Processor architecture: Intel x64
21:54:18.0987 3408 Number of processors: 4
21:54:18.0987 3408 Page size: 0x1000
21:54:18.0987 3408 Boot type: Normal boot
21:54:18.0987 3408 ============================================================
21:54:19.0443 3408 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:54:19.0454 3408 ============================================================
21:54:19.0454 3408 \Device\Harddisk0\DR0:
21:54:19.0454 3408 MBR partitions:
21:54:19.0455 3408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
21:54:19.0455 3408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x2ADA8800
21:54:19.0471 3408 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2C7DB800, BlocksNum 0x2AD6A000
21:54:19.0471 3408 ============================================================
21:54:19.0520 3408 C: <-> \Device\Harddisk0\DR0\Partition2
21:54:19.0552 3408 D: <-> \Device\Harddisk0\DR0\Partition3
21:54:19.0552 3408 ============================================================
21:54:19.0552 3408 Initialize success
21:54:19.0552 3408 ============================================================
21:54:25.0083 4760 ============================================================
21:54:25.0083 4760 Scan started
21:54:25.0083 4760 Mode: Manual;
21:54:25.0083 4760 ============================================================
21:54:25.0440 4760 ================ Scan system memory ========================
21:54:25.0440 4760 System memory - ok
21:54:25.0441 4760 ================ Scan services =============================
21:54:25.0874 4760 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:54:25.0876 4760 1394ohci - ok
21:54:25.0931 4760 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:54:25.0933 4760 ACPI - ok
21:54:25.0963 4760 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:54:25.0963 4760 AcpiPmi - ok
21:54:26.0075 4760 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:26.0076 4760 AdobeARMservice - ok
21:54:26.0343 4760 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:54:26.0346 4760 AdobeFlashPlayerUpdateSvc - ok
21:54:26.0406 4760 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:54:26.0411 4760 adp94xx - ok
21:54:26.0428 4760 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:54:26.0431 4760 adpahci - ok
21:54:26.0440 4760 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:54:26.0442 4760 adpu320 - ok
21:54:26.0466 4760 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:54:26.0467 4760 AeLookupSvc - ok
21:54:26.0511 4760 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:54:26.0514 4760 AFD - ok
21:54:26.0561 4760 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:54:26.0562 4760 agp440 - ok
21:54:26.0585 4760 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:54:26.0586 4760 ALG - ok
21:54:26.0604 4760 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:54:26.0605 4760 aliide - ok
21:54:26.0642 4760 [ 520A16454C60DBDCBFD0645AE509B89C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:54:26.0644 4760 AMD External Events Utility - ok
21:54:26.0678 4760 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:54:26.0679 4760 amdide - ok
21:54:26.0694 4760 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:54:26.0695 4760 AmdK8 - ok
21:54:26.0889 4760 [ 046E2912A515A16DD6832371E573FF0C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:54:26.0930 4760 amdkmdag - ok
21:54:26.0992 4760 [ B618489ABAE5F112BAFFAF6B077ADC54 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:54:26.0995 4760 amdkmdap - ok
21:54:27.0001 4760 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:54:27.0003 4760 AmdPPM - ok
21:54:27.0035 4760 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:54:27.0037 4760 amdsata - ok
21:54:27.0070 4760 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:54:27.0072 4760 amdsbs - ok
21:54:27.0095 4760 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:54:27.0096 4760 amdxata - ok
21:54:27.0131 4760 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
21:54:27.0132 4760 AmUStor - ok
21:54:27.0186 4760 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:54:27.0187 4760 AppID - ok
21:54:27.0214 4760 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:54:27.0215 4760 AppIDSvc - ok
21:54:27.0256 4760 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:54:27.0257 4760 Appinfo - ok
21:54:27.0295 4760 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:54:27.0296 4760 arc - ok
21:54:27.0300 4760 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:54:27.0301 4760 arcsas - ok
21:54:27.0358 4760 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:54:27.0358 4760 aswFsBlk - ok
21:54:27.0426 4760 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:54:27.0427 4760 aswMonFlt - ok
21:54:27.0513 4760 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:54:27.0514 4760 aswRdr - ok
21:54:27.0604 4760 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:54:27.0605 4760 aswRvrt - ok
21:54:27.0634 4760 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:54:27.0640 4760 aswSnx - ok
21:54:27.0655 4760 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:54:27.0657 4760 aswSP - ok
21:54:27.0699 4760 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:54:27.0700 4760 aswTdi - ok
21:54:27.0749 4760 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:54:27.0752 4760 aswVmm - ok
21:54:27.0758 4760 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:54:27.0759 4760 AsyncMac - ok
21:54:27.0795 4760 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:54:27.0796 4760 atapi - ok
21:54:27.0859 4760 [ 70260C7C98CC0101316F5B2650C3BB44 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:54:27.0872 4760 athr - ok
21:54:27.0954 4760 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:54:27.0956 4760 AtiHDAudioService - ok
21:54:28.0022 4760 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:54:28.0024 4760 AtiHdmiService - ok
21:54:28.0078 4760 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:54:28.0086 4760 AudioEndpointBuilder - ok
21:54:28.0110 4760 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:54:28.0115 4760 AudioSrv - ok
21:54:28.0292 4760 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:54:28.0293 4760 avast! Antivirus - ok
21:54:28.0360 4760 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:54:28.0362 4760 AxInstSV - ok
21:54:28.0398 4760 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:54:28.0401 4760 b06bdrv - ok
21:54:28.0430 4760 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:54:28.0431 4760 b57nd60a - ok
21:54:28.0524 4760 [ FDE8C8DC07E75347E4C6B455A0964217 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:54:28.0543 4760 BCM43XX - ok
21:54:28.0568 4760 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:54:28.0570 4760 BDESVC - ok
21:54:28.0573 4760 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:54:28.0574 4760 Beep - ok
21:54:28.0640 4760 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:54:28.0644 4760 BFE - ok
21:54:28.0679 4760 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:54:28.0691 4760 BITS - ok
21:54:28.0715 4760 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:54:28.0716 4760 blbdrive - ok
21:54:28.0770 4760 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:54:28.0771 4760 bowser - ok
21:54:28.0777 4760 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:54:28.0778 4760 BrFiltLo - ok
21:54:28.0785 4760 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:54:28.0786 4760 BrFiltUp - ok
21:54:28.0829 4760 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:54:28.0831 4760 Browser - ok
21:54:28.0853 4760 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:54:28.0856 4760 Brserid - ok
21:54:28.0862 4760 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:54:28.0863 4760 BrSerWdm - ok
21:54:28.0869 4760 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:54:28.0870 4760 BrUsbMdm - ok
21:54:28.0877 4760 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:54:28.0878 4760 BrUsbSer - ok
21:54:28.0952 4760 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:54:28.0953 4760 BthEnum - ok
21:54:28.0959 4760 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:54:28.0960 4760 BTHMODEM - ok
21:54:28.0991 4760 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:54:28.0993 4760 BthPan - ok
21:54:29.0017 4760 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:54:29.0022 4760 BTHPORT - ok
21:54:29.0045 4760 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:54:29.0046 4760 bthserv - ok
21:54:29.0063 4760 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:54:29.0064 4760 BTHUSB - ok
21:54:29.0109 4760 [ 380B798D30C56EDE4AF58619D0E86CCB ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
21:54:29.0113 4760 btwampfl - ok
21:54:29.0140 4760 [ BA5622F5544C6C445DFF1A05ACC8B19D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:54:29.0141 4760 btwaudio - ok
21:54:29.0200 4760 [ A11905D0F4BD34771F195217B6AA5AE0 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
21:54:29.0202 4760 btwavdt - ok
21:54:29.0323 4760 [ 3930E53EE0BED9DFF9AFA09F505D0CAE ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:54:29.0333 4760 btwdins - ok
21:54:29.0354 4760 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:54:29.0355 4760 btwl2cap - ok
21:54:29.0373 4760 [ BD776F32D64EC615BE4563DC2747224E ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:54:29.0374 4760 btwrchid - ok
21:54:29.0410 4760 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:54:29.0412 4760 cdfs - ok
21:54:29.0452 4760 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:54:29.0454 4760 cdrom - ok
21:54:29.0505 4760 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:54:29.0507 4760 CertPropSvc - ok
21:54:29.0522 4760 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:54:29.0523 4760 circlass - ok
21:54:29.0553 4760 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:54:29.0555 4760 CLFS - ok
21:54:29.0716 4760 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:29.0718 4760 clr_optimization_v2.0.50727_32 - ok
21:54:29.0805 4760 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:54:29.0807 4760 clr_optimization_v2.0.50727_64 - ok
21:54:30.0057 4760 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:30.0059 4760 clr_optimization_v4.0.30319_32 - ok
21:54:30.0212 4760 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:54:30.0214 4760 clr_optimization_v4.0.30319_64 - ok
21:54:30.0250 4760 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:54:30.0251 4760 CmBatt - ok
21:54:30.0268 4760 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:54:30.0269 4760 cmdide - ok
21:54:30.0310 4760 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
21:54:30.0314 4760 CNG - ok
21:54:30.0359 4760 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:54:30.0360 4760 Compbatt - ok
21:54:30.0396 4760 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:54:30.0397 4760 CompositeBus - ok
21:54:30.0409 4760 COMSysApp - ok
21:54:30.0465 4760 [ C9C25778EFE890BAA4087E32937016A0 ] cpuz132 C:\Windows\system32\drivers\cpuz132_x64.sys
21:54:30.0465 4760 cpuz132 - ok
21:54:30.0471 4760 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:54:30.0472 4760 crcdisk - ok
21:54:30.0516 4760 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:54:30.0519 4760 CryptSvc - ok
21:54:30.0561 4760 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:54:30.0570 4760 DcomLaunch - ok
21:54:30.0609 4760 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:54:30.0613 4760 defragsvc - ok
21:54:30.0637 4760 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:54:30.0638 4760 DfsC - ok
21:54:30.0688 4760 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
21:54:30.0689 4760 DgiVecp - ok
21:54:30.0744 4760 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:54:30.0749 4760 Dhcp - ok
21:54:30.0765 4760 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:54:30.0766 4760 discache - ok
21:54:30.0781 4760 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:54:30.0782 4760 Disk - ok
21:54:30.0809 4760 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:54:30.0813 4760 Dnscache - ok
21:54:30.0843 4760 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:54:30.0847 4760 dot3svc - ok
21:54:30.0880 4760 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:54:30.0883 4760 DPS - ok
21:54:30.0895 4760 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:54:30.0896 4760 drmkaud - ok
21:54:30.0972 4760 [ 61E894FE1E9CC720C909E6E343351794 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
21:54:30.0976 4760 DsiWMIService - ok
21:54:31.0024 4760 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:54:31.0033 4760 DXGKrnl - ok
21:54:31.0067 4760 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:54:31.0069 4760 EapHost - ok
21:54:31.0142 4760 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:54:31.0167 4760 ebdrv - ok
21:54:31.0208 4760 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:54:31.0210 4760 EFS - ok
21:54:31.0329 4760 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:54:31.0336 4760 ehRecvr - ok
21:54:31.0356 4760 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:54:31.0358 4760 ehSched - ok
21:54:31.0376 4760 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:54:31.0380 4760 elxstor - ok
21:54:31.0520 4760 [ 064F001BF07333F980FFB565DCF6DD3D ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
21:54:31.0528 4760 ePowerSvc - ok
21:54:31.0553 4760 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:54:31.0554 4760 ErrDev - ok
21:54:31.0579 4760 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:54:31.0584 4760 EventSystem - ok
21:54:31.0591 4760 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:54:31.0593 4760 exfat - ok
21:54:31.0601 4760 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:54:31.0603 4760 fastfat - ok
21:54:31.0654 4760 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:54:31.0662 4760 Fax - ok
21:54:31.0670 4760 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:54:31.0671 4760 fdc - ok
21:54:31.0718 4760 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:54:31.0720 4760 fdPHost - ok
21:54:31.0726 4760 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:54:31.0729 4760 FDResPub - ok
21:54:31.0735 4760 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:54:31.0737 4760 FileInfo - ok
21:54:31.0742 4760 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:54:31.0744 4760 Filetrace - ok
21:54:31.0749 4760 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:54:31.0750 4760 flpydisk - ok
21:54:31.0776 4760 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:54:31.0778 4760 FltMgr - ok
21:54:31.0834 4760 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:54:31.0847 4760 FontCache - ok
21:54:31.0900 4760 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:54:31.0902 4760 FontCache3.0.0.0 - ok
21:54:31.0924 4760 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:54:31.0925 4760 FsDepends - ok
21:54:31.0988 4760 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:54:31.0989 4760 fssfltr - ok
21:54:32.0066 4760 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:54:32.0078 4760 fsssvc - ok
21:54:32.0110 4760 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:54:32.0110 4760 Fs_Rec - ok
21:54:32.0175 4760 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:54:32.0178 4760 fvevol - ok
21:54:32.0201 4760 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:54:32.0202 4760 gagp30kx - ok
21:54:32.0240 4760 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:54:32.0249 4760 gpsvc - ok
21:54:32.0310 4760 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
21:54:32.0310 4760 GREGService - ok
21:54:32.0392 4760 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:32.0394 4760 gupdate - ok
21:54:32.0424 4760 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:32.0425 4760 gupdatem - ok
21:54:32.0448 4760 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:54:32.0449 4760 hcw85cir - ok
21:54:32.0492 4760 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:54:32.0496 4760 HdAudAddService - ok
21:54:32.0533 4760 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:54:32.0535 4760 HDAudBus - ok
21:54:32.0577 4760 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:54:32.0578 4760 HECIx64 - ok
21:54:32.0592 4760 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:54:32.0593 4760 HidBatt - ok
21:54:32.0599 4760 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:54:32.0601 4760 HidBth - ok
21:54:32.0613 4760 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:54:32.0614 4760 HidIr - ok
21:54:32.0650 4760 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:54:32.0653 4760 hidserv - ok
21:54:32.0723 4760 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:54:32.0724 4760 HidUsb - ok
21:54:32.0756 4760 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:54:32.0760 4760 hkmsvc - ok
21:54:32.0799 4760 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:54:32.0804 4760 HomeGroupListener - ok
21:54:32.0841 4760 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:54:32.0847 4760 HomeGroupProvider - ok
21:54:32.0888 4760 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:54:32.0889 4760 HpSAMD - ok
21:54:32.0955 4760 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:54:32.0962 4760 HTTP - ok
21:54:32.0998 4760 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:54:32.0999 4760 hwpolicy - ok
21:54:33.0030 4760 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:54:33.0032 4760 i8042prt - ok
21:54:33.0058 4760 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:54:33.0063 4760 iaStor - ok
21:54:33.0155 4760 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:54:33.0156 4760 IAStorDataMgrSvc - ok
21:54:33.0191 4760 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:54:33.0195 4760 iaStorV - ok
21:54:33.0245 4760 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:54:33.0253 4760 idsvc - ok
21:54:33.0260 4760 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:54:33.0261 4760 iirsp - ok
21:54:33.0299 4760 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:54:33.0310 4760 IKEEXT - ok
21:54:33.0410 4760 [ 06B774E74F7E2B8AE903A70C45A03D61 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:54:33.0428 4760 IntcAzAudAddService - ok
21:54:33.0465 4760 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:54:33.0466 4760 intelide - ok
21:54:33.0692 4760 [ 677AA5991026A65ADA128C4B59CF2BAD ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
21:54:33.0739 4760 intelkmd - ok
21:54:33.0749 4760 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:54:33.0750 4760 intelppm - ok
21:54:33.0795 4760 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:54:33.0797 4760 IPBusEnum - ok
21:54:33.0831 4760 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:54:33.0832 4760 IpFilterDriver - ok
21:54:33.0889 4760 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:54:33.0894 4760 iphlpsvc - ok
21:54:33.0907 4760 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:54:33.0908 4760 IPMIDRV - ok
21:54:33.0914 4760 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:54:33.0915 4760 IPNAT - ok
21:54:33.0927 4760 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:54:33.0928 4760 IRENUM - ok
21:54:33.0940 4760 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:54:33.0941 4760 isapnp - ok
21:54:33.0961 4760 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:54:33.0963 4760 iScsiPrt - ok
21:54:33.0986 4760 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:54:33.0987 4760 kbdclass - ok
21:54:34.0015 4760 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:54:34.0016 4760 kbdhid - ok
21:54:34.0030 4760 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:54:34.0033 4760 KeyIso - ok
21:54:34.0069 4760 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:54:34.0070 4760 KSecDD - ok
21:54:34.0106 4760 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:54:34.0108 4760 KSecPkg - ok
21:54:34.0128 4760 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:54:34.0130 4760 ksthunk - ok
21:54:34.0147 4760 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:54:34.0154 4760 KtmRm - ok
21:54:34.0195 4760 [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:54:34.0196 4760 L1C - ok
21:54:34.0232 4760 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:54:34.0238 4760 LanmanServer - ok
21:54:34.0276 4760 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:54:34.0282 4760 LanmanWorkstation - ok
21:54:34.0299 4760 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:54:34.0301 4760 lltdio - ok
21:54:34.0323 4760 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:54:34.0327 4760 lltdsvc - ok
21:54:34.0333 4760 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:54:34.0336 4760 lmhosts - ok
21:54:34.0382 4760 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:54:34.0384 4760 LMS - ok
21:54:34.0404 4760 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:54:34.0406 4760 LSI_FC - ok
21:54:34.0412 4760 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:54:34.0413 4760 LSI_SAS - ok
21:54:34.0419 4760 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:54:34.0420 4760 LSI_SAS2 - ok
21:54:34.0426 4760 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:54:34.0428 4760 LSI_SCSI - ok
21:54:34.0439 4760 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:54:34.0440 4760 luafv - ok
21:54:34.0478 4760 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:54:34.0479 4760 MBAMProtector - ok
21:54:34.0513 4760 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:54:34.0515 4760 MBAMScheduler - ok
21:54:34.0593 4760 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:54:34.0599 4760 MBAMService - ok
21:54:34.0637 4760 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:54:34.0640 4760 Mcx2Svc - ok
21:54:34.0644 4760 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:54:34.0645 4760 megasas - ok
21:54:34.0670 4760 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:54:34.0672 4760 MegaSR - ok
21:54:34.0685 4760 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:54:34.0687 4760 MMCSS - ok
21:54:34.0691 4760 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:54:34.0692 4760 Modem - ok
21:54:34.0709 4760 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:54:34.0709 4760 monitor - ok
21:54:34.0727 4760 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:54:34.0728 4760 mouclass - ok
21:54:34.0746 4760 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:54:34.0747 4760 mouhid - ok
21:54:34.0790 4760 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:54:34.0791 4760 mountmgr - ok
21:54:34.0817 4760 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:54:34.0819 4760 mpio - ok
21:54:34.0847 4760 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:54:34.0849 4760 mpsdrv - ok
21:54:34.0886 4760 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:54:34.0896 4760 MpsSvc - ok
21:54:34.0938 4760 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:54:34.0940 4760 MRxDAV - ok
21:54:34.0989 4760 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:54:34.0991 4760 mrxsmb - ok
21:54:35.0009 4760 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:54:35.0012 4760 mrxsmb10 - ok
21:54:35.0039 4760 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:54:35.0041 4760 mrxsmb20 - ok
21:54:35.0058 4760 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:54:35.0059 4760 msahci - ok
21:54:35.0088 4760 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:54:35.0090 4760 msdsm - ok
21:54:35.0109 4760 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:54:35.0113 4760 MSDTC - ok
21:54:35.0138 4760 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:54:35.0139 4760 Msfs - ok
21:54:35.0144 4760 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:54:35.0145 4760 mshidkmdf - ok
21:54:35.0169 4760 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:54:35.0170 4760 msisadrv - ok
21:54:35.0193 4760 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:54:35.0197 4760 MSiSCSI - ok
21:54:35.0202 4760 msiserver - ok
21:54:35.0217 4760 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:54:35.0218 4760 MSKSSRV - ok
21:54:35.0223 4760 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:54:35.0224 4760 MSPCLOCK - ok
21:54:35.0230 4760 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:54:35.0231 4760 MSPQM - ok
21:54:35.0265 4760 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:54:35.0267 4760 MsRPC - ok
21:54:35.0290 4760 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:54:35.0291 4760 mssmbios - ok
21:54:35.0307 4760 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:54:35.0308 4760 MSTEE - ok
21:54:35.0314 4760 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:54:35.0315 4760 MTConfig - ok
21:54:35.0335 4760 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:54:35.0336 4760 Mup - ok
21:54:35.0378 4760 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:54:35.0379 4760 mwlPSDFilter - ok
21:54:35.0384 4760 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:54:35.0385 4760 mwlPSDNServ - ok
21:54:35.0390 4760 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:54:35.0392 4760 mwlPSDVDisk - ok
21:54:35.0487 4760 [ 0036634E5C92BE109056F7E2380103A9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
21:54:35.0491 4760 MWLService - ok
21:54:35.0531 4760 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:54:35.0539 4760 napagent - ok
21:54:35.0585 4760 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:54:35.0590 4760 NativeWifiP - ok
21:54:35.0639 4760 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:54:35.0646 4760 NDIS - ok
21:54:35.0673 4760 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:54:35.0674 4760 NdisCap - ok
21:54:35.0682 4760 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:54:35.0684 4760 NdisTapi - ok
21:54:35.0716 4760 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:54:35.0717 4760 Ndisuio - ok
21:54:35.0755 4760 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:54:35.0757 4760 NdisWan - ok
21:54:35.0794 4760 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:54:35.0795 4760 NDProxy - ok
21:54:35.0812 4760 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:54:35.0813 4760 NetBIOS - ok
21:54:35.0845 4760 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:54:35.0848 4760 NetBT - ok
21:54:35.0863 4760 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:54:35.0867 4760 Netlogon - ok
21:54:35.0916 4760 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:54:35.0923 4760 Netman - ok
21:54:35.0935 4760 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:54:35.0940 4760 netprofm - ok
21:54:35.0965 4760 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:54:35.0967 4760 NetTcpPortSharing - ok
21:54:35.0992 4760 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:54:35.0993 4760 nfrd960 - ok
21:54:36.0022 4760 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:54:36.0027 4760 NlaSvc - ok
21:54:36.0031 4760 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:54:36.0033 4760 Npfs - ok
21:54:36.0052 4760 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:54:36.0055 4760 nsi - ok
21:54:36.0060 4760 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:54:36.0061 4760 nsiproxy - ok
21:54:36.0129 4760 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:54:36.0145 4760 Ntfs - ok
21:54:36.0233 4760 [ 5B3CE960C62DBE864BE9A0BD043A3E30 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
21:54:36.0236 4760 NTI IScheduleSvc - ok
21:54:36.0362 4760 [ 15221DD637D9D0FFC60848EBBF1DF538 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
21:54:36.0363 4760 NTIBackupSvc - ok
21:54:36.0392 4760 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
21:54:36.0393 4760 NTIDrvr - ok
21:54:36.0438 4760 [ B5071E15D4C3F5EF5018AFF7E85A85E5 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
21:54:36.0441 4760 NTISchedulerSvc - ok
21:54:36.0460 4760 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:54:36.0461 4760 Null - ok
21:54:36.0486 4760 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:54:36.0488 4760 nvraid - ok
21:54:36.0523 4760 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:54:36.0525 4760 nvstor - ok
21:54:36.0540 4760 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:54:36.0542 4760 nv_agp - ok
21:54:36.0640 4760 [ BA7DAC1B8A86D9402C3E04E1FCAA600D ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
21:54:36.0642 4760 ODDPwrSvc - ok
21:54:36.0765 4760 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:54:36.0770 4760 odserv - ok
21:54:36.0799 4760 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:54:36.0800 4760 ohci1394 - ok
21:54:36.0859 4760 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:54:36.0861 4760 ose - ok
21:54:36.0906 4760 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:54:36.0913 4760 p2pimsvc - ok
21:54:36.0947 4760 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:54:36.0955 4760 p2psvc - ok
21:54:37.0009 4760 [ 1011C779C9FCD01AFA96490C86A50421 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
21:54:37.0014 4760 PanService - ok
21:54:37.0035 4760 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:54:37.0036 4760 Parport - ok
21:54:37.0074 4760 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:54:37.0075 4760 partmgr - ok
21:54:37.0084 4760 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:54:37.0090 4760 PcaSvc - ok
21:54:37.0116 4760 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:54:37.0118 4760 pci - ok
21:54:37.0138 4760 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:54:37.0139 4760 pciide - ok
21:54:37.0157 4760 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:54:37.0159 4760 pcmcia - ok
21:54:37.0163 4760 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:54:37.0164 4760 pcw - ok
21:54:37.0176 4760 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:54:37.0180 4760 PEAUTH - ok
21:54:37.0399 4760 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:54:37.0403 4760 PerfHost - ok
21:54:37.0466 4760 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:54:37.0480 4760 pla - ok
21:54:37.0518 4760 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:54:37.0523 4760 PlugPlay - ok
21:54:37.0546 4760 PnkBstrA - ok
21:54:37.0565 4760 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:54:37.0568 4760 PNRPAutoReg - ok
21:54:37.0584 4760 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:54:37.0587 4760 PNRPsvc - ok
21:54:37.0613 4760 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:54:37.0617 4760 PolicyAgent - ok
21:54:37.0657 4760 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:54:37.0660 4760 Power - ok
21:54:37.0700 4760 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:54:37.0701 4760 PptpMiniport - ok
21:54:37.0725 4760 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:54:37.0727 4760 Processor - ok
21:54:37.0765 4760 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:54:37.0771 4760 ProfSvc - ok
21:54:37.0786 4760 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:54:37.0790 4760 ProtectedStorage - ok
21:54:37.0848 4760 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:54:37.0850 4760 Psched - ok
21:54:37.0908 4760 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:54:37.0918 4760 ql2300 - ok
21:54:37.0924 4760 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:54:37.0926 4760 ql40xx - ok
21:54:37.0963 4760 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:54:37.0968 4760 QWAVE - ok
21:54:37.0972 4760 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:54:37.0974 4760 QWAVEdrv - ok
21:54:37.0978 4760 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:54:37.0979 4760 RasAcd - ok
21:54:37.0992 4760 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:54:37.0992 4760 RasAgileVpn - ok
21:54:38.0002 4760 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:54:38.0005 4760 RasAuto - ok
21:54:38.0028 4760 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:54:38.0030 4760 Rasl2tp - ok
21:54:38.0063 4760 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:54:38.0072 4760 RasMan - ok
21:54:38.0079 4760 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:54:38.0081 4760 RasPppoe - ok
21:54:38.0088 4760 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:54:38.0090 4760 RasSstp - ok
21:54:38.0110 4760 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:54:38.0112 4760 rdbss - ok
21:54:38.0129 4760 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:54:38.0130 4760 rdpbus - ok
21:54:38.0134 4760 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:54:38.0135 4760 RDPCDD - ok
21:54:38.0140 4760 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:54:38.0141 4760 RDPENCDD - ok
21:54:38.0147 4760 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:54:38.0148 4760 RDPREFMP - ok
21:54:38.0244 4760 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:54:38.0245 4760 RdpVideoMiniport - ok
21:54:38.0278 4760 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:54:38.0281 4760 RDPWD - ok
21:54:38.0330 4760 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:54:38.0332 4760 rdyboost - ok
21:54:38.0358 4760 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:54:38.0362 4760 RemoteAccess - ok
21:54:38.0381 4760 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:54:38.0387 4760 RemoteRegistry - ok
21:54:38.0422 4760 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:54:38.0424 4760 RFCOMM - ok
21:54:38.0436 4760 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:54:38.0441 4760 RpcEptMapper - ok
21:54:38.0473 4760 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:54:38.0476 4760 RpcLocator - ok
21:54:38.0517 4760 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:54:38.0527 4760 RpcSs - ok
21:54:38.0534 4760 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:54:38.0536 4760 rspndr - ok
21:54:38.0590 4760 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
21:54:38.0593 4760 RS_Service - ok
21:54:38.0609 4760 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:54:38.0612 4760 SamSs - ok
21:54:38.0641 4760 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:54:38.0642 4760 sbp2port - ok
21:54:38.0668 4760 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:54:38.0674 4760 SCardSvr - ok
21:54:38.0699 4760 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:54:38.0701 4760 scfilter - ok
21:54:38.0756 4760 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:54:38.0772 4760 Schedule - ok
21:54:38.0805 4760 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:54:38.0806 4760 SCPolicySvc - ok
21:54:38.0843 4760 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:54:38.0850 4760 SDRSVC - ok
21:54:38.0856 4760 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:54:38.0858 4760 secdrv - ok
21:54:38.0888 4760 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:54:38.0891 4760 seclogon - ok
21:54:38.0904 4760 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:54:38.0907 4760 SENS - ok
21:54:38.0918 4760 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:54:38.0922 4760 SensrSvc - ok
21:54:38.0926 4760 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:54:38.0927 4760 Serenum - ok
21:54:38.0932 4760 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:54:38.0933 4760 Serial - ok
21:54:38.0974 4760 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:54:38.0975 4760 sermouse - ok
21:54:39.0015 4760 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:54:39.0019 4760 SessionEnv - ok
21:54:39.0056 4760 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:54:39.0057 4760 sffdisk - ok
21:54:39.0072 4760 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:54:39.0073 4760 sffp_mmc - ok
21:54:39.0082 4760 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:54:39.0083 4760 sffp_sd - ok
21:54:39.0088 4760 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:54:39.0090 4760 sfloppy - ok
21:54:39.0126 4760 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:54:39.0131 4760 SharedAccess - ok
21:54:39.0167 4760 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:54:39.0174 4760 ShellHWDetection - ok
21:54:39.0196 4760 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:54:39.0197 4760 SiSRaid2 - ok
21:54:39.0204 4760 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:54:39.0205 4760 SiSRaid4 - ok
21:54:39.0214 4760 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:54:39.0215 4760 Smb - ok
21:54:39.0254 4760 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:54:39.0257 4760 SNMPTRAP - ok
21:54:39.0261 4760 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:54:39.0262 4760 spldr - ok
21:54:39.0302 4760 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:54:39.0313 4760 Spooler - ok
21:54:39.0418 4760 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:54:39.0451 4760 sppsvc - ok
21:54:39.0473 4760 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:54:39.0477 4760 sppuinotify - ok
21:54:39.0515 4760 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:54:39.0519 4760 srv - ok

[Kotik]

21:54:39.0533 4760 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:54:39.0536 4760 srv2 - ok
21:54:39.0548 4760 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:54:39.0550 4760 srvnet - ok
21:54:39.0581 4760 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:54:39.0585 4760 SSDPSRV - ok
21:54:39.0622 4760 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
21:54:39.0622 4760 SSPORT - ok
21:54:39.0644 4760 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:54:39.0648 4760 SstpSvc - ok
21:54:39.0663 4760 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:54:39.0664 4760 stexstor - ok
21:54:39.0700 4760 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:54:39.0707 4760 stisvc - ok
21:54:39.0740 4760 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:54:39.0741 4760 swenum - ok
21:54:39.0772 4760 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:54:39.0782 4760 swprv - ok
21:54:39.0820 4760 [ CE9B5A79AEE330BC7E88C0441E5727BB ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:54:39.0823 4760 SynTP - ok
21:54:39.0882 4760 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:54:39.0904 4760 SysMain - ok
21:54:39.0918 4760 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:54:39.0923 4760 TabletInputService - ok
21:54:39.0937 4760 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:54:39.0945 4760 TapiSrv - ok
21:54:39.0977 4760 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:54:39.0981 4760 TBS - ok
21:54:40.0052 4760 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:54:40.0069 4760 Tcpip - ok
21:54:40.0132 4760 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:54:40.0151 4760 TCPIP6 - ok
21:54:40.0183 4760 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:54:40.0184 4760 tcpipreg - ok
21:54:40.0205 4760 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:54:40.0205 4760 TDPIPE - ok
21:54:40.0240 4760 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:54:40.0242 4760 TDTCP - ok
21:54:40.0288 4760 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:54:40.0290 4760 tdx - ok
21:54:40.0304 4760 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:54:40.0306 4760 TermDD - ok
21:54:40.0331 4760 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:54:40.0340 4760 TermService - ok
21:54:40.0353 4760 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:54:40.0357 4760 Themes - ok
21:54:40.0385 4760 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:54:40.0388 4760 THREADORDER - ok
21:54:40.0554 4760 [ 5C049741E220DC6FE3D7469528B787EA ] tizeqdrv C:\Users\Kotik\AppData\Roaming\TZAC2\tizeq64.sys
21:54:40.0556 4760 tizeqdrv - ok
21:54:40.0581 4760 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:54:40.0588 4760 TrkWks - ok
21:54:40.0636 4760 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:54:40.0639 4760 TrustedInstaller - ok
21:54:40.0675 4760 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:54:40.0677 4760 tssecsrv - ok
21:54:40.0788 4760 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:54:40.0790 4760 TsUsbFlt - ok
21:54:40.0844 4760 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:54:40.0846 4760 tunnel - ok
21:54:40.0869 4760 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:54:40.0870 4760 uagp35 - ok
21:54:40.0893 4760 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
21:54:40.0894 4760 UBHelper - ok
21:54:40.0925 4760 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:54:40.0929 4760 udfs - ok
21:54:40.0952 4760 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:54:40.0955 4760 UI0Detect - ok
21:54:40.0973 4760 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:54:40.0974 4760 uliagpkx - ok
21:54:41.0008 4760 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:54:41.0009 4760 umbus - ok
21:54:41.0014 4760 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:54:41.0015 4760 UmPass - ok
21:54:41.0152 4760 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:54:41.0166 4760 UNS - ok
21:54:41.0259 4760 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:54:41.0262 4760 Updater Service - ok
21:54:41.0289 4760 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:54:41.0297 4760 upnphost - ok
21:54:41.0364 4760 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:54:41.0366 4760 usbaudio - ok
21:54:41.0393 4760 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:54:41.0395 4760 usbccgp - ok
21:54:41.0440 4760 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:54:41.0442 4760 usbcir - ok
21:54:41.0458 4760 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:54:41.0459 4760 usbehci - ok
21:54:41.0496 4760 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:54:41.0499 4760 usbhub - ok
21:54:41.0559 4760 [ 49C26DAC5A04080061670E2951BA4880 ] USBMULCD C:\Windows\system32\drivers\CM10664.sys
21:54:41.0574 4760 USBMULCD - ok
21:54:41.0596 4760 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:54:41.0597 4760 usbohci - ok
21:54:41.0611 4760 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:54:41.0612 4760 usbprint - ok
21:54:41.0632 4760 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:54:41.0634 4760 USBSTOR - ok
21:54:41.0653 4760 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:54:41.0654 4760 usbuhci - ok
21:54:41.0677 4760 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:54:41.0679 4760 usbvideo - ok
21:54:41.0691 4760 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:54:41.0694 4760 UxSms - ok
21:54:41.0708 4760 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:54:41.0710 4760 VaultSvc - ok
21:54:41.0723 4760 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:54:41.0724 4760 vdrvroot - ok
21:54:41.0760 4760 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:54:41.0766 4760 vds - ok
21:54:41.0787 4760 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:54:41.0788 4760 vga - ok
21:54:41.0798 4760 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:54:41.0799 4760 VgaSave - ok
21:54:41.0823 4760 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:54:41.0825 4760 vhdmp - ok
21:54:41.0837 4760 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:54:41.0838 4760 viaide - ok
21:54:41.0855 4760 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:54:41.0856 4760 volmgr - ok
21:54:41.0884 4760 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:54:41.0887 4760 volmgrx - ok
21:54:41.0901 4760 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:54:41.0903 4760 volsnap - ok
21:54:41.0947 4760 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:54:41.0949 4760 vsmraid - ok
21:54:42.0007 4760 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:54:42.0028 4760 VSS - ok
21:54:42.0034 4760 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:54:42.0035 4760 vwifibus - ok
21:54:42.0039 4760 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:54:42.0041 4760 vwififlt - ok
21:54:42.0062 4760 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:54:42.0067 4760 W32Time - ok
21:54:42.0072 4760 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:54:42.0073 4760 WacomPen - ok
21:54:42.0103 4760 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:54:42.0104 4760 WANARP - ok
21:54:42.0108 4760 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:54:42.0109 4760 Wanarpv6 - ok
21:54:42.0170 4760 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:54:42.0178 4760 WatAdminSvc - ok
21:54:42.0242 4760 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:54:42.0251 4760 wbengine - ok
21:54:42.0285 4760 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:54:42.0289 4760 WbioSrvc - ok
21:54:42.0319 4760 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:54:42.0324 4760 wcncsvc - ok
21:54:42.0339 4760 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:54:42.0343 4760 WcsPlugInService - ok
21:54:42.0347 4760 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:54:42.0348 4760 Wd - ok
21:54:42.0385 4760 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:54:42.0394 4760 Wdf01000 - ok
21:54:42.0409 4760 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:54:42.0415 4760 WdiServiceHost - ok
21:54:42.0420 4760 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:54:42.0424 4760 WdiSystemHost - ok
21:54:42.0450 4760 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:54:42.0456 4760 WebClient - ok
21:54:42.0477 4760 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:54:42.0483 4760 Wecsvc - ok
21:54:42.0500 4760 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:54:42.0505 4760 wercplsupport - ok
21:54:42.0518 4760 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:54:42.0522 4760 WerSvc - ok
21:54:42.0535 4760 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:54:42.0536 4760 WfpLwf - ok
21:54:42.0540 4760 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:54:42.0541 4760 WIMMount - ok
21:54:42.0578 4760 WinDefend - ok
21:54:42.0582 4760 WinHttpAutoProxySvc - ok
21:54:42.0722 4760 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:54:42.0724 4760 Winmgmt - ok
21:54:42.0785 4760 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:54:42.0799 4760 WinRM - ok
21:54:42.0841 4760 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:54:42.0849 4760 Wlansvc - ok
21:54:42.0887 4760 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:54:42.0888 4760 wlcrasvc - ok
21:54:42.0970 4760 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:54:42.0981 4760 wlidsvc - ok
21:54:43.0026 4760 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:54:43.0027 4760 WmiAcpi - ok
21:54:43.0047 4760 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:54:43.0049 4760 wmiApSrv - ok
21:54:43.0070 4760 WMPNetworkSvc - ok
21:54:43.0089 4760 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:54:43.0092 4760 WPCSvc - ok
21:54:43.0125 4760 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:54:43.0128 4760 WPDBusEnum - ok
21:54:43.0136 4760 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:54:43.0137 4760 ws2ifsl - ok
21:54:43.0155 4760 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:54:43.0158 4760 wscsvc - ok
21:54:43.0162 4760 WSearch - ok
21:54:43.0225 4760 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:54:43.0239 4760 wuauserv - ok
21:54:43.0275 4760 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:54:43.0276 4760 WudfPf - ok
21:54:43.0283 4760 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:54:43.0285 4760 WUDFRd - ok
21:54:43.0320 4760 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:54:43.0330 4760 wudfsvc - ok
21:54:43.0356 4760 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:54:43.0360 4760 WwanSvc - ok
21:54:43.0379 4760 XFDriver64 - ok
21:54:43.0425 4760 ================ Scan global ===============================
21:54:43.0451 4760 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:54:43.0484 4760 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:54:43.0494 4760 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:54:43.0531 4760 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:54:43.0561 4760 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:54:43.0566 4760 [Global] - ok
21:54:43.0567 4760 ================ Scan MBR ==================================
21:54:43.0584 4760 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:54:44.0068 4760 \Device\Harddisk0\DR0 - ok
21:54:44.0071 4760 ================ Scan VBR ==================================
21:54:44.0072 4760 [ 498C0BF453F17EA5226CF5AC654E1586 ] \Device\Harddisk0\DR0\Partition1
21:54:44.0074 4760 \Device\Harddisk0\DR0\Partition1 - ok
21:54:44.0088 4760 [ 3D6997416DB96BF7B6B2D153462C28A5 ] \Device\Harddisk0\DR0\Partition2
21:54:44.0090 4760 \Device\Harddisk0\DR0\Partition2 - ok
21:54:44.0117 4760 [ 355EF96864770D03CC14638E9F52DB72 ] \Device\Harddisk0\DR0\Partition3
21:54:44.0119 4760 \Device\Harddisk0\DR0\Partition3 - ok
21:54:44.0119 4760 ============================================================
21:54:44.0119 4760 Scan finished
21:54:44.0119 4760 ============================================================
21:54:44.0129 4872 Detected object count: 0
21:54:44.0129 4872 Actual detected object count: 0

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání skončeno "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Spusť znovu RogueKiller
Pokud používáš Win Vista či W7, klikni na RogueKiller pravým a dej spustit jako správce.
Pak klikni na Oprava Host a Zpráva - otevře se log, ten sem vlož.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Kotik]

První krok:
RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Kotik [Práva správce]
Mód : Odebrat -- Datum : 05/14/2013 09:19:59
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[RUN][PREVRUN] HKLM\[...]\Run : Cm106Sound (C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd) [7] -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts


213.108.31.215 tz-ac.com
213.108.31.215 www.tz-ac.com


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD7500BPVT-22HXZT1 +++++
--- User ---
[MBR] 152106e33c4fdfe1bbc7449fae6d7768
[BSP] df575fbd5af600dd015b331276cfb809 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 351057 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 746434560 | Size: 350933 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_05142013_02d0919.txt >>
RKreport[1]_S_05142013_02d0919.txt ; RKreport[2]_D_05142013_02d0919.txt

____________________________________________________________________________________________________________________________________

a druhý:

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Kotik [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/14/2013 09:23:27
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts


213.108.31.215 tz-ac.com
213.108.31.215 www.tz-ac.com


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[3]_H_05142013_02d0923.txt >>
RKreport[1]_S_05142013_02d0919.txt ; RKreport[2]_D_05142013_02d0919.txt ; RKreport[3]_H_05142013_02d0923.txt

[Kotik]

do třetice ComboFix:

ComboFix 13-05-13.01 - Kotik 14.05.2013 9:27.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2362 [GMT 2:00]
Spuštěný z: c:\users\Kotik\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-14 do 2013-05-14 )))))))))))))))))))))))))))))))
.
.
2013-05-14 07:32 . 2013-05-14 07:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-13 19:42 . 2013-05-13 19:42 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-05-13 16:57 . 2013-05-13 16:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-13 16:57 . 2013-05-13 16:57 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 16:57 . 2013-05-13 16:57 -------- d-----w- c:\windows\system32\Macromed
2013-05-12 08:48 . 2013-05-12 08:48 -------- d-----w- c:\programdata\Malwarebytes
2013-05-12 08:48 . 2013-05-12 08:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-12 08:48 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-10 08:21 . 2013-04-17 04:31 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{879C26A1-2B48-4E28-B495-1834301748BF}\mpengine.dll
2013-05-06 11:12 . 2013-05-06 11:12 -------- d-----w- c:\program files (x86)\Graph
2013-05-01 19:19 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-05-01 19:19 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-05-01 19:19 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-05-01 19:19 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-05-01 19:19 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-05-01 19:19 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-05-01 19:19 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-05-01 19:19 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-05-01 19:19 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-05-01 18:51 . 2013-05-01 18:51 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 09:31 . 2013-05-01 09:31 -------- d-----w- c:\program files\WinRAR
2013-05-01 09:24 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-05-01 08:40 . 2013-03-06 22:33 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-01 08:40 . 2013-03-06 22:33 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-01 08:40 . 2013-03-06 22:33 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-01 08:40 . 2013-03-06 22:33 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-01 08:40 . 2013-03-06 22:33 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-01 08:40 . 2013-03-06 22:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-01 08:40 . 2013-03-06 22:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-01 08:40 . 2013-03-06 22:33 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-01 08:40 . 2013-03-06 22:32 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-01 08:39 . 2013-03-06 22:32 41664 ----a-w- c:\windows\avastSS.scr
2013-05-01 08:39 . 2013-05-01 08:39 -------- d-----w- c:\program files\AVAST Software
2013-05-01 08:38 . 2013-05-01 08:39 -------- d-----w- c:\programdata\AVAST Software
2013-05-01 08:31 . 2013-05-01 08:31 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-04-30 21:44 . 2013-04-30 21:44 -------- d-----w- c:\program files (x86)\PANDORA.TV
2013-04-30 21:44 . 2013-04-30 21:45 -------- d-----w- c:\program files (x86)\The KMPlayer
2013-04-30 20:08 . 2013-04-30 20:08 -------- d-----w- c:\program files (x86)\Xfire
2013-04-30 19:29 . 2013-04-30 19:29 -------- d-----w- c:\windows\SysWow64\Wat
2013-04-30 19:29 . 2013-04-30 19:29 -------- d-----w- c:\windows\system32\Wat
2013-04-30 19:10 . 2013-04-30 19:10 -------- d-----w- c:\windows\system32\SPReview
2013-04-30 19:09 . 2013-04-30 19:09 -------- d-----w- c:\windows\system32\EventProviders
2013-04-30 19:08 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2013-04-30 19:08 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2013-04-30 19:08 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2013-04-30 19:08 . 2010-11-20 13:27 14967808 ----a-w- c:\program files\DVD Maker\OmdBase.dll
2013-04-30 19:08 . 2010-11-20 12:19 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2013-04-30 19:08 . 2010-11-20 12:19 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2013-04-30 19:06 . 2010-11-20 13:33 213888 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2013-04-30 19:05 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-04-30 19:05 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-04-30 19:05 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2013-04-30 14:47 . 2013-04-30 14:47 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-04-30 07:51 . 2013-04-30 07:51 471040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA6\VBACV10D.DLL
2013-04-30 07:51 . 2013-04-30 07:51 466944 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA6\VBACV10.DLL
2013-04-30 07:29 . 2013-04-30 07:29 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2013-04-29 23:35 . 2013-04-01 17:58 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-29 23:33 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-29 23:33 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-29 23:33 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-29 22:54 . 2013-04-29 22:54 -------- dc----w- c:\windows\system32\DRVSTORE
2013-04-29 22:54 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-04-29 22:54 . 2013-04-29 22:54 -------- d-----w- c:\program files\Windows Live
2013-04-29 22:54 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2013-04-29 22:54 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2013-04-29 22:54 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2013-04-29 22:54 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-29 22:48 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-04-29 22:40 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-04-29 22:40 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-04-29 22:40 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-04-29 22:40 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-04-29 22:40 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-04-29 22:40 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-04-29 22:39 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-29 22:39 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-29 22:39 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-29 22:39 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-29 22:39 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-29 22:39 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-29 22:39 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-29 22:35 . 2013-04-29 22:35 -------- d-----w- c:\program files\Microsoft Silverlight
2013-04-29 22:35 . 2013-04-29 22:35 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-04-29 22:34 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-04-29 22:34 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-04-29 22:34 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-04-29 22:34 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-04-29 22:34 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-04-29 22:30 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-04-29 22:30 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-04-29 22:30 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-04-29 22:30 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-04-29 22:30 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-04-29 22:30 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-04-29 22:30 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-04-29 22:30 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-04-29 22:30 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2013-04-29 22:30 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2013-04-29 22:30 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-04-29 22:28 . 2012-06-02 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-04-29 22:27 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-04-29 22:26 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-04-29 22:22 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-04-29 22:22 . 2010-11-20 13:25 974336 ----a-w- c:\windows\system32\WFS.exe
2013-04-29 22:22 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-04-29 22:22 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-04-29 22:22 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-04-29 22:22 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2013-04-29 22:22 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2013-04-29 22:22 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-04-29 22:22 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-04-29 20:26 . 2013-04-29 20:26 -------- d-----w- c:\programdata\ATI
2013-04-29 18:50 . 2013-04-30 19:22 -------- d-----w- c:\windows\SysWow64\cs
2013-04-29 18:50 . 2013-05-01 19:11 -------- d-----w- c:\windows\SysWow64\wbem\cs-CZ
2013-04-29 18:50 . 2013-04-30 19:22 -------- d-----w- c:\windows\system32\cs
2013-04-29 18:50 . 2013-04-29 18:50 -------- d-----w- c:\windows\SysWow64\XPSViewer
2013-04-29 18:50 . 2013-04-29 18:50 -------- d-----w- c:\windows\SysWow64\drivers\cs-CZ
2013-04-29 18:50 . 2013-04-29 18:50 -------- d-----w- c:\windows\cs-CZ
2013-04-29 18:50 . 2013-05-01 19:11 -------- d-----w- c:\windows\system32\wbem\cs-CZ
2013-04-29 18:50 . 2013-04-30 19:22 -------- d-----w- c:\windows\system32\drivers\cs-CZ
2013-04-29 18:50 . 2013-04-29 18:50 -------- d-----w- c:\windows\system32\drivers\UMDF\cs-CZ
2013-04-29 18:50 . 2013-04-29 18:50 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\cs-CZ\LXKPTPRC.DLL.mui
2013-04-29 18:45 . 2013-04-29 18:45 -------- d-----w- c:\windows\NAPP_Dism_Log
2013-04-29 17:57 . 2013-05-13 18:46 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-04-29 17:56 . 2013-05-13 18:46 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 18:52 . 2013-05-01 18:52 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-01 18:52 . 2013-05-01 18:52 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-04-30 19:17 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-04-30 19:17 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-04-29 22:54 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-29 18:50 . 2013-04-29 18:50 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2013-04-29 18:49 . 2013-04-29 18:49 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2013-04-29 18:49 . 2013-04-29 18:49 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2013-04-29 18:49 . 2013-04-29 18:49 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2013-04-29 18:49 . 2013-04-29 18:49 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2013-04-29 18:49 . 2013-04-29 18:49 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2013-04-29 11:33 . 2009-06-11 12:10 315392 ----a-w- c:\windows\system\fltr106.dll
2013-04-29 11:33 . 2009-06-11 12:10 1306624 ----a-w- c:\windows\system32\drivers\CM10664.sys
2013-04-29 10:23 . 2010-05-14 04:18 61952 ----a-w- c:\windows\system32\igfxsrvc.dll
2013-04-29 10:23 . 2013-04-29 10:35 83968 ----a-w- c:\windows\system32\igfxrcht.lrc
2013-04-29 10:23 . 2013-04-29 10:35 83968 ----a-w- c:\windows\system32\igfxrchs.lrc
2013-04-29 10:23 . 2010-05-14 04:18 243200 ----a-w- c:\windows\system32\igfxpph.dll
2013-04-29 10:23 . 2010-05-14 04:18 271360 ----a-w- c:\windows\system32\igfxdev.dll
2013-04-29 10:23 . 2010-05-14 04:18 108032 ----a-w- c:\windows\system32\hccutils.dll
2013-04-29 10:23 . 2010-05-14 04:18 40448 ----a-w- c:\windows\system32\atiuxp64.dll
2013-04-29 10:23 . 2010-05-14 04:18 361984 ----a-w- c:\windows\system32\atiadlxx.dll
2013-03-21 04:10 . 2013-03-21 04:10 42880 ----a-w- c:\windows\SysWow64\xfcodec.dll
2013-03-21 04:10 . 2013-03-21 04:10 28544 ----a-w- c:\windows\system32\xfcodec64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\OSCAR Editor\OscarEditor.exe" [2009-11-24 2642432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-04-17 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-13 336384]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-5-14 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 aswVmm;aswVmm; [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-05 335400]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 39464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 tizeqdrv;tizeqdrv;c:\users\Kotik\AppData\Roaming\TZAC2\tizeq64.sys [2013-04-29 171704]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-04-30 1255736]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-04-29 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-04-23 820768]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2013-04-29 114704]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2013-04-29 10611552]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys [2013-04-29 1306624]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-29 10:53 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-13 16:57]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 10:52]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29 10:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-22 10775072]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-22 2040352]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-04-17 349552]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-04-23 496160]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-04-29 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-04-29 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-04-29 415256]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3749429746-3335520310-1313340140-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3749429746-3335520310-1313340140-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-14 09:35:28
ComboFix-quarantined-files.txt 2013-05-14 07:35
.
Před spuštěním: Volných bajtů: 316 788 416 512
Po spuštění: Volných bajtů: 316 279 562 240
.
- - End Of File - - FCCE8C5B16264C1B36F37E7DE509F017

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

File::
c:\windows\system\fltr106.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Kotik]

ComboFix 13-05-13.01 - Kotik 14.05.2013 9:54.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2177 [GMT 2:00]
Spuštěný z: c:\users\Kotik\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kotik\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system\fltr106.dll"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.135\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.135\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.135\psuser.dll
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\26.0.1410.64\26.0.1410.64_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\system\fltr106.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-14 do 2013-05-14 )))))))))))))))))))))))))))))))
.
.
2013-05-13 19:42 . 2013-05-13 19:42 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-05-13 16:57 . 2013-05-13 16:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-13 16:57 . 2013-05-13 16:57 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 16:57 . 2013-05-13 16:57 -------- d-----w- c:\windows\system32\Macromed
2013-05-12 08:48 . 2013-05-12 08:48 -------- d-----w- c:\programdata\Malwarebytes
2013-05-12 08:48 . 2013-05-12 08:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-12 08:48 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-10 08:21 . 2013-04-17 04:31 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{879C26A1-2B48-4E28-B495-1834301748BF}\mpengine.dll
2013-05-06 11:12 . 2013-05-06 11:12 -------- d-----w- c:\program files (x86)\Graph
2013-05-01 19:19 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-05-01 19:19 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-05-01 19:19 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-05-01 19:19 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-05-01 19:19 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-05-01 19:19 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-05-01 19:19 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-05-01 19:19 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-05-01 19:19 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-05-01 18:51 . 2013-05-01 18:51 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 09:31 . 2013-05-01 09:31 -------- d-----w- c:\program files\WinRAR
2013-05-01 09:24 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-05-01 08:40 . 2013-03-06 22:33 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-01 08:40 . 2013-03-06 22:33 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-01 08:40 . 2013-03-06 22:33 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-01 08:40 . 2013-03-06 22:33 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-01 08:40 . 2013-03-06 22:33 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-01 08:40 . 2013-03-06 22:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-01 08:40 . 2013-03-06 22:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-01 08:40 . 2013-03-06 22:33 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-01 08:40 . 2013-03-06 22:32 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-01 08:39 . 2013-03-06 22:32 41664 ----a-w- c:\windows\avastSS.scr
2013-05-01 08:39 . 2013-05-01 08:39 -------- d-----w- c:\program files\AVAST Software
2013-05-01 08:38 . 2013-05-01 08:39 -------- d-----w- c:\programdata\AVAST Software
2013-05-01 08:31 . 2013-05-01 08:31 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-04-30 21:44 . 2013-04-30 21:44 -------- d-----w- c:\program files (x86)\PANDORA.TV
2013-04-30 21:44 . 2013-04-30 21:45 -------- d-----w- c:\program files (x86)\The KMPlayer
2013-04-30 20:08 . 2013-04-30 20:08 -------- d-----w- c:\program files (x86)\Xfire
2013-04-30 19:29 . 2013-04-30 19:29 -------- d-----w- c:\windows\SysWow64\Wat
2013-04-30 19:29 . 2013-04-30 19:29 -------- d-----w- c:\windows\system32\Wat
2013-04-30 19:10 . 2013-04-30 19:10 -------- d-----w- c:\windows\system32\SPReview
2013-04-30 19:09 . 2013-04-30 19:09 -------- d-----w- c:\windows\system32\EventProviders
2013-04-30 19:08 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2013-04-30 19:08 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2013-04-30 19:08 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2013-04-30 19:08 . 2010-11-20 13:27 14967808 ----a-w- c:\program files\DVD Maker\OmdBase.dll
2013-04-30 19:08 . 2010-11-20 12:19 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2013-04-30 19:08 . 2010-11-20 12:19 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2013-04-30 19:06 . 2010-11-20 13:33 213888 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2013-04-30 19:05 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-04-30 19:05 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-04-30 19:05 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2013-04-30 14:47 . 2013-04-30 14:47 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-04-30 07:51 . 2013-04-30 07:51 471040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA6\VBACV10D.DLL
2013-04-30 07:51 . 2013-04-30 07:51 466944 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA6\VBACV10.DLL
2013-04-30 07:29 . 2013-04-30 07:29 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2013-04-29 23:35 . 2013-04-01 17:58 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-29 23:33 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-29 23:33 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-29 23:33 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-29 22:54 . 2013-04-29 22:54 -------- dc----w- c:\windows\system32\DRVSTORE
2013-04-29 22:54 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-04-29 22:54 . 2013-04-29 22:54 -------- d-----w- c:\program files\Windows Live
2013-04-29 22:54 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2013-04-29 22:54 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2013-04-29 22:54 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2013-04-29 22:54 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-29 22:48 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-04-29 22:40 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-04-29 22:40 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-04-29 22:40 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-04-29 22:40 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-04-29 22:40 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-04-29 22:40 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-04-29 22:39 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-29 22:39 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-29 22:39 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-29 22:39 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-29 22:39 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-29 22:39 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-29 22:39 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-29 22:35 . 2013-04-29 22:35 -------- d-----w- c:\program files\Microsoft Silverlight
2013-04-29 22:35 . 2013-04-29 22:35 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-04-29 22:34 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-04-29 22:34 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-04-29 22:34 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-04-29 22:34 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-04-29 22:34 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-04-29 22:30 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-04-29 22:30 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-04-29 22:30 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-04-29 22:30 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-04-29 22:30 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-04-29 22:30 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-04-29 22:30 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-04-29 22:30 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-04-29 22:30 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2013-04-29 22:30 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2013-04-29 22:30 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-04-29 22:28 . 2012-06-02 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-04-29 22:27 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-04-29 22:26 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-04-29 22:22 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-04-29 22:22 . 2010-11-20 13:25 974336 ----a-w- c:\windows\system32\WFS.exe
2013-04-29 22:22 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-04-29 22:22 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-04-29 22:22 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-04-29 22:22 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2013-04-29 22:22 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2013-04-29 22:22 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-04-29 22:22 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-04-29 20:26 . 2013-04-29 20:26 -------- d-----w- c:\programdata\ATI
2013-04-29 18:50 . 2013-04-30 19:22 -------- d-----w- c:\windows\SysWow64\cs
2013-04-29 18:50 . 2013-05-01 19:11 -------- d-----w- c:\windows\SysWow64\wbem\cs-CZ
2013-04-29 18:50 . 2013-04-30 19:22 -------- d-----w- c:\windows\system32\cs
2013-04-29 18:50 . 2013-04-29 18:50 -------- d-----w- c:\windows\SysWow64\XPSViewer
2013-04-29 18:50 . 2013-04-29 18:50 -------- d-----w- c:\windows\SysWow64\drivers\cs-CZ
2013-04-29 18:50 . 2013-04-29 18:50 -------- d-----w- c:\windows\cs-CZ
2013-04-29 18:50 . 2013-05-01 19:11 -------- d-----w- c:\windows\system32\wbem\cs-CZ
2013-04-29 18:50 . 2013-04-30 19:22 -------- d-----w- c:\windows\system32\drivers\cs-CZ
2013-04-29 18:50 . 2013-04-29 18:50 -------- d-----w- c:\windows\system32\drivers\UMDF\cs-CZ
2013-04-29 18:50 . 2013-04-29 18:50 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\cs-CZ\LXKPTPRC.DLL.mui
2013-04-29 18:45 . 2013-04-29 18:45 -------- d-----w- c:\windows\NAPP_Dism_Log
2013-04-29 17:57 . 2013-05-13 18:46 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-04-29 17:56 . 2013-05-13 18:46 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-04-29 17:56 . 2013-04-29 17:56 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 18:52 . 2013-05-01 18:52 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-01 18:52 . 2013-05-01 18:52 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-04-30 19:17 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-04-30 19:17 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-04-29 22:54 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-29 18:50 . 2013-04-29 18:50 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2013-04-29 18:49 . 2013-04-29 18:49 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2013-04-29 18:49 . 2013-04-29 18:49 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2013-04-29 18:49 . 2013-04-29 18:49 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2013-04-29 18:49 . 2013-04-29 18:49 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2013-04-29 18:49 . 2013-04-29 18:49 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2013-04-29 11:33 . 2009-06-11 12:10 1306624 ----a-w- c:\windows\system32\drivers\CM10664.sys
2013-04-29 10:23 . 2010-05-14 04:18 61952 ----a-w- c:\windows\system32\igfxsrvc.dll
2013-04-29 10:23 . 2013-04-29 10:35 83968 ----a-w- c:\windows\system32\igfxrcht.lrc
2013-04-29 10:23 . 2013-04-29 10:35 83968 ----a-w- c:\windows\system32\igfxrchs.lrc
2013-04-29 10:23 . 2010-05-14 04:18 243200 ----a-w- c:\windows\system32\igfxpph.dll
2013-04-29 10:23 . 2010-05-14 04:18 271360 ----a-w- c:\windows\system32\igfxdev.dll
2013-04-29 10:23 . 2010-05-14 04:18 108032 ----a-w- c:\windows\system32\hccutils.dll
2013-04-29 10:23 . 2010-05-14 04:18 40448 ----a-w- c:\windows\system32\atiuxp64.dll
2013-04-29 10:23 . 2010-05-14 04:18 361984 ----a-w- c:\windows\system32\atiadlxx.dll
2013-03-21 04:10 . 2013-03-21 04:10 42880 ----a-w- c:\windows\SysWow64\xfcodec.dll
2013-03-21 04:10 . 2013-03-21 04:10 28544 ----a-w- c:\windows\system32\xfcodec64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\OSCAR Editor\OscarEditor.exe" [2009-11-24 2642432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-04-17 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-13 336384]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-5-14 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 aswVmm;aswVmm; [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-05 335400]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 39464]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 tizeqdrv;tizeqdrv;c:\users\Kotik\AppData\Roaming\TZAC2\tizeq64.sys [2013-04-29 171704]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-04-30 1255736]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-04-29 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-04-23 820768]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2013-04-29 114704]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2013-04-29 10611552]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys [2013-04-29 1306624]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-29 10:53 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-13 16:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-22 10775072]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-22 2040352]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-04-17 349552]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-04-23 496160]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-04-29 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-04-29 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-04-29 415256]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3749429746-3335520310-1313340140-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3749429746-3335520310-1313340140-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\PANDORA.TV\PanService\PanProcess.exe
.
**************************************************************************
.
Celkový čas: 2013-05-14 10:04:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-14 08:04
ComboFix2.txt 2013-05-14 07:35
.
Před spuštěním: Volných bajtů: 316 329 336 832
Po spuštění: Volných bajtů: 315 865 427 968
.
- - End Of File - - ED0E02E17D5CC9A700DD456E793148E5