prosím o kontrolu logu - o5 Vyřešeno

[jesuami]

RogueKiller V8.6.6 [Aug 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : pokus [Práva správce]
Mód : Kontrola -- Datum : 08/22/2013 16:02:55
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{5825B72F-1913-491F-A1BE-96CAB5660A5B} : NameServer (84.246.88.10,84.246.88.20) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] BankID Security Application.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BankID Security Application.lnk @C:\Program Files\Personal\bin\Personal.exe [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541680J9SA00 +++++
--- User ---
[MBR] d18ebc0b68d5f89364871020a8b578fc
[BSP] 74295121703c5408305f185e879132ac : Windows XP MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 10252 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20996955 | Size: 37032 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 96839820 | Size: 29031 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_08222013_160255.txt >>
RKreport[0]_S_08212013_124418.txt

[Reklama]

[Žbeky]

Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[jesuami]

RogueKiller V8.6.6 [Aug 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : pokus [Práva správce]
Mód : Odebrat -- Datum : 08/22/2013 20:52:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] BankID Security Application.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BankID Security Application.lnk @C:\Program Files\Personal\bin\Personal.exe [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541680J9SA00 +++++
--- User ---
[MBR] d18ebc0b68d5f89364871020a8b578fc
[BSP] 74295121703c5408305f185e879132ac : Windows XP MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 10252 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20996955 | Size: 37032 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 96839820 | Size: 29031 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_08222013_205209.txt >>
RKreport[0]_S_08212013_124418.txt;RKreport[0]_S_08222013_160255.txt;RKreport[0]_S_08222013_205203.txt

[jesuami]

20:56:37.0578 2240 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:56:37.0750 2240 ============================================================
20:56:37.0750 2240 Current date / time: 2013/08/22 20:56:37.0750
20:56:37.0750 2240 SystemInfo:
20:56:37.0750 2240
20:56:37.0750 2240 OS Version: 5.1.2600 ServicePack: 2.0
20:56:37.0750 2240 Product type: Workstation
20:56:37.0750 2240 ComputerName: APOLLO-NOTE
20:56:37.0750 2240 UserName: pokus
20:56:37.0750 2240 Windows directory: C:\WINDOWS
20:56:37.0765 2240 System windows directory: C:\WINDOWS
20:56:37.0765 2240 Processor architecture: Intel x86
20:56:37.0765 2240 Number of processors: 1
20:56:37.0765 2240 Page size: 0x1000
20:56:37.0765 2240 Boot type: Normal boot
20:56:37.0765 2240 ============================================================
20:56:39.0312 2240 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:56:39.0312 2240 ============================================================
20:56:39.0312 2240 \Device\Harddisk0\DR0:
20:56:39.0312 2240 MBR partitions:
20:56:39.0312 2240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x140635B, BlocksNum 0x4854531
20:56:39.0312 2240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5C5A88C, BlocksNum 0x38B3C35
20:56:39.0312 2240 ============================================================
20:56:39.0375 2240 C: <-> \Device\Harddisk0\DR0\Partition1
20:56:39.0406 2240 D: <-> \Device\Harddisk0\DR0\Partition2
20:56:39.0406 2240 ============================================================
20:56:39.0406 2240 Initialize success
20:56:39.0406 2240 ============================================================
20:56:40.0468 2216 ============================================================
20:56:40.0468 2216 Scan started
20:56:40.0468 2216 Mode: Manual;
20:56:40.0468 2216 ============================================================
20:56:41.0390 2216 ================ Scan system memory ========================
20:56:41.0390 2216 System memory - ok
20:56:41.0390 2216 ================ Scan services =============================
20:56:41.0453 2216 Abiosdsk - ok
20:56:41.0468 2216 abp480n5 - ok
20:56:41.0531 2216 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:56:41.0531 2216 ACPI - ok
20:56:41.0546 2216 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:56:41.0546 2216 ACPIEC - ok
20:56:41.0656 2216 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:56:41.0656 2216 AdobeFlashPlayerUpdateSvc - ok
20:56:41.0671 2216 adpu160m - ok
20:56:41.0718 2216 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
20:56:41.0718 2216 aec - ok
20:56:41.0750 2216 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:56:41.0750 2216 AFD - ok
20:56:41.0750 2216 Aha154x - ok
20:56:41.0765 2216 aic78u2 - ok
20:56:41.0765 2216 aic78xx - ok
20:56:41.0796 2216 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:56:41.0812 2216 Alerter - ok
20:56:41.0828 2216 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
20:56:41.0828 2216 ALG - ok
20:56:41.0843 2216 AliIde - ok
20:56:41.0843 2216 amsint - ok
20:56:41.0890 2216 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:56:41.0890 2216 AppMgmt - ok
20:56:41.0906 2216 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:56:41.0921 2216 Arp1394 - ok
20:56:41.0921 2216 asc - ok
20:56:41.0937 2216 asc3350p - ok
20:56:41.0937 2216 asc3550 - ok
20:56:42.0046 2216 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:56:42.0046 2216 aspnet_state - ok
20:56:42.0093 2216 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
20:56:42.0093 2216 aswFsBlk - ok
20:56:42.0140 2216 [ 4691B3FE3717F9D9C64A5282C8543D4D ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
20:56:42.0140 2216 aswKbd - ok
20:56:42.0187 2216 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
20:56:42.0187 2216 aswMonFlt - ok
20:56:42.0218 2216 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
20:56:42.0218 2216 AswRdr - ok
20:56:42.0250 2216 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
20:56:42.0250 2216 aswRvrt - ok
20:56:42.0296 2216 [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
20:56:42.0312 2216 aswSnx - ok
20:56:42.0375 2216 [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
20:56:42.0375 2216 aswSP - ok
20:56:42.0406 2216 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
20:56:42.0421 2216 aswTdi - ok
20:56:42.0437 2216 [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
20:56:42.0437 2216 aswVmm - ok
20:56:42.0484 2216 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:56:42.0484 2216 AsyncMac - ok
20:56:42.0531 2216 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:56:42.0531 2216 atapi - ok
20:56:42.0546 2216 Atdisk - ok
20:56:42.0578 2216 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:56:42.0578 2216 Atmarpc - ok
20:56:42.0625 2216 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:56:42.0640 2216 AudioSrv - ok
20:56:42.0687 2216 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:56:42.0687 2216 audstub - ok
20:56:42.0812 2216 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:56:42.0812 2216 avast! Antivirus - ok
20:56:42.0859 2216 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:56:42.0859 2216 b57w2k - ok
20:56:42.0921 2216 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:56:42.0937 2216 BCM43XX - ok
20:56:42.0968 2216 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:56:42.0984 2216 Beep - ok
20:56:43.0046 2216 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
20:56:43.0046 2216 BITS - ok
20:56:43.0109 2216 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
20:56:43.0109 2216 Browser - ok
20:56:43.0156 2216 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
20:56:43.0171 2216 btaudio - ok
20:56:43.0218 2216 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
20:56:43.0218 2216 BTDriver - ok
20:56:43.0296 2216 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
20:56:43.0296 2216 BTKRNL - ok
20:56:43.0375 2216 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
20:56:43.0375 2216 btwdins - ok
20:56:43.0406 2216 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
20:56:43.0406 2216 btwhid - ok
20:56:43.0421 2216 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
20:56:43.0421 2216 BTWUSB - ok
20:56:43.0453 2216 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:56:43.0468 2216 cbidf2k - ok
20:56:43.0515 2216 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:56:43.0515 2216 CCDECODE - ok
20:56:43.0515 2216 cd20xrnt - ok
20:56:43.0562 2216 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:56:43.0562 2216 Cdaudio - ok
20:56:43.0593 2216 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:56:43.0609 2216 Cdfs - ok
20:56:43.0625 2216 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:56:43.0625 2216 Cdrom - ok
20:56:43.0656 2216 [ DAF1A8193B6CAF0FB858CADCC5C4AF4A ] Changer C:\WINDOWS\system32\drivers\Changer.sys
20:56:43.0671 2216 Changer - ok
20:56:43.0687 2216 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:56:43.0687 2216 CiSvc - ok
20:56:43.0703 2216 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:56:43.0703 2216 ClipSrv - ok
20:56:43.0750 2216 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:56:43.0765 2216 clr_optimization_v2.0.50727_32 - ok
20:56:43.0796 2216 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:56:43.0796 2216 CmBatt - ok
20:56:43.0796 2216 CmdIde - ok
20:56:43.0843 2216 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:56:43.0843 2216 Compbatt - ok
20:56:43.0843 2216 COMSysApp - ok
20:56:43.0859 2216 Cpqarray - ok
20:56:43.0906 2216 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:56:43.0906 2216 CryptSvc - ok
20:56:43.0921 2216 dac2w2k - ok
20:56:43.0921 2216 dac960nt - ok
20:56:43.0984 2216 [ 2B269C916766BDB43404F043B763427D ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:56:43.0984 2216 DcomLaunch - ok
20:56:44.0046 2216 [ 06A30F453CA4CB1431037E4813F697CB ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:56:44.0046 2216 Dhcp - ok
20:56:44.0359 2216 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:56:44.0359 2216 Disk - ok
20:56:44.0406 2216 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
20:56:44.0406 2216 DKbFltr - ok
20:56:44.0406 2216 dmadmin - ok
20:56:44.0437 2216 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:56:44.0453 2216 dmboot - ok
20:56:44.0500 2216 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:56:44.0500 2216 dmio - ok
20:56:44.0546 2216 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:56:44.0546 2216 dmload - ok
20:56:44.0593 2216 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:56:44.0609 2216 dmserver - ok
20:56:44.0656 2216 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:56:44.0656 2216 DMusic - ok
20:56:44.0703 2216 [ 0EEF8922D46D4846B472B1F6FD0541BC ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:56:44.0703 2216 Dnscache - ok
20:56:44.0703 2216 dpti2o - ok
20:56:44.0765 2216 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:56:44.0765 2216 drmkaud - ok
20:56:44.0843 2216 [ D33EC04D1F0B5F388DE86CCC3333A59F ] eLockService C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
20:56:44.0843 2216 eLockService - ok
20:56:44.0859 2216 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:56:44.0859 2216 ERSvc - ok
20:56:44.0906 2216 [ 4F9F7B567970B524F31D9970A23F7C24 ] Eventlog C:\WINDOWS\system32\services.exe
20:56:44.0906 2216 Eventlog - ok
20:56:44.0968 2216 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
20:56:44.0968 2216 EventSystem - ok
20:56:45.0031 2216 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:56:45.0031 2216 Fastfat - ok
20:56:45.0078 2216 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:56:45.0078 2216 FastUserSwitchingCompatibility - ok
20:56:45.0125 2216 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:56:45.0125 2216 Fdc - ok
20:56:45.0171 2216 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:56:45.0171 2216 Fips - ok
20:56:45.0218 2216 [ 5575EE5823DE1558F8486EB4E33FFA99 ] FlashUSB C:\WINDOWS\system32\DRIVERS\FlashUSB.sys
20:56:45.0218 2216 FlashUSB - ok
20:56:45.0234 2216 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:56:45.0234 2216 Flpydisk - ok
20:56:45.0265 2216 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:56:45.0265 2216 FltMgr - ok
20:56:45.0312 2216 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:56:45.0312 2216 FontCache3.0.0.0 - ok
20:56:45.0359 2216 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
20:56:45.0359 2216 fssfltr - ok
20:56:45.0484 2216 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:56:45.0484 2216 fsssvc - ok
20:56:45.0515 2216 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:56:45.0515 2216 Fs_Rec - ok
20:56:45.0546 2216 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:56:45.0546 2216 Ftdisk - ok
20:56:45.0578 2216 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:56:45.0578 2216 Gpc - ok
20:56:45.0625 2216 [ 20A940D96E69BE65F9B6E4695BAAC6DC ] GT72NDISIPXP C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
20:56:45.0625 2216 GT72NDISIPXP - ok
20:56:45.0671 2216 [ 1678D49EA3E76CCABDE89D7B26D5061C ] GT72UBUS C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
20:56:45.0671 2216 GT72UBUS - ok
20:56:45.0718 2216 [ 4A58B52E866BC50F81F63FE181384982 ] GTDetectSc C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
20:56:45.0718 2216 GTDetectSc - ok
20:56:45.0734 2216 [ 346DDAEFA04E49AD804EE12D4BAA0ED3 ] GTPTSER C:\WINDOWS\system32\DRIVERS\gtptser.sys
20:56:45.0734 2216 GTPTSER - ok
20:56:45.0828 2216 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:56:45.0828 2216 gupdate - ok
20:56:45.0843 2216 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:56:45.0843 2216 gupdatem - ok
20:56:45.0875 2216 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:56:45.0890 2216 HDAudBus - ok
20:56:45.0968 2216 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:56:45.0968 2216 helpsvc - ok
20:56:46.0031 2216 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:56:46.0031 2216 HidUsb - ok
20:56:46.0031 2216 hpn - ok
20:56:46.0093 2216 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
20:56:46.0093 2216 HSFHWAZL - ok
20:56:46.0171 2216 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
20:56:46.0171 2216 HSF_DPV - ok
20:56:46.0234 2216 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:56:46.0234 2216 HTTP - ok
20:56:46.0281 2216 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:56:46.0281 2216 HTTPFilter - ok
20:56:46.0328 2216 [ 2310CA92D37D97C9231ADF1796B47B9D ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
20:56:46.0328 2216 hwdatacard - ok
20:56:46.0375 2216 [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
20:56:46.0375 2216 i2omgmt - ok
20:56:46.0390 2216 i2omp - ok
20:56:46.0421 2216 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:56:46.0421 2216 i8042prt - ok
20:56:46.0671 2216 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:56:46.0718 2216 ialm - ok
20:56:46.0796 2216 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:56:46.0796 2216 idsvc - ok
20:56:46.0843 2216 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:56:46.0843 2216 Imapi - ok
20:56:46.0890 2216 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:56:46.0906 2216 ImapiService - ok
20:56:46.0906 2216 ini910u - ok
20:56:46.0968 2216 [ F8F75594C17FE7BCE1B4045BB7199868 ] int15 C:\WINDOWS\system32\drivers\int15.sys
20:56:46.0968 2216 int15 - ok
20:56:47.0140 2216 [ 12F4D2AA29745DC2A403FF42E75CF7FA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:56:47.0187 2216 IntcAzAudAddService - ok
20:56:47.0187 2216 IntelIde - ok
20:56:47.0234 2216 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:56:47.0234 2216 intelppm - ok
20:56:47.0281 2216 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:56:47.0281 2216 Ip6Fw - ok
20:56:47.0312 2216 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:56:47.0312 2216 IpFilterDriver - ok
20:56:47.0343 2216 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:56:47.0343 2216 IpInIp - ok
20:56:47.0390 2216 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:56:47.0390 2216 IpNat - ok
20:56:47.0406 2216 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:56:47.0406 2216 IPSec - ok
20:56:47.0453 2216 [ 86C204836FEEC22510D434982D4221B8 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
20:56:47.0453 2216 irda - ok
20:56:47.0500 2216 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:56:47.0500 2216 IRENUM - ok
20:56:47.0515 2216 [ E16AC23F81CFE1223AB470F9982DE89D ] Irmon C:\WINDOWS\System32\irmon.dll
20:56:47.0515 2216 Irmon - ok
20:56:47.0562 2216 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:56:47.0562 2216 isapnp - ok
20:56:47.0687 2216 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:56:47.0687 2216 JavaQuickStarterService - ok
20:56:47.0718 2216 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:56:47.0718 2216 Kbdclass - ok
20:56:47.0765 2216 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:56:47.0781 2216 kmixer - ok
20:56:47.0828 2216 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:56:47.0828 2216 KSecDD - ok
20:56:47.0875 2216 [ 9757F6E16FD1EAB54D6EB9D5EB3CBCB5 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:56:47.0875 2216 lanmanserver - ok
20:56:47.0906 2216 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:56:47.0921 2216 lanmanworkstation - ok
20:56:47.0953 2216 [ CC50A66548C2F285BC8A7B0B8AA578E3 ] lbrtfdc C:\WINDOWS\system32\drivers\lbrtfdc.sys
20:56:47.0953 2216 lbrtfdc - ok
20:56:48.0015 2216 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:56:48.0015 2216 LmHosts - ok
20:56:48.0062 2216 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:56:48.0062 2216 MBAMProtector - ok
20:56:48.0140 2216 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:56:48.0140 2216 MBAMScheduler - ok
20:56:48.0187 2216 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:56:48.0187 2216 MBAMService - ok
20:56:48.0312 2216 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
20:56:48.0312 2216 MDM - ok
20:56:48.0359 2216 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:56:48.0359 2216 mdmxsdk - ok
20:56:48.0390 2216 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:56:48.0406 2216 Messenger - ok
20:56:48.0468 2216 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:56:48.0468 2216 Microsoft Office Groove Audit Service - ok
20:56:48.0515 2216 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:56:48.0515 2216 mnmdd - ok
20:56:48.0562 2216 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:56:48.0562 2216 mnmsrvc - ok
20:56:48.0609 2216 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:56:48.0609 2216 Modem - ok
20:56:48.0625 2216 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:56:48.0625 2216 Mouclass - ok
20:56:48.0671 2216 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:56:48.0687 2216 mouhid - ok
20:56:48.0703 2216 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:56:48.0703 2216 MountMgr - ok
20:56:48.0718 2216 mraid35x - ok
20:56:48.0765 2216 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:56:48.0765 2216 MRxDAV - ok
20:56:48.0828 2216 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:56:48.0828 2216 MRxSmb - ok
20:56:48.0859 2216 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:56:48.0875 2216 MSDTC - ok
20:56:48.0921 2216 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:56:48.0921 2216 Msfs - ok
20:56:48.0921 2216 MSIServer - ok
20:56:48.0953 2216 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:56:48.0953 2216 MSKSSRV - ok
20:56:48.0984 2216 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:56:48.0984 2216 MSPCLOCK - ok
20:56:49.0031 2216 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:56:49.0031 2216 MSPQM - ok
20:56:49.0046 2216 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:56:49.0046 2216 mssmbios - ok
20:56:49.0093 2216 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:56:49.0109 2216 MSTEE - ok
20:56:49.0125 2216 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:56:49.0125 2216 Mup - ok
20:56:49.0171 2216 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:56:49.0171 2216 NABTSFEC - ok
20:56:49.0296 2216 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
20:56:49.0296 2216 NBService - ok
20:56:49.0343 2216 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:56:49.0343 2216 NDIS - ok
20:56:49.0390 2216 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:56:49.0390 2216 NdisIP - ok
20:56:49.0437 2216 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:56:49.0437 2216 NdisTapi - ok
20:56:49.0515 2216 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:56:49.0515 2216 Ndisuio - ok
20:56:49.0531 2216 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:56:49.0531 2216 NdisWan - ok
20:56:49.0546 2216 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:56:49.0546 2216 NDProxy - ok
20:56:49.0562 2216 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:56:49.0562 2216 NetBIOS - ok
20:56:49.0593 2216 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:56:49.0593 2216 NetBT - ok
20:56:49.0609 2216 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:56:49.0625 2216 NetDDE - ok
20:56:49.0625 2216 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:56:49.0640 2216 NetDDEdsdm - ok
20:56:49.0671 2216 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:56:49.0671 2216 Netlogon - ok
20:56:49.0734 2216 [ 86AD5B0E02F2C968FBB096AB4C555C9C ] Netman C:\WINDOWS\System32\netman.dll
20:56:49.0734 2216 Netman - ok
20:56:49.0781 2216 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:56:49.0781 2216 NetTcpPortSharing - ok
20:56:49.0812 2216 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:56:49.0812 2216 NIC1394 - ok
20:56:49.0875 2216 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
20:56:49.0890 2216 Nla - ok
20:56:49.0906 2216 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:56:49.0906 2216 Npfs - ok
20:56:49.0953 2216 [ 6216798D29C3BA9D0D6F40BBBAB694A5 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
20:56:49.0953 2216 NSCIRDA - ok
20:56:49.0984 2216 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:56:49.0984 2216 Ntfs - ok
20:56:50.0015 2216 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:56:50.0015 2216 NtLmSsp - ok
20:56:50.0046 2216 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:56:50.0062 2216 NtmsSvc - ok
20:56:50.0078 2216 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:56:50.0078 2216 Null - ok
20:56:50.0125 2216 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:56:50.0140 2216 NwlnkFlt - ok
20:56:50.0156 2216 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:56:50.0156 2216 NwlnkFwd - ok
20:56:50.0234 2216 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:56:50.0234 2216 odserv - ok
20:56:50.0265 2216 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:56:50.0265 2216 ohci1394 - ok
20:56:50.0312 2216 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:56:50.0312 2216 ose - ok
20:56:50.0359 2216 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\drivers\Parport.sys
20:56:50.0359 2216 Parport - ok
20:56:50.0375 2216 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:56:50.0390 2216 PartMgr - ok
20:56:50.0437 2216 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:56:50.0437 2216 ParVdm - ok
20:56:50.0468 2216 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:56:50.0484 2216 PCI - ok
20:56:50.0484 2216 PCIDump - ok
20:56:50.0515 2216 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:56:50.0515 2216 PCIIde - ok
20:56:50.0562 2216 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:56:50.0562 2216 Pcmcia - ok
20:56:50.0562 2216 perc2 - ok
20:56:50.0578 2216 perc2hib - ok
20:56:50.0640 2216 [ 4F9F7B567970B524F31D9970A23F7C24 ] PlugPlay C:\WINDOWS\system32\services.exe
20:56:50.0640 2216 PlugPlay - ok
20:56:50.0656 2216 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:56:50.0671 2216 PolicyAgent - ok
20:56:50.0718 2216 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:56:50.0718 2216 PptpMiniport - ok
20:56:50.0718 2216 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:56:50.0734 2216 ProtectedStorage - ok
20:56:50.0734 2216 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:56:50.0750 2216 PSched - ok
20:56:50.0796 2216 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:56:50.0796 2216 Ptilink - ok
20:56:50.0812 2216 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:56:50.0812 2216 PxHelp20 - ok
20:56:50.0812 2216 ql1080 - ok
20:56:50.0828 2216 Ql10wnt - ok
20:56:50.0828 2216 ql12160 - ok
20:56:50.0843 2216 ql1240 - ok
20:56:50.0843 2216 ql1280 - ok
20:56:50.0890 2216 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:56:50.0890 2216 RasAcd - ok
20:56:50.0921 2216 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:56:50.0921 2216 RasAuto - ok
20:56:50.0953 2216 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
20:56:50.0953 2216 Rasirda - ok
20:56:50.0968 2216 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:56:50.0968 2216 Rasl2tp - ok
20:56:51.0015 2216 [ 43A5C7969718EE00940A6D096960DBC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:56:51.0031 2216 RasMan - ok
20:56:51.0078 2216 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:56:51.0078 2216 RasPppoe - ok
20:56:51.0093 2216 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:56:51.0093 2216 Raspti - ok
20:56:51.0109 2216 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:56:51.0125 2216 Rdbss - ok
20:56:51.0125 2216 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:56:51.0125 2216 RDPCDD - ok
20:56:51.0187 2216 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:56:51.0187 2216 rdpdr - ok
20:56:51.0234 2216 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:56:51.0234 2216 RDPWD - ok
20:56:51.0281 2216 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:56:51.0281 2216 RDSessMgr - ok
20:56:51.0312 2216 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:56:51.0312 2216 redbook - ok
20:56:51.0359 2216 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:56:51.0359 2216 RemoteAccess - ok
20:56:51.0406 2216 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:56:51.0406 2216 RemoteRegistry - ok
20:56:51.0453 2216 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:56:51.0468 2216 RpcLocator - ok
20:56:51.0500 2216 [ 2B269C916766BDB43404F043B763427D ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:56:51.0515 2216 RpcSs - ok
20:56:51.0546 2216 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:56:51.0562 2216 RSVP - ok
20:56:51.0593 2216 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
20:56:51.0593 2216 SamSs - ok
20:56:51.0640 2216 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:56:51.0640 2216 SCardSvr - ok
20:56:51.0687 2216 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:56:51.0703 2216 Schedule - ok
20:56:51.0718 2216 [ 02FC71B020EC8700EE8A46C58BC6F276 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:56:51.0718 2216 sdbus - ok
20:56:51.0796 2216 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:56:51.0796 2216 SeaPort - ok
20:56:51.0828 2216 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:56:51.0828 2216 seclogon - ok
20:56:51.0859 2216 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
20:56:51.0859 2216 SENS - ok
20:56:51.0906 2216 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
20:56:51.0906 2216 Serial - ok
20:56:51.0984 2216 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:56:51.0984 2216 ServiceLayer - ok
20:56:52.0046 2216 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:56:52.0046 2216 Sfloppy - ok
20:56:52.0093 2216 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:56:52.0109 2216 SharedAccess - ok
20:56:52.0156 2216 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:56:52.0156 2216 ShellHWDetection - ok
20:56:52.0171 2216 Simbad - ok
20:56:52.0203 2216 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:56:52.0218 2216 SLIP - ok
20:56:52.0218 2216 Sparrow - ok
20:56:52.0265 2216 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:56:52.0265 2216 splitter - ok
20:56:52.0312 2216 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:56:52.0312 2216 Spooler - ok
20:56:52.0359 2216 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
20:56:52.0375 2216 sptd - ok
20:56:52.0421 2216 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:56:52.0421 2216 sr - ok
20:56:52.0468 2216 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
20:56:52.0484 2216 srservice - ok
20:56:52.0531 2216 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:56:52.0531 2216 Srv - ok
20:56:52.0562 2216 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:56:52.0562 2216 SSDPSRV - ok
20:56:52.0609 2216 [ B824215A934A24928CDDD1EF7E113035 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:56:52.0625 2216 stisvc - ok
20:56:52.0671 2216 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:56:52.0671 2216 streamip - ok
20:56:52.0703 2216 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:56:52.0703 2216 swenum - ok
20:56:52.0750 2216 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:56:52.0750 2216 swmidi - ok
20:56:52.0765 2216 SwPrv - ok
20:56:52.0765 2216 symc810 - ok
20:56:52.0781 2216 symc8xx - ok
20:56:52.0796 2216 sym_hi - ok
20:56:52.0796 2216 sym_u3 - ok
20:56:52.0843 2216 [ CC5DA243CFDAC58FC0408F7CE24084C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:56:52.0843 2216 SynTP - ok
20:56:52.0890 2216 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:56:52.0890 2216 sysaudio - ok
20:56:52.0937 2216 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:56:52.0937 2216 SysmonLog - ok
20:56:52.0984 2216 [ 250241D65CCF692AEACC318A266413C2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:56:53.0000 2216 TapiSrv - ok
20:56:53.0031 2216 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:56:53.0031 2216 Tcpip - ok
20:56:53.0078 2216 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:56:53.0078 2216 TDPIPE - ok
20:56:53.0109 2216 [ 45FE2294261FF05AA986CDC757E7B524 ] TdsNordecr C:\WINDOWS\system32\DRIVERS\nordecr.sys
20:56:53.0109 2216 TdsNordecr - ok
20:56:53.0140 2216 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:56:53.0140 2216 TDTCP - ok
20:56:53.0171 2216 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:56:53.0171 2216 TermDD - ok
20:56:53.0203 2216 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
20:56:53.0218 2216 TermService - ok
20:56:53.0234 2216 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:56:53.0250 2216 Themes - ok
20:56:53.0296 2216 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
20:56:53.0312 2216 tifm21 - ok
20:56:53.0343 2216 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:56:53.0343 2216 TlntSvr - ok
20:56:53.0359 2216 TosIde - ok
20:56:53.0390 2216 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:56:53.0406 2216 TrkWks - ok
20:56:53.0453 2216 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
20:56:53.0453 2216 tvicport - ok
20:56:53.0484 2216 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:56:53.0484 2216 Udfs - ok
20:56:53.0500 2216 ultra - ok
20:56:53.0546 2216 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:56:53.0546 2216 Update - ok
20:56:53.0578 2216 [ 0C0C2C77C6B52181369594F2AA36AF40 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:56:53.0593 2216 upnphost - ok
20:56:53.0625 2216 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
20:56:53.0625 2216 UPS - ok
20:56:53.0671 2216 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:56:53.0671 2216 usbaudio - ok
20:56:53.0718 2216 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:56:53.0718 2216 usbccgp - ok
20:56:53.0765 2216 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:56:53.0765 2216 usbehci - ok
20:56:53.0781 2216 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:56:53.0781 2216 usbhub - ok
20:56:53.0828 2216 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:56:53.0828 2216 usbscan - ok
20:56:53.0875 2216 [ 49106EE29074E6A3D3AC9E24C6D791D8 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
20:56:53.0875 2216 usbser - ok
20:56:53.0921 2216 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:56:53.0937 2216 USBSTOR - ok
20:56:53.0953 2216 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:56:53.0953 2216 usbuhci - ok
20:56:54.0015 2216 [ 94A0CE966C671C74E903487099E818C8 ] VF0470Vid C:\WINDOWS\system32\DRIVERS\V0470Vid.sys
20:56:54.0015 2216 VF0470Vid - ok
20:56:54.0046 2216 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:56:54.0046 2216 VgaSave - ok
20:56:54.0046 2216 ViaIde - ok
20:56:54.0093 2216 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:56:54.0093 2216 VolSnap - ok
20:56:54.0125 2216 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
20:56:54.0140 2216 VSS - ok
20:56:54.0171 2216 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
20:56:54.0187 2216 W32Time - ok
20:56:54.0203 2216 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:56:54.0203 2216 Wanarp - ok
20:56:54.0265 2216 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:56:54.0265 2216 Wdf01000 - ok
20:56:54.0296 2216 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:56:54.0296 2216 wdmaud - ok
20:56:54.0343 2216 [ 4BD50644CF52F00091F894AB7541E538 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:56:54.0343 2216 WebClient - ok
20:56:54.0406 2216 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:56:54.0421 2216 winachsf - ok
20:56:54.0500 2216 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:56:54.0500 2216 winmgmt - ok
20:56:54.0562 2216 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:56:54.0562 2216 WmdmPmSN - ok
20:56:54.0625 2216 [ E428EED87E8055FB995CF0E4D1532D4C ] Wmi C:\WINDOWS\System32\advapi32.dll
20:56:54.0640 2216 Wmi - ok
20:56:54.0671 2216 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:56:54.0671 2216 WmiAcpi - ok
20:56:54.0734 2216 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:56:54.0734 2216 WmiApSrv - ok
20:56:54.0812 2216 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:56:54.0812 2216 WMPNetworkSvc - ok
20:56:54.0859 2216 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
20:56:54.0875 2216 WpdUsb - ok
20:56:54.0890 2216 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:56:54.0890 2216 WS2IFSL - ok
20:56:54.0937 2216 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:56:54.0937 2216 wscsvc - ok
20:56:54.0984 2216 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:56:55.0000 2216 WSTCODEC - ok
20:56:55.0031 2216 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:56:55.0046 2216 wuauserv - ok
20:56:55.0093 2216 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:56:55.0093 2216 WudfPf - ok
20:56:55.0125 2216 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:56:55.0125 2216 WudfRd - ok
20:56:55.0171 2216 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:56:55.0171 2216 WudfSvc - ok
20:56:55.0218 2216 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:56:55.0234 2216 WZCSVC - ok
20:56:55.0265 2216 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:56:55.0281 2216 xmlprov - ok
20:56:55.0312 2216 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
20:56:55.0312 2216 zntport - ok
20:56:55.0328 2216 ================ Scan global ===============================
20:56:55.0375 2216 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
20:56:55.0421 2216 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
20:56:55.0437 2216 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
20:56:55.0484 2216 [ 4F9F7B567970B524F31D9970A23F7C24 ] C:\WINDOWS\system32\services.exe
20:56:55.0484 2216 [Global] - ok
20:56:55.0500 2216 ================ Scan MBR ==================================
20:56:55.0515 2216 [ 3B00EB857BBA060EBA3B17F7019E492F ] \Device\Harddisk0\DR0
20:56:55.0734 2216 \Device\Harddisk0\DR0 - ok
20:56:55.0734 2216 ================ Scan VBR ==================================
20:56:55.0734 2216 [ 547DBCB024D36DE448AAAA6124F86884 ] \Device\Harddisk0\DR0\Partition1
20:56:55.0734 2216 \Device\Harddisk0\DR0\Partition1 - ok
20:56:55.0765 2216 [ 4BB30DA74C6C98EB818B7C9E216C119C ] \Device\Harddisk0\DR0\Partition2
20:56:55.0765 2216 \Device\Harddisk0\DR0\Partition2 - ok
20:56:55.0765 2216 ============================================================
20:56:55.0765 2216 Scan finished
20:56:55.0765 2216 ============================================================
20:56:55.0781 2224 Detected object count: 0
20:56:55.0781 2224 Actual detected object count: 0
20:56:58.0640 0476 Deinitialize success

[jaro3]

Nainstaluj SP3..

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[jesuami]

ComboFix 13-08-22.01 - pokus 23.08.2013 20:28:13.11.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.572 [GMT 2:00]
Spuštěný z: c:\documents and settings\pokus\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-23 do 2013-08-23 )))))))))))))))))))))))))))))))
.
.
2013-08-21 10:51 . 2013-08-21 10:51 -------- d-----w- c:\windows\ERUNT
2013-08-21 07:30 . 2013-08-21 09:54 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-21 09:58 . 2012-04-18 04:45 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 09:58 . 2012-02-07 09:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-25 07:21 . 2013-03-19 16:49 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-07-25 07:21 . 2013-03-19 16:49 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-07-25 07:21 . 2013-03-19 16:49 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-02-12 13:35 . 2013-02-12 13:35 50688 ----a-w- c:\program files\ATF-Cleaner.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-09-12 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe
.
[-] 2008-09-30 . 07DE423FB70EBAC5136677E3956FDBC3 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-30 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-30 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-30 138008]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-30 102400]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"V0470Mon.exe"="c:\windows\V0470Mon.exe" [2007-06-04 32768]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pokus^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\pokus\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 10:25 208896 -c--a-w- c:\program files\Acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-19 14:39 41208 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 -c--a-w- c:\program files\Acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 -c--a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 10:44 475136 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 09:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitLord_1.01.ex\\BitLord.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:Remote Desktop
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [19.3.2013 18:49 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [19.3.2013 18:49 175176]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [12.4.2013 11:55 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [19.3.2013 18:49 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.3.2013 18:49 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.3.2013 18:49 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [19.3.2013 18:49 66336]
R2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GtDetectSc.exe [18.12.2007 13:48 196704]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [15.4.2013 14:55 701512]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.4.2011 11:03 16896]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [10.2.2013 10:31 106624]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [10.2.2013 10:31 59648]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [15.4.2013 14:55 22856]
S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [30.10.2007 8:57 23040]
S3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\system32\drivers\V0470Vid.sys [28.2.2013 18:28 146720]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.11.2008 6:48 717296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-22 07:26 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 09:58]
.
2013-08-23 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-19 08:58]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-10 17:41]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-10 17:41]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: Interfaces\{5825B72F-1913-491F-A1BE-96CAB5660A5B}: NameServer = 84.246.88.10,84.246.88.20
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-23 20:34
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(844)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(900)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(3652)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\program files\Acer\Empowering Technology\ePower\SysHook.dll
c:\program files\Common Files\Ahead\Lib\NeroDigitalExt.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-08-23 20:36:51
ComboFix-quarantined-files.txt 2013-08-23 18:36
.
Před spuštěním: 7 747 379 200
Po spuštění: 7 795 748 864
.
- - End Of File - - 53570091C5EE1C540B229ED510A1A0A9
3B00EB857BBA060EBA3B17F7019E492F

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ Nový log z HJT

Jak se chová PC? Máš strašně málo místa na systémovém disku. 7 GB je nedostatečné. Mělo by být volno alespoň 15 % kapacity disku.

[jesuami]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:30:26, on 28.8.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21348)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft\BingBar\BBSvc.EXE
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: eLock Service (eLockService) - - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: GtDetectSc Service (GTDetectSc) - OptionNV - C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9033 bytes

[memphisto]

Jak se chová PC? Máš strašně málo místa na systémovém disku. 7 GB je nedostatečné. Mělo by být volno alespoň 15 % kapacity disku.

V HJT fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)

[jesuami]

hotovo,
o nedostatku mista vim, ale uz jsem neco smazla..
-mohu uz odinstalovat ATF cleaner, TFC, adw cleaner, JRT, a malwarebytes??

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:26:20, on 29.8.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21348)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: eLock Service (eLockService) - - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: GtDetectSc Service (GTDetectSc) - OptionNV - C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9152 bytes

[memphisto]

Ano, můžeš odinstalovat. Ještě jsi nefixnula ty položky, co jsem ti psal... Máš je tam pořád...

[jesuami]

ale ano, nevim proc tam jsou porad.. asi mi to nefunguje, nobo to delam spatne??

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:16:41, on 30.8.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21348)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = pilsfree.czf
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: eLock Service (eLockService) - - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: GtDetectSc Service (GTDetectSc) - OptionNV - C:\Program Files\Option\Option 225 Driver Installation\GTDetectSc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8514 bytes