asi vir - kontrola logu Vyřešeno

[rhsCZ]

15:56:27.0710 5524 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:56:30.0554 5524 ============================================================
15:56:30.0554 5524 Current date / time: 2013/11/07 15:56:30.0554
15:56:30.0554 5524 SystemInfo:
15:56:30.0554 5524
15:56:30.0554 5524 OS Version: 6.0.6002 ServicePack: 2.0
15:56:30.0555 5524 Product type: Workstation
15:56:30.0555 5524 ComputerName: RHS
15:56:30.0556 5524 UserName: rhs
15:56:30.0556 5524 Windows directory: C:\Windows
15:56:30.0556 5524 System windows directory: C:\Windows
15:56:30.0556 5524 Processor architecture: Intel x86
15:56:30.0556 5524 Number of processors: 1
15:56:30.0556 5524 Page size: 0x1000
15:56:30.0556 5524 Boot type: Normal boot
15:56:30.0556 5524 ============================================================
15:56:31.0379 5524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:56:31.0386 5524 ============================================================
15:56:31.0386 5524 \Device\Harddisk0\DR0:
15:56:31.0387 5524 MBR partitions:
15:56:31.0406 5524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x38FFD000
15:56:31.0406 5524 ============================================================
15:56:31.0433 5524 C: <-> \Device\Harddisk0\DR0\Partition1
15:56:31.0433 5524 ============================================================
15:56:31.0434 5524 Initialize success
15:56:31.0434 5524 ============================================================
15:56:32.0668 5956 ============================================================
15:56:32.0676 5956 Scan started
15:56:32.0676 5956 Mode: Manual;
15:56:32.0676 5956 ============================================================
15:56:33.0124 5956 ================ Scan system memory ========================
15:56:33.0124 5956 System memory - ok
15:56:33.0133 5956 ================ Scan services =============================
15:56:33.0537 5956 [ 27F954120BABB8A00F8745D8F5BC9B82 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
15:56:33.0541 5956 acedrv11 - ok
15:56:33.0628 5956 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:56:33.0633 5956 ACPI - ok
15:56:33.0786 5956 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:56:33.0789 5956 Adobe LM Service - ok
15:56:33.0937 5956 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:56:33.0940 5956 AdobeARMservice - ok
15:56:34.0055 5956 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:56:34.0061 5956 AdobeFlashPlayerUpdateSvc - ok
15:56:34.0153 5956 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:56:34.0159 5956 adp94xx - ok
15:56:34.0219 5956 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:56:34.0222 5956 adpahci - ok
15:56:34.0273 5956 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:56:34.0275 5956 adpu160m - ok
15:56:34.0331 5956 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:56:34.0333 5956 adpu320 - ok
15:56:34.0502 5956 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
15:56:34.0515 5956 AdvancedSystemCareService6 - ok
15:56:34.0605 5956 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:56:34.0608 5956 AeLookupSvc - ok
15:56:34.0697 5956 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
15:56:34.0704 5956 AFD - ok
15:56:34.0766 5956 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:56:34.0769 5956 agp440 - ok
15:56:34.0842 5956 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:56:34.0845 5956 aic78xx - ok
15:56:35.0190 5956 [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai c:\program files\common files\akamai/netsession_win_8fa3539.dll
15:56:35.0191 5956 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803
15:56:35.0220 5956 Akamai ( HiddenFile.Multi.Generic ) - warning
15:56:35.0220 5956 Akamai - detected HiddenFile.Multi.Generic (1)
15:56:35.0342 5956 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
15:56:35.0345 5956 ALG - ok
15:56:35.0420 5956 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
15:56:35.0422 5956 aliide - ok
15:56:35.0460 5956 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:56:35.0463 5956 amdagp - ok
15:56:35.0505 5956 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
15:56:35.0507 5956 amdide - ok
15:56:35.0567 5956 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
15:56:35.0570 5956 AmdK7 - ok
15:56:35.0617 5956 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:56:35.0619 5956 AmdK8 - ok
15:56:35.0695 5956 [ 10224EFDADFAB5ABD2D9177BF14428D2 ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys
15:56:35.0698 5956 AmdLLD - ok
15:56:35.0784 5956 [ DFAE18C675D71FD06D57DC69D2913975 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
15:56:35.0787 5956 AppHostSvc - ok
15:56:35.0869 5956 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
15:56:35.0872 5956 Appinfo - ok
15:56:35.0936 5956 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
15:56:35.0939 5956 arc - ok
15:56:35.0977 5956 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:56:35.0988 5956 arcsas - ok
15:56:36.0179 5956 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:56:36.0181 5956 aspnet_state - ok
15:56:36.0231 5956 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:56:36.0233 5956 AsyncMac - ok
15:56:36.0265 5956 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
15:56:36.0266 5956 atapi - ok
15:56:36.0338 5956 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:56:36.0343 5956 AudioEndpointBuilder - ok
15:56:36.0372 5956 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:56:36.0377 5956 Audiosrv - ok
15:56:36.0447 5956 [ 0FE7773CD592DAE0CA994BA987F44E85 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
15:56:36.0448 5956 Avgfwfd - ok
15:56:36.0572 5956 [ 51782A3D230D0337853B43D0810D0193 ] avgfws C:\Program Files\AVG\AVG2013\avgfws.exe
15:56:36.0597 5956 avgfws - ok
15:56:36.0808 5956 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
15:56:36.0860 5956 AVGIDSAgent - ok
15:56:36.0910 5956 [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
15:56:36.0913 5956 AVGIDSDriver - ok
15:56:36.0944 5956 [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
15:56:36.0946 5956 AVGIDSHX - ok
15:56:36.0998 5956 [ 2717EBC35166B8793DBFFB4390B8F2E7 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
15:56:36.0999 5956 AVGIDSShim - ok
15:56:37.0049 5956 [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
15:56:37.0052 5956 Avgldx86 - ok
15:56:37.0083 5956 [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
15:56:37.0086 5956 Avglogx - ok
15:56:37.0135 5956 [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
15:56:37.0137 5956 Avgmfx86 - ok
15:56:37.0194 5956 [ CBCE8ED318DB8EA431F9D25AC9B7FF41 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
15:56:37.0196 5956 Avgrkx86 - ok
15:56:37.0266 5956 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
15:56:37.0269 5956 Avgtdix - ok
15:56:37.0319 5956 [ C6C470CD49FE9DBA0F082540D7AF7642 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
15:56:37.0321 5956 avgtp - ok
15:56:37.0390 5956 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
15:56:37.0396 5956 avgwd - ok
15:56:37.0484 5956 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:56:37.0491 5956 b57nd60x - ok
15:56:37.0595 5956 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
15:56:37.0599 5956 BBSvc - ok
15:56:37.0645 5956 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
15:56:37.0647 5956 Beep - ok
15:56:37.0753 5956 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
15:56:37.0760 5956 BFE - ok
15:56:37.0872 5956 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
15:56:37.0895 5956 BITS - ok
15:56:37.0952 5956 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:56:37.0962 5956 blbdrive - ok
15:56:38.0060 5956 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:56:38.0066 5956 Bonjour Service - ok
15:56:38.0167 5956 [ 545C1A5887A95114C5C6CB308669C5A3 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
15:56:38.0169 5956 BootDefragDriver - ok
15:56:38.0235 5956 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:56:38.0245 5956 bowser - ok
15:56:38.0292 5956 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:56:38.0295 5956 BrFiltLo - ok
15:56:38.0345 5956 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:56:38.0347 5956 BrFiltUp - ok
15:56:38.0418 5956 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
15:56:38.0421 5956 Browser - ok
15:56:38.0447 5956 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
15:56:38.0449 5956 Brserid - ok
15:56:38.0480 5956 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:56:38.0482 5956 BrSerWdm - ok
15:56:38.0516 5956 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:56:38.0518 5956 BrUsbMdm - ok
15:56:38.0545 5956 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:56:38.0547 5956 BrUsbSer - ok
15:56:38.0610 5956 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
15:56:38.0612 5956 BthEnum - ok
15:56:38.0672 5956 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:56:38.0674 5956 BTHMODEM - ok
15:56:38.0737 5956 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:56:38.0741 5956 BthPan - ok
15:56:38.0838 5956 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:56:38.0848 5956 BTHPORT - ok
15:56:38.0906 5956 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
15:56:38.0909 5956 BthServ - ok
15:56:39.0003 5956 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:56:39.0004 5956 BTHUSB - ok
15:56:39.0111 5956 [ 6783C5C81BFB640469468A80DFA1CCB3 ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
15:56:39.0112 5956 btnetBUs - ok
15:56:39.0195 5956 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:56:39.0197 5956 btwaudio - ok
15:56:39.0255 5956 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
15:56:39.0257 5956 btwavdt - ok
15:56:39.0368 5956 [ 0E3EE2BC0EC56BFE869FCDE3E5806684 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:56:39.0375 5956 btwdins - ok
15:56:39.0437 5956 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:56:39.0439 5956 btwl2cap - ok
15:56:39.0517 5956 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:56:39.0519 5956 btwrchid - ok
15:56:39.0627 5956 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
15:56:39.0632 5956 Capture Device Service - ok
15:56:39.0708 5956 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:56:39.0711 5956 cdfs - ok
15:56:39.0792 5956 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:56:39.0795 5956 cdrom - ok
15:56:39.0880 5956 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
15:56:39.0884 5956 CertPropSvc - ok
15:56:40.0101 5956 [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
15:56:40.0164 5956 CGVPNCliSrvc - ok
15:56:40.0233 5956 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
15:56:40.0234 5956 circlass - ok
15:56:40.0336 5956 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
15:56:40.0343 5956 CLFS - ok
15:56:40.0454 5956 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:56:40.0457 5956 clr_optimization_v2.0.50727_32 - ok
15:56:40.0535 5956 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:56:40.0539 5956 clr_optimization_v4.0.30319_32 - ok
15:56:40.0587 5956 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:56:40.0589 5956 CmBatt - ok
15:56:40.0634 5956 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:56:40.0636 5956 cmdide - ok
15:56:40.0679 5956 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:56:40.0680 5956 Compbatt - ok
15:56:40.0702 5956 COMSysApp - ok
15:56:40.0733 5956 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:56:40.0735 5956 crcdisk - ok
15:56:40.0773 5956 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
15:56:40.0775 5956 Crusoe - ok
15:56:40.0857 5956 [ 684C130BBC6DB681BAD4920A4C944AA5 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:56:40.0862 5956 CryptSvc - ok
15:56:40.0966 5956 [ 115F8C318D00C1322B28B6922EFAA7E4 ] DbgSvc C:\Program Files\DebugDiag\DbgSvc.exe
15:56:40.0972 5956 DbgSvc - ok
15:56:41.0018 5956 [ B7EF38C2C22A7805DE919CFF5E16A372 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
15:56:41.0019 5956 dc3d - ok
15:56:41.0112 5956 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:56:41.0125 5956 DcomLaunch - ok
15:56:41.0176 5956 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:56:41.0179 5956 DfsC - ok
15:56:41.0311 5956 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
15:56:41.0412 5956 DFSR - ok
15:56:41.0488 5956 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:56:41.0492 5956 Dhcp - ok
15:56:41.0560 5956 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
15:56:41.0564 5956 disk - ok
15:56:41.0630 5956 [ C701324C9E0C25DD9D60311BD87FBC84 ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
15:56:41.0633 5956 DKbFltr - ok
15:56:41.0705 5956 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:56:41.0709 5956 Dnscache - ok
15:56:41.0812 5956 [ 6F865DE0687B6EC045F78CE9656D3626 ] DNSCrypt C:\Program Files\OpenDNS\DNSCrypt\OpenDNSCryptService.exe
15:56:41.0813 5956 DNSCrypt - ok
15:56:41.0884 5956 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:56:41.0891 5956 dot3svc - ok
15:56:41.0978 5956 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
15:56:41.0983 5956 DPS - ok
15:56:42.0154 5956 [ 25AF32C501C9C038E058FADD3F0F8B2E ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
15:56:42.0280 5956 DragonUpdater - ok
15:56:42.0352 5956 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:56:42.0353 5956 drmkaud - ok
15:56:42.0420 5956 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\Windows\system32\Drivers\DrvAgent32.sys
15:56:42.0423 5956 DrvAgent32 - ok
15:56:42.0505 5956 [ D8ECF13E587619CDF716B2AE8E12DDBB ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
15:56:42.0509 5956 DsiWMIService - ok
15:56:42.0588 5956 [ E6B7D1B24E16FB24CE1FEA964E144EBC ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:56:42.0592 5956 dtsoftbus01 - ok
15:56:42.0654 5956 [ 988670D8343EF9835FB3659DB71B2EFA ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:56:42.0667 5956 DXGKrnl - ok
15:56:42.0754 5956 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
15:56:42.0758 5956 E1G60 - ok
15:56:42.0846 5956 [ 56CB23E2805A76C6338A1242FB3D060C ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
15:56:42.0850 5956 eamonm - ok
15:56:42.0937 5956 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
15:56:42.0943 5956 EapHost - ok
15:56:43.0031 5956 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
15:56:43.0035 5956 Ecache - ok
15:56:43.0092 5956 [ 24EC8657C10F561EF2DA4A4054F281FD ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
15:56:43.0095 5956 ehdrv - ok
15:56:43.0229 5956 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:56:43.0234 5956 ehRecvr - ok
15:56:43.0319 5956 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
15:56:43.0323 5956 ehSched - ok
15:56:43.0392 5956 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
15:56:43.0395 5956 ehstart - ok
15:56:43.0464 5956 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:56:43.0473 5956 elxstor - ok
15:56:43.0588 5956 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:56:43.0597 5956 EMDMgmt - ok
15:56:43.0670 5956 [ A03C9F1315A73A47B4CC37644494246F ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
15:56:43.0672 5956 epfwwfpr - ok
15:56:43.0747 5956 [ 093CEE3B45F0954DCE6CB891F6A920F7 ] epmntdrv C:\Windows\system32\epmntdrv.sys
15:56:43.0751 5956 epmntdrv - ok
15:56:43.0873 5956 [ A505C497EC3FB423078A720124CC646F ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
15:56:43.0886 5956 ePowerSvc - ok
15:56:43.0944 5956 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:56:43.0947 5956 ErrDev - ok
15:56:44.0069 5956 [ F1DE3EEF501DDA7DDF99F2EDF0C5540E ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
15:56:44.0073 5956 EuGdiDrv - ok
15:56:44.0163 5956 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
15:56:44.0169 5956 EventSystem - ok
15:56:44.0289 5956 [ 54B6E150BFF4A47EB0D204119D262E46 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:56:44.0299 5956 EvtEng - ok
15:56:44.0386 5956 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
15:56:44.0394 5956 exfat - ok
15:56:44.0489 5956 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:56:44.0493 5956 fastfat - ok
15:56:44.0584 5956 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:56:44.0586 5956 fdc - ok
15:56:44.0669 5956 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
15:56:44.0674 5956 fdPHost - ok
15:56:44.0736 5956 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
15:56:44.0740 5956 FDResPub - ok
15:56:44.0801 5956 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:56:44.0803 5956 FileInfo - ok
15:56:44.0895 5956 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:56:44.0897 5956 Filetrace - ok
15:56:44.0998 5956 [ 1A18EBD87AA9FBF6EFE8CFADA08D0275 ] FirebirdGuardianDefaultInstance C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
15:56:45.0002 5956 FirebirdGuardianDefaultInstance - ok
15:56:45.0232 5956 [ 53C740150C082AAF3C7D21C1D6A9FF98 ] FirebirdServerDefaultInstance C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
15:56:45.0440 5956 FirebirdServerDefaultInstance - ok
15:56:45.0542 5956 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:56:45.0554 5956 FLEXnet Licensing Service - ok
15:56:45.0613 5956 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:56:45.0615 5956 flpydisk - ok
15:56:45.0720 5956 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:56:45.0724 5956 FltMgr - ok
15:56:45.0834 5956 [ 2AFA3A46986AE935DAECEBC7E66314CF ] FontCache C:\Windows\system32\FntCache.dll
15:56:45.0855 5956 FontCache - ok
15:56:45.0975 5956 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:56:45.0977 5956 FontCache3.0.0.0 - ok
15:56:46.0062 5956 [ BFAAA92861526BB0ADCD01E964AB6609 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:56:46.0065 5956 fssfltr - ok
15:56:46.0245 5956 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:56:46.0302 5956 fsssvc - ok
15:56:46.0404 5956 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:56:46.0405 5956 Fs_Rec - ok
15:56:46.0477 5956 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:56:46.0479 5956 gagp30kx - ok
15:56:46.0561 5956 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
15:56:46.0565 5956 giveio - ok
15:56:46.0658 5956 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
15:56:46.0660 5956 GoogleDesktopManager-051210-111108 - ok
15:56:46.0776 5956 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
15:56:46.0790 5956 gpsvc - ok
15:56:46.0902 5956 [ F02A533F517EB38333CB12A9E8963773 ] gupdate1cab30ff2c1b3a2 C:\Program Files\Google\Update\GoogleUpdate.exe
15:56:46.0905 5956 gupdate1cab30ff2c1b3a2 - ok
15:56:46.0960 5956 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:56:46.0963 5956 gupdatem - ok
15:56:47.0074 5956 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:56:47.0076 5956 gusvc - ok
15:56:47.0154 5956 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
15:56:47.0155 5956 hamachi - ok
15:56:47.0278 5956 [ 176825151F2F93415BCB37C29AF11A3D ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
15:56:47.0318 5956 Hamachi2Svc - ok
15:56:47.0432 5956 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:56:47.0437 5956 HdAudAddService - ok
15:56:47.0544 5956 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:56:47.0555 5956 HDAudBus - ok
15:56:47.0629 5956 [ FCB3F4BE408F72C1BD81BCABA87FC22F ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:56:47.0631 5956 HidBth - ok
15:56:47.0725 5956 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
15:56:47.0727 5956 HidIr - ok
15:56:47.0830 5956 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
15:56:47.0836 5956 hidserv - ok
15:56:47.0907 5956 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:56:47.0909 5956 HidUsb - ok
15:56:48.0003 5956 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:56:48.0011 5956 hkmsvc - ok
15:56:48.0087 5956 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:56:48.0090 5956 HpCISSs - ok
15:56:48.0124 5956 hshld - ok
15:56:48.0190 5956 [ 56BD67C4475F99686D1B1A45EBB3C6C3 ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
15:56:48.0193 5956 HssDRV6 - ok
15:56:48.0217 5956 HssTrayService - ok
15:56:48.0246 5956 HssWd - ok
15:56:48.0331 5956 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:56:48.0336 5956 HTTP - ok
15:56:48.0455 5956 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:56:48.0456 5956 i2omp - ok
15:56:48.0494 5956 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:56:48.0496 5956 i8042prt - ok
15:56:48.0595 5956 [ 52E8A3CC8269ADB27D25182284C5E650 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:56:48.0599 5956 IAANTMON - ok
15:56:48.0680 5956 [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:56:48.0684 5956 iaStor - ok
15:56:48.0733 5956 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:56:48.0736 5956 iaStorV - ok
15:56:48.0882 5956 [ 77BA4CFC0B2BFF6606567B3148EE42CA ] IceDragonUpdater C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
15:56:48.0962 5956 IceDragonUpdater - ok
15:56:49.0108 5956 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:56:49.0113 5956 IDriverT - ok
15:56:49.0226 5956 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:56:49.0243 5956 idsvc - ok
15:56:49.0585 5956 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:56:49.0833 5956 igfx - ok
15:56:49.0995 5956 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:56:49.0997 5956 iirsp - ok
15:56:50.0090 5956 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
15:56:50.0098 5956 IKEEXT - ok
15:56:50.0210 5956 [ AF87012C22372CC982A1E5B597DEB5FA ] IMPI Updater C:\Program Files\IMPI\ExtensionUpdaterService.exe
15:56:50.0213 5956 IMPI Updater - ok
15:56:50.0411 5956 [ D4A1767FD9D5C7762E9B8B36527B8AF3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:56:50.0486 5956 IntcAzAudAddService - ok
15:56:50.0549 5956 [ 092A78E9C6F71BF0E22379503B90E800 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
15:56:50.0551 5956 IntcHdmiAddService - ok
15:56:50.0624 5956 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
15:56:50.0627 5956 intelide - ok
15:56:50.0716 5956 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:56:50.0719 5956 intelppm - ok
15:56:50.0887 5956 [ 724A9E06F0A846F2556F2E3EDD251CC4 ] IObitUnlocker C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys
15:56:50.0890 5956 IObitUnlocker - ok
15:56:51.0133 5956 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:56:51.0141 5956 IPBusEnum - ok
15:56:51.0260 5956 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:56:51.0263 5956 IpFilterDriver - ok
15:56:51.0375 5956 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:56:51.0381 5956 iphlpsvc - ok
15:56:51.0422 5956 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:56:51.0424 5956 IPMIDRV - ok
15:56:51.0462 5956 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:56:51.0464 5956 IPNAT - ok
15:56:51.0506 5956 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
15:56:51.0508 5956 irda - ok
15:56:51.0543 5956 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:56:51.0544 5956 IRENUM - ok
15:56:51.0616 5956 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
15:56:51.0620 5956 Irmon - ok
15:56:51.0718 5956 [ F5CF53D41F5A6B9D66B8C49C2DE43064 ] IS360service C:\Program Files\IObit\IObit Security 360\IS360srv.exe
15:56:51.0722 5956 IS360service - ok
15:56:51.0776 5956 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:56:51.0778 5956 isapnp - ok
15:56:51.0858 5956 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:56:51.0862 5956 iScsiPrt - ok
15:56:51.0927 5956 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:56:51.0928 5956 iteatapi - ok
15:56:51.0988 5956 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:56:51.0990 5956 iteraid - ok
15:56:52.0047 5956 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:56:52.0050 5956 kbdclass - ok
15:56:52.0108 5956 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:56:52.0110 5956 kbdhid - ok
15:56:52.0182 5956 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
15:56:52.0187 5956 KeyIso - ok
15:56:52.0272 5956 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:56:52.0278 5956 KSecDD - ok
15:56:52.0371 5956 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:56:52.0379 5956 KtmRm - ok
15:56:52.0448 5956 [ 0545597368290CF10161DEBF01B95A06 ] L1C C:\Windows\system32\DRIVERS\L1C60x86.sys
15:56:52.0451 5956 L1C - ok
15:56:52.0578 5956 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
15:56:52.0590 5956 LanmanServer - ok
15:56:52.0674 5956 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:56:52.0688 5956 LanmanWorkstation - ok
15:56:52.0818 5956 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:56:52.0831 5956 lltdio - ok
15:56:52.0920 5956 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:56:52.0932 5956 lltdsvc - ok
15:56:52.0995 5956 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:56:53.0002 5956 lmhosts - ok
15:56:53.0087 5956 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
15:56:53.0089 5956 lmimirr - ok
15:56:53.0120 5956 LMIRfsClientNP - ok
15:56:53.0165 5956 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
15:56:53.0166 5956 LMIRfsDriver - ok
15:56:53.0239 5956 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:56:53.0242 5956 LSI_FC - ok
15:56:53.0320 5956 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:56:53.0322 5956 LSI_SAS - ok
15:56:53.0412 5956 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:56:53.0414 5956 LSI_SCSI - ok
15:56:53.0483 5956 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
15:56:53.0485 5956 luafv - ok
15:56:53.0562 5956 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
15:56:53.0565 5956 MarvinBus - ok
15:56:53.0665 5956 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
15:56:53.0669 5956 MatSvc - ok
15:56:53.0741 5956 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:56:53.0746 5956 Mcx2Svc - ok
15:56:53.0842 5956 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
15:56:53.0847 5956 MDM - ok
15:56:54.0047 5956 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
15:56:54.0050 5956 megasas - ok
15:56:54.0137 5956 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
15:56:54.0145 5956 MegaSR - ok
15:56:54.0282 5956 [ D96EA49AB9A9174331BC023FD0CADC18 ] mirrorv3 C:\Windows\system32\DRIVERS\rminiv3.sys
15:56:54.0285 5956 mirrorv3 - ok
15:56:54.0390 5956 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
15:56:54.0399 5956 MMCSS - ok
15:56:54.0494 5956 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
15:56:54.0497 5956 Modem - ok
15:56:54.0574 5956 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:56:54.0577 5956 monitor - ok
15:56:54.0657 5956 [ A77205D70D14D153342D357DE5A4E770 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
15:56:54.0661 5956 MotioninJoyXFilter - ok
15:56:54.0748 5956 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:56:54.0753 5956 mouclass - ok
15:56:54.0862 5956 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:56:54.0863 5956 mouhid - ok
15:56:54.0919 5956 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:56:54.0921 5956 MountMgr - ok
15:56:55.0010 5956 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:56:55.0012 5956 MozillaMaintenance - ok
15:56:55.0068 5956 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
15:56:55.0070 5956 mpio - ok
15:56:55.0111 5956 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:56:55.0116 5956 mpsdrv - ok
15:56:55.0202 5956 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
15:56:55.0211 5956 MpsSvc - ok
15:56:55.0253 5956 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:56:55.0256 5956 Mraid35x - ok
15:56:55.0329 5956 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:56:55.0333 5956 MRxDAV - ok
15:56:55.0421 5956 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:56:55.0423 5956 mrxsmb - ok
15:56:55.0504 5956 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:56:55.0507 5956 mrxsmb10 - ok
15:56:55.0575 5956 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:56:55.0577 5956 mrxsmb20 - ok
15:56:55.0646 5956 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
15:56:55.0648 5956 msahci - ok
15:56:55.0690 5956 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:56:55.0693 5956 msdsm - ok
15:56:55.0745 5956 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
15:56:55.0752 5956 MSDTC - ok
15:56:55.0882 5956 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:56:55.0884 5956 Msfs - ok
15:56:55.0926 5956 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:56:55.0928 5956 msisadrv - ok
15:56:56.0000 5956 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:56:56.0005 5956 MSiSCSI - ok
15:56:56.0036 5956 msiserver - ok
15:56:56.0075 5956 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:56:56.0077 5956 MSKSSRV - ok
15:56:56.0127 5956 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:56:56.0129 5956 MSPCLOCK - ok
15:56:56.0162 5956 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:56:56.0164 5956 MSPQM - ok
15:56:56.0243 5956 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:56:56.0246 5956 MsRPC - ok
15:56:56.0311 5956 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:56:56.0313 5956 mssmbios - ok
15:56:56.0423 5956 MSSQL$SOLARWINDS_ORION - ok
15:56:56.0534 5956 MSSQL$SQLEXPRESS - ok
15:56:56.0653 5956 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:56:56.0655 5956 MSSQLServerADHelper - ok
15:56:56.0756 5956 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:56:56.0757 5956 MSSQLServerADHelper100 - ok
15:56:56.0836 5956 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:56:56.0838 5956 MSTEE - ok
15:56:56.0942 5956 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
15:56:56.0945 5956 Mup - ok
15:56:57.0018 5956 [ 2DE94E435C3EFDE58C7B1856D4F20724 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:56:57.0020 5956 mwlPSDFilter - ok
15:56:57.0061 5956 [ 61920A7146EED3D903DBBB8EC295AF76 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:56:57.0063 5956 mwlPSDNServ - ok
15:56:57.0110 5956 [ E0F49721E68EBD2983E84C44FADA6665 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:56:57.0112 5956 mwlPSDVDisk - ok
15:56:57.0226 5956 [ 77F8AD024059A9A8E17E654B887D1EF0 ] MWLService C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
15:56:57.0230 5956 MWLService - ok
15:56:57.0322 5956 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
15:56:57.0338 5956 napagent - ok
15:56:57.0462 5956 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:56:57.0466 5956 NativeWifiP - ok
15:56:57.0590 5956 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
15:56:57.0596 5956 NAUpdate - ok
15:56:57.0684 5956 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:56:57.0695 5956 NDIS - ok
15:56:57.0768 5956 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:56:57.0769 5956 NdisTapi - ok
15:56:57.0814 5956 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:56:57.0816 5956 Ndisuio - ok
15:56:57.0911 5956 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:56:57.0915 5956 NdisWan - ok
15:56:57.0968 5956 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:56:57.0970 5956 NDProxy - ok
15:56:58.0013 5956 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:56:58.0016 5956 NetBIOS - ok
15:56:58.0100 5956 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:56:58.0106 5956 netbt - ok
15:56:58.0181 5956 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
15:56:58.0186 5956 Netlogon - ok
15:56:58.0273 5956 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
15:56:58.0281 5956 Netman - ok
15:56:58.0393 5956 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:56:58.0395 5956 NetMsmqActivator - ok
15:56:58.0429 5956 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:56:58.0432 5956 NetPipeActivator - ok
15:56:58.0497 5956 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
15:56:58.0505 5956 netprofm - ok
15:56:58.0534 5956 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:56:58.0537 5956 NetTcpActivator - ok
15:56:58.0570 5956 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:56:58.0572 5956 NetTcpPortSharing - ok
15:56:58.0744 5956 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
15:56:58.0850 5956 NETw5v32 - ok
15:56:58.0908 5956 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:56:58.0910 5956 nfrd960 - ok
15:56:58.0986 5956 [ 37260A293B6A89373AE76791E6CC5A12 ] nhcDriverDevice C:\Windows\system32\drivers\nhcDriver.sys
15:56:58.0987 5956 nhcDriverDevice - ok
15:56:59.0052 5956 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:56:59.0059 5956 NlaSvc - ok
15:56:59.0133 5956 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\Windows\system32\drivers\npf.sys
15:56:59.0135 5956 NPF - ok
15:56:59.0203 5956 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:56:59.0205 5956 Npfs - ok
15:56:59.0236 5956 npggsvc - ok
15:56:59.0316 5956 [ 9131FE60ADFAB595C8DA53AD6A06AA31 ] NPPTNT2 C:\Windows\system32\npptNT2.sys
15:56:59.0321 5956 NPPTNT2 - ok
15:56:59.0370 5956 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
15:56:59.0372 5956 NSCIRDA - ok
15:56:59.0447 5956 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
15:56:59.0452 5956 nsi - ok
15:56:59.0520 5956 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:56:59.0522 5956 nsiproxy - ok
15:56:59.0612 5956 [ 53F7546E8DAEFB3A0813F5E19C4613C9 ] NSNDIS5 C:\Windows\system32\NSNDIS5.SYS
15:56:59.0618 5956 NSNDIS5 - ok
15:56:59.0734 5956 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:56:59.0747 5956 Ntfs - ok
15:56:59.0855 5956 [ 453A4AA289CA08DFDD7B34C3064D0B05 ] NTI IScheduleSvc C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
15:56:59.0857 5956 NTI IScheduleSvc - ok
15:56:59.0942 5956 [ 973DCB15731339FCA176E534055CF115 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:56:59.0946 5956 NTIBackupSvc - ok
15:57:00.0026 5956 [ 6DCAA65F49EF3B97A5CFFC0CB5DE1C2F ] NTIDrvr C:\Windows\system32\Drivers\NTIDrvr.sys
15:57:00.0029 5956 NTIDrvr - ok
15:57:00.0105 5956 [ 58751F9248D50BCE1053976C9E2F0859 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:57:00.0109 5956 NTISchedulerSvc - ok
15:57:00.0204 5956 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
15:57:00.0206 5956 ntrigdigi - ok
15:57:00.0250 5956 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
15:57:00.0252 5956 Null - ok
15:57:00.0308 5956 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:57:00.0310 5956 nvraid - ok
15:57:00.0378 5956 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:57:00.0380 5956 nvstor - ok
15:57:00.0438 5956 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:57:00.0440 5956 nv_agp - ok
15:57:00.0555 5956 [ 5DDEE1041421BD7EA778C12FAA0877BF ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
15:57:00.0557 5956 ODDPwrSvc - ok
15:57:00.0695 5956 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:57:00.0700 5956 odserv - ok
15:57:00.0751 5956 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:57:00.0753 5956 ohci1394 - ok
15:57:00.0870 5956 [ 22BA099F1B5C3C4529093673F64FD7D7 ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
15:57:00.0872 5956 OpenVPNService - ok
15:57:00.0974 5956 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:57:00.0976 5956 ose - ok
15:57:01.0068 5956 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:57:01.0081 5956 p2pimsvc - ok
15:57:01.0140 5956 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
15:57:01.0152 5956 p2psvc - ok
15:57:01.0225 5956 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
15:57:01.0227 5956 Parport - ok
15:57:01.0298 5956 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:57:01.0300 5956 partmgr - ok
15:57:01.0347 5956 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
15:57:01.0349 5956 Parvdm - ok
15:57:01.0487 5956 [ A751BDE019AC6CD7D7545AD774EE6D44 ] pc essentials C:\Program Files\pc essentials\updater.exe
15:57:01.0554 5956 pc essentials - ok
15:57:01.0642 5956 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
15:57:01.0647 5956 PcaSvc - ok
15:57:01.0759 5956 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
15:57:01.0761 5956 pccsmcfd - ok
15:57:01.0854 5956 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
15:57:01.0856 5956 pci - ok
15:57:01.0931 5956 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
15:57:01.0933 5956 pciide - ok
15:57:02.0003 5956 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:57:02.0006 5956 pcmcia - ok
15:57:02.0097 5956 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:57:02.0108 5956 PEAUTH - ok
15:57:02.0306 5956 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
15:57:02.0362 5956 pla - ok
15:57:02.0427 5956 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:57:02.0435 5956 PlugPlay - ok
15:57:02.0516 5956 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
15:57:02.0522 5956 PnkBstrA - ok
15:57:02.0600 5956 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:57:02.0611 5956 PNRPAutoReg - ok
15:57:02.0690 5956 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:57:02.0702 5956 PNRPsvc - ok
15:57:02.0785 5956 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:57:02.0792 5956 PolicyAgent - ok
15:57:02.0890 5956 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:57:02.0892 5956 PptpMiniport - ok
15:57:02.0969 5956 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
15:57:02.0971 5956 Processor - ok
15:57:03.0159 5956 [ 7FB618C32DC7D1BD497AA02F79A081AC ] ProcObsrv C:\Program Files\Glary Utilities 3\ProcObsrv.sys
15:57:03.0160 5956 ProcObsrv - ok
15:57:03.0248 5956 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
15:57:03.0256 5956 ProfSvc - ok
15:57:03.0314 5956 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:57:03.0319 5956 ProtectedStorage - ok
15:57:03.0397 5956 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
15:57:03.0400 5956 PSched - ok
15:57:03.0527 5956 [ 224509F74F78E5F6EA95F9D44D4227B2 ] PSPRSERV C:\Program Files\Elcomsoft Password Recovery\Proactive System Password Recovery\psprserv.exe

[Reklama]

[rhsCZ]

15:57:03.0529 5956 PSPRSERV - ok
15:57:03.0657 5956 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:57:03.0690 5956 ql2300 - ok
15:57:03.0779 5956 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:57:03.0782 5956 ql40xx - ok
15:57:03.0845 5956 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
15:57:03.0852 5956 QWAVE - ok
15:57:03.0899 5956 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:57:03.0900 5956 QWAVEdrv - ok
15:57:04.0000 5956 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:57:04.0002 5956 RapiMgr - ok
15:57:04.0059 5956 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:57:04.0061 5956 RasAcd - ok
15:57:04.0126 5956 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
15:57:04.0133 5956 RasAuto - ok
15:57:04.0197 5956 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:57:04.0199 5956 Rasl2tp - ok
15:57:04.0282 5956 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
15:57:04.0290 5956 RasMan - ok
15:57:04.0368 5956 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:57:04.0370 5956 RasPppoe - ok
15:57:04.0434 5956 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:57:04.0436 5956 RasSstp - ok
15:57:04.0512 5956 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:57:04.0515 5956 rdbss - ok
15:57:04.0579 5956 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:57:04.0580 5956 RDPCDD - ok
15:57:04.0670 5956 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
15:57:04.0673 5956 rdpdr - ok
15:57:04.0756 5956 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:57:04.0757 5956 RDPENCDD - ok
15:57:04.0852 5956 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:57:04.0855 5956 RDPWD - ok
15:57:05.0003 5956 [ 3FF45B7F17D5837216ABAE652CC61540 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:57:05.0008 5956 RegSrvc - ok
15:57:05.0124 5956 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:57:05.0130 5956 RemoteAccess - ok
15:57:05.0207 5956 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:57:05.0215 5956 RemoteRegistry - ok
15:57:05.0293 5956 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:57:05.0296 5956 RFCOMM - ok
15:57:05.0368 5956 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:57:05.0369 5956 ROOTMODEM - ok
15:57:05.0446 5956 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
15:57:05.0450 5956 RpcLocator - ok
15:57:05.0543 5956 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
15:57:05.0577 5956 RpcSs - ok
15:57:05.0691 5956 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
15:57:05.0695 5956 RsFx0103 - ok
15:57:05.0742 5956 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:57:05.0746 5956 rspndr - ok
15:57:05.0841 5956 [ 8E250687E5F020CD337CC9D8252C0B56 ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
15:57:05.0844 5956 RS_Service - ok
15:57:05.0938 5956 [ 9B09F336DE36A7A6CA871DE8A7847B65 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
15:57:05.0940 5956 RTSTOR - ok
15:57:06.0002 5956 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
15:57:06.0007 5956 SamSs - ok
15:57:06.0084 5956 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:57:06.0087 5956 sbp2port - ok
15:57:06.0214 5956 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
15:57:06.0259 5956 SBSDWSCService - ok
15:57:06.0328 5956 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:57:06.0336 5956 SCardSvr - ok
15:57:06.0413 5956 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
15:57:06.0431 5956 Schedule - ok
15:57:06.0511 5956 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:57:06.0513 5956 SCPolicySvc - ok
15:57:06.0583 5956 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
15:57:06.0586 5956 sdbus - ok
15:57:06.0655 5956 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:57:06.0662 5956 SDRSVC - ok
15:57:06.0781 5956 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
15:57:06.0785 5956 SeaPort - ok
15:57:06.0862 5956 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:57:06.0865 5956 secdrv - ok
15:57:06.0959 5956 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
15:57:06.0966 5956 seclogon - ok
15:57:07.0066 5956 [ 6CB12DF92E2148C699644FD6FD365CC9 ] SecStore C:\Windows\system32\secpro.exe
15:57:07.0072 5956 SecStore - ok
15:57:07.0130 5956 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
15:57:07.0136 5956 SENS - ok
15:57:07.0205 5956 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:57:07.0207 5956 Serenum - ok
15:57:07.0254 5956 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
15:57:07.0256 5956 Serial - ok
15:57:07.0307 5956 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:57:07.0309 5956 sermouse - ok
15:57:07.0409 5956 [ E802089FEC30A95FDFD218995308F9B3 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:57:07.0418 5956 ServiceLayer - ok
15:57:07.0567 5956 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
15:57:07.0573 5956 SessionEnv - ok
15:57:07.0695 5956 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:57:07.0700 5956 SharedAccess - ok
15:57:07.0800 5956 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:57:07.0812 5956 ShellHWDetection - ok
15:57:07.0878 5956 [ A275FBB7C99458C12E088DFF3E58EB4D ] simptcp C:\Windows\System32\tcpsvcs.exe
15:57:07.0885 5956 simptcp - ok
15:57:07.0956 5956 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:57:07.0958 5956 sisagp - ok
15:57:08.0024 5956 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
15:57:08.0025 5956 SiSRaid2 - ok
15:57:08.0103 5956 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:57:08.0106 5956 SiSRaid4 - ok
15:57:08.0212 5956 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:57:08.0214 5956 SkypeUpdate - ok
15:57:08.0281 5956 [ 9BE51ECE8BA86FAAD487C694FE0F00CA ] skyrm C:\Windows\system32\DRIVERS\skyrm.sys
15:57:08.0285 5956 skyrm - ok
15:57:08.0477 5956 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
15:57:08.0520 5956 slsvc - ok
15:57:08.0636 5956 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
15:57:08.0646 5956 SLUINotify - ok
15:57:08.0794 5956 [ 46B40982AF166BF89C3F51FB13E60D6D ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
15:57:08.0797 5956 SmartDefragDriver - ok
15:57:08.0911 5956 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:57:08.0914 5956 Smb - ok
15:57:09.0075 5956 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:57:09.0081 5956 SNMPTRAP - ok
15:57:09.0277 5956 [ DC8D2952FB6FFBAEC67BD1B93A34DF11 ] speedfan C:\Windows\system32\speedfan.sys
15:57:09.0284 5956 speedfan - ok
15:57:09.0344 5956 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
15:57:09.0346 5956 spldr - ok
15:57:09.0436 5956 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
15:57:09.0443 5956 Spooler - ok
15:57:09.0541 5956 [ FEB11DBAA5E152D98BD897C97A6DDCD0 ] sptd C:\Windows\System32\Drivers\sptd.sys
15:57:09.0545 5956 sptd - ok
15:57:09.0633 5956 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
15:57:09.0638 5956 SQLAgent$SQLEXPRESS - ok
15:57:09.0750 5956 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:57:09.0754 5956 SQLBrowser - ok
15:57:09.0837 5956 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:57:09.0839 5956 SQLWriter - ok
15:57:09.0939 5956 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:57:09.0944 5956 srv - ok
15:57:10.0052 5956 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:57:10.0055 5956 srv2 - ok
15:57:10.0133 5956 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:57:10.0137 5956 srvnet - ok
15:57:10.0257 5956 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:57:10.0270 5956 SSDPSRV - ok
15:57:10.0351 5956 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:57:10.0358 5956 SstpSvc - ok
15:57:10.0403 5956 Steam Client Service - ok
15:57:10.0455 5956 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:57:10.0457 5956 StillCam - ok
15:57:10.0552 5956 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
15:57:10.0563 5956 stisvc - ok
15:57:10.0625 5956 [ 6ED7ABF6CB1E6EC0DEBB53E0F104ED64 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
15:57:10.0627 5956 SWDUMon - ok
15:57:10.0691 5956 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:57:10.0693 5956 swenum - ok
15:57:10.0855 5956 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:57:10.0863 5956 SwitchBoard - ok
15:57:10.0956 5956 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
15:57:10.0966 5956 swprv - ok
15:57:11.0046 5956 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
15:57:11.0048 5956 Symc8xx - ok
15:57:11.0121 5956 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
15:57:11.0123 5956 Sym_hi - ok
15:57:11.0194 5956 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
15:57:11.0195 5956 Sym_u3 - ok
15:57:11.0278 5956 [ 5C3E900F41426A372DE60675AFC8AA07 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:57:11.0282 5956 SynTP - ok
15:57:11.0376 5956 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
15:57:11.0389 5956 SysMain - ok
15:57:11.0515 5956 [ 7EAEF49D206899909EB63014FC8DC19A ] SystemExplorerHelpService C:\Program Files\System Explorer\service\SystemExplorerService.exe
15:57:11.0521 5956 SystemExplorerHelpService - ok
15:57:11.0608 5956 [ 60E613ECECFF8E8EF97F60AEA4FC74AD ] SysTool C:\Windows\system32\DRIVERS\SysTool.sys
15:57:11.0610 5956 SysTool - ok
15:57:11.0700 5956 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:57:11.0708 5956 TabletInputService - ok
15:57:11.0794 5956 [ 8CF6E2AE1707D82E904ECCA68CEF8B87 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
15:57:11.0798 5956 tap0901 - ok
15:57:11.0901 5956 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
15:57:11.0903 5956 taphss - ok
15:57:12.0005 5956 [ 24B00B8A1DDC757042C6B52303296707 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
15:57:12.0008 5956 taphss6 - ok
15:57:12.0097 5956 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:57:12.0107 5956 TapiSrv - ok
15:57:12.0163 5956 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
15:57:12.0170 5956 TBS - ok
15:57:12.0274 5956 [ 6D0D344F643E28B31262AC2682109A3C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:57:12.0286 5956 Tcpip - ok
15:57:12.0374 5956 [ 6D0D344F643E28B31262AC2682109A3C ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
15:57:12.0386 5956 Tcpip6 - ok
15:57:12.0471 5956 [ 5877A786EF27E42C4E84D1356F922302 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:57:12.0473 5956 tcpipreg - ok
15:57:12.0561 5956 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:57:12.0563 5956 TDPIPE - ok
15:57:12.0623 5956 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:57:12.0625 5956 TDTCP - ok
15:57:12.0714 5956 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:57:12.0716 5956 tdx - ok
15:57:12.0870 5956 [ 42BA22394C499648C03079742BFA593B ] Te.Service C:\Program Files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
15:57:12.0873 5956 Te.Service - ok
15:57:13.0174 5956 [ F67C21CC4195F6AFC447418FE163E156 ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
15:57:13.0334 5956 TeamViewer8 - ok
15:57:13.0429 5956 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
15:57:13.0432 5956 teamviewervpn - ok
15:57:13.0510 5956 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:57:13.0512 5956 TermDD - ok
15:57:13.0623 5956 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
15:57:13.0635 5956 TermService - ok
15:57:13.0799 5956 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
15:57:13.0807 5956 Themes - ok
15:57:13.0888 5956 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
15:57:13.0892 5956 THREADORDER - ok
15:57:14.0000 5956 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
15:57:14.0007 5956 TrkWks - ok
15:57:14.0101 5956 [ ED5E4CE36C54F55E7698642E94D32EC7 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
15:57:14.0104 5956 truecrypt - ok
15:57:14.0218 5956 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:57:14.0219 5956 TrustedInstaller - ok
15:57:14.0335 5956 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:57:14.0337 5956 tssecsrv - ok
15:57:14.0430 5956 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
15:57:14.0432 5956 tunmp - ok
15:57:14.0513 5956 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:57:14.0516 5956 tunnel - ok
15:57:14.0631 5956 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:57:14.0635 5956 uagp35 - ok
15:57:14.0726 5956 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
15:57:14.0730 5956 UBHelper - ok
15:57:14.0815 5956 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:57:14.0818 5956 udfs - ok
15:57:14.0942 5956 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:57:14.0951 5956 UI0Detect - ok
15:57:14.0999 5956 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:57:15.0001 5956 uliagpkx - ok
15:57:15.0050 5956 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
15:57:15.0054 5956 uliahci - ok
15:57:15.0115 5956 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
15:57:15.0118 5956 UlSata - ok
15:57:15.0183 5956 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
15:57:15.0187 5956 ulsata2 - ok
15:57:15.0253 5956 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:57:15.0256 5956 umbus - ok
15:57:15.0338 5956 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
15:57:15.0346 5956 upnphost - ok
15:57:15.0453 5956 [ AAB0B5F72D2D726FBFDC895A2902DE1D ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:57:15.0456 5956 usbccgp - ok
15:57:15.0513 5956 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:57:15.0515 5956 usbcir - ok
15:57:15.0584 5956 [ 153E8515CB86F8BB5D1A8B478EBF4BB2 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:57:15.0586 5956 usbehci - ok
15:57:15.0639 5956 [ 2AE6BCEBD85D31317E433733DAF25888 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:57:15.0643 5956 usbhub - ok
15:57:15.0713 5956 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:57:15.0716 5956 usbohci - ok
15:57:15.0788 5956 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:57:15.0791 5956 usbprint - ok
15:57:15.0886 5956 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:57:15.0890 5956 USBSTOR - ok
15:57:15.0947 5956 [ 44056325428A8E4C755830426E29878F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:57:15.0953 5956 usbuhci - ok
15:57:16.0051 5956 [ 73FF24E21B690625A58109637DDA0DF7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:57:16.0054 5956 usbvideo - ok
15:57:16.0141 5956 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
15:57:16.0148 5956 UxSms - ok
15:57:16.0215 5956 [ 200847985E963EA9634C1B81A21A4DA6 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
15:57:16.0218 5956 VBoxDrv - ok
15:57:16.0300 5956 [ 2A29B5D722D6B7F688507393E5D4166B ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
15:57:16.0302 5956 VBoxNetAdp - ok
15:57:16.0375 5956 [ 40458859BA17FC8ACBFEB65A967363E4 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
15:57:16.0378 5956 VBoxNetFlt - ok
15:57:16.0460 5956 [ E973E67E29344A198FB17351C5CD9320 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
15:57:16.0463 5956 VBoxUSBMon - ok
15:57:16.0550 5956 [ B2ABAB4CA46BAD182E27763DC19C780F ] VCSVADHWSer C:\Windows\system32\DRIVERS\vcsvad.sys
15:57:16.0552 5956 VCSVADHWSer - ok
15:57:16.0656 5956 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
15:57:16.0676 5956 vds - ok
15:57:16.0805 5956 [ 5DC444CFC82019F4AD178A00CA8FEA64 ] VeNCrypt C:\Program Files\VeNCrypt-0.2.6\vencserver.exe
15:57:16.0821 5956 VeNCrypt - ok
15:57:16.0919 5956 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:57:16.0922 5956 vga - ok
15:57:16.0972 5956 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
15:57:16.0975 5956 VgaSave - ok
15:57:17.0026 5956 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:57:17.0028 5956 viaagp - ok
15:57:17.0077 5956 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
15:57:17.0079 5956 ViaC7 - ok
15:57:17.0130 5956 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
15:57:17.0131 5956 viaide - ok
15:57:17.0257 5956 [ 3B8F222B23917C041E4DA29CCC57E7D0 ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
15:57:17.0258 5956 vncmirror - ok
15:57:17.0307 5956 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:57:17.0309 5956 volmgr - ok
15:57:17.0450 5956 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:57:17.0454 5956 volmgrx - ok
15:57:17.0554 5956 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:57:17.0557 5956 volsnap - ok
15:57:17.0626 5956 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:57:17.0628 5956 vsmraid - ok
15:57:17.0728 5956 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
15:57:17.0796 5956 VSS - ok
15:57:17.0858 5956 vToolbarUpdater15.3.0 - ok
15:57:17.0920 5956 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
15:57:17.0929 5956 W32Time - ok
15:57:18.0038 5956 [ 9CA92191C8F18E8B491A5B28E63C07B7 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
15:57:18.0046 5956 W3SVC - ok
15:57:18.0122 5956 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:57:18.0125 5956 WacomPen - ok
15:57:18.0227 5956 [ 5D81DFEDC21830764B02F12415AFAE2B ] wampapache c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
15:57:18.0228 5956 wampapache - ok
15:57:18.0309 5956 wampmysqld - ok
15:57:18.0380 5956 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:57:18.0384 5956 Wanarp - ok
15:57:18.0422 5956 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:57:18.0429 5956 Wanarpv6 - ok
15:57:18.0494 5956 [ 9CA92191C8F18E8B491A5B28E63C07B7 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
15:57:18.0499 5956 WAS - ok
15:57:18.0595 5956 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:57:18.0604 5956 WcesComm - ok
15:57:18.0709 5956 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:57:18.0722 5956 wcncsvc - ok
15:57:18.0826 5956 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:57:18.0835 5956 WcsPlugInService - ok
15:57:18.0913 5956 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
15:57:18.0915 5956 Wd - ok
15:57:19.0008 5956 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:57:19.0016 5956 Wdf01000 - ok
15:57:19.0080 5956 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:57:19.0089 5956 WdiServiceHost - ok
15:57:19.0131 5956 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:57:19.0139 5956 WdiSystemHost - ok
15:57:19.0226 5956 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
15:57:19.0235 5956 WebClient - ok
15:57:19.0314 5956 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:57:19.0322 5956 Wecsvc - ok
15:57:19.0381 5956 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:57:19.0389 5956 wercplsupport - ok
15:57:19.0482 5956 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
15:57:19.0490 5956 WerSvc - ok
15:57:19.0589 5956 [ 3FF18F4FB6D31256F38A2BCE3D19D45A ] wfcs C:\Program Files\Windows Firewall Control\wfcs.exe
15:57:19.0592 5956 wfcs - ok
15:57:19.0723 5956 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:57:19.0727 5956 WinDefend - ok
15:57:19.0894 5956 WinHttpAutoProxySvc - ok
15:57:20.0007 5956 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:57:20.0010 5956 Winmgmt - ok
15:57:20.0114 5956 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\iVeeSoft\iGame Capture\Driver\WinRing0.sys
15:57:20.0115 5956 WinRing0_1_2_0 - ok
15:57:20.0234 5956 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
15:57:20.0277 5956 WinRM - ok
15:57:20.0497 5956 [ 3F1546B526A8A38F96B19B4E2826D79D ] WinVNC4 C:\Program Files\RealVNC\VNC4\WinVNC4.exe
15:57:20.0559 5956 WinVNC4 - ok
15:57:20.0727 5956 [ F514C1C9D814F3DB46A17C59EA8214B2 ] WiseBootAssistant C:\Program Files\Wise\Wise Care 365\BootTime.exe
15:57:20.0738 5956 WiseBootAssistant - ok
15:57:20.0859 5956 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:57:20.0873 5956 Wlansvc - ok
15:57:20.0993 5956 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:57:20.0998 5956 wlcrasvc - ok
15:57:21.0154 5956 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:57:21.0208 5956 wlidsvc - ok
15:57:21.0284 5956 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:57:21.0286 5956 WmiAcpi - ok
15:57:21.0403 5956 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:57:21.0406 5956 wmiApSrv - ok
15:57:21.0551 5956 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:57:21.0568 5956 WMPNetworkSvc - ok
15:57:21.0651 5956 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:57:21.0666 5956 WPCSvc - ok
15:57:21.0795 5956 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:57:21.0809 5956 WPDBusEnum - ok
15:57:21.0961 5956 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
15:57:21.0963 5956 WpdUsb - ok
15:57:22.0148 5956 [ 15673BD0B86150CB8E27766059C72A9B ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:57:22.0171 5956 WPFFontCache_v0400 - ok
15:57:22.0255 5956 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:57:22.0257 5956 ws2ifsl - ok
15:57:22.0337 5956 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
15:57:22.0346 5956 wscsvc - ok
15:57:22.0391 5956 WSearch - ok
15:57:22.0637 5956 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:57:22.0745 5956 wuauserv - ok
15:57:22.0871 5956 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:57:22.0874 5956 WudfPf - ok
15:57:22.0971 5956 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:57:22.0981 5956 wudfsvc - ok
15:57:23.0108 5956 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:57:23.0111 5956 xusb21 - ok
15:57:23.0250 5956 [ E0ECD7ACE963B7485FFD577B9236D900 ] ZebraConnectionServer C:\Program Files\ZebraNetworkSystems\NeoRouter\ConnSrv.exe
15:57:23.0288 5956 ZebraConnectionServer - ok
15:57:23.0592 5956 ================ Scan global ===============================
15:57:23.0696 5956 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
15:57:23.0764 5956 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
15:57:23.0800 5956 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
15:57:23.0867 5956 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
15:57:23.0886 5956 [Global] - ok
15:57:23.0890 5956 ================ Scan MBR ==================================
15:57:23.0940 5956 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:57:24.0357 5956 \Device\Harddisk0\DR0 - ok
15:57:24.0371 5956 ================ Scan VBR ==================================
15:57:24.0385 5956 [ 8C5299B07AD4DD36C73C200DF7807073 ] \Device\Harddisk0\DR0\Partition1
15:57:24.0388 5956 \Device\Harddisk0\DR0\Partition1 - ok
15:57:24.0398 5956 ============================================================
15:57:24.0398 5956 Scan finished
15:57:24.0398 5956 ============================================================
15:57:24.0434 4692 Detected object count: 1
15:57:24.0434 4692 Actual detected object count: 1
15:57:38.0432 4692 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
15:57:38.0432 4692 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
15:58:18.0370 3012 Deinitialize success

[memphisto]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[rhsCZ]

ComboFix 13-11-04.01 - rhs 07.11.2013 21:30:47.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3001.1854 [GMT 1:00]
Spuštěný z: c:\users\rhs.EXPERT\Desktop\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\online\style\css\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\online\style\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\online\style\img\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\online\style\js\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style\css\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style\img\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style\js\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style2\css\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style2\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style2\img\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style2\js\Desktop_1.ini
c:\progra~1\SoundFrost\SoUNdfrost.dll
c:\program files\IMPI\ExTEnsion32.dll
c:\program files\ss
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Process Detector
c:\programdata\sysapp
c:\users\expert\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\system32\frapsvid.dll
c:\windows\system32\Packet.dll
c:\windows\system32\wpcap.dll
c:\windows\UA000079.DLL
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-07 do 2013-11-07 )))))))))))))))))))))))))))))))
.
.
2013-11-07 21:03 . 2013-11-07 21:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-07 21:03 . 2013-11-07 21:03 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-11-07 21:03 . 2013-11-07 21:03 -------- d-----w- c:\users\fbwuser\AppData\Local\temp
2013-11-07 21:03 . 2013-11-07 21:03 -------- d-----w- c:\users\expert\AppData\Local\temp
2013-11-07 21:02 . 2013-11-07 21:02 -------- d-----w- c:\users\Andrea\AppData\Local\temp
2013-11-06 21:29 . 2013-11-06 21:29 -------- d-----w- c:\windows\ERUNT
2013-11-06 17:41 . 2013-11-06 17:41 -------- d-----w- c:\program files\Apache Software Foundation
2013-11-06 17:38 . 2013-11-06 17:41 -------- d-----w- c:\program files\glassfish-4.0
2013-11-06 17:18 . 2013-11-06 17:45 -------- d-----w- c:\program files\NetBeans 7.4
2013-11-06 15:04 . 2013-11-06 19:24 -------- dc----w- C:\AdwCleaner
2013-11-06 14:22 . 2013-11-06 14:22 -------- d-----w- c:\programdata\Malwarebytes
2013-11-06 14:22 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-06 14:22 . 2013-11-06 14:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-05 23:07 . 2013-11-05 23:20 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2013-11-05 21:38 . 2013-11-05 21:38 -------- d-----w- c:\program files\SHOUTcast
2013-11-04 23:17 . 2013-11-04 23:22 -------- d---a-w- C:\cce_linux
2013-11-03 21:59 . 2013-11-03 22:03 -------- d-----w- c:\programdata\SystemExplorer
2013-11-03 21:58 . 2013-11-03 21:58 -------- d-----w- c:\program files\System Explorer
2013-11-03 21:52 . 2013-11-03 21:52 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2013-11-03 21:50 . 2013-11-03 21:51 -------- d-----w- c:\program files\Notebook Hardware Control
2013-11-03 21:42 . 2013-11-03 21:44 -------- d-----w- c:\program files\SpeedFan
2013-11-03 21:34 . 2013-11-03 21:35 -------- d-----w- c:\program files\Switcher
2013-11-03 21:33 . 2013-11-03 21:33 -------- d-----w- c:\program files\Smart PC Solutions
2013-11-03 21:24 . 2013-11-03 21:24 -------- d-----w- c:\program files\Brandon Paddock
2013-10-30 16:19 . 2013-11-03 19:21 -------- d-----w- c:\users\Admin
2013-10-28 17:46 . 2013-10-28 17:46 -------- d-----w- c:\program files\GameforgeLive
2013-10-27 18:57 . 2013-10-27 19:23 -------- d-----w- c:\program files\osu!
2013-10-22 14:02 . 2013-10-22 14:02 -------- d-----w- c:\programdata\GlarySoft
2013-10-21 18:47 . 2013-10-21 18:47 -------- dc----r- C:\MSOCache
2013-10-20 16:26 . 2013-10-20 16:25 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-20 16:04 . 2013-10-20 16:28 -------- d-----w- c:\programdata\Oracle
2013-10-20 10:54 . 2013-10-20 10:54 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-10-20 10:53 . 2013-10-20 10:54 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-10-20 10:34 . 2013-10-09 01:46 101664 ----a-w- c:\windows\system32\BootDefrag.exe
2013-10-20 10:34 . 2013-09-29 06:50 14080 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2013-10-20 10:32 . 2013-10-22 13:15 -------- d-----w- c:\program files\Glary Utilities 3
2013-10-19 08:53 . 2013-10-19 08:53 -------- d-----w- c:\users\rhs
2013-10-18 15:54 . 2013-05-22 16:49 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-10-18 15:54 . 2013-05-22 16:49 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-10-13 20:48 . 2013-10-13 20:56 -------- d-----w- c:\program files\VPNium
2013-10-13 11:15 . 2013-10-13 11:15 -------- dc----w- C:\Ubisoft
2013-10-12 19:26 . 2013-10-12 19:30 -------- dc----w- C:\visual
2013-10-09 12:07 . 2013-08-27 01:28 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-10-09 12:07 . 2013-08-27 01:28 798208 ----a-w- c:\windows\system32\FntCache.dll
2013-10-09 12:07 . 2013-08-27 02:47 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-10-09 12:07 . 2013-08-27 02:47 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-10-09 12:07 . 2013-08-27 02:47 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-10-09 12:07 . 2013-08-27 01:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-10-09 12:07 . 2013-08-27 01:50 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-10-09 12:07 . 2013-08-27 01:32 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-10-09 12:07 . 2013-08-27 02:47 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-10-09 12:07 . 2013-08-01 03:16 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-09 12:07 . 2013-08-01 02:49 37376 ----a-w- c:\windows\system32\cdd.dll
2013-10-09 12:07 . 2013-07-20 10:44 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2024-03-21 10:44 . 2010-11-15 09:27 246272 ----a-w- c:\windows\UNINST16.EXE
2013-10-19 22:15 . 2010-08-27 14:30 324096 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-10-10 20:53 . 2012-04-23 16:19 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-10 20:53 . 2011-05-17 07:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-12 16:11 . 2009-08-06 07:06 319456 ----a-w- c:\windows\DIFxAPI.dll
2013-09-09 23:34 . 2013-09-09 23:34 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-04 23:43 . 2013-09-04 23:43 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-09-03 19:14 . 2013-09-03 19:14 231760 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-08-31 15:57 . 2013-09-08 19:53 25464 ----a-w- c:\windows\system32\drivers\odminifilter.sys
2012-08-08 13:34 . 2012-08-08 13:34 10974280 ----a-w- c:\program files\Common Files\lpuninstall.exe
2013-01-30 22:00 . 2010-09-03 07:54 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{1393c215-0520-410e-ab29-3badab478ec4}]
2013-02-12 15:23 87616 ----a-w- c:\program files\filebulldogtb\filebulldogDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{2036470F-F17A-4171-BE34-4D1BCE1700E2}]
2013-03-27 09:37 1751040 ----a-w- c:\program files\Corton\CortonPlugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{60C07B56-542E-4054-A503-4E9E08DF2F84}]
2012-07-17 09:03 1816336 ----a-w- c:\program files\Pagealicious\Pagealicious.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1393c215-0520-410e-ab29-3badab478ec4}"= "c:\program files\filebulldogtb\filebulldogDx.dll" [2013-02-12 87616]
.
[HKEY_CLASSES_ROOT\clsid\{1393c215-0520-410e-ab29-3badab478ec4}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-30 17:00 222712 ----a-w- c:\users\rhs.EXPERT\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-30 17:00 222712 ----a-w- c:\users\rhs.EXPERT\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-30 17:00 222712 ----a-w- c:\users\rhs.EXPERT\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\rhs.EXPERT\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\rhs.EXPERT\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\rhs.EXPERT\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 10:05 40496 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe" [2013-06-14 547648]
"Switcher"="c:\program files\Switcher\Switcher.exe" [2007-10-28 425984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-10-02 494112]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-04-10 167936]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-09-22 4411952]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2013-01-30 30192]
"Fences"="c:\program files\Stardock\Fences\Fences.exe" [2012-10-29 4017368]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-10 1833504]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2013-05-16 2851784]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\rhs.EXPERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock Plus\ObjectDock.exe [2011-11-12 4152536]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-8-6 565248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 14 (0xe)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2012-10-29 478936]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoRun USB- Executive Edition.lnk]
backup=c:\windows\pss\AutoRun USB- Executive Edition.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hamachi.lnk]
backup=c:\windows\pss\Hamachi.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
backup=c:\windows\pss\Monitor Apache Servers.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OpenDNSCrypt.lnk]
backup=c:\windows\pss\OpenDNSCrypt.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoundFrost.lnk]
backup=c:\windows\pss\SoundFrost.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^rhs.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
backup=c:\windows\pss\Facebook Messenger.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^rhs.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Fences.lnk]
backup=c:\windows\pss\Fences.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^rhs.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
backup=c:\windows\pss\IMVU.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^rhs.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^User new.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.lnk]
backup=c:\windows\pss\DesktopVideoPlayer.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^User new.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
backup=c:\windows\pss\IMVU.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert Search Scope Monitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert_8h Browser Plugin Loader
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DU Meter
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightShot
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msgyxbafSrv
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpenDrive Tray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TweakMASTER
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-04-04 04:09 446392 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2012-03-09 14:26 1073312 ----a-w- c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
2013-07-04 07:57 3737424 ----a-w- c:\program files\Ashampoo\Ashampoo Snap 6\ashsnap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
2013-10-01 08:52 1278712 ----a-w- c:\program files\Clownfish\Clownfish.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-08-01 13:13 3673696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2013-03-28 17:40 450560 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-02-13 02:37 1263952 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Driver Detective]
2013-08-28 11:26 3982232 ----a-w- c:\program files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
2012-11-29 09:32 2086984 ----a-w- c:\program files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
2008-10-27 13:09 199464 ----a-w- c:\program files\EgisTec Egis Software Update\EgisUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-10-20 11:27 138096 ----atw- c:\users\rhs.EXPERT\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Bulldog Anti-phishing Domain Advisor]
2013-02-11 16:07 223808 ----a-w- c:\programdata\File Bulldog Anti-phishing Domain Advisor\filebulldog_antiphishing.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
2010-08-09 12:47 248832 ----a-w- c:\program files\FileHippo.com\UpdateChecker.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-09-14 10:00 116648 ----atw- c:\users\rhs.EXPERT\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
2013-09-25 16:37 20133824 ----a-w- c:\program files\Google\Drive\googledrivesync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-10-28 10:18 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2013-01-09 17:14 127040 ----a-w- c:\program files\ICQ7M\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 16:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\keepvid]
2013-06-10 15:59 1120256 ----a-w- c:\program files\SoundFrost\keepvid.com.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-06-28 12:02 2255184 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Minecraft Tweaker Updater]
2013-09-17 21:44 554496 ----a-w- c:\users\rhs.EXPERT\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMServerListAutoUpdater]
2012-12-10 11:36 302843 ----a-w- c:\program files\VUGames\SWAT 4\Content\System\MMServerListAutoUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyPrintScreen]
2013-05-02 10:12 232448 ----a-w- c:\program files\SoundFrost\MyPrintScreen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NotebookHardwareControl]
2007-05-04 16:16 2629632 ----a-w- c:\program files\Notebook Hardware Control\nhc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Maker Pilot (demo) printing agent]
2006-01-27 13:54 65536 ----a-w- c:\program files\PDF Maker Pilot Demo\pmpagenttsd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Powersuite Monitor]
2012-09-13 15:34 323936 ----a-w- c:\program files\Uniblue\Powersuite\powersuite_monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch]
2012-03-02 20:00 5319224 ----a-w- c:\program files\Proxy Switcher Standard\ProxySwitcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RockMelt Update]
2013-04-14 08:44 136336 ----atw- c:\users\rhs.EXPERT\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2013-03-29 08:57 11930696 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive]
2012-12-30 17:00 255992 ----a-w- c:\users\rhs.EXPERT\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-21 07:58 19875432 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundFrost]
2013-06-14 15:17 2106368 ----a-w- c:\program files\SoundFrost\SoundFrost.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundFrost Service]
2013-06-14 15:17 338944 ----a-w- c:\program files\SoundFrost\SoundFrostService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start++]
2008-04-26 13:36 570880 ----a-w- c:\program files\Brandon Paddock\Start++\Start++.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartMenuX]
2013-04-25 09:40 4555584 ----a-w- c:\program files\Start Menu X\StartMenuX.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreadManager.exe]
2013-07-25 19:16 10915608 ----a-w- c:\program files\Thread Manager\ThreadManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-08-27 10:53 296096 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
2007-03-03 12:12 341488 ----a-w- c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViStart]
2013-03-25 10:29 1298432 ----a-w- c:\program files\ViStart\ViStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViUpdater]
2013-01-11 15:16 122880 ----a-w- c:\program files\ViUpdater\ViUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinThemePack Logon]
2012-12-27 20:10 9920027 ----a-w- c:\program files\WinThemePack\The Avengers Logon Screen\tweak.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"StartupDelayer"="c:\program files\r2 Studios\Startup Delayer\Startup Launcher.exe" /LaunchType=Auto /LaunchApps=Common
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"IAAnotif"=c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe
"LManager"=c:\program files\Launch Manager\LManager.exe
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-04 12:32 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 20:53]
.
2013-10-19 c:\windows\Tasks\Driver Booster Startup.job
- c:\program files\IObit\Driver Booster\DriverBooster.exe [2013-07-21 09:39]
.
2013-10-19 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2013-07-21 09:12]
.
2013-10-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1869136784-2511684587-3108499956-1010Core.job
- c:\users\rhs.EXPERT\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-15 11:27]
.
2013-10-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1869136784-2511684587-3108499956-1010UA.job
- c:\users\rhs.EXPERT\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-15 11:27]
.
2013-11-07 c:\windows\Tasks\GlaryInitialize 3.job
- c:\program files\Glary Utilities 3\Initialize.exe [2013-10-09 01:42]
.
2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-12 20:26]
.
2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-12 20:26]
.
2013-09-13 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2013-09-13 19:17]
.
2013-02-05 c:\windows\Tasks\User_Feed_Synchronization-{8B373119-3C07-42D8-A6AF-3C5E274FDE1E}.job
- c:\windows\system32\msfeedssync.exe [2011-12-27 20:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = 37.59.81.65:3128
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Microsoft Excel'e &Ver
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Poslat jako MMS
IE: Poslat jako SMS
IE: Poslat MMS na
IE: Poslat SMS na
IE: WikiKomentáře Google...
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\users\rhs.EXPERT\AppData\Roaming\Seznam.cz\bin\listicka.dll
LSP: c:\windows\system32\wpclsp.dll
LSP: c:\windows\system32\LOILSP.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\rhs.EXPERT\AppData\Roaming\Mozilla\Firefox\Profiles\sw0vdc6a.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.cz
FF - prefs.js: keyword.URL - hxxp://search.filebulldog.com/results/1 ... guid___?q=
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-09-13 22:00; ascsurfingprotection@iobit.com; c:\users\rhs.EXPERT\AppData\Roaming\Mozilla\Firefox\Profiles\sw0vdc6a.default\extensions\ascsurfingprotection@iobit.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{3017FB3E-9A77-4396-88C5-0EC9548FB42F} - c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{bfc39e47-d643-4dc2-aa1d-61377501c844} - (no file)
Toolbar-{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
Toolbar-10 - (no file)
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
Notify-WBSrv - (no file)
SafeBoot-IMFservice
MSConfigStartUp-ApnTBMon - c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe
AddRemove-IECT3314481 - c:\programdata\Conduit\IE\CT3314481\UninstallerUI.exe
AddRemove-Your Product1.0 - c:\program files\Your Product\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-07 22:27
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Solarwinds: Job Broker]
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Solarwinds: Job Engine]
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Solarwinds: Job Scheduler]
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1869136784-2511684587-3108499956-1010\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A1C2E7F4-72A6-03B4-9036-EB6EE1DBA7AA}*]
"hahgnmdbcfgakken"=hex:69,61,62,65,67,6c,65,6b,6c,6e,69,6a,65,62,67,70,69,6b,
00,00
"ianfdmnoimjaajlpol"=hex:63,61,61,65,64,65,00,7f
"iabdhcmmcighmpcdba"=hex:6b,61,6e,64,69,6b,63,6b,69,6b,62,6e,62,61,6f,6b,67,65,
61,66,69,6f,00,00
"dbodialbpdgkfblkoekaccmfnfikkccoifjladle"=hex:68,61,65,61,6b,6b,63,69,62,63,
66,61,65,6d,70,6d,00,00
"jbodialbpdgkfblkoekafbpdhanfbchamdbgnbiflmnbiehcenhd"=hex:68,61,65,61,6b,6b,
63,69,62,63,66,61,65,6d,70,6d,00,00
"dbodialbpdgkfblkoekalbphjalnehpggleabedj"=hex:62,62,68,65,67,6a,62,6c,67,6d,
63,65,65,67,6a,69,61,61,64,6e,68,67,65,70,6b,65,6f,6d,67,70,6d,65,65,67,70,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}]
@Denied: (A 2 3) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\InProcServer32]
@="%SystemRoot%\\Explorer.exe"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\ProgID]
@="DAO.Client"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\TypeLib]
@="{C8618CE4-0676-5670-8336-6C67696B7575}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3648)
c:\users\rhs.EXPERT\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
c:\program files\EgisTec\MyWinLocker 3\x86\psdprotect.dll
c:\program files\EgisTec\MyWinLocker 3\x86\sysenv.dll
c:\program files\EgisTec\MyWinLocker 3\x86\mwlUI.dll
c:\program files\EgisTec\MyWinLocker 3\x86\GDIExtendCtrl.dll
c:\program files\EgisTec\MyWinLocker 3\x86\mwlOP.dll
c:\program files\EgisTec\MyWinLocker 3\x86\CryptoAPI.dll
c:\program files\EgisTec\MyWinLocker 3\x86\ShowErrMsg.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Bonjour\mdnsNSP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\WLANExt.exe
c:\program files\AVG\AVG2013\avgfws.exe
c:\program files\AVG\AVG2013\avgidsagent.exe
c:\program files\AVG\AVG2013\avgwdsvc.exe
c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\secpro.exe
c:\windows\System32\tcpsvcs.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\Taskmgr.exe
.
**************************************************************************
.
Celkový čas: 2013-11-07 22:41:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-07 21:41
.
Před spuštěním: Volných bajtů: 194 821 468 160
Po spuštění: Volných bajtů: 195 230 408 704
.
- - End Of File - - CCB2DC0CB5194D478CEABEBCD7E2AED0
5C616939100B85E558DA92B899A0FC36

[jaro3]

Odinstaluj:
IObit Security 360
akamai

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\UNINST16.EXE

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[rhsCZ]

https://www.virustotal.com/cs/file/21d4 ... 383938825/
čistý davala jsem rescan
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-08 20:52:04
-----------------------------
20:52:04.129 OS Version: Windows 6.0.6002 Service Pack 2
20:52:04.129 Number of processors: 1 586 0x170A
20:52:04.129 ComputerName: RHS UserName: rhs
20:52:14.782 Initialize success
20:52:23.112 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:52:23.127 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
20:52:23.377 Disk 0 MBR read successfully
20:52:23.377 Disk 0 MBR scan
20:52:23.377 Disk 0 Windows VISTA default MBR code
20:52:23.377 Disk 0 Partition - 00 05 Extended 9993 MB offset 63
20:52:23.408 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 466938 MB offset 20482048
20:52:23.408 Disk 0 Partition 2 00 82 Linux swap 1184 MB offset 126
20:52:23.408 Disk 0 Partition - 00 05 Extended 8809 MB offset 2425815
20:52:23.471 Disk 0 scanning sectors +976771072
20:52:23.892 Disk 0 scanning C:\Windows\system32\drivers
20:52:59.424 Service scanning
20:54:06.980 Modules scanning
20:54:36.897 Disk 0 trace - called modules:
20:54:37.474 ntkrnlpa.exe hal.dll CLASSPNP.SYS disk.sys iaStor.sys sptd.sys
20:54:37.474 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a1faac8]
20:54:37.489 3 CLASSPNP.SYS[863b58b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x88bc0028]
20:54:37.489 Scan finished successfully
20:54:51.902 Disk 0 MBR has been saved successfully to "C:\Users\rhs.EXPERT\Desktop\MBR.dat"
20:54:51.918 The log file has been saved successfully to "C:\Users\rhs.EXPERT\Desktop\aswMBR.txt"

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1869136784-2511684587-3108499956-1010Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1869136784-2511684587-3108499956-1010UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\system32\GameMon.des

Folder::
c:\users\rhs.EXPERT\AppData\Local\Facebook\Update
c:\program files\Google\Update

Driver::
npggsvc

Registry::
[-HKEY_CLASSES_ROOT\clsid\{1393c215-0520-410e-ab29-3badab478ec4}]
[-HKEY_LOCAL_MACHINE\system\ControlSet003\Services\npggsvc]

DDS::
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

RegLock::
[HKEY_USERS\S-1-5-21-1869136784-2511684587-3108499956-1010\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A1C2E7F4-72A6-03B4-9036-EB6EE1DBA7AA}*]
"hahgnmdbcfgakken"=hex:69,61,62,65,67,6c,65,6b,6c,6e,69,6a,65,62,67,70,69,6b,
 00,00
"ianfdmnoimjaajlpol"=hex:63,61,61,65,64,65,00,7f
"iabdhcmmcighmpcdba"=hex:6b,61,6e,64,69,6b,63,6b,69,6b,62,6e,62,61,6f,6b,67,65,
 61,66,69,6f,00,00
"dbodialbpdgkfblkoekaccmfnfikkccoifjladle"=hex:68,61,65,61,6b,6b,63,69,62,63,
 66,61,65,6d,70,6d,00,00
"jbodialbpdgkfblkoekafbpdhanfbchamdbgnbiflmnbiehcenhd"=hex:68,61,65,61,6b,6b,
 63,69,62,63,66,61,65,6d,70,6d,00,00
"dbodialbpdgkfblkoekalbphjalnehpggleabedj"=hex:62,62,68,65,67,6a,62,6c,67,6d,
 63,65,65,67,6a,69,61,61,64,6e,68,67,65,70,6b,65,6f,6d,67,70,6d,65,65,67,70,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}]
@Denied: (A 2 3) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\InProcServer32]
@="%SystemRoot%\\Explorer.exe"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\ProgID]
@="DAO.Client"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\TypeLib]
@="{C8618CE4-0676-5670-8336-6C67696B7575}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


uInternet Settings,ProxyServer = 37.59.81.65:3128
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
Znáš to??

[rhsCZ]

jo o proxy serveru vim chvili jsem nějaký server používal ale teď mam přimý spojení bez proxy

[rhsCZ]

ComboFix 13-11-07.01 - rhs 09.11.2013 14:40:12.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3001.1916 [GMT 1:00]
Spuštěný z: c:\users\rhs.EXPERT\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\rhs.EXPERT\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\GameMon.des"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1869136784-2511684587-3108499956-1010Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1869136784-2511684587-3108499956-1010UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\online\style\css\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\online\style\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\online\style\img\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\online\style\js\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style\css\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style\img\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style\js\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style2\css\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style2\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style2\img\Desktop_1.ini
c:\cj\Admin panel Transdmin Light 9.0.0 UNLIMITED\apanel\style2\js\Desktop_1.ini
c:\progra~1\SoundFrost\SoundFrost.dll
c:\program files\Complitly
c:\program files\Complitly\FireFoxExtensionWithFF8Fix.exe
c:\program files\Complitly\FireFoxUninstaller.exe
c:\program files\Complitly\InstTracker.exe
c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files\Complitly\support@Complitly.com\chrome.manifest
c:\program files\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files\Complitly\System.Data.SQLite.dll
c:\program files\Complitly\unins000.exe
c:\program files\IMPI\ExTEnsion32.dll
c:\program files\Searchqu Toolbar\Datamngr
c:\program files\Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files\Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files\Searchqu Toolbar\Datamngr\datamngrUI.exe
c:\program files\Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF10.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF11.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF12.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF8.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF9.dll
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\RequestPreserver.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files\Searchqu Toolbar\Datamngr\IEBHO.dll
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
c:\program files\Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files\smartdl
c:\program files\smartdl\gunzip.exe
c:\program files\smartdl\TorrentSearch.exe
c:\program files\StartNow Toolbar
c:\program files\StartNow Toolbar\ReactivateFF.exe
c:\program files\StartNow Toolbar\ReactivateIE.exe
c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files\StartNow Toolbar\Toolbar32.dll
c:\program files\StartNow Toolbar\ToolbarBroker.exe
c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe
c:\programdata\saVenshare,
c:\programdata\saVenshare,\4eFE.dll
c:\programdata\saVenshare,\jDpE.tlb
c:\windows\system32\frapsvid.dll
c:\windows\system32\Packet.dll
c:\windows\system32\wpcap.dll
c:\windows\UA000079.DLL
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Legacy_NPF
-------\Legacy_NPGGSVC
-------\Service_MyWebSearchService
-------\Service_NPF
-------\Service_npggsvc
-------\Service_Updater Service for StartNow Toolbar
-------\Service_gupdate1cab30ff2c1b3a2
-------\Service_gupdatem
-------\Service_Updater Service for StartNow Toolbar
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-09 do 2013-11-09 )))))))))))))))))))))))))))))))
.
.
2013-11-09 14:19 . 2013-11-09 14:19 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-09 14:19 . 2013-11-09 14:19 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-11-09 14:19 . 2013-11-09 14:19 -------- d-----w- c:\users\fbwuser\AppData\Local\temp
2013-11-09 14:19 . 2013-11-09 14:19 -------- d-----w- c:\users\expert\AppData\Local\temp
2013-11-09 14:19 . 2013-11-09 14:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-09 14:19 . 2013-11-09 14:19 -------- d-----w- c:\users\Andrea\AppData\Local\temp
2013-11-07 22:07 . 2013-11-07 22:07 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-07 22:06 . 2013-11-08 19:35 -------- d-----w- c:\programdata\ProductData
2013-11-07 21:56 . 2013-11-07 21:56 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-11-07 21:41 . 2013-11-07 21:41 -------- d-----w- c:\users\expert\AppData\Local\Temp(9218)
2013-11-06 17:41 . 2013-11-06 17:41 -------- d-----w- c:\program files\Apache Software Foundation
2013-11-06 17:38 . 2013-11-06 17:41 -------- d-----w- c:\program files\glassfish-4.0
2013-11-06 17:18 . 2013-11-06 17:45 -------- d-----w- c:\program files\NetBeans 7.4
2013-11-06 15:04 . 2013-11-06 19:24 -------- dc----w- C:\AdwCleaner
2013-11-06 14:22 . 2013-11-06 14:22 -------- d-----w- c:\programdata\Malwarebytes
2013-11-06 14:22 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-06 14:22 . 2013-11-06 14:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-05 23:07 . 2013-11-09 03:08 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2013-11-05 21:38 . 2013-11-05 21:38 -------- d-----w- c:\program files\SHOUTcast
2013-11-04 23:17 . 2013-11-04 23:22 -------- d---a-w- C:\cce_linux
2013-11-03 21:59 . 2013-11-09 03:09 -------- d-----w- c:\programdata\SystemExplorer
2013-11-03 21:58 . 2013-11-03 21:58 -------- d-----w- c:\program files\System Explorer
2013-11-03 21:52 . 2013-11-03 21:52 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2013-11-03 21:50 . 2013-11-03 21:51 -------- d-----w- c:\program files\Notebook Hardware Control
2013-11-03 21:42 . 2013-11-03 21:44 -------- d-----w- c:\program files\SpeedFan
2013-11-03 21:34 . 2013-11-09 03:09 -------- d-----w- c:\program files\Switcher
2013-11-03 21:33 . 2013-11-03 21:33 -------- d-----w- c:\program files\Smart PC Solutions
2013-11-03 21:24 . 2013-11-09 03:08 -------- d-----w- c:\program files\Brandon Paddock
2013-10-30 16:19 . 2013-11-09 03:11 -------- d-----w- c:\users\Admin
2013-10-28 17:46 . 2013-10-28 17:46 -------- d-----w- c:\program files\GameforgeLive
2013-10-27 18:57 . 2013-10-27 19:23 -------- d-----w- c:\program files\osu!
2013-10-22 14:02 . 2013-10-22 14:02 -------- d-----w- c:\programdata\GlarySoft
2013-10-21 18:47 . 2013-10-21 18:47 -------- dc----r- C:\MSOCache
2013-10-20 16:26 . 2013-10-20 16:25 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-20 16:04 . 2013-10-20 16:28 -------- d-----w- c:\programdata\Oracle
2013-10-20 10:54 . 2013-10-20 10:54 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-10-20 10:53 . 2013-10-20 10:54 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-10-20 10:34 . 2013-10-09 01:46 101664 ----a-w- c:\windows\system32\BootDefrag.exe
2013-10-20 10:34 . 2013-09-29 06:50 14080 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2013-10-20 10:32 . 2013-10-22 13:15 -------- d-----w- c:\program files\Glary Utilities 3
2013-10-19 08:53 . 2013-10-19 08:53 -------- d-----w- c:\users\rhs
2013-10-19 08:53 . 2013-11-09 02:50 -------- d-----w- c:\programdata\Conduit
2013-10-19 08:53 . 2013-11-09 03:09 -------- d-----w- c:\program files\Online_Sharing_V1
2013-10-18 15:54 . 2013-05-22 16:49 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-10-18 15:54 . 2013-05-22 16:49 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-10-13 20:48 . 2013-10-13 20:56 -------- d-----w- c:\program files\VPNium
2013-10-13 11:15 . 2013-10-13 11:15 -------- dc----w- C:\Ubisoft
2013-10-12 19:26 . 2013-10-12 19:30 -------- dc----w- C:\visual
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2024-03-21 10:44 . 2010-11-15 09:27 246272 ----a-w- c:\windows\UNINST16.EXE
2013-11-09 10:03 . 2012-04-23 16:19 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-09 10:03 . 2011-05-17 07:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-19 22:15 . 2010-08-27 14:30 324096 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-09-22 10:22 . 2013-10-09 12:38 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 10:14 . 2013-10-09 12:38 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-22 10:13 . 2013-10-09 12:38 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 10:08 . 2013-10-09 12:38 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-22 10:06 . 2013-10-09 12:38 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-09-22 10:03 . 2013-10-09 12:38 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-12 16:11 . 2009-08-06 07:06 319456 ----a-w- c:\windows\DIFxAPI.dll
2013-09-09 23:34 . 2013-09-09 23:34 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-04 23:43 . 2013-09-04 23:43 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-09-03 19:14 . 2013-09-03 19:14 231760 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-08-31 15:57 . 2013-09-08 19:53 25464 ----a-w- c:\windows\system32\drivers\odminifilter.sys
2013-08-29 07:36 . 2013-10-09 12:06 2050048 ----a-w- c:\windows\system32\win32k.sys
2013-08-27 02:47 . 2013-10-09 12:07 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-27 02:47 . 2013-10-09 12:07 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-27 02:47 . 2013-10-09 12:07 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-08-27 02:47 . 2013-10-09 12:07 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-27 01:52 . 2013-10-09 12:07 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-27 01:50 . 2013-10-09 12:07 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-27 01:32 . 2013-10-09 12:07 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-08-27 01:28 . 2013-10-09 12:07 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-08-27 01:28 . 2013-10-09 12:07 798208 ----a-w- c:\windows\system32\FntCache.dll
2013-08-14 10:01 . 2013-08-14 09:57 8902228 ----a-w- c:\users\rhs.EXPERT\hoic2.1.exe
2012-08-08 13:34 . 2012-08-08 13:34 10974280 ----a-w- c:\program files\Common Files\lpuninstall.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7473b6bd-4691-4744-a82b-7854eb3d70b6}"= "c:\program files\uTorrentControl_v2\prxtbuTor.dll" [2011-05-09 176936]
"{8567a644-e36c-470c-86cf-9c5b4f37db81}"= "c:\program files\Online_Sharing\prxtbOnli.dll" [2013-07-17 226592]
"{1a269fe4-5995-4e74-8206-20db87d38e57}"= "c:\program files\Online_Sharing_V1\prxtbOnli.dll" [2013-10-01 226592]
.
[HKEY_CLASSES_ROOT\clsid\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
.
[HKEY_CLASSES_ROOT\clsid\{8567a644-e36c-470c-86cf-9c5b4f37db81}]
.
[HKEY_CLASSES_ROOT\clsid\{1a269fe4-5995-4e74-8206-20db87d38e57}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-11-08 19:32 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{1a269fe4-5995-4e74-8206-20db87d38e57}]
2013-10-01 14:03 226592 ----a-w- c:\program files\Online_Sharing_V1\prxtbOnli.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{2036470F-F17A-4171-BE34-4D1BCE1700E2}]
2013-03-27 09:37 1751040 ----a-w- c:\program files\Corton\CortonPlugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-11-03 22:10 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
2010-04-03 10:20 2349080 ----a-w- c:\program files\IObitCom\tbIOb1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{60C07B56-542E-4054-A503-4E9E08DF2F84}]
2012-07-17 09:03 1816336 ----a-w- c:\program files\Pagealicious\Pagealicious.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentControl_v2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{8567a644-e36c-470c-86cf-9c5b4f37db81}]
2013-07-17 08:53 226592 ----a-w- c:\program files\Online_Sharing\prxtbOnli.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\IMVU_Inc\tbIMVU.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-06-26 17:38 3055280 ----a-w- c:\program files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{ad708c09-d51b-45b3-9d28-4eba2681febf}]
2011-05-09 08:49 176936 ----a-w- c:\program files\Download_Energy\prxtbDown.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{90b49673-5506-483e-b92b-ca0265bd9ca8}"= "c:\program files\IMVU_Inc\tbIMVU.dll" [2010-12-09 3911776]
"{ad708c09-d51b-45b3-9d28-4eba2681febf}"= "c:\program files\Download_Energy\prxtbDown.dll" [2011-05-09 176936]
"{7473b6bd-4691-4744-a82b-7854eb3d70b6}"= "c:\program files\uTorrentControl_v2\prxtbuTor.dll" [2011-05-09 176936]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll" [2013-06-26 3055280]
"{8567a644-e36c-470c-86cf-9c5b4f37db81}"= "c:\program files\Online_Sharing\prxtbOnli.dll" [2013-07-17 226592]
"{1a269fe4-5995-4e74-8206-20db87d38e57}"= "c:\program files\Online_Sharing_V1\prxtbOnli.dll" [2013-10-01 226592]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
.
[HKEY_CLASSES_ROOT\clsid\{ad708c09-d51b-45b3-9d28-4eba2681febf}]
.
[HKEY_CLASSES_ROOT\clsid\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{8567a644-e36c-470c-86cf-9c5b4f37db81}]
.
[HKEY_CLASSES_ROOT\clsid\{1a269fe4-5995-4e74-8206-20db87d38e57}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{90B49673-5506-483E-B92B-CA0265BD9CA8}"= "c:\program files\IMVU_Inc\tbIMVU.dll" [2010-12-09 3911776]
"{AD708C09-D51B-45B3-9D28-4EBA2681FEBF}"= "c:\program files\Download_Energy\prxtbDown.dll" [2011-05-09 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
.
[HKEY_CLASSES_ROOT\clsid\{ad708c09-d51b-45b3-9d28-4eba2681febf}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-30 17:00 222712 ----a-w- c:\users\rhs.EXPERT\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-30 17:00 222712 ----a-w- c:\users\rhs.EXPERT\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-30 17:00 222712 ----a-w- c:\users\rhs.EXPERT\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\rhs.EXPERT\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\rhs.EXPERT\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\rhs.EXPERT\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 10:05 40496 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 16:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"Switcher"="c:\program files\Switcher\Switcher.exe" [2007-10-28 425984]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-10-28 2283296]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe" [2013-10-22 549184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-09-22 4411952]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2013-01-30 30192]
"Fences"="c:\program files\Stardock\Fences\Fences.exe" [2012-10-29 4017368]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-10 1833504]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2013-05-16 2851784]
.
c:\users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35F1C5FG05SZ;CONNECTION=NW;MONITOR=1; [2006-11-2 44544]
.
c:\users\rhs.EXPERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock Plus\ObjectDock.exe [2011-11-12 4152536]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-8-6 565248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 14 (0xe)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2012-10-29 478936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
[BU]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoRun USB- Executive Edition.lnk]
backup=c:\windows\pss\AutoRun USB- Executive Edition.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hamachi.lnk]
backup=c:\windows\pss\Hamachi.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
backup=c:\windows\pss\Monitor Apache Servers.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OpenDNSCrypt.lnk]
backup=c:\windows\pss\OpenDNSCrypt.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoundFrost.lnk]
backup=c:\windows\pss\SoundFrost.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^rhs.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
backup=c:\windows\pss\Facebook Messenger.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^rhs.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Fences.lnk]
backup=c:\windows\pss\Fences.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^rhs.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
backup=c:\windows\pss\IMVU.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^rhs.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^User new.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.lnk]
backup=c:\windows\pss\DesktopVideoPlayer.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^User new.EXPERT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
backup=c:\windows\pss\IMVU.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert Search Scope Monitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allin1Convert_8h Browser Plugin Loader
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DU Meter
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightShot
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msgyxbafSrv
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpenDrive Tray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TweakMASTER
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-04-04 04:09 446392 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2012-03-09 14:26 1073312 ----a-w- c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
2013-06-26 12:02 1542608 ----a-w- c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
2013-07-04 07:57 3737424 ----a-w- c:\program files\Ashampoo\Ashampoo Snap 6\ashsnap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
2013-10-01 08:52 1278712 ----a-w- c:\program files\Clownfish\Clownfish.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-08-01 13:13 3673696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2013-03-28 17:40 450560 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-02-13 02:37 1263952 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Driver Detective]
2013-08-28 11:26 3982232 ----a-w- c:\program files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
2012-11-29 09:32 2086984 ----a-w- c:\program files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
2008-10-27 13:09 199464 ----a-w- c:\program files\EgisTec Egis Software Update\EgisUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-10-20 11:27 138096 ----atw- c:\users\rhs.EXPERT\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Bulldog Anti-phishing Domain Advisor]
2013-02-11 16:07 223808 ----a-w- c:\programdata\File Bulldog Anti-phishing Domain Advisor\filebulldog_antiphishing.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
2010-08-09 12:47 248832 ----a-w- c:\program files\FileHippo.com\UpdateChecker.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-09-14 10:00 116648 ----atw- c:\users\rhs.EXPERT\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
2013-09-25 16:37 20133824 ----a-w- c:\program files\Google\Drive\googledrivesync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-10-28 10:18 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2013-01-09 17:14 127040 ----a-w- c:\program files\ICQ7M\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 16:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\keepvid]
2013-06-10 15:59 1120256 ----a-w- c:\program files\SoundFrost\keepvid.com.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-06-28 12:02 2255184 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Minecraft Tweaker Updater]
2013-09-17 21:44 554496 ----a-w- c:\users\rhs.EXPERT\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMServerListAutoUpdater]
2012-12-10 11:36 302843 ----a-w- c:\program files\VUGames\SWAT 4\Content\System\MMServerListAutoUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyPrintScreen]
2013-05-02 10:12 232448 ----a-w- c:\program files\SoundFrost\MyPrintScreen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NotebookHardwareControl]
2007-05-04 16:16 2629632 ----a-w- c:\program files\Notebook Hardware Control\nhc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Maker Pilot (demo) printing agent]
2006-01-27 13:54 65536 ----a-w- c:\program files\PDF Maker Pilot Demo\pmpagenttsd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Powersuite Monitor]
2012-09-13 15:34 323936 ----a-w- c:\program files\Uniblue\Powersuite\powersuite_monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch]
2012-03-02 20:00 5319224 ----a-w- c:\program files\Proxy Switcher Standard\ProxySwitcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RockMelt Update]
2013-04-14 08:44 136336 ----atw- c:\users\rhs.EXPERT\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2013-03-29 08:57 11930696 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive]
2012-12-30 17:00 255992 ----a-w- c:\users\rhs.EXPERT\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-21 07:58 19875432 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundFrost]
2013-06-14 15:17 2106368 ----a-w- c:\program files\SoundFrost\SoundFrost.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundFrost Service]
2013-06-14 15:17 338944 ----a-w- c:\program files\SoundFrost\SoundFrostService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start++]
2008-04-26 13:36 570880 ----a-w- c:\program files\Brandon Paddock\Start++\Start++.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartMenuX]
2013-04-25 09:40 4555584 ----a-w- c:\program files\Start Menu X\StartMenuX.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreadManager.exe]
2013-07-25 19:16 10915608 ----a-w- c:\program files\Thread Manager\ThreadManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-08-27 10:53 296096 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
2007-03-03 12:12 341488 ----a-w- c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViStart]
2013-03-25 10:29 1298432 ----a-w- c:\program files\ViStart\ViStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViUpdater]
2013-01-11 15:16 122880 ----a-w- c:\program files\ViUpdater\ViUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
2013-06-26 17:38 2236080 ----a-w- c:\program files\AVG Secure Search\vprot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinThemePack Logon]
2012-12-27 20:10 9920027 ----a-w- c:\program files\WinThemePack\The Avengers Logon Screen\tweak.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"StartupDelayer"="c:\program files\r2 Studios\Startup Delayer\Startup Launcher.exe" /LaunchType=Auto /LaunchApps=Common
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"IAAnotif"=c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe
"LManager"=c:\program files\Launch Manager\LManager.exe
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
R3 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-09 11:11 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 10:03]
.
2013-08-09 c:\windows\Tasks\AmiUpdXp.job
- c:\users\rhs.EXPERT\AppData\Local\SwvUpdater\Updater.exe [2013-08-09 11:27]
.
2013-10-19 c:\windows\Tasks\Driver Booster Startup.job
- c:\program files\IObit\Driver Booster\DriverBooster.exe [2013-07-21 09:39]
.
2013-10-19 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2013-07-21 09:12]
.
2013-10-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1869136784-2511684587-3108499956-1010Core.job
- c:\users\rhs.EXPERT\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-15 11:27]
.
2013-10-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1869136784-2511684587-3108499956-1010UA.job
- c:\users\rhs.EXPERT\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-15 11:27]
.
2013-11-09 c:\windows\Tasks\GlaryInitialize 3.job
- c:\program files\Glary Utilities 3\Initialize.exe [2013-10-09 01:42]
.
2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-12 20:26]
.
2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-12 20:26]
.
2013-09-13 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2013-09-13 19:17]
.
2013-02-05 c:\windows\Tasks\User_Feed_Synchronization-{8B373119-3C07-42D8-A6AF-3C5E274FDE1E}.job
- c:\windows\system32\msfeedssync.exe [2011-12-27 20:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://websearch.youwillfind.info/?pid= ... g=EN&cc=CZ
uInternet Settings,ProxyServer = 37.59.81.65:3128
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Microsoft Excel'e &Ver
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Poslat jako MMS
IE: Poslat jako SMS
IE: Poslat MMS na
IE: Poslat SMS na
IE: WikiKomentáře Google...
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\users\rhs.EXPERT\AppData\Roaming\Seznam.cz\bin\listicka.dll
LSP: c:\windows\system32\wpclsp.dll
LSP: c:\windows\system32\LOILSP.dll
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
FF - ProfilePath - c:\users\rhs.EXPERT\AppData\Roaming\Mozilla\Firefox\Profiles\0sc2i8hz.default\
FF - ExtSQL: 2013-09-12 22:14; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - ExtSQL: 2013-11-09 12:20; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\rhs.EXPERT\AppData\Roaming\Mozilla\Firefox\Profiles\0sc2i8hz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-09 12:21; {F53C93F1-07D5-430c-86D4-C9531B27DFAF}; c:\users\rhs.EXPERT\AppData\Roaming\Mozilla\Firefox\Profiles\0sc2i8hz.default\extensions\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}
FF - ExtSQL: 2013-11-09 12:21; support@lastpass.com; c:\users\rhs.EXPERT\AppData\Roaming\Mozilla\Firefox\Profiles\0sc2i8hz.default\extensions\support@lastpass.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{1393c215-0520-410e-ab29-3badab478ec4} - (no file)
Toolbar-{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
Toolbar-10 - (no file)
Toolbar-{1393c215-0520-410e-ab29-3badab478ec4} - (no file)
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-StartNow Toolbar - c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-09 15:32
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Solarwinds: Job Broker]
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Solarwinds: Job Engine]
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\Solarwinds: Job Scheduler]
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1869136784-2511684587-3108499956-1010\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A1C2E7F4-72A6-03B4-9036-EB6EE1DBA7AA}*]
"hahgnmdbcfgakken"=hex:69,61,62,65,67,6c,65,6b,6c,6e,69,6a,65,62,67,70,69,6b,
00,00
"ianfdmnoimjaajlpol"=hex:63,61,61,65,64,65,00,7f
"iabdhcmmcighmpcdba"=hex:6b,61,6e,64,69,6b,63,6b,69,6b,62,6e,62,61,6f,6b,67,65,
61,66,69,6f,00,00
"dbodialbpdgkfblkoekaccmfnfikkccoifjladle"=hex:68,61,65,61,6b,6b,63,69,62,63,
66,61,65,6d,70,6d,00,00
"jbodialbpdgkfblkoekafbpdhanfbchamdbgnbiflmnbiehcenhd"=hex:68,61,65,61,6b,6b,
63,69,62,63,66,61,65,6d,70,6d,00,00
"dbodialbpdgkfblkoekalbphjalnehpggleabedj"=hex:62,62,68,65,67,6a,62,6c,67,6d,
63,65,65,67,6a,69,61,61,64,6e,68,67,65,70,6b,65,6f,6d,67,70,6d,65,65,67,70,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2780)
c:\users\rhs.EXPERT\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
c:\program files\EgisTec\MyWinLocker 3\x86\psdprotect.dll
c:\program files\EgisTec\MyWinLocker 3\x86\sysenv.dll
c:\program files\EgisTec\MyWinLocker 3\x86\mwlUI.dll
c:\program files\EgisTec\MyWinLocker 3\x86\GDIExtendCtrl.dll
c:\program files\EgisTec\MyWinLocker 3\x86\mwlOP.dll
c:\program files\EgisTec\MyWinLocker 3\x86\CryptoAPI.dll
c:\program files\EgisTec\MyWinLocker 3\x86\ShowErrMsg.dll
c:\program files\Bonjour\mdnsNSP.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\WLANExt.exe
c:\program files\AVG\AVG2013\avgfws.exe
c:\program files\AVG\AVG2013\avgidsagent.exe
c:\program files\AVG\AVG2013\avgwdsvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\secpro.exe
c:\windows\System32\tcpsvcs.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\program files\AVG\AVG2013\avgmfapx.exe
.
**************************************************************************
.
Celkový čas: 2013-11-09 15:49:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-09 14:48
ComboFix2.txt 2013-11-07 21:41
.
Před spuštěním: Volných bajtů: 196 972 810 240
Po spuštění: Volných bajtů: 196 316 426 240
.
- - End Of File - - 2B925615B9FD476CFB594B0CBFCF764E
5C616939100B85E558DA92B899A0FC36

[rhsCZ]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:29:53, on 9.11.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\Explorer.exe
C:\Program Files\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\notepad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.youwillfind.info/?pid= ... g=EN&cc=CZ
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 37.59.81.65:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Online Sharing Toolbar - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\prxtbOnli.dll
R3 - URLSearchHook: Online Sharing V1 Toolbar - {1a269fe4-5995-4e74-8206-20db87d38e57} - C:\Program Files\Online_Sharing_V1\prxtbOnli.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\rhs.EXPERT\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Online Sharing V1 - {1a269fe4-5995-4e74-8206-20db87d38e57} - C:\Program Files\Online_Sharing_V1\prxtbOnli.dll
O2 - BHO: CortonExt - {2036470F-F17A-4171-BE34-4D1BCE1700E2} - C:\Program Files\Corton\CortonPlugin.dll
O2 - BHO: SMSender.E.ToolbarsHelper - {24BCDA96-8FCB-4D3B-0500-000000000004} - mscoree.dll (file missing)
O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb1.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: keepvid.com - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\PROGRA~1\SoundFrost\keepvid.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Pagealicious - {60C07B56-542E-4054-A503-4E9E08DF2F84} - C:\Program Files\Pagealicious\Pagealicious.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Online Sharing - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\prxtbOnli.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Download Energy - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\prxtbDown.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\MidpX\JadInvoker\MidpInvoker.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\prxtbDown.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Users\rhs.EXPERT\AppData\Roaming\Seznam.cz\bin\toolbar\toolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O3 - Toolbar: Online Sharing Toolbar - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\prxtbOnli.dll
O3 - Toolbar: Online Sharing V1 Toolbar - {1a269fe4-5995-4e74-8206-20db87d38e57} - C:\Program Files\Online_Sharing_V1\prxtbOnli.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Fences] "C:\Program Files\Stardock\Fences\Fences.exe" /startup
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Switcher] "C:\Program Files\Switcher\Switcher.exe" /quiet
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe" /m
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock Plus\ObjectDock.exe
O4 - Global Startup: Acer VCM.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\rhs.EXPERT\AppData\Roaming\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\rhs.EXPERT\AppData\Roaming\Seznam.cz\bin\listicka.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\ilannsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\loilsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: tbr - (no CLSID) - (no file)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PSPR Control Service (PSPRSERV) - ElcomSoft Co. Ltd. - C:\Program Files\Elcomsoft Password Recovery\Proactive System Password Recovery\psprserv.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Secure Storage (SecStore) - Unknown owner - C:\Windows\system32\secpro.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 17961 bytes

[jaro3]

Odinstaluj:
Spybot-S&D
Online_Sharing_V1


a všechny ty toolbary , proč je pořád instaluješ??

Znovu AdwCleaner , JRT , MbAM.

[rhsCZ]

ja je tam neinstaluju úmyslně nejspíš nějaký instalátory při instalaci různých programů
edit:// po prvním spuštění combofixu a restartu šel internet v pohodě ale po dalším spuštění počítače mi nefungoval správně wifi adaptér u notebooku takže jsem byl nucen použít bod obnovy