SOS > samovyskakující okna

pastra · Příspěvekod **pastra** » 05 črc 2012 07:26

Dobrý den, potřeboval bych pomoct. Začaly mi samy vyskakovat okna ve všech prohlížečích dole v pravo. Jsou to flash animace, většinou reklamy, hry nebo "právě jste vyhrál ...". Zasílám HiJackThis. Děkuji.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:11:47, on 5.7.2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
C:\Program Files (x86)\F-Secure\common\FSM32.EXE
C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Portrait Displays\PremierColor\DTHtml.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\totalcmd\Totalcmd.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe
C:\Users\pastra\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.vitkovice.cz:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = holba;udrzba;intra;pardal;rebel;svijany;bazant;branik;felah;star1;holba.vitkovice.cz;udrzba.vitkovice.cz;intra.vitkovice.cz;pardal.vitkovice.cz;rebel.vitkovice.cz;svijany.vitkovice.cz;bazant.vitkovice.cz;branik.vitkovice.cz;felah.vitkovice.cz;star1.vitkovice.cz;oka1*;oka2*;nsw0*;wca0*;192.168.*;172.16.*;172.18.*;172.19.*;172.21.*;10.10.50.*;10.10.51.*;xn--localhost-8na;*.vitkovice.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 68.168.222.227 www.google-analytics.com.
O1 - Hosts: 68.168.222.227 ad-emea.doubleclick.net.
O1 - Hosts: 68.168.222.227 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [DT DEL] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -DEL
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [Check Point Endpoint Security] "C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: http://web.hutni-montaze.cz
O15 - Trusted Zone: *.hutni-montaze.cz
O15 - Trusted Zone: http://holba.vitkovice.cz
O15 - Trusted Zone: http://sp2010.vitkovice.cz
O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.cenia.cz/3dmodel/mzp/plugin/gvista31.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hutni-montaze.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hutni-montaze.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hutni-montaze.cz
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpen Manager Service (FileOpenManagerSvc) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kerio Updater Service (ktupdaterservice) - Kerio Technologies Inc. - C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: O2SDIOAssist - Unknown owner - c:\Windows\SysWOW64\srvany.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: NTRU TSS v1.2.1.36 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: Check Point Endpoint Security VPN (TracSrvWrapper) - Check Point Software Technologies - C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files (x86)\TightVNC\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

--
End of file - 19475 bytes

Reklama

bledulka · Příspěvekod **bledulka** » 05 črc 2012 08:13

Zdravím :)

Stahni CCleaner http://www.filehippo.com/download_cclea ... cbae6b492/
-nainstaluj (neinstaluj Yahoo toolbar)

-zvol záložku Čistič
-nechej v levém sloupečku zatrhnuté vše jak je a zmáčkni tlačítko analyzovat
-pak potvrď tlačítko Spustit Ccleaner
-tím se vyčistí počítač od dočasných soubborů, doporučuji pravidelně používat.

-vyber záložku registry
-klikni na tlačítko hledej problémy
-pak klikni na opravit vybrané problémy, potvrď, že chceš udělat zálohu a nech všechno opravit

**********************

Stahni Rsit http://images.malwareremoval.com/random/RSIT.exe
-spusť, klikni na tlačítko Continue
-po skenu na tebe vyběhne log.txt,obsah vlož zde

*********************

Stahni Mbam http://download.cnet.com/3001-8022_4-10 ... l-10804572
-nainstaluj, aktualizuj
-udělej uplný sken a vlož sem log

pastra · Příspěvekod **pastra** » 05 črc 2012 14:51

zdravím bledulku,

tady je log z Rsit:

Logfile of random's system information tool 1.09 (written by random/random)
Run by pastra at 2012-07-05 14:11:57
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 22 GB (9%) free of 243 GB
Total RAM: 8149 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:12:50, on 5.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
C:\Program Files (x86)\F-Secure\common\FSM32.EXE
C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Portrait Displays\PremierColor\DTHtml.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\pastra\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\pastra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.vitkovice.cz:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = holba;udrzba;intra;pardal;rebel;svijany;bazant;branik;felah;star1;holba.vitkovice.cz;udrzba.vitkovice.cz;intra.vitkovice.cz;pardal.vitkovice.cz;rebel.vitkovice.cz;svijany.vitkovice.cz;bazant.vitkovice.cz;branik.vitkovice.cz;felah.vitkovice.cz;star1.vitkovice.cz;oka1*;oka2*;nsw0*;wca0*;192.168.*;172.16.*;172.18.*;172.19.*;172.21.*;10.10.50.*;10.10.51.*;xn--localhost-8na;*.vitkovice.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 68.168.222.227 www.google-analytics.com.
O1 - Hosts: 68.168.222.227 ad-emea.doubleclick.net.
O1 - Hosts: 68.168.222.227 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [DT DEL] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -DEL
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [Check Point Endpoint Security] "C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://web.hutni-montaze.cz
O15 - Trusted Zone: *.hutni-montaze.cz
O15 - Trusted Zone: http://holba.vitkovice.cz
O15 - Trusted Zone: http://sp2010.vitkovice.cz
O16 - DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} (G-Vista ActiveX) - http://www.cenia.cz/3dmodel/mzp/plugin/gvista31.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hutni-montaze.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hutni-montaze.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hutni-montaze.cz
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpen Manager Service (FileOpenManagerSvc) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kerio Updater Service (ktupdaterservice) - Kerio Technologies Inc. - C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: O2SDIOAssist - Unknown owner - c:\Windows\SysWOW64\srvany.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: NTRU TSS v1.2.1.36 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: Check Point Endpoint Security VPN (TracSrvWrapper) - Check Point Software Technologies - C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files (x86)\TightVNC\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

--
End of file - 19427 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-04-04 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-04-04 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-04-04 340384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-27 343168]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2011-08-09 112408]
"DT DEL"=C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [2011-10-13 121648]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-03-12 462993]
"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [2010-11-25 240112]
"tvncontrol"=C:\Program Files (x86)\TightVNC\tvnserver.exe [2010-07-08 815704]
"F-Secure Manager"=C:\Program Files (x86)\F-Secure\Common\FSM32.EXE [2011-08-30 303816]
"F-Secure TNB"=C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe [2011-08-30 1655496]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2011-08-08 251904]
"Check Point Endpoint Security"=C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [2011-09-15 801968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2012-04-04 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2012-04-04 815512]
""= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [2012-04-04 1261472]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-22 718720]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\pastra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-07-05 14:08:17 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-05 14:05:03 ----D---- C:\Program Files (x86)\trend micro
2012-07-05 14:05:01 ----D---- C:\rsit
2012-07-05 14:03:02 ----D---- C:\Program Files (x86)\CCleaner
2012-07-04 18:20:31 ----D---- C:\Users\pastra\AppData\Roaming\Malwarebytes
2012-07-04 18:20:21 ----D---- C:\ProgramData\Malwarebytes
2012-06-17 22:19:45 ----D---- C:\Program Files (x86)\Ffmpeg For Audacity
2012-06-17 21:58:50 ----D---- C:\Program Files (x86)\FDRLab
2012-06-16 03:00:36 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-06-16 03:00:36 ----A---- C:\Windows\SysWOW64\url.dll
2012-06-16 03:00:36 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-06-16 03:00:35 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-06-16 03:00:35 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-06-16 03:00:35 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-06-16 03:00:35 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-06-16 03:00:34 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-06-16 03:00:34 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-06-16 03:00:34 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-06-16 03:00:33 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-06-16 03:00:31 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-06-13 06:34:29 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-13 06:34:29 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-13 06:34:22 ----A---- C:\Windows\SysWOW64\msi.dll
2012-06-13 06:34:19 ----A---- C:\Windows\SysWOW64\crypt32.dll
2012-06-13 06:34:18 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2012-06-13 06:34:18 ----A---- C:\Windows\SysWOW64\cryptnet.dll

======List of files/folders modified in the last 1 month======

2012-07-05 14:12:40 ----D---- C:\Windows\Temp
2012-07-05 14:08:17 ----RD---- C:\Program Files (x86)
2012-07-05 14:04:01 ----AD---- C:\Windows
2012-07-05 14:01:51 ----D---- C:\e-mail
2012-07-05 13:54:16 ----D---- C:\Users\pastra\AppData\Roaming\Skype
2012-07-05 13:54:09 ----A---- C:\Windows\SysWOW64\log.txt
2012-07-05 09:35:48 ----D---- C:\Windows\System32
2012-07-05 09:35:48 ----D---- C:\Windows\inf
2012-07-05 09:31:31 ----RD---- C:\Users
2012-07-05 09:31:31 ----RD---- C:\Program Files
2012-07-05 09:31:31 ----D---- C:\progress_report
2012-07-05 09:31:31 ----D---- C:\PerfLogs
2012-07-05 07:16:38 ----D---- C:\ProgramData\Sonic
2012-07-05 05:30:11 ----D---- C:\Users\pastra\AppData\Roaming\Winamp
2012-07-04 20:05:23 ----D---- C:\Users\pastra\AppData\Roaming\Media Player Classic
2012-07-04 19:43:34 ----SHD---- C:\System Volume Information
2012-07-04 19:19:59 ----D---- C:\Windows\winsxs
2012-07-04 18:20:21 ----HD---- C:\ProgramData
2012-07-04 18:11:36 ----D---- C:\Windows\Prefetch
2012-07-04 11:41:48 ----SHD---- C:\Config.Msi
2012-07-04 11:40:16 ----SHD---- C:\Windows\Installer
2012-07-04 11:37:17 ----D---- C:\Windows\SysWOW64
2012-07-04 07:37:51 ----D---- C:\Program Files (x86)\EasyLanguage
2012-07-04 07:16:52 ----D---- C:\Users\pastra\AppData\Roaming\uTorrent
2012-07-04 07:16:52 ----D---- C:\Users\pastra\AppData\Roaming\DAEMON Tools Lite
2012-07-04 07:16:50 ----D---- C:\Windows\panther
2012-07-04 07:16:49 ----D---- C:\Windows\Minidump
2012-07-04 07:16:49 ----D---- C:\Windows\Logs
2012-07-04 07:16:49 ----D---- C:\Windows\debug
2012-06-26 06:31:23 ----D---- C:\Windows\Tasks
2012-06-26 06:31:11 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-24 16:26:40 ----D---- C:\Windows\rescache
2012-06-20 06:37:19 ----D---- C:\ocs-ng
2012-06-19 23:04:46 ----D---- C:\PASTRA
2012-06-19 21:01:47 ----D---- C:\Program Files (x86)\MSECache
2012-06-17 22:21:46 ----D---- C:\Users\pastra\AppData\Roaming\Audacity
2012-06-16 08:24:00 ----D---- C:\Windows\Microsoft.NET
2012-06-16 08:22:57 ----RSD---- C:\Windows\assembly
2012-06-16 03:21:18 ----D---- C:\Windows\SysWOW64\migration
2012-06-16 03:21:18 ----D---- C:\Windows\SysWOW64\cs-CZ
2012-06-16 03:21:18 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-16 03:05:43 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2011-12-09 42672]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys []
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys []
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [2011-08-30 61992]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys []
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys []
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2011-08-30 15048]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys []
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys []
R1 vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\accelern.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys []
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys []
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys []
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2012-05-29 199848]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys []
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys []
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys []
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys []
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys []
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys []
R3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\DRIVERS\O2MDRw7x64.sys []
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys []
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 vna_ap;Check Point Virtual Network Adapter - Apollo; C:\Windows\system32\DRIVERS\vnaap.sys []
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys []
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys []
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys []
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys []
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 HBtnKey;DELL Tablet PC Key Buttons HID Driver; C:\Windows\system32\drivers\HBtnKey.sys []
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys []
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys []
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7x64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcuxd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-02-08 956192]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-05-13 1043872]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-05-13 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DFEPService;Dell Feature Enhancement Pack Service; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-25 2279320]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [2011-10-13 129840]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-12-23 1515792]
R2 FileOpenManagerSvc;FileOpen Manager Service; C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe [2011-12-09 334720]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [2011-08-30 221896]
R2 FSMA;F-Secure Management Agent; C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE [2011-08-30 189128]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe []
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 ktupdaterservice;Kerio Updater Service; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [2012-01-11 446464]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-09 325912]
R2 O2FLASH;O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe []
R2 O2SDIOAssist;O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [2003-04-19 8192]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-08-12 113456]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-12-23 845584]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-07 283648]
R2 TdmService;TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2011-05-28 3792240]
R2 TracSrvWrapper;Check Point Endpoint Security VPN; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [2011-09-15 4512952]
R2 tvnserver;TightVNC Server; C:\Program Files (x86)\TightVNC\tvnserver.exe [2010-07-08 815704]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-08-09 2656536]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe [2011-08-30 907976]
R3 F-Secure Network Request Broker;F-Secure Network Request Broker; C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE [2011-08-30 189128]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-08-30 62152]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-22 136176]
S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.36 TCS; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2011-02-17 1633280]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-12-15 1436424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-22 136176]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2011-05-24 2154888]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-09 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
a tady z Mbam:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.07.05.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
pastra :: HMO222 [administrátor]

Ochrana: Zakázána

5.7.2012 14:15:31
mbam-log-2012-07-05 (14-15-31).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 478368
Uplynulý čas: 31 minut, 59 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Příspěvekod **jaro3** » 05 črc 2012 21:48

Odinstaluj:
Ask Toolbar
Nero Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = holba;udrzba;intra;pardal;rebel;svijany;bazant;branik;felah;star1;holba.vitkovice.cz;udrzba.vitkovice.cz;intra.vitkovice.cz;pardal.vitkovice.cz;rebel.vitkovice.cz;svijany.vitkovice.cz;bazant.vitkovice.cz;branik.vitkovice.cz;felah.vitkovice.cz;star1.vitkovice.cz;oka1*;oka2*;nsw0*;wca0*;192.168.*;172.16.*;172.18.*;172.19.*;172.21.*;10.10.50.*;10.10.51.*;xn--localhost-8na;*.vitkovice.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 68.168.222.227 www.google-analytics.com.
O1 - Hosts: 68.168.222.227 ad-emea.doubleclick.net.
O1 - Hosts: 68.168.222.227 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.vitkovice.cz:3128
sis nastavoval sám??

pastra · Příspěvekod **pastra** » 06 črc 2012 08:30

zdravím :)

R1 - HKCU\... jsem neistaloval , je to firemni komp

07:53:55.0137 7212 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
07:53:55.0231 7212 ============================================================
07:53:55.0231 7212 Current date / time: 2012/07/06 07:53:55.0231
07:53:55.0231 7212 SystemInfo:
07:53:55.0231 7212
07:53:55.0231 7212 OS Version: 6.1.7601 ServicePack: 1.0
07:53:55.0231 7212 Product type: Workstation
07:53:55.0231 7212 ComputerName: HMO222
07:53:55.0231 7212 UserName: pastra
07:53:55.0231 7212 Windows directory: C:\Windows
07:53:55.0231 7212 System windows directory: C:\Windows
07:53:55.0231 7212 Running under WOW64
07:53:55.0231 7212 Processor architecture: Intel x64
07:53:55.0231 7212 Number of processors: 4
07:53:55.0231 7212 Page size: 0x1000
07:53:55.0231 7212 Boot type: Normal boot
07:53:55.0231 7212 ============================================================
07:53:55.0465 7212 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:53:55.0465 7212 ============================================================
07:53:55.0465 7212 \Device\Harddisk0\DR0:
07:53:55.0465 7212 MBR partitions:
07:53:55.0465 7212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000
07:53:55.0465 7212 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18C000, BlocksNum 0x1DB66000
07:53:55.0465 7212 ============================================================
07:53:55.0465 7212 C: <-> \Device\Harddisk0\DR0\Partition1
07:53:55.0465 7212 ============================================================
07:53:55.0465 7212 Initialize success
07:53:55.0465 7212 ============================================================
07:54:38.0693 8024 ============================================================
07:54:38.0693 8024 Scan started
07:54:38.0693 8024 Mode: Manual;
07:54:38.0693 8024 ============================================================
07:54:38.0802 8024 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
07:54:38.0802 8024 1394ohci - ok
07:54:38.0802 8024 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
07:54:38.0802 8024 61883 - ok
07:54:38.0817 8024 Acceler (1575a815c27789061f34b4f55ae0b5c3) C:\Windows\system32\DRIVERS\accelern.sys
07:54:38.0817 8024 Acceler - ok
07:54:38.0817 8024 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:54:38.0833 8024 ACPI - ok
07:54:38.0833 8024 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:54:38.0833 8024 AcpiPmi - ok
07:54:38.0833 8024 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:54:38.0833 8024 AdobeARMservice - ok
07:54:38.0849 8024 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
07:54:38.0864 8024 adp94xx - ok
07:54:38.0864 8024 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
07:54:38.0880 8024 adpahci - ok
07:54:38.0880 8024 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
07:54:38.0880 8024 adpu320 - ok
07:54:38.0880 8024 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
07:54:38.0880 8024 AeLookupSvc - ok
07:54:38.0895 8024 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
07:54:38.0895 8024 AESTFilters - ok
07:54:38.0911 8024 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
07:54:38.0911 8024 AFD - ok
07:54:38.0911 8024 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:54:38.0911 8024 agp440 - ok
07:54:38.0927 8024 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
07:54:38.0927 8024 ALG - ok
07:54:38.0927 8024 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:54:38.0927 8024 aliide - ok
07:54:38.0927 8024 AMD External Events Utility (0ecc9f3bbf427c10034770ab6c491993) C:\Windows\system32\atiesrxx.exe
07:54:38.0927 8024 AMD External Events Utility - ok
07:54:38.0942 8024 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:54:38.0942 8024 amdide - ok
07:54:38.0942 8024 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
07:54:38.0942 8024 AmdK8 - ok
07:54:39.0192 8024 amdkmdag (c0b060a39d0795a25c1a2db547dd0f03) C:\Windows\system32\DRIVERS\atikmdag.sys
07:54:39.0239 8024 amdkmdag - ok
07:54:39.0285 8024 amdkmdap (487e7babfb7f0349b37eeed918dae548) C:\Windows\system32\DRIVERS\atikmpag.sys
07:54:39.0285 8024 amdkmdap - ok
07:54:39.0285 8024 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
07:54:39.0285 8024 AmdPPM - ok
07:54:39.0285 8024 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:54:39.0301 8024 amdsata - ok
07:54:39.0301 8024 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
07:54:39.0301 8024 amdsbs - ok
07:54:39.0301 8024 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:54:39.0301 8024 amdxata - ok
07:54:39.0317 8024 ApfiltrService (6d4cb1f46a0ac05326f834fd6b822479) C:\Windows\system32\DRIVERS\Apfiltr.sys
07:54:39.0317 8024 ApfiltrService - ok
07:54:39.0332 8024 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:54:39.0332 8024 AppID - ok
07:54:39.0332 8024 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
07:54:39.0332 8024 AppIDSvc - ok
07:54:39.0332 8024 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
07:54:39.0332 8024 Appinfo - ok
07:54:39.0348 8024 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
07:54:39.0348 8024 AppMgmt - ok
07:54:39.0348 8024 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
07:54:39.0348 8024 arc - ok
07:54:39.0348 8024 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
07:54:39.0348 8024 arcsas - ok
07:54:39.0363 8024 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:54:39.0363 8024 aspnet_state - ok
07:54:39.0379 8024 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:54:39.0379 8024 AsyncMac - ok
07:54:39.0379 8024 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:54:39.0379 8024 atapi - ok
07:54:39.0379 8024 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
07:54:39.0379 8024 AtiHDAudioService - ok
07:54:39.0410 8024 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:54:39.0410 8024 AudioEndpointBuilder - ok
07:54:39.0410 8024 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:54:39.0426 8024 AudioSrv - ok
07:54:39.0426 8024 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
07:54:39.0426 8024 Avc - ok
07:54:39.0426 8024 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
07:54:39.0426 8024 AxInstSV - ok
07:54:39.0426 8024 Axtmvflt (344b907477ff1bc01bd315ab93df9764) C:\Windows\system32\DRIVERS\Axtmvflt.sys
07:54:39.0426 8024 Axtmvflt - ok
07:54:39.0441 8024 Axtmvmdm (4f8d9a8c04c33496403cc4dde3e9d6ce) C:\Windows\system32\DRIVERS\Axtmvmdm.sys
07:54:39.0441 8024 Axtmvmdm - ok
07:54:39.0457 8024 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
07:54:39.0457 8024 b06bdrv - ok
07:54:39.0457 8024 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:54:39.0473 8024 b57nd60a - ok
07:54:39.0473 8024 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
07:54:39.0473 8024 BDESVC - ok
07:54:39.0473 8024 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:54:39.0473 8024 Beep - ok
07:54:39.0504 8024 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
07:54:39.0504 8024 BFE - ok
07:54:39.0519 8024 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
07:54:39.0535 8024 BITS - ok
07:54:39.0535 8024 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:54:39.0535 8024 blbdrive - ok
07:54:39.0551 8024 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:54:39.0551 8024 bowser - ok
07:54:39.0551 8024 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
07:54:39.0551 8024 BrFiltLo - ok
07:54:39.0551 8024 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
07:54:39.0551 8024 BrFiltUp - ok
07:54:39.0566 8024 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
07:54:39.0566 8024 Browser - ok
07:54:39.0566 8024 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:54:39.0566 8024 Brserid - ok
07:54:39.0582 8024 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:54:39.0582 8024 BrSerWdm - ok
07:54:39.0582 8024 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:54:39.0582 8024 BrUsbMdm - ok
07:54:39.0582 8024 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:54:39.0582 8024 BrUsbSer - ok
07:54:39.0582 8024 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
07:54:39.0582 8024 BthEnum - ok
07:54:39.0582 8024 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
07:54:39.0597 8024 BTHMODEM - ok
07:54:39.0597 8024 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
07:54:39.0597 8024 BthPan - ok
07:54:39.0613 8024 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
07:54:39.0613 8024 BTHPORT - ok
07:54:39.0613 8024 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
07:54:39.0629 8024 bthserv - ok
07:54:39.0629 8024 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
07:54:39.0629 8024 BTHUSB - ok
07:54:39.0644 8024 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys
07:54:39.0644 8024 BTWAMPFL - ok
07:54:39.0644 8024 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys
07:54:39.0644 8024 btwaudio - ok
07:54:39.0644 8024 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\drivers\btwavdt.sys
07:54:39.0660 8024 btwavdt - ok
07:54:39.0675 8024 btwdins (cc9dae7759ac2c0d19111c0d38ddd232) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
07:54:39.0691 8024 btwdins - ok
07:54:39.0691 8024 btwl2cap (9ad0fa253ed531d39fb2d74fe12a5fa9) C:\Windows\system32\DRIVERS\btwl2cap.sys
07:54:39.0691 8024 btwl2cap - ok
07:54:39.0691 8024 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
07:54:39.0691 8024 btwrchid - ok
07:54:39.0707 8024 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:54:39.0707 8024 cdfs - ok
07:54:39.0707 8024 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
07:54:39.0707 8024 cdrom - ok
07:54:39.0707 8024 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:54:39.0707 8024 CertPropSvc - ok
07:54:39.0722 8024 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
07:54:39.0722 8024 circlass - ok
07:54:39.0722 8024 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:54:39.0738 8024 CLFS - ok
07:54:39.0738 8024 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:54:39.0738 8024 clr_optimization_v2.0.50727_32 - ok
07:54:39.0753 8024 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:54:39.0753 8024 clr_optimization_v2.0.50727_64 - ok
07:54:39.0753 8024 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:54:39.0753 8024 clr_optimization_v4.0.30319_32 - ok
07:54:39.0769 8024 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:54:39.0769 8024 clr_optimization_v4.0.30319_64 - ok
07:54:39.0769 8024 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:54:39.0769 8024 CmBatt - ok
07:54:39.0785 8024 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:54:39.0785 8024 cmdide - ok
07:54:39.0785 8024 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
07:54:39.0800 8024 CNG - ok
07:54:39.0800 8024 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:54:39.0800 8024 Compbatt - ok
07:54:39.0800 8024 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
07:54:39.0800 8024 CompositeBus - ok
07:54:39.0800 8024 COMSysApp - ok
07:54:39.0800 8024 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
07:54:39.0816 8024 crcdisk - ok
07:54:39.0831 8024 Credential Vault Host Control Service (d8e4f20bd26d8dca4cb67a796d7eec84) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
07:54:39.0847 8024 Credential Vault Host Control Service - ok
07:54:39.0847 8024 Credential Vault Host Storage (ec31c9a4d1059e599dd1dbb50b84f278) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
07:54:39.0847 8024 Credential Vault Host Storage - ok
07:54:39.0863 8024 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
07:54:39.0863 8024 CryptSvc - ok
07:54:39.0878 8024 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
07:54:39.0878 8024 CSC - ok
07:54:39.0894 8024 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
07:54:39.0909 8024 CscService - ok
07:54:39.0909 8024 CtClsFlt (8ce04a5bdd2ce6e62ce02a1c27093104) C:\Windows\system32\DRIVERS\CtClsFlt.sys
07:54:39.0909 8024 CtClsFlt - ok
07:54:39.0925 8024 cvusbdrv (afd403048b1753eb4225ca476f663350) C:\Windows\system32\Drivers\cvusbdrv.sys
07:54:39.0925 8024 cvusbdrv - ok
07:54:39.0925 8024 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys
07:54:39.0925 8024 dc3d - ok
07:54:39.0941 8024 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:54:39.0941 8024 DcomLaunch - ok
07:54:39.0956 8024 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
07:54:39.0956 8024 defragsvc - ok
07:54:40.0019 8024 DFEPService (b85201f1aae97cd58fde0db18120f924) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
07:54:40.0034 8024 DFEPService - ok
07:54:40.0065 8024 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:54:40.0065 8024 DfsC - ok
07:54:40.0081 8024 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
07:54:40.0081 8024 Dhcp - ok
07:54:40.0081 8024 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:54:40.0081 8024 discache - ok
07:54:40.0081 8024 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
07:54:40.0081 8024 Disk - ok
07:54:40.0097 8024 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
07:54:40.0097 8024 dmvsc - ok
07:54:40.0097 8024 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
07:54:40.0097 8024 Dnscache - ok
07:54:40.0112 8024 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
07:54:40.0112 8024 dot3svc - ok
07:54:40.0128 8024 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
07:54:40.0128 8024 DPS - ok
07:54:40.0128 8024 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:54:40.0128 8024 drmkaud - ok
07:54:40.0128 8024 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
07:54:40.0143 8024 dtsoftbus01 - ok
07:54:40.0143 8024 DTSRVC (18d61c6c8c7ea60386b9a65b79e2b9fc) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
07:54:40.0143 8024 DTSRVC - ok
07:54:40.0175 8024 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:54:40.0175 8024 DXGKrnl - ok
07:54:40.0190 8024 e1cexpress (eafcb4551836ff44ee775ceddfa7a77e) C:\Windows\system32\DRIVERS\e1c62x64.sys
07:54:40.0190 8024 e1cexpress - ok
07:54:40.0206 8024 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
07:54:40.0206 8024 EapHost - ok
07:54:40.0284 8024 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
07:54:40.0315 8024 ebdrv - ok
07:54:40.0331 8024 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
07:54:40.0331 8024 EFS - ok
07:54:40.0362 8024 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
07:54:40.0362 8024 ehRecvr - ok
07:54:40.0362 8024 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
07:54:40.0362 8024 ehSched - ok
07:54:40.0377 8024 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
07:54:40.0393 8024 elxstor - ok
07:54:40.0393 8024 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:54:40.0393 8024 ErrDev - ok
07:54:40.0409 8024 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
07:54:40.0409 8024 EventSystem - ok
07:54:40.0455 8024 EvtEng (5c08b9a2baaec1f33c2d50fd166deebb) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
07:54:40.0455 8024 EvtEng - ok
07:54:40.0502 8024 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:54:40.0502 8024 exfat - ok
07:54:40.0502 8024 F-Secure Gatekeeper (169897de484a79120af8c201883efdc4) C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys
07:54:40.0518 8024 F-Secure Gatekeeper - ok
07:54:40.0518 8024 F-Secure Gatekeeper Handler Starter (d7cacfe290746e0fb6a93400f6e62b5b) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
07:54:40.0518 8024 F-Secure Gatekeeper Handler Starter - ok
07:54:40.0518 8024 F-Secure HIPS (533eeba741ff66daf841b2a876ab488d) C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys
07:54:40.0518 8024 F-Secure HIPS - ok
07:54:40.0533 8024 F-Secure Network Request Broker (ecd2b911ca40bbc78a8aeea18a415f3d) C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE
07:54:40.0533 8024 F-Secure Network Request Broker - ok
07:54:40.0533 8024 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:54:40.0549 8024 fastfat - ok
07:54:40.0565 8024 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
07:54:40.0565 8024 Fax - ok
07:54:40.0565 8024 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
07:54:40.0565 8024 fdc - ok
07:54:40.0580 8024 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
07:54:40.0580 8024 fdPHost - ok
07:54:40.0580 8024 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
07:54:40.0580 8024 FDResPub - ok
07:54:40.0580 8024 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:54:40.0580 8024 FileInfo - ok
07:54:40.0596 8024 FileOpenManagerSvc (13ae84e8e90d60ce9af309ee08ff1b85) C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
07:54:40.0596 8024 FileOpenManagerSvc - ok
07:54:40.0596 8024 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:54:40.0596 8024 Filetrace - ok
07:54:40.0643 8024 FLEXnet Licensing Service 64 (a4297244d4f817278a6ae45b1899ca9c) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
07:54:40.0643 8024 FLEXnet Licensing Service 64 - ok
07:54:40.0674 8024 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
07:54:40.0674 8024 flpydisk - ok
07:54:40.0689 8024 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:54:40.0689 8024 FltMgr - ok
07:54:40.0721 8024 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
07:54:40.0721 8024 FontCache - ok
07:54:40.0736 8024 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:54:40.0736 8024 FontCache3.0.0.0 - ok
07:54:40.0736 8024 fsbts (d5c492752fccb61bffae361c82f914ac) C:\Windows\system32\Drivers\fsbts.sys
07:54:40.0736 8024 fsbts - ok
07:54:40.0752 8024 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:54:40.0752 8024 FsDepends - ok
07:54:40.0783 8024 FSDFWD (a2158445ff1126dcb5a2e01b8bf2a9da) C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
07:54:40.0783 8024 FSDFWD - ok
07:54:40.0783 8024 FSES (bd9ea449eba7018a31c08e21af86299d) C:\Windows\system32\drivers\fses.sys
07:54:40.0783 8024 FSES - ok
07:54:40.0799 8024 FSFW (83d6e3cf300b43d5bc496400f934302f) C:\Windows\system32\drivers\fsdfw.sys
07:54:40.0799 8024 FSFW - ok
07:54:40.0799 8024 FSMA (063b6ecc466ac12bad1ab00c52ad122b) C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
07:54:40.0799 8024 FSMA - ok
07:54:40.0799 8024 FSORSPClient (30d474eb4202bad0269c0eaad206f2e4) C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
07:54:40.0799 8024 FSORSPClient - ok
07:54:40.0814 8024 fsvista (839be6cc1be9b3982d63c00ad8d1c73e) C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys
07:54:40.0814 8024 fsvista - ok
07:54:40.0814 8024 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
07:54:40.0814 8024 Fs_Rec - ok
07:54:40.0814 8024 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:54:40.0830 8024 fvevol - ok
07:54:40.0830 8024 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
07:54:40.0830 8024 gagp30kx - ok
07:54:40.0845 8024 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
07:54:40.0861 8024 gpsvc - ok
07:54:40.0861 8024 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:54:40.0861 8024 gupdate - ok
07:54:40.0861 8024 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:54:40.0861 8024 gupdatem - ok
07:54:40.0877 8024 HBtnKey (0e485f2c759f155170da9f35354034e9) C:\Windows\system32\drivers\HBtnKey.sys
07:54:40.0877 8024 HBtnKey - ok
07:54:40.0877 8024 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:54:40.0877 8024 hcw85cir - ok
07:54:40.0892 8024 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
07:54:40.0892 8024 HdAudAddService - ok
07:54:40.0892 8024 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:54:40.0892 8024 HDAudBus - ok
07:54:40.0908 8024 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
07:54:40.0908 8024 HidBatt - ok
07:54:40.0908 8024 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
07:54:40.0908 8024 HidBth - ok
07:54:40.0908 8024 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
07:54:40.0908 8024 HidIr - ok
07:54:40.0908 8024 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
07:54:40.0908 8024 hidserv - ok
07:54:40.0923 8024 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
07:54:40.0923 8024 HidUsb - ok
07:54:40.0923 8024 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
07:54:40.0923 8024 hkmsvc - ok
07:54:40.0939 8024 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
07:54:40.0939 8024 HomeGroupListener - ok
07:54:40.0939 8024 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
07:54:40.0939 8024 HomeGroupProvider - ok
07:54:40.0939 8024 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:54:40.0955 8024 HpSAMD - ok
07:54:40.0970 8024 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:54:40.0970 8024 HTTP - ok
07:54:40.0970 8024 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:54:40.0970 8024 hwpolicy - ok
07:54:40.0986 8024 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
07:54:40.0986 8024 i8042prt - ok
07:54:41.0001 8024 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
07:54:41.0001 8024 iaStor - ok
07:54:41.0001 8024 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
07:54:41.0001 8024 IAStorDataMgrSvc - ok
07:54:41.0017 8024 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:54:41.0017 8024 iaStorV - ok
07:54:41.0048 8024 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:54:41.0048 8024 idsvc - ok
07:54:41.0048 8024 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
07:54:41.0048 8024 iirsp - ok
07:54:41.0079 8024 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
07:54:41.0079 8024 IKEEXT - ok
07:54:41.0095 8024 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
07:54:41.0095 8024 Impcd - ok
07:54:41.0095 8024 Intel(R) PROSet Monitoring Service (d7b978f4504d3da95a21002863d0e7ee) C:\Windows\system32\IProsetMonitor.exe
07:54:41.0095 8024 Intel(R) PROSet Monitoring Service - ok
07:54:41.0095 8024 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:54:41.0111 8024 intelide - ok
07:54:41.0111 8024 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:54:41.0111 8024 intelppm - ok
07:54:41.0111 8024 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
07:54:41.0111 8024 IPBusEnum - ok
07:54:41.0111 8024 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:54:41.0126 8024 IpFilterDriver - ok
07:54:41.0142 8024 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
07:54:41.0142 8024 iphlpsvc - ok
07:54:41.0142 8024 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:54:41.0142 8024 IPMIDRV - ok
07:54:41.0142 8024 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:54:41.0157 8024 IPNAT - ok
07:54:41.0157 8024 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:54:41.0157 8024 IRENUM - ok
07:54:41.0157 8024 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:54:41.0157 8024 isapnp - ok
07:54:41.0173 8024 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:54:41.0173 8024 iScsiPrt - ok
07:54:41.0173 8024 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
07:54:41.0173 8024 jhi_service - ok
07:54:41.0189 8024 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
07:54:41.0189 8024 kbdclass - ok
07:54:41.0189 8024 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
07:54:41.0189 8024 kbdhid - ok
07:54:41.0189 8024 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:54:41.0189 8024 KeyIso - ok
07:54:41.0189 8024 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
07:54:41.0189 8024 KSecDD - ok
07:54:41.0204 8024 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
07:54:41.0204 8024 KSecPkg - ok
07:54:41.0204 8024 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:54:41.0204 8024 ksthunk - ok
07:54:41.0220 8024 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
07:54:41.0220 8024 KtmRm - ok
07:54:41.0235 8024 ktupdaterservice (68528a68c3d0c67f905485a70c8a4a95) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
07:54:41.0235 8024 ktupdaterservice - ok
07:54:41.0251 8024 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
07:54:41.0251 8024 LanmanServer - ok
07:54:41.0251 8024 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
07:54:41.0251 8024 LanmanWorkstation - ok
07:54:41.0267 8024 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
07:54:41.0267 8024 LBTServ - ok
07:54:41.0282 8024 LEqdUsb (ed7ec050cd6c20e1a93a4dafb7efd14d) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
07:54:41.0282 8024 LEqdUsb - ok
07:54:41.0282 8024 LHidEqd (3267bc698e29474a8381e68904eb0390) C:\Windows\system32\DRIVERS\LHidEqd.Sys
07:54:41.0282 8024 LHidEqd - ok
07:54:41.0282 8024 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
07:54:41.0282 8024 LHidFilt - ok
07:54:41.0298 8024 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:54:41.0298 8024 lltdio - ok
07:54:41.0298 8024 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
07:54:41.0313 8024 lltdsvc - ok
07:54:41.0313 8024 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
07:54:41.0313 8024 lmhosts - ok
07:54:41.0313 8024 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
07:54:41.0313 8024 LMouFilt - ok
07:54:41.0329 8024 LMS (519d66259df1672aabce9d2e0acc5552) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
07:54:41.0329 8024 LMS - ok
07:54:41.0329 8024 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
07:54:41.0329 8024 LSI_FC - ok
07:54:41.0345 8024 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
07:54:41.0345 8024 LSI_SAS - ok
07:54:41.0345 8024 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
07:54:41.0345 8024 LSI_SAS2 - ok
07:54:41.0360 8024 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
07:54:41.0360 8024 LSI_SCSI - ok
07:54:41.0360 8024 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:54:41.0360 8024 luafv - ok
07:54:41.0360 8024 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
07:54:41.0360 8024 MBAMProtector - ok
07:54:41.0391 8024 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
07:54:41.0391 8024 MBAMService - ok
07:54:41.0391 8024 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
07:54:41.0391 8024 Mcx2Svc - ok
07:54:41.0391 8024 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
07:54:41.0391 8024 megasas - ok
07:54:41.0407 8024 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
07:54:41.0407 8024 MegaSR - ok
07:54:41.0407 8024 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
07:54:41.0423 8024 MEIx64 - ok
07:54:41.0423 8024 Microsoft SharePoint Workspace Audit Service - ok
07:54:41.0423 8024 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:54:41.0423 8024 MMCSS - ok
07:54:41.0438 8024 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:54:41.0438 8024 Modem - ok
07:54:41.0438 8024 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:54:41.0438 8024 monitor - ok
07:54:41.0438 8024 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
07:54:41.0438 8024 mouclass - ok
07:54:41.0438 8024 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:54:41.0438 8024 mouhid - ok
07:54:41.0454 8024 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:54:41.0454 8024 mountmgr - ok
07:54:41.0454 8024 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:54:41.0454 8024 mpio - ok
07:54:41.0454 8024 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:54:41.0454 8024 mpsdrv - ok
07:54:41.0485 8024 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
07:54:41.0485 8024 MpsSvc - ok
07:54:41.0501 8024 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:54:41.0501 8024 MRxDAV - ok
07:54:41.0501 8024 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:54:41.0501 8024 mrxsmb - ok
07:54:41.0516 8024 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:54:41.0516 8024 mrxsmb10 - ok
07:54:41.0516 8024 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:54:41.0516 8024 mrxsmb20 - ok
07:54:41.0532 8024 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:54:41.0532 8024 msahci - ok
07:54:41.0532 8024 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:54:41.0532 8024 msdsm - ok
07:54:41.0532 8024 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
07:54:41.0547 8024 MSDTC - ok
07:54:41.0547 8024 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys
07:54:41.0547 8024 MSDV - ok
07:54:41.0547 8024 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:54:41.0547 8024 Msfs - ok
07:54:41.0547 8024 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:54:41.0563 8024 mshidkmdf - ok
07:54:41.0563 8024 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:54:41.0563 8024 msisadrv - ok
07:54:41.0563 8024 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
07:54:41.0563 8024 MSiSCSI - ok
07:54:41.0563 8024 msiserver - ok
07:54:41.0579 8024 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:54:41.0579 8024 MSKSSRV - ok
07:54:41.0579 8024 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:54:41.0579 8024 MSPCLOCK - ok
07:54:41.0579 8024 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:54:41.0579 8024 MSPQM - ok
07:54:41.0594 8024 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:54:41.0594 8024 MsRPC - ok
07:54:41.0594 8024 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
07:54:41.0594 8024 mssmbios - ok
07:54:41.0594 8024 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:54:41.0610 8024 MSTEE - ok
07:54:41.0610 8024 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
07:54:41.0610 8024 MTConfig - ok
07:54:41.0610 8024 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:54:41.0610 8024 Mup - ok
07:54:41.0625 8024 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
07:54:41.0625 8024 napagent - ok
07:54:41.0641 8024 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:54:41.0641 8024 NativeWifiP - ok
07:54:41.0672 8024 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
07:54:41.0672 8024 NDIS - ok
07:54:41.0672 8024 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:54:41.0688 8024 NdisCap - ok
07:54:41.0688 8024 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:54:41.0688 8024 NdisTapi - ok
07:54:41.0688 8024 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:54:41.0688 8024 Ndisuio - ok
07:54:41.0688 8024 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:54:41.0703 8024 NdisWan - ok
07:54:41.0703 8024 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:54:41.0703 8024 NDProxy - ok
07:54:41.0703 8024 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:54:41.0703 8024 NetBIOS - ok
07:54:41.0719 8024 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:54:41.0719 8024 NetBT - ok
07:54:41.0719 8024 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:54:41.0719 8024 Netlogon - ok
07:54:41.0735 8024 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
07:54:41.0735 8024 Netman - ok
07:54:41.0750 8024 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:54:41.0750 8024 NetMsmqActivator - ok
07:54:41.0750 8024 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:54:41.0750 8024 NetPipeActivator - ok
07:54:41.0766 8024 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
07:54:41.0766 8024 netprofm - ok
07:54:41.0766 8024 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:54:41.0781 8024 NetTcpActivator - ok
07:54:41.0781 8024 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:54:41.0781 8024 NetTcpPortSharing - ok
07:54:42.0000 8024 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
07:54:42.0047 8024 NETwNs64 - ok
07:54:42.0078 8024 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
07:54:42.0078 8024 nfrd960 - ok
07:54:42.0093 8024 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
07:54:42.0093 8024 NlaSvc - ok
07:54:42.0093 8024 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:54:42.0093 8024 Npfs - ok
07:54:42.0109 8024 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
07:54:42.0109 8024 nsi - ok
07:54:42.0109 8024 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:54:42.0109 8024 nsiproxy - ok
07:54:42.0156 8024 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:54:42.0171 8024 Ntfs - ok
07:54:42.0187 8024 NuidFltr (4c08a14d04e62963e96e0bb57bbc953b) C:\Windows\system32\DRIVERS\NuidFltr.sys
07:54:42.0187 8024 NuidFltr - ok
07:54:42.0203 8024 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:54:42.0203 8024 Null - ok
07:54:42.0203 8024 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
07:54:42.0203 8024 nusb3hub - ok
07:54:42.0203 8024 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
07:54:42.0218 8024 nusb3xhc - ok
07:54:42.0218 8024 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:54:42.0218 8024 nvraid - ok
07:54:42.0218 8024 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:54:42.0218 8024 nvstor - ok
07:54:42.0234 8024 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:54:42.0234 8024 nv_agp - ok
07:54:42.0234 8024 O2FLASH (4e37455db16aec75862b1d0bc35b589e) C:\Windows\system32\DRIVERS\o2flash.exe
07:54:42.0234 8024 O2FLASH - ok
07:54:42.0234 8024 O2MDFRDR (6172db160fc566cf24307941c0e94d8e) C:\Windows\system32\drivers\O2MDFw7x64.sys
07:54:42.0249 8024 O2MDFRDR - ok
07:54:42.0249 8024 O2MDRRDR (8ed738aba394bbf6d7802698be453112) C:\Windows\system32\DRIVERS\O2MDRw7x64.sys
07:54:42.0249 8024 O2MDRRDR - ok
07:54:42.0265 8024 O2SDIOAssist (4635935fc972c582632bf45c26bfcb0e) c:\Windows\SysWOW64\srvany.exe
07:54:42.0265 8024 O2SDIOAssist - ok
07:54:42.0265 8024 O2SDJRDR (a9c1e6b7c134fad124338b7944fa996d) C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
07:54:42.0265 8024 O2SDJRDR - ok
07:54:42.0281 8024 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:54:42.0281 8024 ohci1394 - ok
07:54:42.0281 8024 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:54:42.0281 8024 ose - ok
07:54:42.0421 8024 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:54:42.0437 8024 osppsvc - ok
07:54:42.0468 8024 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:54:42.0468 8024 p2pimsvc - ok
07:54:42.0483 8024 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
07:54:42.0499 8024 p2psvc - ok
07:54:42.0499 8024 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:54:42.0499 8024 Parport - ok
07:54:42.0499 8024 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
07:54:42.0515 8024 partmgr - ok
07:54:42.0515 8024 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys
07:54:42.0515 8024 PBADRV - ok
07:54:42.0515 8024 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
07:54:42.0515 8024 PcaSvc - ok
07:54:42.0530 8024 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:54:42.0530 8024 pci - ok
07:54:42.0530 8024 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:54:42.0530 8024 pciide - ok
07:54:42.0546 8024 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
07:54:42.0546 8024 pcmcia - ok
07:54:42.0546 8024 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:54:42.0546 8024 pcw - ok

pastra · Příspěvekod **pastra** » 06 črc 2012 08:32

a druhá část, protože se to tam do jedné zprávy nevešlo

07:54:42.0546 8024 PdiService (ee6539339e76ee69793609a5f12a7b80) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
07:54:42.0546 8024 PdiService - ok
07:54:42.0577 8024 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:54:42.0577 8024 PEAUTH - ok
07:54:42.0608 8024 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
07:54:42.0624 8024 PeerDistSvc - ok
07:54:42.0639 8024 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
07:54:42.0639 8024 PerfHost - ok
07:54:42.0702 8024 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
07:54:42.0717 8024 pla - ok
07:54:42.0733 8024 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
07:54:42.0733 8024 PlugPlay - ok
07:54:42.0733 8024 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
07:54:42.0733 8024 PNRPAutoReg - ok
07:54:42.0749 8024 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:54:42.0749 8024 PNRPsvc - ok
07:54:42.0764 8024 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
07:54:42.0764 8024 PolicyAgent - ok
07:54:42.0780 8024 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
07:54:42.0780 8024 Power - ok
07:54:42.0780 8024 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:54:42.0795 8024 PptpMiniport - ok
07:54:42.0795 8024 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
07:54:42.0795 8024 Processor - ok
07:54:42.0795 8024 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
07:54:42.0811 8024 ProfSvc - ok
07:54:42.0811 8024 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:54:42.0811 8024 ProtectedStorage - ok
07:54:42.0827 8024 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:54:42.0827 8024 Psched - ok
07:54:42.0827 8024 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
07:54:42.0827 8024 PSI_SVC_2 - ok
07:54:42.0842 8024 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
07:54:42.0842 8024 PxHlpa64 - ok
07:54:42.0873 8024 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
07:54:42.0889 8024 ql2300 - ok
07:54:42.0920 8024 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
07:54:42.0920 8024 ql40xx - ok
07:54:42.0936 8024 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
07:54:42.0936 8024 QWAVE - ok
07:54:42.0936 8024 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:54:42.0936 8024 QWAVEdrv - ok
07:54:42.0936 8024 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:54:42.0936 8024 RasAcd - ok
07:54:42.0951 8024 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:54:42.0951 8024 RasAgileVpn - ok
07:54:42.0951 8024 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
07:54:42.0951 8024 RasAuto - ok
07:54:42.0967 8024 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:54:42.0967 8024 Rasl2tp - ok
07:54:42.0967 8024 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
07:54:42.0983 8024 RasMan - ok
07:54:42.0983 8024 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:54:42.0983 8024 RasPppoe - ok
07:54:42.0983 8024 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:54:42.0983 8024 RasSstp - ok
07:54:42.0998 8024 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:54:42.0998 8024 rdbss - ok
07:54:42.0998 8024 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:54:42.0998 8024 rdpbus - ok
07:54:42.0998 8024 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:54:42.0998 8024 RDPCDD - ok
07:54:43.0014 8024 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
07:54:43.0014 8024 RDPDR - ok
07:54:43.0014 8024 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:54:43.0014 8024 RDPENCDD - ok
07:54:43.0029 8024 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:54:43.0029 8024 RDPREFMP - ok
07:54:43.0029 8024 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
07:54:43.0029 8024 RDPWD - ok
07:54:43.0045 8024 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:54:43.0045 8024 rdyboost - ok
07:54:43.0076 8024 RegSrvc (f90cc59135f2945a6ebb1670a7bbd8b3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
07:54:43.0076 8024 RegSrvc - ok
07:54:43.0076 8024 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
07:54:43.0076 8024 RemoteAccess - ok
07:54:43.0092 8024 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
07:54:43.0092 8024 RemoteRegistry - ok
07:54:43.0092 8024 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
07:54:43.0107 8024 RFCOMM - ok
07:54:43.0139 8024 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
07:54:43.0139 8024 RoxMediaDB12OEM - ok
07:54:43.0154 8024 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
07:54:43.0154 8024 RoxWatch12 - ok
07:54:43.0185 8024 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
07:54:43.0185 8024 RpcEptMapper - ok
07:54:43.0185 8024 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
07:54:43.0185 8024 RpcLocator - ok
07:54:43.0201 8024 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:54:43.0201 8024 RpcSs - ok
07:54:43.0217 8024 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:54:43.0217 8024 rspndr - ok
07:54:43.0217 8024 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
07:54:43.0217 8024 s3cap - ok
07:54:43.0217 8024 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:54:43.0232 8024 SamSs - ok
07:54:43.0232 8024 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:54:43.0232 8024 sbp2port - ok
07:54:43.0232 8024 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
07:54:43.0232 8024 SCardSvr - ok
07:54:43.0248 8024 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:54:43.0248 8024 scfilter - ok
07:54:43.0279 8024 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
07:54:43.0279 8024 Schedule - ok
07:54:43.0279 8024 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:54:43.0279 8024 SCPolicySvc - ok
07:54:43.0295 8024 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
07:54:43.0295 8024 SDRSVC - ok
07:54:43.0295 8024 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:54:43.0310 8024 secdrv - ok
07:54:43.0310 8024 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
07:54:43.0310 8024 seclogon - ok
07:54:43.0373 8024 SecureStorageService (8365191d0fe7df5972b889821adbe62b) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
07:54:43.0388 8024 SecureStorageService - ok
07:54:43.0419 8024 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
07:54:43.0419 8024 SENS - ok
07:54:43.0419 8024 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
07:54:43.0419 8024 SensrSvc - ok
07:54:43.0419 8024 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
07:54:43.0435 8024 Serenum - ok
07:54:43.0435 8024 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
07:54:43.0435 8024 Serial - ok
07:54:43.0435 8024 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
07:54:43.0435 8024 sermouse - ok
07:54:43.0451 8024 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
07:54:43.0451 8024 SessionEnv - ok
07:54:43.0451 8024 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:54:43.0451 8024 sffdisk - ok
07:54:43.0451 8024 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:54:43.0451 8024 sffp_mmc - ok
07:54:43.0451 8024 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:54:43.0451 8024 sffp_sd - ok
07:54:43.0466 8024 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
07:54:43.0466 8024 sfloppy - ok
07:54:43.0466 8024 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
07:54:43.0482 8024 SharedAccess - ok
07:54:43.0482 8024 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
07:54:43.0497 8024 ShellHWDetection - ok
07:54:43.0497 8024 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
07:54:43.0497 8024 SiSRaid2 - ok
07:54:43.0497 8024 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
07:54:43.0497 8024 SiSRaid4 - ok
07:54:43.0513 8024 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
07:54:43.0513 8024 SkypeUpdate - ok
07:54:43.0513 8024 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:54:43.0513 8024 Smb - ok
07:54:43.0513 8024 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
07:54:43.0529 8024 SNMPTRAP - ok
07:54:43.0529 8024 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:54:43.0529 8024 spldr - ok
07:54:43.0544 8024 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
07:54:43.0544 8024 Spooler - ok
07:54:43.0638 8024 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
07:54:43.0669 8024 sppsvc - ok
07:54:43.0700 8024 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
07:54:43.0700 8024 sppuinotify - ok
07:54:43.0716 8024 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:54:43.0716 8024 srv - ok
07:54:43.0731 8024 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:54:43.0731 8024 srv2 - ok
07:54:43.0747 8024 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:54:43.0747 8024 srvnet - ok
07:54:43.0747 8024 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
07:54:43.0747 8024 SSDPSRV - ok
07:54:43.0763 8024 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
07:54:43.0763 8024 SstpSvc - ok
07:54:43.0763 8024 STacSV (46b72c1c296c1e985d031d98f0ffa5e5) C:\Program Files\IDT\WDM\STacSV64.exe
07:54:43.0778 8024 STacSV - ok
07:54:43.0778 8024 stdcfltn (e4ea2412fb1b8aee33667a9cc6d456a4) C:\Windows\system32\DRIVERS\stdcfltn.sys
07:54:43.0778 8024 stdcfltn - ok
07:54:43.0778 8024 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
07:54:43.0778 8024 stexstor - ok
07:54:43.0794 8024 STHDA (501b376781eb6e46aae43946e3dd7d84) C:\Windows\system32\DRIVERS\stwrt64.sys
07:54:43.0809 8024 STHDA - ok
07:54:43.0825 8024 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
07:54:43.0825 8024 stisvc - ok
07:54:43.0825 8024 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
07:54:43.0841 8024 stllssvr - ok
07:54:43.0841 8024 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
07:54:43.0841 8024 storflt - ok
07:54:43.0841 8024 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
07:54:43.0841 8024 StorSvc - ok
07:54:43.0841 8024 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
07:54:43.0841 8024 storvsc - ok
07:54:43.0856 8024 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
07:54:43.0856 8024 swenum - ok
07:54:43.0872 8024 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
07:54:43.0872 8024 swprv - ok
07:54:43.0919 8024 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
07:54:43.0934 8024 SysMain - ok
07:54:43.0950 8024 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
07:54:43.0965 8024 TabletInputService - ok
07:54:43.0965 8024 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
07:54:43.0965 8024 TapiSrv - ok
07:54:43.0981 8024 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
07:54:43.0981 8024 TBS - ok
07:54:44.0028 8024 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
07:54:44.0043 8024 Tcpip - ok
07:54:44.0121 8024 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
07:54:44.0121 8024 TCPIP6 - ok
07:54:44.0153 8024 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:54:44.0153 8024 tcpipreg - ok
07:54:44.0199 8024 tcsd_win32.exe (3d52b206d9f6f3ecfdb5d676614e47b6) C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
07:54:44.0215 8024 tcsd_win32.exe - ok
07:54:44.0324 8024 TdmService (e2f626e4a23e12de31d8820ff143a456) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
07:54:44.0340 8024 TdmService - ok
07:54:44.0371 8024 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:54:44.0371 8024 TDPIPE - ok
07:54:44.0387 8024 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
07:54:44.0387 8024 TDTCP - ok
07:54:44.0387 8024 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:54:44.0387 8024 tdx - ok
07:54:44.0387 8024 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
07:54:44.0387 8024 TermDD - ok
07:54:44.0418 8024 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
07:54:44.0418 8024 TermService - ok
07:54:44.0418 8024 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
07:54:44.0418 8024 Themes - ok
07:54:44.0433 8024 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:54:44.0433 8024 THREADORDER - ok
07:54:44.0543 8024 TracSrvWrapper (3144b3faf519af2914629fe11a53cde5) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
07:54:44.0574 8024 TracSrvWrapper - ok
07:54:44.0605 8024 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
07:54:44.0605 8024 TrkWks - ok
07:54:44.0621 8024 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
07:54:44.0621 8024 TrustedInstaller - ok
07:54:44.0621 8024 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:54:44.0621 8024 tssecsrv - ok
07:54:44.0621 8024 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:54:44.0636 8024 TsUsbFlt - ok
07:54:44.0636 8024 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
07:54:44.0636 8024 TsUsbGD - ok
07:54:44.0636 8024 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:54:44.0636 8024 tunnel - ok
07:54:44.0667 8024 tvnserver (711561440fdc396cb6e4c69c13375a38) C:\Program Files (x86)\TightVNC\tvnserver.exe
07:54:44.0683 8024 tvnserver - ok
07:54:44.0683 8024 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
07:54:44.0683 8024 uagp35 - ok
07:54:44.0683 8024 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:54:44.0699 8024 udfs - ok
07:54:44.0699 8024 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
07:54:44.0699 8024 UI0Detect - ok
07:54:44.0699 8024 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:54:44.0699 8024 uliagpkx - ok
07:54:44.0714 8024 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
07:54:44.0714 8024 umbus - ok
07:54:44.0714 8024 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
07:54:44.0714 8024 UmPass - ok
07:54:44.0714 8024 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
07:54:44.0730 8024 UmRdpService - ok
07:54:44.0792 8024 UNS (1b71370aec1115f80d9a4a209317c968) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
07:54:44.0808 8024 UNS - ok
07:54:44.0839 8024 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
07:54:44.0855 8024 upnphost - ok
07:54:44.0855 8024 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
07:54:44.0855 8024 usbccgp - ok
07:54:44.0870 8024 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:54:44.0870 8024 usbcir - ok
07:54:44.0870 8024 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
07:54:44.0870 8024 usbehci - ok
07:54:44.0886 8024 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
07:54:44.0886 8024 usbhub - ok
07:54:44.0886 8024 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
07:54:44.0886 8024 usbohci - ok
07:54:44.0886 8024 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:54:44.0886 8024 usbprint - ok
07:54:44.0901 8024 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
07:54:44.0901 8024 usbscan - ok
07:54:44.0901 8024 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:54:44.0901 8024 USBSTOR - ok
07:54:44.0901 8024 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
07:54:44.0917 8024 usbuhci - ok
07:54:44.0917 8024 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
07:54:44.0917 8024 usbvideo - ok
07:54:44.0917 8024 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
07:54:44.0917 8024 UxSms - ok
07:54:44.0933 8024 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:54:44.0933 8024 VaultSvc - ok
07:54:44.0933 8024 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:54:44.0933 8024 vdrvroot - ok
07:54:44.0948 8024 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
07:54:44.0948 8024 vds - ok
07:54:44.0964 8024 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:54:44.0964 8024 vga - ok
07:54:44.0964 8024 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:54:44.0964 8024 VgaSave - ok
07:54:44.0964 8024 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:54:44.0979 8024 vhdmp - ok
07:54:44.0979 8024 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:54:44.0979 8024 viaide - ok
07:54:44.0979 8024 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
07:54:44.0979 8024 vmbus - ok
07:54:44.0995 8024 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
07:54:44.0995 8024 VMBusHID - ok
07:54:44.0995 8024 vna_ap (a96afa32f73c065b9ae9d1554cdd00fc) C:\Windows\system32\DRIVERS\vnaap.sys
07:54:44.0995 8024 vna_ap - ok
07:54:44.0995 8024 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:54:44.0995 8024 volmgr - ok
07:54:45.0011 8024 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:54:45.0011 8024 volmgrx - ok
07:54:45.0026 8024 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:54:45.0026 8024 volsnap - ok
07:54:45.0026 8024 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
07:54:45.0042 8024 vpcbus - ok
07:54:45.0042 8024 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
07:54:45.0042 8024 vpcnfltr - ok
07:54:45.0042 8024 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
07:54:45.0042 8024 vpcusb - ok
07:54:45.0042 8024 vpcuxd (63f4e10873beb4124028c6d1a66b0968) C:\Windows\system32\DRIVERS\vpcuxd.sys
07:54:45.0057 8024 vpcuxd - ok
07:54:45.0057 8024 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
07:54:45.0073 8024 vpcvmm - ok
07:54:45.0073 8024 vsdatant (a61a17b0e70020137a5ce624ad98a3fb) C:\Windows\system32\DRIVERS\vsdatant.sys
07:54:45.0089 8024 vsdatant - ok
07:54:45.0089 8024 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
07:54:45.0089 8024 vsmraid - ok
07:54:45.0135 8024 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
07:54:45.0135 8024 VSS - ok
07:54:45.0167 8024 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
07:54:45.0167 8024 vwifibus - ok
07:54:45.0182 8024 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
07:54:45.0182 8024 vwififlt - ok
07:54:45.0182 8024 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
07:54:45.0182 8024 vwifimp - ok
07:54:45.0198 8024 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
07:54:45.0198 8024 W32Time - ok
07:54:45.0198 8024 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
07:54:45.0198 8024 WacomPen - ok
07:54:45.0213 8024 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:54:45.0213 8024 WANARP - ok
07:54:45.0213 8024 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:54:45.0213 8024 Wanarpv6 - ok
07:54:45.0245 8024 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
07:54:45.0260 8024 WatAdminSvc - ok
07:54:45.0307 8024 Wave Authentication Manager Service (e45bce01f15eeb240fe9db83b9d86be3) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
07:54:45.0307 8024 Wave Authentication Manager Service - ok
07:54:45.0369 8024 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
07:54:45.0385 8024 wbengine - ok
07:54:45.0416 8024 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
07:54:45.0416 8024 WbioSrvc - ok
07:54:45.0432 8024 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
07:54:45.0432 8024 wcncsvc - ok
07:54:45.0432 8024 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
07:54:45.0447 8024 WcsPlugInService - ok
07:54:45.0447 8024 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
07:54:45.0447 8024 Wd - ok
07:54:45.0463 8024 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:54:45.0479 8024 Wdf01000 - ok
07:54:45.0479 8024 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:54:45.0479 8024 WdiServiceHost - ok
07:54:45.0479 8024 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:54:45.0479 8024 WdiSystemHost - ok
07:54:45.0494 8024 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
07:54:45.0494 8024 WebClient - ok
07:54:45.0494 8024 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
07:54:45.0510 8024 Wecsvc - ok
07:54:45.0510 8024 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
07:54:45.0510 8024 wercplsupport - ok
07:54:45.0510 8024 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
07:54:45.0510 8024 WerSvc - ok
07:54:45.0525 8024 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:54:45.0525 8024 WfpLwf - ok
07:54:45.0525 8024 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:54:45.0525 8024 WIMMount - ok
07:54:45.0525 8024 WinDefend - ok
07:54:45.0541 8024 WinHttpAutoProxySvc - ok
07:54:45.0557 8024 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
07:54:45.0557 8024 Winmgmt - ok
07:54:45.0603 8024 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
07:54:45.0619 8024 WinRM - ok
07:54:45.0650 8024 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
07:54:45.0650 8024 WinUsb - ok
07:54:45.0681 8024 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
07:54:45.0681 8024 Wlansvc - ok
07:54:45.0697 8024 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:54:45.0697 8024 wlcrasvc - ok
07:54:45.0759 8024 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:54:45.0775 8024 wlidsvc - ok
07:54:45.0806 8024 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
07:54:45.0806 8024 WmiAcpi - ok
07:54:45.0822 8024 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
07:54:45.0822 8024 wmiApSrv - ok
07:54:45.0822 8024 WMPNetworkSvc - ok
07:54:45.0822 8024 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
07:54:45.0822 8024 WPCSvc - ok
07:54:45.0837 8024 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
07:54:45.0837 8024 WPDBusEnum - ok
07:54:45.0837 8024 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:54:45.0837 8024 ws2ifsl - ok
07:54:45.0837 8024 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
07:54:45.0853 8024 wscsvc - ok
07:54:45.0853 8024 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
07:54:45.0853 8024 WSDPrintDevice - ok
07:54:45.0853 8024 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
07:54:45.0853 8024 WSDScan - ok
07:54:45.0853 8024 WSearch - ok
07:54:45.0931 8024 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
07:54:45.0947 8024 wuauserv - ok
07:54:45.0978 8024 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:54:45.0978 8024 WudfPf - ok
07:54:45.0978 8024 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:54:45.0993 8024 WUDFRd - ok
07:54:45.0993 8024 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
07:54:45.0993 8024 wudfsvc - ok
07:54:46.0009 8024 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
07:54:46.0009 8024 WwanSvc - ok
07:54:46.0040 8024 ZcfgSvc7 (b87e12317928739e22d2e3acc7ccac80) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
07:54:46.0040 8024 ZcfgSvc7 - ok
07:54:46.0056 8024 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
07:54:46.0134 8024 \Device\Harddisk0\DR0 - ok
07:54:46.0149 8024 Boot (0x1200) (1e645a7af6700a1bd11d3033cea7b203) \Device\Harddisk0\DR0\Partition0
07:54:46.0149 8024 \Device\Harddisk0\DR0\Partition0 - ok
07:54:46.0149 8024 Boot (0x1200) (22dd1e1de5433a053204ce308bf3276b) \Device\Harddisk0\DR0\Partition1
07:54:46.0149 8024 \Device\Harddisk0\DR0\Partition1 - ok
07:54:46.0149 8024 ============================================================
07:54:46.0149 8024 Scan finished
07:54:46.0149 8024 ============================================================
07:54:46.0149 0872 Detected object count: 0
07:54:46.0149 0872 Actual detected object count: 0
07:54:58.0333 7356 Deinitialize success

*********************************

ComboFix 12-07-06.01 - pastra 06.07.2012 8:09:49.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8149.6262 [GMT 2:00]
Spuštěný z: C:\Users\pastra\Desktop\ComboFix.exe
AV: F-Secure Client Security 9.20 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Client Security 9.20 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Client Security 9.20 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

ADS - Windows: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Windows\pkunzip.pif
C:\Windows\pkzip.pif
C:\Windows\system32\drivers\etc\hosts.txt
C:\Windows\SysWow64\instsrv.exe

((((((((((((((((((((((((( Soubory vytvořené od 2012-06-06 do 2012-07-06 )))))))))))))))))))))))))))))))

2012-07-06 05:57:09 . 2012-07-06 05:57:09 -------- d-----w- C:\Users\pastra\AppData\Local\Adobe
2012-07-06 05:57:08 . 2012-07-06 05:57:08 -------- d-----w- C:\Users\pastra\AppData\Local\ATI
2012-07-05 12:08:17 . 2012-07-05 12:08:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-05 12:08:17 . 2012-04-04 13:56:40 24904 ----a-w- C:\Windows\system32\drivers\mbam.sys
2012-07-05 12:05:03 . 2012-07-05 12:11:58 -------- d-----w- C:\Program Files (x86)\trend micro
2012-07-05 12:05:01 . 2012-07-05 12:05:25 -------- d-----w- C:\rsit
2012-07-05 12:03:02 . 2012-07-05 12:03:08 -------- d-----w- C:\Program Files (x86)\CCleaner
2012-07-04 17:19:59 . 2010-02-23 08:16:17 294912 ----a-w- C:\Windows\system32\browserchoice.exe
2012-07-04 16:20:31 . 2012-07-04 16:20:31 -------- d-----w- C:\Users\pastra\AppData\Roaming\Malwarebytes
2012-07-04 16:20:21 . 2012-07-04 16:20:21 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-04 05:06:41 . 2012-07-04 05:06:49 -------- d-----w- C:\Program Files\CCleaner
2012-07-04 04:47:44 . 2012-05-31 04:04:02 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{166B0093-2933-4F41-BEA1-94AD5B20DE33}\mpengine.dll
2012-06-19 03:50:11 . 2012-06-02 22:19:43 2428952 ----a-w- C:\Windows\system32\wuaueng.dll
2012-06-19 03:50:11 . 2012-06-02 22:19:42 57880 ----a-w- C:\Windows\system32\wuauclt.exe
2012-06-19 03:50:11 . 2012-06-02 22:19:42 44056 ----a-w- C:\Windows\system32\wups2.dll
2012-06-19 03:50:11 . 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\system32\wucltux.dll
2012-06-19 03:50:10 . 2012-06-02 22:19:46 38424 ----a-w- C:\Windows\system32\wups.dll
2012-06-19 03:50:10 . 2012-06-02 22:19:23 701976 ----a-w- C:\Windows\system32\wuapi.dll
2012-06-19 03:50:10 . 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\system32\wudriver.dll
2012-06-19 03:50:09 . 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\system32\wuwebv.dll
2012-06-19 03:50:09 . 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\system32\wuapp.exe
2012-06-17 20:19:45 . 2012-06-17 20:19:46 -------- d-----w- C:\Program Files (x86)\Ffmpeg For Audacity
2012-06-17 19:58:50 . 2012-06-17 19:58:50 -------- d-----w- C:\Program Files (x86)\FDRLab
2012-06-13 04:34:32 . 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\system32\rdpwsx.dll
.

(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-06-26 04:31:11 . 2012-05-08 04:49:20 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-26 04:31:11 . 2011-12-23 05:42:23 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-09 07:44:15 . 2012-05-09 07:44:15 55960 ----a-w- C:\Windows\system32\drivers\fsbts.sys

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))

*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2012-04-04 05:54:08 1261472]
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 22:07:38 718720]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2012-02-29 06:55:08 17148552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-27 01:00:50 343168]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 05:54:20 283160]
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-08-09 03:45:54 112408]
"DT DEL"="C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" [2011-10-13 21:08:26 121648]
"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-03-12 16:42:02 462993]
"RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 11:33:58 240112]
"tvncontrol"="C:\Program Files (x86)\TightVNC\tvnserver.exe" [2010-07-08 13:28:56 815704]
"F-Secure Manager"="C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" [2011-08-30 16:54:56 303816]
"F-Secure TNB"="C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" [2011-08-30 16:54:24 1655496]
"SafeQ Client"="C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2011-08-08 16:58:00 251904]
"Check Point Endpoint Security"="C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe" [2011-09-14 22:11:10 801968]
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-04-04 05:53:56 815512]
"Malwarebytes' Anti-Malware"="C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 13:56:38 462408]

C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-25 494488]

C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-25 494488]

C:\Users\pastra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 1136928]

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-25 494488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]
R2 gupdate;Služba Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-22 17:25:26 136176]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 05:54:22 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 13:56:40 654408]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 11:34:18 219632]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-08-09 03:46:06 2656536]
R3 Axtmvflt;Axesstel USB Filter Service;C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-26 06:40:22 6144]
R3 Axtmvmdm;Axesstel USB Modem;C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 06:31:00 54272]
R3 BTWAMPFL;BTWAMPFL;C:\Windows\system32\DRIVERS\btwampfl.sys [2011-11-25 12:20:28 349736]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-11-25 12:20:28 39464]
R3 dc3d;MS Hardware Device Detection Driver (USB);C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-21 15:14:24 51600]
R3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 03:23:48 71168]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2012-05-29 08:57:50 199848]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-12-15 16:55:36 1436424]
R3 gupdatem;Služba Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-22 17:25:26 136176]
R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys [2010-02-27 00:32:14 158976]
R3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2012-04-04 13:56:40 24904]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 10:15:00 31125880]
R3 O2MDFRDR;O2MDFRDR;C:\Windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 20:04:44 72808]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 20:34:24 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 11:33:18 1116656]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 03:24:33 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 03:23:47 31232]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;C:\Windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 11:35:26 16384]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-13 17:17:17 1255736]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 00:39:20 23040]
R3 WSDScan;Podpora skenování WSD přes UMB;C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 00:35:37 25088]
R4 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-08-30 16:55:14 62152]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 00:10:10 57184]
S0 fsbts;fsbts;C:\Windows\system32\Drivers\fsbts.sys [2012-05-09 07:44:15 55960]
S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 09:00:00 55856]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 03:31:22 22128]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-18 07:32:50 279616]
S1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [2011-08-30 16:54:50 61992]
S1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys [2011-08-30 16:54:32 46824]
S1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys [2011-08-30 16:54:38 96040]
S1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2011-08-30 16:54:14 15048]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 00:07:22 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 13:10:42 63928]
S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 10:42:58 89600]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [2011-09-27 02:10:06 203776]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-05-13 16:10:44 1043872]
S2 Credential Vault Host Storage;Credential Vault Host Storage;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-05-13 16:10:44 36768]
S2 DFEPService;Dell Feature Enhancement Pack Service;c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 22:17:34 2279320]
S2 FileOpenManagerSvc;FileOpen Manager Service;C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe [2011-12-09 18:47:40 334720]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe [2011-06-29 16:51:26 171688]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 06:10:24 212944]
S2 ktupdaterservice;Kerio Updater Service;C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [2012-01-11 14:53:28 446464]
S2 O2SDIOAssist;O2SDIOAssist;c:\Windows\SysWOW64\srvany.exe [2003-04-19 02:06:26 8192]
S2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-08-12 18:45:04 113456]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 06:50:48 158856]
S2 TracSrvWrapper;Check Point Endpoint Security VPN;C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [2011-09-14 22:11:12 4512952]
S2 tvnserver;TightVNC Server;C:\Program Files (x86)\TightVNC\tvnserver.exe [2010-07-08 13:28:56 815704]
S2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-07-01 19:52:32 1600000]
S2 ZcfgSvc7;Intel(R) PROSet/Wireless ZeroConfig Service;C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [2010-12-23 20:14:10 992256]
S3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\accelern.sys [2011-07-22 18:28:56 27760]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-27 03:00:22 9321472]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-27 01:33:00 306176]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 02:07:00 231440]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 22:08:48 172960]
S3 cvusbdrv;Dell ControlVault;C:\Windows\system32\Drivers\cvusbdrv.sys [2011-05-10 20:05:48 38504]
S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys [2011-07-20 17:37:56 342704]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 06:30:24 76056]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 06:30:24 15128]
S3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 02:34:26 56344]
S3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 19:08:48 8505856]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 17:34:26 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 17:34:26 181248]
S3 O2MDRRDR;O2MDRRDR;C:\Windows\system32\DRIVERS\O2MDRw7x64.sys [2011-01-03 22:19:56 74984]
S3 O2SDJRDR;O2SDJRDR;C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [2011-03-23 21:51:32 83560]
S3 vna_ap;Check Point Virtual Network Adapter - Apollo;C:\Windows\system32\DRIVERS\vnaap.sys [2011-09-14 22:11:08 161256]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 00:07:28 17920]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - FileOpenWebPublisherScreenHookDriver

Obsah adresáře 'Naplánované úlohy'

2012-07-06 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-22 17:25:30 . 2012-02-22 17:25:26]

2012-07-06 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-22 17:25:30 . 2012-02-22 17:25:26]

2012-07-06 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283Core.job
- C:\Users\pastra\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-06 16:13:36 . 2012-03-26 05:30:32]

2012-07-06 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283UA.job
- C:\Users\pastra\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-06 16:13:36 . 2012-03-26 05:30:32]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2011-05-27 23:46:34 139128 ----a-w- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2011-05-27 23:46:34 139128 ----a-w- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2011-07-20 23:10:48 611192]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2011-01-07 03:32:52 525312]
"IntelPROSet"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-23 20:23:24 1934608]
"FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 15:43:18 686704]
"DFEPApplication"="c:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 22:17:30 7077272]
"TdmNotify"="C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-05-27 23:46:48 257392]
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 09:38:38 1744152]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 11:53:08 2780776]
"FileOpenBroker"="C:\Program Files\FileOpen\Services\FileOpenBroker64.exe" [2011-12-09 18:47:34 900992]
"itype"="c:\Program Files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 15:14:24 2306448]
"combofix"="C:\ComboFix\CF2734.3XE" [2010-11-21 03:23:55 345088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0

------- Doplňkový sken -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = https://www.google.cz/
mLocal Page = C:\Windows\SYSTEM32\blank.htm
uInternet Settings,ProxyServer = proxy.vitkovice.cz:3128
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Připojit cíl vazby k existujícímu PDF
IE: Připojit k existujícímu PDF
LSP: C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll
Trusted Zone: hutni-montaze.cz
Trusted Zone: hutni-montaze.cz\web
Trusted Zone: vitkovice.cz\holba
Trusted Zone: vitkovice.cz\sp2010
Trusted Zone: web
DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} - hxxp://www.cenia.cz/3dmodel/mzp/plugin/gvista31.cab

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
Toolbar-Locked - (no file)

Příspěvekod **jaro3** » 06 črc 2012 10:45

Chybí konec logu...

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Skype\Updater\Updater.exe
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283Core.job
C:\Users\pastra\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283UA.job
C:\ComboFix\CF2734.3XE
C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe

Folder::
C:\Program Files (x86)\Kerio

Driver::
gupdate
gupdatem
SkypeUpdate
ktupdaterservice

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"=-

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

pastra · Příspěvekod **pastra** » 06 črc 2012 12:03

ComboFix 12-07-06.01 - pastra 06.07.2012 11:54:59.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8149.6021 [GMT 2:00]
Spuštěný z: c:\users\pastra\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\pastra\Desktop\CFScript.txt
AV: F-Secure Client Security 9.20 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Client Security 9.20 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Client Security 9.20 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\combofix\CF2734.3XE"
"c:\program files (x86)\Google\Update\GoogleUpdate.exe"
"c:\program files (x86)\Kerio\UpdaterService\ktupdaterservice.exe"
"c:\program files (x86)\Skype\Updater\Updater.exe"
"c:\users\pastra\AppData\Local\Google\Update\GoogleUpdate.exe"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Kerio
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\assist.err
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\atl80.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\BackendUI.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ConfigUI.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ConvertProfiles.cmd
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\dbghelp.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\DbMigration.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\DbServerPS.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\doc\libiconv-License.txt
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\doc\openssl-License.txt
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\doc\ScoopyNG-License.txt
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\firebird.msg
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\gio-2.0.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\glib-2.0.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\gmime.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\gmodule-2.0.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\gobject-2.0.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\gthread-2.0.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ib_util.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\icudt30.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\icuin30.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\icuuc30.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\intl\KoffColl.conf
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\intl\koffColl.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\kassist.exe
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KOFABP32.DLL
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffAddin.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes405.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes407.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes409.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes40a.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes40c.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes40e.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes410.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes411.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes413.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes415.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes419.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes41a.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes41b.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes41d.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes804.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffRes816.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KOFMSP32.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KOFSvc32.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KOFXp32.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KOCHelp405.chm
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\KOCHelp409.chm
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ktfbembed.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\kticonv80_1.11.1.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ktlibeay80_0.9.8n.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ktssleay80_0.9.8n.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ktzlib80_1.2.3.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\Localization.DLL
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\MapiConvertor.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80DEU.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80ENU.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80ESP.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80FRA.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80CHS.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80CHT.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80ITA.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80JPN.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80KOR.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfc80u.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfcm80.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\mfcm80u.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\Microsoft.VC80.ATL.manifest
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\Microsoft.VC80.CRT.manifest
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\Microsoft.VC80.MFC.manifest
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\Microsoft.VC80.MFCLOC.manifest
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\msvcm80.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\msvcp71.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\msvcp80.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\msvcr71.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\msvcr80.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\PostMortem.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ProfileConvertor.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\ProfileCreator.exe
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\SCProvider.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\udf\DbServer_UDF.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\udf\fbudf.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\udf\ib_udf.dll
c:\program files (x86)\Kerio\Outlook Connector (Offline Edition)\UpdaterCore.DLL
c:\program files (x86)\Kerio\UpdaterService\doc\ScoopyNG-License.txt
c:\program files (x86)\Kerio\UpdaterService\ktlibeay80_0.9.8n.dll
c:\program files (x86)\Kerio\UpdaterService\ktssleay80_0.9.8n.dll
c:\program files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
c:\program files (x86)\Kerio\UpdaterService\logs\service.log
c:\program files (x86)\Kerio\UpdaterService\Microsoft.VC80.CRT.manifest
c:\program files (x86)\Kerio\UpdaterService\msvcm80.dll
c:\program files (x86)\Kerio\UpdaterService\msvcp80.dll
c:\program files (x86)\Kerio\UpdaterService\msvcr80.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\pastra\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-448539723-839522115-1283UA.job
.
---- Předchozí spuštění -------
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\SysWow64\instsrv.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ktupdaterservice
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-06 do 2012-07-06 )))))))))))))))))))))))))))))))
.
.
2012-07-06 09:58 . 2012-07-06 09:58 -------- d-----w- c:\users\tech\AppData\Local\temp
2012-07-06 05:57 . 2012-07-06 08:17 -------- d-----w- c:\users\pastra\AppData\Local\Adobe
2012-07-06 05:57 . 2012-07-06 05:57 -------- d-----w- c:\users\pastra\AppData\Local\ATI
2012-07-05 12:08 . 2012-07-05 12:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-05 12:08 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-05 12:05 . 2012-07-05 12:11 -------- d-----w- c:\program files (x86)\trend micro
2012-07-05 12:05 . 2012-07-05 12:05 -------- d-----w- C:\rsit
2012-07-05 12:03 . 2012-07-05 12:03 -------- d-----w- c:\program files (x86)\CCleaner
2012-07-04 17:19 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-04 16:20 . 2012-07-04 16:20 -------- d-----w- c:\users\pastra\AppData\Roaming\Malwarebytes
2012-07-04 16:20 . 2012-07-04 16:20 -------- d-----w- c:\programdata\Malwarebytes
2012-07-04 05:06 . 2012-07-04 05:06 -------- d-----w- c:\program files\CCleaner
2012-07-04 04:47 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{166B0093-2933-4F41-BEA1-94AD5B20DE33}\mpengine.dll
2012-06-19 03:50 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-19 03:50 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-19 03:50 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-19 03:50 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 03:50 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-19 03:50 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-19 03:50 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 03:50 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-19 03:50 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 20:19 . 2012-06-17 20:19 -------- d-----w- c:\program files (x86)\Ffmpeg For Audacity
2012-06-17 19:58 . 2012-06-17 19:58 -------- d-----w- c:\program files (x86)\FDRLab
2012-06-13 04:34 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-26 04:31 . 2012-05-08 04:49 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-26 04:31 . 2011-12-23 05:42 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-09 07:44 . 2012-05-09 07:44 55960 ----a-w- c:\windows\system32\drivers\fsbts.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-06_06.14.42 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-06 06:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-06 09:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-06 06:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-06 09:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-06 06:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-06 09:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-21 03:09 . 2012-07-06 06:20 65994 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-06 06:20 42774 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-12-09 09:46 . 2012-07-06 06:04 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-09 09:46 . 2012-07-06 06:18 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-09 09:46 . 2012-07-06 08:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-12-09 09:46 . 2012-07-06 06:04 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-06 08:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-06 06:04 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-03 05:31 . 2012-07-05 05:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-03 05:31 . 2012-07-06 06:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-09 10:07 . 2012-07-06 06:20 7840 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1993962763-448539723-839522115-1283_UserData.bin
- 2011-12-09 10:07 . 2012-07-06 06:06 7840 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1993962763-448539723-839522115-1283_UserData.bin
+ 2012-07-06 09:59 . 2012-07-06 09:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-06 06:14 . 2012-07-06 06:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-13 14:12 . 2012-07-06 09:44 343718 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-07-06 06:25 690942 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-06 06:12 690942 c:\windows\system32\perfh009.dat
+ 2010-11-21 09:27 . 2012-07-06 06:25 715676 c:\windows\system32\perfh005.dat
- 2010-11-21 09:27 . 2012-07-06 06:12 715676 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2012-07-06 06:12 140614 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-07-06 06:25 140614 c:\windows\system32\perfc009.dat
+ 2010-11-21 09:27 . 2012-07-06 06:25 162560 c:\windows\system32\perfc005.dat
- 2010-11-21 09:27 . 2012-07-06 06:12 162560 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:12 . 2012-07-06 06:18 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-07-06 06:04 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2012-07-06 09:59 423368 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-07-06 06:14 423368 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-09 10:04 . 2012-07-06 09:59 9213176 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-12-09 10:04 . 2012-07-06 06:14 9213176 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-12-09 10:31 . 2012-07-06 09:59 56866344 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1993962763-448539723-839522115-1283-12288.dat
- 2011-12-09 10:31 . 2012-07-06 06:14 56866344 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1993962763-448539723-839522115-1283-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2012-04-04 1261472]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-27 343168]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-08-09 112408]
"DT DEL"="c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" [2011-10-13 121648]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-03-12 462993]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"tvncontrol"="c:\program files (x86)\TightVNC\tvnserver.exe" [2010-07-08 815704]
"F-Secure Manager"="c:\program files (x86)\F-Secure\Common\FSM32.EXE" [2011-08-30 303816]
"F-Secure TNB"="c:\program files (x86)\F-Secure\FSGUI\TNBUtil.exe" [2011-08-30 1655496]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2011-08-08 251904]
"Check Point Endpoint Security"="c:\program files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe" [2011-09-14 801968]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-04-04 815512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-25 494488]
.
c:\users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-25 494488]
.
c:\users\pastra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 1136928]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-25 494488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-08-09 2656536]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-26 6144]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 54272]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-11-25 349736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-11-25 39464]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-21 51600]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-12-15 1436424]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-13 1255736]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-05-09 55960]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-18 279616]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\F-Secure\HIPS\drivers\fshs.sys [2011-08-30 61992]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-08-30 46824]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-08-30 96040]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2011-08-30 15048]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-09-27 203776]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-05-13 1043872]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-05-13 36768]
S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 2279320]
S2 FileOpenManagerSvc;FileOpen Manager Service;c:\program files\FileOpen\Services\FileOpenManagerSvc64.exe [2011-12-09 334720]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-06-29 171688]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 O2SDIOAssist;O2SDIOAssist;c:\windows\SysWOW64\srvany.exe [2003-04-19 8192]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-08-12 113456]
S2 TracSrvWrapper;Check Point Endpoint Security VPN;c:\program files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [2011-09-14 4512952]
S2 tvnserver;TightVNC Server;c:\program files (x86)\TightVNC\tvnserver.exe [2010-07-08 815704]
S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-07-01 1600000]
S2 ZcfgSvc7;Intel(R) PROSet/Wireless ZeroConfig Service;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe [2010-12-23 992256]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-09-27 9321472]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-09-27 306176]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 172960]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2011-05-10 38504]
S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2011-07-20 342704]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2012-05-29 199848]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-08-30 62152]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7x64.sys [2011-01-03 74984]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-03-23 83560]
S3 vna_ap;Check Point Virtual Network Adapter - Apollo;c:\windows\system32\DRIVERS\vnaap.sys [2011-09-14 161256]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
Obsah adresáře 'Naplánované úlohy'
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2011-05-27 23:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2011-05-27 23:46 139128 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 611192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-07 525312]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-23 1934608]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 686704]
"DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 7077272]
"TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-05-27 257392]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2780776]
"FileOpenBroker"="c:\program files\FileOpen\Services\FileOpenBroker64.exe" [2011-12-09 900992]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 2306448]
"combofix"="c:\combofix\CF14577.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyServer = proxy.vitkovice.cz:3128
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Připojit cíl vazby k existujícímu PDF
IE: Připojit k existujícímu PDF
LSP: c:\program files (x86)\F-Secure\FSPS\program\fslsp.dll
Trusted Zone: hutni-montaze.cz
Trusted Zone: hutni-montaze.cz\web
Trusted Zone: vitkovice.cz\holba
Trusted Zone: vitkovice.cz\sp2010
Trusted Zone: web
TCP: DhcpNameServer = 212.20.64.2 212.20.64.1
DPF: {2CA0FF2C-0CE1-4382-A0C4-B2782965CCC2} - hxxp://www.cenia.cz/3dmodel/mzp/plugin/gvista31.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1993962763-448539723-839522115-1283\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (S-1-5-21-1993962763-448539723-839522115-1283)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-1993962763-448539723-839522115-1283\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (S-1-5-21-1993962763-448539723-839522115-1283)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-1993962763-448539723-839522115-1283\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (S-1-5-21-1993962763-448539723-839522115-1283)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-1993962763-448539723-839522115-1283\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-1993962763-448539723-839522115-1283)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
c:\program files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
c:\program files (x86)\F-Secure\Anti-Virus\FSGK32.EXE
c:\program files (x86)\F-Secure\Common\FSMA32.EXE
c:\program files (x86)\F-Secure\Common\FSHDLL32.EXE
c:\windows\system32\DRIVERS\o2flash.exe
c:\windows\sysWOW64\SDIOAssist.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\F-Secure\Common\FNRB32.EXE
c:\program files (x86)\F-Secure\Common\FIH32.EXE
c:\program files (x86)\F-Secure\Anti-Virus\fssm32.exe
c:\program files (x86)\F-Secure\Anti-Virus\fsav32.exe
c:\program files (x86)\Portrait Displays\PremierColor\DTHtml.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\totalcmd\Totalcmd.exe
.
**************************************************************************
.
Celkový čas: 2012-07-06 12:01:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-06 10:01
.
Před spuštěním: Volných bajtů: 23 818 977 280
Po spuštění: Volných bajtů: 23 592 026 112
.
- - End Of File - - 3AC12D8C0B0C473E2192DDAF3A5ED58E

pastra · Příspěvekod **pastra** » 06 črc 2012 12:09

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-06 12:07:40
-----------------------------
12:07:40.138 OS Version: Windows x64 6.1.7601 Service Pack 1
12:07:40.138 Number of processors: 4 586 0x2A07
12:07:40.138 ComputerName: HMO222 UserName: pastra
12:07:40.496 Initialize success
12:07:48.818 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:07:48.834 Disk 0 Vendor: SAMSUNG_ CXM0 Size: 244198MB BusType: 8
12:07:48.834 Disk 0 MBR read successfully
12:07:48.834 Disk 0 MBR scan
12:07:48.834 Disk 0 Windows VISTA default MBR code
12:07:48.834 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
12:07:48.834 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 752 MB offset 81920
12:07:48.834 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 243404 MB offset 1622016
12:07:48.834 Disk 0 scanning C:\Windows\system32\drivers
12:07:49.739 Service scanning
12:07:51.361 Service vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys **LOCKED** 32
12:07:52.048 Modules scanning
12:07:52.048 Disk 0 trace - called modules:
12:07:52.048 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
12:07:52.063 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008aa0060]
12:07:52.063 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80089a1a50]
12:07:52.063 5 stdcfltn.sys[fffff88001b1ad12] -> nt!IofCallDriver -> [0xfffffa80078a1b20]
12:07:52.063 7 ACPI.sys[fffff88000ed07a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80078a6050]
12:07:52.063 Scan finished successfully
12:08:14.652 Disk 0 MBR has been saved successfully to "C:\Users\pastra\Desktop\MBR.dat"
12:08:14.652 The log file has been saved successfully to "C:\Users\pastra\Desktop\aswMBR_log.txt"

pastra · Příspěvekod **pastra** » 06 črc 2012 12:10

Zdravim, nevim jestli se tam ještě něco děje, co mé oko laika nevidí, ale problémové okna se již neobjevují.

pastra · Příspěvekod **pastra** » 06 črc 2012 12:13

akorát při tomto posledním spuštění Combofix odešel účet od kerio, který je používán pro outlook, což bych viděl jako problem, je nějaká šance to dostat zpět ???

Nelze načíst informační službu KOFMSP.DLL

Příspěvekod **jaro3** » 06 črc 2012 21:59

Omlouvám se , v rychlosti jsem zaměnil Kerio Outlook za firewall....
Zkusím vrátit zpět.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
DeQuarantine:: 
C:\Qoobox\Quarantine\C\program files (x86)\Kerio
C:\Qoobox\Quarantine\C\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe.vir

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Quit::

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

SOS > samovyskakující okna Vyřešeno

SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Re: SOS > samovyskakující okna

Kdo je online