Zdravím,
už asi týden bojuji s tím, že mi zamrzá PC a net.
Dnes to je extrém, jsem už fakt zoufalý. PC i net jede v pohodě asi deset minut po restartu, následně se kousne (aplikace, net atd.). Po stažení Process Exploreru vidím, že mi v klidu odebere System Idle Process 95-100%. Co to je ?
Prosím o pomoc:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mirek mladší at 2012-10-19 19:02:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 30 GB (39%) free of 76 GB
Total RAM: 3071 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:02:14, on 19.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Diagnostika a údržba\BCWipe\BCWipeSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Diagnostika a údržba\BCWipe\BCWipeTM.exe
C:\Program Files\Zabezpečení\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Zabezpečení\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Zabezpečení\StartupGuard\SG.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Documents and Settings\Mirek mladší\Dokumenty\Download\procexp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Mirek mladší\Dokumenty\Download\RSIT.exe
C:\Program Files\trend micro\Mirek mladší.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Audio a video\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\Zabezpečení\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Startup Guard] C:\Program Files\Zabezpečení\StartupGuard\SG.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-484763869-796845957-839522115-1012\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Playlist - res://C:\Program Files\Twonky\TwonkyBeam\Internet Explorer\TwonkyIEPluginRes.dll/314
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} (WLCTSCControl Class) - https://www.mesh.com/0.9.4014.40/TSWeb.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files\Audio a video\Samsung PC Share Manager\WiselinkPro.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BCWipe service (BCWipeSvc) - Jetico, Inc. - C:\Program Files\Diagnostika a údržba\BCWipe\BCWipeSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\Zabezpečení\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Update Service (gupdate1c99a896891aac6) (gupdate1c99a896891aac6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Internet Lock Service (INETLOCKSVC) - TopLang Software - C:\Program Files\Internet a programy\Internet Lock 5.1\ILSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 11568 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Mirek mladší\Data aplikací\Mozilla\Firefox\Profiles\5mekgo92.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.102]
"Description"=getPlus+(R)
"Path"=C:\Program Files\NOS\bin\np_gp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.103]
"Description"=getPlus+(R)
"Path"=C:\Program Files\NOS\bin\np_gp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.99]
"Description"=getPlus+(R)
"Path"=C:\Program Files\NOS\bin\np_gp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Program Files\Internet a programy\TVUPlayer\npTVUAx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Audio a video\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Audio a video\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Audio a video\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Audio a video\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Audio a video\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdjvu.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Mirek mladší\Data aplikací\Mozilla\Firefox\Profiles\5mekgo92.default\extensions\
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-06-07 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-06-07 798771]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zástupce stránky vlastností sběrnice High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"QuickTime Task"=C:\Program Files\Audio a video\QuickTime\qttask.exe [2010-11-29 421888]
"COMODO Internet Security"=C:\Program Files\Zabezpečení\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-09-23 15512424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"Startup Guard"=C:\Program Files\Zabezpečení\StartupGuard\SG.EXE [2004-08-23 57344]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
"C:\Program Files\Internet a programy\uTorrent\utorrent.exe"="C:\Program Files\Internet a programy\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\VoipBlast\VoipBlast.exe"="C:\Program Files\VoipBlast\VoipBlast.exe:*:Enabled:VoipBlast"
"C:\Hry\PES 2011\pes2011.exe"="C:\Hry\PES 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Hry\Virtua Tennis 4\VT4.exe"="C:\Hry\Virtua Tennis 4\VT4.exe:*:Enabled:Virtua Tennis 4™"
"C:\Program Files\Audio a video\Veetle\Player\VeetleNet.exe"="C:\Program Files\Audio a video\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Audio a video\Samsung PC Share Manager\WiselinkPro.exe"="C:\Program Files\Audio a video\Samsung PC Share Manager\WiselinkPro.exe:*:Enabled:AllShare"
"C:\Program Files\Audio a video\Samsung PC Share Manager\http_ss_win_pro.exe"="C:\Program Files\Audio a video\Samsung PC Share Manager\http_ss_win_pro.exe:*:Enabled:PCSM_http_ss_win_pro"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Internet a programy\FrostWire 5\FrostWire.exe"="C:\Program Files\Internet a programy\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Twonky\TwonkyBeam\TMSLite\tms-beam.exe"="C:\Program Files\Twonky\TwonkyBeam\TMSLite\tms-beam.exe:*:Enabled:TwonkyServerLite"
"C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe"="C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe:127.0.0.1/255.255.255.255:Enabled:GeekBuddy RSP"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BearShare 9\BearShare\BearShare.exe"="C:\Program Files\BearShare 9\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\iMesh 10\iMesh\iMesh.exe"="C:\Program Files\iMesh 10\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Audio a video\Veetle\Player\VeetleNet.exe"="C:\Program Files\Audio a video\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.ACDV"=ACDV.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.l3codecp"=l3codecp.acm
======List of files/folders created in the last 3 months======
2012-10-19 19:02:10 ----D---- C:\Program Files\trend micro
2012-10-19 19:02:09 ----D---- C:\rsit
2012-10-19 17:53:59 ----A---- C:\WINDOWS\system32\drivers\04092950.sys
2012-10-14 18:21:28 ----D---- C:\Program Files\Mozilla Firefox
2012-10-13 18:50:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\PDVD
2012-10-13 18:42:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\install_clap
2012-10-13 17:55:03 ----A---- C:\WINDOWS\system32\nvopencl.dll
2012-10-13 17:55:03 ----A---- C:\WINDOWS\system32\nvdispgenco32.dll
2012-10-06 12:14:58 ----D---- C:\Documents and Settings\Mirek mladší\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-10-06 11:27:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2012-09-27 19:34:01 ----D---- C:\WINDOWS\Downloaded Installations
2012-09-07 22:51:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Premium
2012-09-07 22:51:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallMate
2012-09-07 22:16:48 ----D---- C:\Documents and Settings\Mirek mladší\Data aplikací\Wondershare Video Converter Ultimate
2012-09-07 22:16:32 ----D---- C:\Program Files\Common Files\Wondershare
2012-09-07 22:16:13 ----A---- C:\WINDOWS\system32\iconv.dll
2012-08-29 19:53:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ask
2012-08-27 18:10:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\MediaMonkey
2012-08-27 18:09:58 ----D---- C:\Documents and Settings\Mirek mladší\Data aplikací\MediaMonkey
2012-08-18 14:33:25 ----D---- C:\Program Files\Oracle
2012-08-18 14:33:11 ----A---- C:\WINDOWS\system32\javaws.exe
2012-07-24 21:55:12 ----D---- C:\Documents and Settings\Mirek mladší\Data aplikací\Samsung
2012-07-24 21:54:11 ----D---- C:\Program Files\Samsung
======List of files/folders modified in the last 3 months======
2012-10-19 19:02:10 ----RD---- C:\Program Files
2012-10-19 18:57:55 ----D---- C:\WINDOWS\Temp
2012-10-19 18:48:24 ----D---- C:\WINDOWS\system32\drivers
2012-10-19 18:46:23 ----D---- C:\WINDOWS\system32\CatRoot2
2012-10-19 18:45:18 ----A---- C:\WINDOWS\wincmd.ini
2012-10-19 18:42:06 ----D---- C:\WINDOWS
2012-10-19 18:28:22 ----D---- C:\Program Files\Audio a video
2012-10-19 18:27:52 ----SHD---- C:\WINDOWS\Installer
2012-10-19 18:08:28 ----D---- C:\WINDOWS\system32
2012-10-19 18:08:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-10-19 18:00:30 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-10-19 17:46:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-10-19 17:36:38 ----D---- C:\WINDOWS\system32\config
2012-10-19 17:36:15 ----D---- C:\WINDOWS\system32\wbem
2012-10-19 17:36:15 ----D---- C:\WINDOWS\Registration
2012-10-19 17:26:30 ----D---- C:\WINDOWS\Prefetch
2012-10-18 20:52:52 ----HD---- C:\Documents and Settings\Mirek mladší\Data aplikací\uTorrent
2012-10-18 20:52:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-10-18 20:07:48 ----D---- C:\Program Files\Internet a programy
2012-10-18 19:47:28 ----SHD---- C:\RECYCLER
2012-10-17 18:55:56 ----A---- C:\LOGFILE.TXT
2012-10-15 19:07:55 ----HD---- C:\Documents and Settings\Mirek mladší\Data aplikací\KeePass
2012-10-14 19:48:56 ----D---- C:\Program Files\COMODO
2012-10-14 19:48:51 ----D---- C:\Program Files\Common Files
2012-10-14 19:48:31 ----D---- C:\Program Files\Diagnostika a údržba
2012-10-14 19:45:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
2012-10-14 19:43:42 ----SHD---- C:\System Volume Information
2012-10-14 19:43:42 ----D---- C:\WINDOWS\system32\Restore
2012-10-14 19:34:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2012-10-14 18:59:34 ----SD---- C:\WINDOWS\Tasks
2012-10-14 18:57:07 ----A---- C:\WINDOWS\system.ini
2012-10-14 18:56:34 ----D---- C:\WINDOWS\system32\drivers\etc
2012-10-14 18:55:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-10-14 18:51:43 ----D---- C:\Program Files\Internet Explorer
2012-10-14 18:49:00 ----D---- C:\WINDOWS\AppPatch
2012-10-13 20:10:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2012-10-13 20:00:12 ----ASH---- C:\boot.ini
2012-10-13 20:00:12 ----A---- C:\WINDOWS\win.ini
2012-10-13 19:53:10 ----HD---- C:\Program Files\InstallShield Installation Information
2012-10-13 18:47:55 ----D---- C:\WINDOWS\WinSxS
2012-10-13 18:42:20 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-10-13 18:14:42 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-10-13 18:07:10 ----D---- C:\WINDOWS\Debug
2012-10-13 17:57:43 ----D---- C:\Program Files\NVIDIA Corporation
2012-10-13 17:55:13 ----HD---- C:\WINDOWS\inf
2012-10-13 17:55:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-10-13 17:53:38 ----D---- C:\Documents and Settings\Mirek mladší\Data aplikací\vlc
2012-10-13 17:43:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-10-12 16:54:46 ----HD---- C:\Documents and Settings\Mirek mladší\Data aplikací\Zoner
2012-10-12 16:54:25 ----D---- C:\Program Files\Obrázky
2012-10-12 16:50:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-10-12 16:42:38 ----A---- C:\WINDOWS\system32\MRT.exe
2012-10-10 21:03:10 ----HD---- C:\WINDOWS\$hf_mig$
2012-10-06 12:16:43 ----HD---- C:\Documents and Settings\Mirek mladší\Data aplikací\Adobe
2012-10-06 11:26:11 ----D---- C:\Program Files\Adobe
2012-10-06 11:25:31 ----RSD---- C:\WINDOWS\Fonts
2012-10-06 11:25:29 ----D---- C:\Program Files\Common Files\Adobe
2012-10-06 10:23:42 ----HD---- C:\Documents and Settings\Mirek mladší\Data aplikací\Skype
2012-10-06 09:22:29 ----D---- C:\Program Files\VoipBlast
2012-09-29 22:24:51 ----D---- C:\Documents and Settings
2012-09-28 16:00:56 ----D---- C:\Documents and Settings\Mirek mladší\Data aplikací\FrostWire
2012-09-27 17:39:39 ----D---- C:\Program Files\Microsoft ActiveSync
2012-09-27 15:32:34 ----D---- C:\WINDOWS\ie8updates
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2012-09-23 15:09:20 ----AC---- C:\WINDOWS\system32\nvrsth.dll
2012-09-23 15:09:19 ----AC---- C:\WINDOWS\system32\nvrsptb.dll
2012-09-23 15:09:19 ----AC---- C:\WINDOWS\system32\nvrspt.dll
2012-09-23 15:09:19 ----AC---- C:\WINDOWS\system32\nvrsja.dll
2012-09-23 15:09:19 ----AC---- C:\WINDOWS\system32\nvrses.dll
2012-09-23 15:09:19 ----AC---- C:\WINDOWS\system32\nvrsar.dll
2012-09-23 15:09:18 ----AC---- C:\WINDOWS\system32\nvrszhc.dll
2012-09-23 15:09:18 ----AC---- C:\WINDOWS\system32\nvrssv.dll
2012-09-23 15:09:18 ----AC---- C:\WINDOWS\system32\nvrssl.dll
2012-09-23 15:09:18 ----AC---- C:\WINDOWS\system32\nvrssk.dll
2012-09-23 15:09:18 ----AC---- C:\WINDOWS\system32\nvrsfr.dll
2012-09-23 15:09:17 ----AC---- C:\WINDOWS\system32\nvrstr.dll
2012-09-23 15:09:17 ----AC---- C:\WINDOWS\system32\nvrspl.dll
2012-09-23 15:09:17 ----AC---- C:\WINDOWS\system32\nvrsno.dll
2012-09-23 15:09:17 ----AC---- C:\WINDOWS\system32\nvrshe.dll
2012-09-23 15:09:16 ----AC---- C:\WINDOWS\system32\nvrsit.dll
2012-09-23 15:09:16 ----AC---- C:\WINDOWS\system32\nvrseng.dll
2012-09-23 15:09:16 ----AC---- C:\WINDOWS\system32\nvrsel.dll
2012-09-23 15:09:15 ----AC---- C:\WINDOWS\system32\nvrsko.dll
2012-09-23 15:09:15 ----AC---- C:\WINDOWS\system32\nvrsesm.dll
2012-09-23 15:09:15 ----A---- C:\WINDOWS\system32\nvrscs.dll
2012-09-23 15:09:14 ----AC---- C:\WINDOWS\system32\nvrsru.dll
2012-09-23 15:09:14 ----AC---- C:\WINDOWS\system32\nvrsfi.dll
2012-09-23 15:09:13 ----AC---- C:\WINDOWS\system32\nvrszht.dll
2012-09-23 15:09:13 ----AC---- C:\WINDOWS\system32\nvrsnl.dll
2012-09-23 15:09:13 ----AC---- C:\WINDOWS\system32\nvrshu.dll
2012-09-23 15:09:13 ----AC---- C:\WINDOWS\system32\nvrsde.dll
2012-09-23 15:09:13 ----AC---- C:\WINDOWS\system32\nvrsda.dll
2012-09-23 15:04:24 ----A---- C:\WINDOWS\system32\nvwddi.dll
2012-09-23 15:04:12 ----A---- C:\WINDOWS\system32\nvcpl.dll
2012-09-23 15:04:11 ----AC---- C:\WINDOWS\system32\nvcolor.exe
2012-09-23 15:04:11 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2012-09-23 15:04:11 ----A---- C:\WINDOWS\system32\nvmctray.dll
2012-09-15 14:02:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2012-09-11 14:34:38 ----N---- C:\WINDOWS\system32\tzchange.exe
2012-09-08 15:58:27 ----D---- C:\WINDOWS\SoftwareDistribution
2012-09-08 14:58:38 ----D---- C:\Program Files\PC Translator 2010.03
2012-08-29 17:33:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-08-28 20:48:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2012-08-28 17:18:59 ----A---- C:\WINDOWS\system32\wininet.dll
2012-08-28 17:18:58 ----N---- C:\WINDOWS\system32\occache.dll
2012-08-28 17:18:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2012-08-28 17:18:58 ----A---- C:\WINDOWS\system32\url.dll
2012-08-28 17:18:57 ----N---- C:\WINDOWS\system32\mstime.dll
2012-08-28 17:18:57 ----N---- C:\WINDOWS\system32\mshtmled.dll
2012-08-28 17:18:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2012-08-28 17:18:54 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2012-08-28 17:18:54 ----A---- C:\WINDOWS\system32\msfeeds.dll
2012-08-28 17:18:53 ----N---- C:\WINDOWS\system32\licmgr10.dll
2012-08-28 17:18:53 ----N---- C:\WINDOWS\system32\jsproxy.dll
2012-08-28 17:18:51 ----A---- C:\WINDOWS\system32\iertutil.dll
2012-08-28 17:18:50 ----N---- C:\WINDOWS\system32\iepeers.dll
2012-08-28 17:18:45 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2012-08-28 14:07:34 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2012-08-24 15:53:44 ----A---- C:\WINDOWS\system32\wintrust.dll
2012-08-23 08:27:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2012-08-23 08:27:26 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2012-08-21 11:12:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-08-18 14:32:31 ----D---- C:\Program Files\Java
2012-07-27 18:18:07 ----D---- C:\WINDOWS\Microsoft.NET
2012-07-27 15:41:58 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 fsh;fsh; C:\WINDOWS\system32\drivers\fsh.sys [2010-04-08 39744]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-04-01 158272]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\WINDOWS\system32\DRIVERS\tdrpm258.sys [2010-03-22 911680]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-03-22 581984]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-01-01 26024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 ASPI32;ASPI32; C:\WINDOWS\System32\drivers\aspi32.sys [2009-12-23 16512]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2010-03-22 160288]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2010-04-23 106432]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-09-23 12557728]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2009-06-10 14080]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [2009-06-10 36992]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 tvtool;tvtool; \??\C:\Program Files\Audio a video\TVTool\tvtool.sys []
S2 INETLOCK;INETLOCK; C:\WINDOWS\system32\drivers\Inetlock.sys [2011-05-10 16587]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys []
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 50704]
S3 RDPDISPM;RDPDISPM; C:\WINDOWS\system32\DRIVERS\rdpdispm.sys [2010-06-26 9040]
S3 RDPVDD;RDPVDD; C:\WINDOWS\system32\DRIVERS\rdpvmp.sys [2010-06-26 19408]
S3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 BCSWAP;BCSWAP; C:\WINDOWS\system32\drivers\BCSWAP.sys [2010-02-08 92096]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [2009-11-26 661008]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-22 2480048]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 BCWipeSvc;BCWipe service; C:\Program Files\Diagnostika a údržba\BCWipe\BCWipeSvc.exe [2010-05-21 95544]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\Zabezpečení\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-07-05 161704]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-09-23 1258856]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-01-10 482992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c99a896891aac6;Google Update Service (gupdate1c99a896891aac6); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-31 136176]
S2 INETLOCKSVC;Internet Lock Service; C:\Program Files\Internet a programy\Internet Lock 5.1\ILSvc.exe [2007-09-09 106496]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-13 250808]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files\Audio a video\Samsung PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-31 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-14 115168]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomoc- System Idle Process 95-100%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomoc- System Idle Process 95-100%
Zdravim 
Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
- Nahrady za Spybota:
- Samozrejme pouzivejte jen jeden z nich
- Osobne doporucuji SuperAntiSpyware
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Search
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Pomoc- System Idle Process 95-100%
Zdravím,
posílám slíbený log, dneska se mi už PC kouslo opět jednou...
# AdwCleaner v2.005 - Logfile created 10/19/2012 at 22:41:05
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mirek mladší - COMPUTER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Mirek mladší\Dokumenty\Download\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Documents and Settings\All Users\Data aplikací\InstallMate
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Premium
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\uTorrentControl2
Key Found : HKCU\Toolbar
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D52EC1-43E3-408D-B212-0638E7509DD8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE3924CB-E917-4196-84F5-5C34635C3DBF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKU\S-1-5-21-484763869-796845957-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R2].txt - [2245 octets] - [19/10/2012 22:41:05]
########## EOF - C:\AdwCleaner[R2].txt - [2305 octets] ##########
posílám slíbený log, dneska se mi už PC kouslo opět jednou...
# AdwCleaner v2.005 - Logfile created 10/19/2012 at 22:41:05
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mirek mladší - COMPUTER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Mirek mladší\Dokumenty\Download\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Documents and Settings\All Users\Data aplikací\InstallMate
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Premium
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\uTorrentControl2
Key Found : HKCU\Toolbar
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D52EC1-43E3-408D-B212-0638E7509DD8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE3924CB-E917-4196-84F5-5C34635C3DBF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKU\S-1-5-21-484763869-796845957-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R2].txt - [2245 octets] - [19/10/2012 22:41:05]
########## EOF - C:\AdwCleaner[R2].txt - [2305 octets] ##########
Re: Pomoc- System Idle Process 95-100%
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Delete
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Pockejte na dokonceni PreScanu
- Zvolte moznost Prohledat (scan)
- Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
- Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomoc- System Idle Process 95-100%
AdWCleaner- delete:
# AdwCleaner v2.005 - Logfile created 10/20/2012 at 10:11:59
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mirek mladší - COMPUTER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Mirek mladší\Dokumenty\Download\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\InstallMate
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Premium
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\uTorrentControl2
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D52EC1-43E3-408D-B212-0638E7509DD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE3924CB-E917-4196-84F5-5C34635C3DBF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\Software\uTorrentControl2
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R3].txt - [2374 octets] - [20/10/2012 10:11:06]
AdwCleaner[S1].txt - [2193 octets] - [20/10/2012 10:11:59]
########## EOF - C:\AdwCleaner[S1].txt - [2253 octets] ##########
RogueKiller:
RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mirek mladší [Práva správce]
Mód : Kontrola -- Datum : 10/20/2012 10:17:16
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[SCREENSV][SUSP PATH] HKCU\[...]\Desktop (C:\WINDOWS\AvastSS.scr) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[45] : NtCreatePagingFile @ 0x805BB077 -> HOOKED (a347bus.sys @ 0xF75AFB00)
_INLINE_ : NtCreatePagingFile -> HOOKED (a347bus.sys @ 0xF75AFB00)
IRP[DriverStartIo] : Unknown -> HOOKED ([MAJOR] @ 0xF7479864)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] dc9026931aace035229e3dd7e91451c6
[BSP] 009609638ed7da47e9da34fbbe637ab8 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 156296385 | Size: 877550 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD600JB-00ETA0 +++++
--- User ---
[MBR] b1cdd28fe9db3af951cd46fc171ad838
[BSP] d88014709504051a6ed5339321e3cfae : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 57231 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
# AdwCleaner v2.005 - Logfile created 10/20/2012 at 10:11:59
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mirek mladší - COMPUTER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Mirek mladší\Dokumenty\Download\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\InstallMate
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Premium
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\uTorrentControl2
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D52EC1-43E3-408D-B212-0638E7509DD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE3924CB-E917-4196-84F5-5C34635C3DBF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\Software\uTorrentControl2
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R3].txt - [2374 octets] - [20/10/2012 10:11:06]
AdwCleaner[S1].txt - [2193 octets] - [20/10/2012 10:11:59]
########## EOF - C:\AdwCleaner[S1].txt - [2253 octets] ##########
RogueKiller:
RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mirek mladší [Práva správce]
Mód : Kontrola -- Datum : 10/20/2012 10:17:16
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[SCREENSV][SUSP PATH] HKCU\[...]\Desktop (C:\WINDOWS\AvastSS.scr) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[45] : NtCreatePagingFile @ 0x805BB077 -> HOOKED (a347bus.sys @ 0xF75AFB00)
_INLINE_ : NtCreatePagingFile -> HOOKED (a347bus.sys @ 0xF75AFB00)
IRP[DriverStartIo] : Unknown -> HOOKED ([MAJOR] @ 0xF7479864)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] dc9026931aace035229e3dd7e91451c6
[BSP] 009609638ed7da47e9da34fbbe637ab8 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 156296385 | Size: 877550 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD600JB-00ETA0 +++++
--- User ---
[MBR] b1cdd28fe9db3af951cd46fc171ad838
[BSP] d88014709504051a6ed5339321e3cfae : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 57231 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
Re: Pomoc- System Idle Process 95-100%
Spustte znovu RogueKiller
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
- Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomoc- System Idle Process 95-100%
Zdravím,
posílám požadované logy.
Rogue Killer:
RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mirek mladší [Práva správce]
Mód : Odebrat -- Datum : 10/21/2012 14:55:18
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[SCREENSV][SUSP PATH] HKCU\[...]\Desktop (C:\WINDOWS\AvastSS.scr) -> NAHRAZENO (C:\WINDOWS\system32\logon.scr)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[45] : NtCreatePagingFile @ 0x805BB077 -> HOOKED (a347bus.sys @ 0xF75AFB00)
_INLINE_ : NtCreatePagingFile -> HOOKED (a347bus.sys @ 0xF75AFB00)
IRP[DriverStartIo] : Unknown -> HOOKED ([MAJOR] @ 0xF7479864)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] dc9026931aace035229e3dd7e91451c6
[BSP] 009609638ed7da47e9da34fbbe637ab8 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 156296385 | Size: 877550 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD600JB-00ETA0 +++++
--- User ---
[MBR] b1cdd28fe9db3af951cd46fc171ad838
[BSP] d88014709504051a6ed5339321e3cfae : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 57231 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Rogue Killer po oprava host:
RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mirek mladší [Práva správce]
Mód : Oprava HOSTS -- Datum : 10/21/2012 14:56:33
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
Díky
MK
posílám požadované logy.
Rogue Killer:
RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mirek mladší [Práva správce]
Mód : Odebrat -- Datum : 10/21/2012 14:55:18
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[SCREENSV][SUSP PATH] HKCU\[...]\Desktop (C:\WINDOWS\AvastSS.scr) -> NAHRAZENO (C:\WINDOWS\system32\logon.scr)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[45] : NtCreatePagingFile @ 0x805BB077 -> HOOKED (a347bus.sys @ 0xF75AFB00)
_INLINE_ : NtCreatePagingFile -> HOOKED (a347bus.sys @ 0xF75AFB00)
IRP[DriverStartIo] : Unknown -> HOOKED ([MAJOR] @ 0xF7479864)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] dc9026931aace035229e3dd7e91451c6
[BSP] 009609638ed7da47e9da34fbbe637ab8 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 156296385 | Size: 877550 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD600JB-00ETA0 +++++
--- User ---
[MBR] b1cdd28fe9db3af951cd46fc171ad838
[BSP] d88014709504051a6ed5339321e3cfae : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 57231 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Rogue Killer po oprava host:
RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mirek mladší [Práva správce]
Mód : Oprava HOSTS -- Datum : 10/21/2012 14:56:33
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
Díky
MK
Re: Pomoc- System Idle Process 95-100%
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomoc- System Idle Process 95-100%
Dobrý večer,
výsledek posílám v příloze:
ComboFix 12-10-22.01 - Mirek mladší 22.10.2012 18:01:26.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2353 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mirek mladší\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Internet Explorer\SET12.tmp
c:\program files\Internet Explorer\SET13.tmp
c:\program files\Internet Explorer\SET14.tmp
c:\program files\Internet Explorer\SET15.tmp
c:\program files\Internet Explorer\SET16.tmp
c:\program files\Internet Explorer\SET17.tmp
c:\program files\Internet Explorer\SET2.tmp
c:\program files\Internet Explorer\SET29.tmp
c:\program files\Internet Explorer\SET2A.tmp
c:\program files\Internet Explorer\SET2B.tmp
c:\program files\Internet Explorer\SET2C.tmp
c:\program files\Internet Explorer\SET2D.tmp
c:\program files\Internet Explorer\SET2E.tmp
c:\program files\Internet Explorer\SET3.tmp
c:\program files\Internet Explorer\SET4.tmp
c:\program files\Internet Explorer\SET5.tmp
c:\program files\Internet Explorer\SET6.tmp
c:\program files\Internet Explorer\SET7.tmp
c:\program files\Internet Explorer\SET8.tmp
c:\program files\Internet Explorer\SET9.tmp
c:\program files\Internet Explorer\SETA.tmp
c:\windows\system32\SET100.tmp
c:\windows\system32\SET101.tmp
c:\windows\system32\SET102.tmp
c:\windows\system32\SET103.tmp
c:\windows\system32\SET104.tmp
c:\windows\system32\SET105.tmp
c:\windows\system32\SET106.tmp
c:\windows\system32\SET107.tmp
c:\windows\system32\SET108.tmp
c:\windows\system32\SET109.tmp
c:\windows\system32\SET10A.tmp
c:\windows\system32\SET10B.tmp
c:\windows\system32\SET10C.tmp
c:\windows\system32\SET10D.tmp
c:\windows\system32\SET10E.tmp
c:\windows\system32\SET10F.tmp
c:\windows\system32\SET110.tmp
c:\windows\system32\SET111.tmp
c:\windows\system32\SET112.tmp
c:\windows\system32\SET113.tmp
c:\windows\system32\SET114.tmp
c:\windows\system32\SET115.tmp
c:\windows\system32\SET116.tmp
c:\windows\system32\SET117.tmp
c:\windows\system32\SET118.tmp
c:\windows\system32\SET119.tmp
c:\windows\system32\SET11A.tmp
c:\windows\system32\SET11B.tmp
c:\windows\system32\SET11C.tmp
c:\windows\system32\SET11D.tmp
c:\windows\system32\SET11E.tmp
c:\windows\system32\SET11F.tmp
c:\windows\system32\SET120.tmp
c:\windows\system32\SET122.tmp
c:\windows\system32\SET123.tmp
c:\windows\system32\SET124.tmp
c:\windows\system32\SET125.tmp
c:\windows\system32\SET126.tmp
c:\windows\system32\SET127.tmp
c:\windows\system32\SET128.tmp
c:\windows\system32\SET129.tmp
c:\windows\system32\SET12A.tmp
c:\windows\system32\SET12B.tmp
c:\windows\system32\SET12C.tmp
c:\windows\system32\SET12D.tmp
c:\windows\system32\SET12E.tmp
c:\windows\system32\SET12F.tmp
c:\windows\system32\SET13.tmp
c:\windows\system32\SET130.tmp
c:\windows\system32\SET131.tmp
c:\windows\system32\SET132.tmp
c:\windows\system32\SET133.tmp
c:\windows\system32\SET134.tmp
c:\windows\system32\SET135.tmp
c:\windows\system32\SET136.tmp
c:\windows\system32\SET137.tmp
c:\windows\system32\SET138.tmp
c:\windows\system32\SET139.tmp
c:\windows\system32\SET13A.tmp
c:\windows\system32\SET13B.tmp
c:\windows\system32\SET13C.tmp
c:\windows\system32\SET13D.tmp
c:\windows\system32\SET13E.tmp
c:\windows\system32\SET13F.tmp
c:\windows\system32\SET14.tmp
c:\windows\system32\SET140.tmp
c:\windows\system32\SET141.tmp
c:\windows\system32\SET142.tmp
c:\windows\system32\SET143.tmp
c:\windows\system32\SET144.tmp
c:\windows\system32\SET145.tmp
c:\windows\system32\SET146.tmp
c:\windows\system32\SET147.tmp
c:\windows\system32\SET148.tmp
c:\windows\system32\SET149.tmp
c:\windows\system32\SET14A.tmp
c:\windows\system32\SET14B.tmp
c:\windows\system32\SET14C.tmp
c:\windows\system32\SET14D.tmp
c:\windows\system32\SET14E.tmp
c:\windows\system32\SET14F.tmp
c:\windows\system32\SET15.tmp
c:\windows\system32\SET150.tmp
c:\windows\system32\SET151.tmp
c:\windows\system32\SET153.tmp
c:\windows\system32\SET154.tmp
c:\windows\system32\SET155.tmp
c:\windows\system32\SET156.tmp
c:\windows\system32\SET157.tmp
c:\windows\system32\SET158.tmp
c:\windows\system32\SET159.tmp
c:\windows\system32\SET15A.tmp
c:\windows\system32\SET15B.tmp
c:\windows\system32\SET15C.tmp
c:\windows\system32\SET15D.tmp
c:\windows\system32\SET15E.tmp
c:\windows\system32\SET15F.tmp
c:\windows\system32\SET16.tmp
c:\windows\system32\SET160.tmp
c:\windows\system32\SET161.tmp
c:\windows\system32\SET162.tmp
c:\windows\system32\SET163.tmp
c:\windows\system32\SET164.tmp
c:\windows\system32\SET165.tmp
c:\windows\system32\SET166.tmp
c:\windows\system32\SET167.tmp
c:\windows\system32\SET168.tmp
c:\windows\system32\SET169.tmp
c:\windows\system32\SET16A.tmp
c:\windows\system32\SET16B.tmp
c:\windows\system32\SET16C.tmp
c:\windows\system32\SET17.tmp
c:\windows\system32\SET18.tmp
c:\windows\system32\SET19.tmp
c:\windows\system32\SET1A.tmp
c:\windows\system32\SET1B.tmp
c:\windows\system32\SET1C.tmp
c:\windows\system32\SET1D.tmp
c:\windows\system32\SET1E.tmp
c:\windows\system32\SET1F.tmp
c:\windows\system32\SET20.tmp
c:\windows\system32\SET21.tmp
c:\windows\system32\SET22.tmp
c:\windows\system32\SET23.tmp
c:\windows\system32\SET24.tmp
c:\windows\system32\SET25.tmp
c:\windows\system32\SET26.tmp
c:\windows\system32\SET27.tmp
c:\windows\system32\SET28.tmp
c:\windows\system32\SET2A.tmp
c:\windows\system32\SET2B.tmp
c:\windows\system32\SET2D.tmp
c:\windows\system32\SET2F.tmp
c:\windows\system32\SET30.tmp
c:\windows\system32\SET31.tmp
c:\windows\system32\SET32.tmp
c:\windows\system32\SET33.tmp
c:\windows\system32\SET34.tmp
c:\windows\system32\SET35.tmp
c:\windows\system32\SET36.tmp
c:\windows\system32\SET37.tmp
c:\windows\system32\SET38.tmp
c:\windows\system32\SET39.tmp
c:\windows\system32\SET3A.tmp
c:\windows\system32\SET3B.tmp
c:\windows\system32\SET3C.tmp
c:\windows\system32\SET3D.tmp
c:\windows\system32\SET3E.tmp
c:\windows\system32\SET3F.tmp
c:\windows\system32\SET40.tmp
c:\windows\system32\SET41.tmp
c:\windows\system32\SET42.tmp
c:\windows\system32\SET43.tmp
c:\windows\system32\SET44.tmp
c:\windows\system32\SET45.tmp
c:\windows\system32\SET46.tmp
c:\windows\system32\SET47.tmp
c:\windows\system32\SET48.tmp
c:\windows\system32\SET49.tmp
c:\windows\system32\SET4A.tmp
c:\windows\system32\SET4B.tmp
c:\windows\system32\SET4C.tmp
c:\windows\system32\SET4D.tmp
c:\windows\system32\SET4E.tmp
c:\windows\system32\SET4F.tmp
c:\windows\system32\SET50.tmp
c:\windows\system32\SET51.tmp
c:\windows\system32\SET53.tmp
c:\windows\system32\SET54.tmp
c:\windows\system32\SET55.tmp
c:\windows\system32\SET56.tmp
c:\windows\system32\SET57.tmp
c:\windows\system32\SET58.tmp
c:\windows\system32\SET59.tmp
c:\windows\system32\SET5A.tmp
c:\windows\system32\SET5B.tmp
c:\windows\system32\SET5C.tmp
c:\windows\system32\SET5D.tmp
c:\windows\system32\SET5E.tmp
c:\windows\system32\SET60.tmp
c:\windows\system32\SET61.tmp
c:\windows\system32\SET62.tmp
c:\windows\system32\SET63.tmp
c:\windows\system32\SET64.tmp
c:\windows\system32\SET65.tmp
c:\windows\system32\SET66.tmp
c:\windows\system32\SET67.tmp
c:\windows\system32\SET68.tmp
c:\windows\system32\SET69.tmp
c:\windows\system32\SET6A.tmp
c:\windows\system32\SET6B.tmp
c:\windows\system32\SET6C.tmp
c:\windows\system32\SET6D.tmp
c:\windows\system32\SET6E.tmp
c:\windows\system32\SET6F.tmp
c:\windows\system32\SET70.tmp
c:\windows\system32\SET71.tmp
c:\windows\system32\SET72.tmp
c:\windows\system32\SET73.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SET75.tmp
c:\windows\system32\SET76.tmp
c:\windows\system32\SET77.tmp
c:\windows\system32\SET78.tmp
c:\windows\system32\SET79.tmp
c:\windows\system32\SET7A.tmp
c:\windows\system32\SET7B.tmp
c:\windows\system32\SET7C.tmp
c:\windows\system32\SET7D.tmp
c:\windows\system32\SET7E.tmp
c:\windows\system32\SET7F.tmp
c:\windows\system32\SET80.tmp
c:\windows\system32\SET81.tmp
c:\windows\system32\SET82.tmp
c:\windows\system32\SET83.tmp
c:\windows\system32\SET84.tmp
c:\windows\system32\SET85.tmp
c:\windows\system32\SET86.tmp
c:\windows\system32\SET87.tmp
c:\windows\system32\SET88.tmp
c:\windows\system32\SET89.tmp
c:\windows\system32\SET8A.tmp
c:\windows\system32\SET8B.tmp
c:\windows\system32\SET8C.tmp
c:\windows\system32\SET8D.tmp
c:\windows\system32\SET8F.tmp
c:\windows\system32\SET90.tmp
c:\windows\system32\SET91.tmp
c:\windows\system32\SET92.tmp
c:\windows\system32\SET93.tmp
c:\windows\system32\SET94.tmp
c:\windows\system32\SET95.tmp
c:\windows\system32\SET96.tmp
c:\windows\system32\SET97.tmp
c:\windows\system32\SET98.tmp
c:\windows\system32\SET99.tmp
c:\windows\system32\SET9A.tmp
c:\windows\system32\SET9B.tmp
c:\windows\system32\SET9C.tmp
c:\windows\system32\SET9D.tmp
c:\windows\system32\SET9E.tmp
c:\windows\system32\SET9F.tmp
c:\windows\system32\SETA0.tmp
c:\windows\system32\SETA1.tmp
c:\windows\system32\SETA2.tmp
c:\windows\system32\SETA3.tmp
c:\windows\system32\SETA4.tmp
c:\windows\system32\SETA5.tmp
c:\windows\system32\SETA6.tmp
c:\windows\system32\SETA7.tmp
c:\windows\system32\SETA8.tmp
c:\windows\system32\SETA9.tmp
c:\windows\system32\SETAA.tmp
c:\windows\system32\SETAB.tmp
c:\windows\system32\SETAC.tmp
c:\windows\system32\SETAD.tmp
c:\windows\system32\SETAE.tmp
c:\windows\system32\SETAF.tmp
c:\windows\system32\SETB0.tmp
c:\windows\system32\SETB1.tmp
c:\windows\system32\SETB2.tmp
c:\windows\system32\SETB3.tmp
c:\windows\system32\SETB4.tmp
c:\windows\system32\SETB5.tmp
c:\windows\system32\SETB6.tmp
c:\windows\system32\SETB7.tmp
c:\windows\system32\SETB8.tmp
c:\windows\system32\SETB9.tmp
c:\windows\system32\SETBA.tmp
c:\windows\system32\SETBB.tmp
c:\windows\system32\SETBC.tmp
c:\windows\system32\SETBD.tmp
c:\windows\system32\SETBE.tmp
c:\windows\system32\SETC0.tmp
c:\windows\system32\SETC1.tmp
c:\windows\system32\SETC2.tmp
c:\windows\system32\SETC3.tmp
c:\windows\system32\SETC4.tmp
c:\windows\system32\SETC5.tmp
c:\windows\system32\SETC6.tmp
c:\windows\system32\SETC7.tmp
c:\windows\system32\SETC8.tmp
c:\windows\system32\SETC9.tmp
c:\windows\system32\SETCA.tmp
c:\windows\system32\SETCB.tmp
c:\windows\system32\SETCC.tmp
c:\windows\system32\SETCD.tmp
c:\windows\system32\SETCE.tmp
c:\windows\system32\SETCF.tmp
c:\windows\system32\SETD0.tmp
c:\windows\system32\SETD1.tmp
c:\windows\system32\SETD2.tmp
c:\windows\system32\SETD3.tmp
c:\windows\system32\SETD4.tmp
c:\windows\system32\SETD5.tmp
c:\windows\system32\SETD6.tmp
c:\windows\system32\SETD7.tmp
c:\windows\system32\SETD8.tmp
c:\windows\system32\SETD9.tmp
c:\windows\system32\SETDA.tmp
c:\windows\system32\SETDB.tmp
c:\windows\system32\SETDC.tmp
c:\windows\system32\SETDD.tmp
c:\windows\system32\SETDE.tmp
c:\windows\system32\SETDF.tmp
c:\windows\system32\SETE0.tmp
c:\windows\system32\SETE1.tmp
c:\windows\system32\SETE2.tmp
c:\windows\system32\SETE3.tmp
c:\windows\system32\SETE4.tmp
c:\windows\system32\SETE5.tmp
c:\windows\system32\SETE6.tmp
c:\windows\system32\SETE7.tmp
c:\windows\system32\SETE8.tmp
c:\windows\system32\SETE9.tmp
c:\windows\system32\SETEA.tmp
c:\windows\system32\SETEB.tmp
c:\windows\system32\SETEC.tmp
c:\windows\system32\SETED.tmp
c:\windows\system32\SETEE.tmp
c:\windows\system32\SETEF.tmp
c:\windows\system32\SETF1.tmp
c:\windows\system32\SETF2.tmp
c:\windows\system32\SETF3.tmp
c:\windows\system32\SETF4.tmp
c:\windows\system32\SETF5.tmp
c:\windows\system32\SETF6.tmp
c:\windows\system32\SETF7.tmp
c:\windows\system32\SETF8.tmp
c:\windows\system32\SETF9.tmp
c:\windows\system32\SETFA.tmp
c:\windows\system32\SETFB.tmp
c:\windows\system32\SETFC.tmp
c:\windows\system32\SETFD.tmp
c:\windows\system32\SETFE.tmp
c:\windows\system32\SETFF.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-22 do 2012-10-22 )))))))))))))))))))))))))))))))
.
.
2012-10-22 15:50 . 2012-10-22 15:50 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2012-10-22 15:50 . 2012-10-22 15:50 23327 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2012-10-22 15:50 . 2012-10-22 15:50 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2012-10-20 08:29 . 2012-10-20 08:29 -------- d-----w- c:\documents and settings\Mirek mladší\Data aplikací\SUPERAntiSpyware.com
2012-10-20 08:29 . 2012-10-20 08:29 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-20 08:29 . 2012-10-20 08:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2012-10-19 20:22 . 2012-08-21 09:13 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-19 20:22 . 2012-08-21 09:13 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-19 20:22 . 2012-08-21 09:13 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-19 20:22 . 2012-08-21 09:13 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-19 20:22 . 2012-08-21 09:13 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-19 20:22 . 2012-08-21 09:13 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-10-19 20:22 . 2012-08-21 09:13 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-10-19 20:22 . 2012-08-21 09:13 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-10-19 20:21 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr
2012-10-19 20:21 . 2012-08-21 09:12 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-19 20:21 . 2012-10-19 20:21 -------- d-----w- c:\program files\AVAST Software
2012-10-19 20:14 . 2012-10-19 20:15 -------- dc-h--w- c:\windows\ie8
2012-10-19 19:34 . 2012-10-19 19:39 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2012-10-19 17:02 . 2012-10-19 17:02 -------- d-----w- c:\program files\trend micro
2012-10-19 15:53 . 2012-10-19 15:53 177496 ----a-w- c:\windows\system32\drivers\04092950.sys
2012-10-19 15:36 . 2012-10-19 15:36 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-13 18:06 . 2012-10-13 18:06 -------- d-----w- c:\documents and settings\Mirek mladší\Local Settings\Data aplikací\MediaShow
2012-10-13 16:50 . 2012-10-13 16:50 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\MediaServer
2012-10-13 16:50 . 2012-10-13 16:50 -------- d-----w- c:\documents and settings\Mirek mladší\Local Settings\Data aplikací\MediaServer
2012-10-13 16:50 . 2012-10-13 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PDVD
2012-10-13 16:49 . 2012-10-13 17:55 -------- d-----w- c:\documents and settings\Mirek mladší\CyberLink
2012-10-13 16:42 . 2012-10-13 16:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\install_clap
2012-10-13 15:55 . 2012-09-23 14:28 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-13 15:55 . 2012-09-23 14:28 5947392 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-06 10:14 . 2012-10-06 10:14 -------- d-----w- c:\documents and settings\Mirek mladší\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-10-06 09:27 . 2012-10-06 09:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\regid.1986-12.com.adobe
2012-09-28 14:03 . 2012-09-28 14:19 -------- d-----w- c:\documents and settings\Mirek mladší\.frostwire5
2012-09-27 17:34 . 2012-09-27 17:34 -------- d-----w- c:\windows\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-13 16:14 . 2012-03-30 16:01 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-13 16:14 . 2011-12-17 14:46 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-29 17:54 . 2012-01-07 17:44 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-23 14:28 . 2011-06-13 12:21 7446528 ----a-w- c:\windows\system32\nvcuda.dll
2012-09-23 14:28 . 2011-06-13 12:21 2578792 ----a-w- c:\windows\system32\nvcuvid.dll
2012-09-23 14:28 . 2011-06-13 12:21 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-09-23 14:28 . 2011-06-13 12:21 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-09-23 14:28 . 2011-06-13 12:21 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-09-23 14:28 . 2011-06-13 12:21 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-09-23 14:28 . 2010-11-13 20:21 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-09-23 14:28 . 2009-02-19 18:56 12557728 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-09-23 14:28 . 2009-02-19 18:56 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-09-23 13:09 . 2011-06-13 12:22 253952 -c--a-w- c:\windows\system32\nvrsth.dll
2012-09-23 13:09 . 2011-06-13 12:22 274432 -c--a-w- c:\windows\system32\nvrspt.dll
2012-09-23 13:09 . 2011-06-13 12:22 274432 -c--a-w- c:\windows\system32\nvrsja.dll
2012-09-23 13:09 . 2011-06-13 12:22 270336 -c--a-w- c:\windows\system32\nvrsptb.dll
2012-09-23 13:09 . 2011-06-13 12:22 335872 -c--a-w- c:\windows\system32\nvrsar.dll
2012-09-23 13:09 . 2011-06-13 12:22 282624 -c--a-w- c:\windows\system32\nvrses.dll
2012-09-23 13:09 . 2011-06-13 12:22 258048 -c--a-w- c:\windows\system32\nvrssl.dll
2012-09-23 13:09 . 2011-06-13 12:22 258048 -c--a-w- c:\windows\system32\nvrssk.dll
2012-09-23 13:09 . 2011-06-13 12:22 253952 -c--a-w- c:\windows\system32\nvrssv.dll
2012-09-23 13:09 . 2011-06-13 12:22 229376 -c--a-w- c:\windows\system32\nvrszhc.dll
2012-09-23 13:09 . 2011-06-13 12:22 286720 -c--a-w- c:\windows\system32\nvrsfr.dll
2012-09-23 13:09 . 2011-06-13 12:22 258048 -c--a-w- c:\windows\system32\nvrstr.dll
2012-09-23 13:09 . 2011-06-13 12:22 258048 -c--a-w- c:\windows\system32\nvrspl.dll
2012-09-23 13:09 . 2011-06-13 12:22 253952 -c--a-w- c:\windows\system32\nvrsno.dll
2012-09-23 13:09 . 2011-06-13 12:22 335872 -c--a-w- c:\windows\system32\nvrshe.dll
2012-09-23 13:09 . 2011-06-13 12:22 282624 -c--a-w- c:\windows\system32\nvrsit.dll
2012-09-23 13:09 . 2011-06-13 12:22 282624 -c--a-w- c:\windows\system32\nvrsel.dll
2012-09-23 13:09 . 2011-06-13 12:22 249856 -c--a-w- c:\windows\system32\nvrseng.dll
2012-09-23 13:09 . 2011-06-13 12:22 266240 -c--a-w- c:\windows\system32\nvrsko.dll
2012-09-23 13:09 . 2011-06-13 12:22 274432 -c--a-w- c:\windows\system32\nvrsesm.dll
2012-09-23 13:09 . 2011-06-13 12:22 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-09-23 13:09 . 2011-06-13 12:22 270336 -c--a-w- c:\windows\system32\nvrsru.dll
2012-09-23 13:09 . 2011-06-13 12:22 249856 -c--a-w- c:\windows\system32\nvrsfi.dll
2012-09-23 13:09 . 2011-06-13 12:22 274432 -c--a-w- c:\windows\system32\nvrsnl.dll
2012-09-23 13:09 . 2011-06-13 12:22 126976 -c--a-w- c:\windows\system32\nvrszht.dll
2012-09-23 13:09 . 2011-06-13 12:22 278528 -c--a-w- c:\windows\system32\nvrsde.dll
2012-09-23 13:09 . 2011-06-13 12:22 262144 -c--a-w- c:\windows\system32\nvrshu.dll
2012-09-23 13:09 . 2011-06-13 12:22 253952 -c--a-w- c:\windows\system32\nvrsda.dll
2012-09-23 13:04 . 2011-06-13 12:22 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-09-23 13:04 . 2011-06-13 12:22 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-23 13:04 . 2011-06-13 12:22 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-09-23 13:04 . 2011-06-13 12:22 143720 -c--a-w- c:\windows\system32\nvcolor.exe
2012-09-23 13:04 . 2011-06-13 12:22 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-28 15:18 . 2004-08-17 14:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-17 14:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-17 14:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-17 14:44 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-17 14:49 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2004-08-17 15:45 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-23 06:27 . 2004-08-17 14:45 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-14 16:21 . 2012-10-14 16:21 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 17:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-06-14 01:53 369784 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-06-14 01:53 369784 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-06-14 01:53 369784 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-06-14 01:53 369784 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Startup Guard"="c:\program files\Zabezpečení\StartupGuard\SG.EXE" [2004-08-23 57344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zástupce stránky vlastností sběrnice High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QuickTime Task"="c:\program files\Audio a video\QuickTime\qttask.exe" [2010-11-29 421888]
"COMODO Internet Security"="c:\program files\Zabezpečení\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-09-23 15512424]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VoipDiscount\\VoipDiscount.exe"=
"c:\\Program Files\\Internet a programy\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VoipBlast\\VoipBlast.exe"=
"c:\\Hry\\PES 2011\\pes2011.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Hry\\Virtua Tennis 4\\VT4.exe"=
"c:\\Program Files\\Audio a video\\Veetle\\Player\\VeetleNet.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Audio a video\\Samsung PC Share Manager\\WiselinkPro.exe"=
"c:\\Program Files\\Audio a video\\Samsung PC Share Manager\\http_ss_win_pro.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Internet a programy\\FrostWire 5\\FrostWire.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Audio a video\\Serviio\\bin\\ServiioService.exe"=
"c:\\Program Files\\Audio a video\\Serviio\\bin\\ServiioConsole.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\PowerDVD12.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\Kernel\\DMR\\PowerDVD12DMREngine.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\Kernel\\DMS\\CLMSServerPDVD12.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\PowerDVD12Agent.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\PowerDVD12ML.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [20.2.2009 23:44 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [20.2.2009 23:44 5248]
R0 fsh;fsh;c:\windows\system32\drivers\fsh.sys [23.5.2010 6:05 39744]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [22.3.2010 20:27 911680]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [19.10.2012 22:22 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.10.2012 22:22 355632]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [11.3.2012 22:13 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [11.3.2012 22:13 31704]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [18.2.2012 11:00 32768]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11.7.2012 20:54 116608]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/10/20 10:43];c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl [11.1.2012 22:57 87536]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [22.3.2010 20:27 2480048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.10.2012 22:22 21256]
R2 BCWipeSvc;BCWipe service;c:\program files\Diagnostika a údržba\BCWipe\BCWipeSvc.exe [23.5.2010 6:05 95544]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [20.10.2012 10:42 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [20.10.2012 10:42 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [20.10.2012 10:42 296232]
R2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [20.10.2012 10:42 120432]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [4.3.2012 16:50 1258856]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2.6.2012 10:23 14976]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [18.2.2012 11:00 482992]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [22.3.2010 20:27 160288]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 tvtool;tvtool;c:\program files\Audio a video\TVTool\TVTOOL.SYS [3.4.1996 20:33 5248]
S2 gupdate1c99a896891aac6;Google Update Service (gupdate1c99a896891aac6);c:\program files\Google\Update\GoogleUpdate.exe [31.7.2010 13:56 136176]
S2 INETLOCK;INETLOCK;c:\windows\system32\drivers\InetLock.sys [9.9.2007 7:27 16587]
S2 INETLOCKSVC;Internet Lock Service;c:\program files\Internet a programy\Internet Lock 5.1\ILSvc.exe [9.9.2007 7:27 106496]
S2 Serviio;Serviio;c:\program files\Audio a video\Serviio\bin\ServiioService.exe [9.8.2012 20:25 279552]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30.3.2012 18:01 250808]
S3 AllShare;SAMSUNG AllShare Service;c:\program files\Audio a video\Samsung PC Share Manager\WiselinkPro.exe [16.7.2010 17:23 6638080]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [13.3.2010 22:24 23456]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [31.7.2010 13:56 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25.4.2012 18:06 115168]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [17.8.2004 16:49 14336]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20.10.2009 20:19 50704]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [6.6.2010 15:18 9040]
S3 RDPVDD;RDPVDD;c:\windows\system32\drivers\rdpvmp.sys [6.6.2010 15:18 19408]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [7.3.2009 15:20 23600]
S4 BCSWAP;BCSWAP;c:\windows\system32\drivers\bcswap.sys [23.5.2010 6:05 92096]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - PROCEXP152
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 16:14]
.
2012-10-22 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-19 09:12]
.
2012-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-31 11:56]
.
2012-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-31 11:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.40/TSWeb.cab
FF - ProfilePath - c:\documents and settings\Mirek mladší\Data aplikací\Mozilla\Firefox\Profiles\5mekgo92.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2012-09-15 21:13; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\documents and settings\Mirek mladÅ¡ĂÂ\Data aplikacĂÂ\Mozilla\Firefox\Profiles\5mekgo92.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-22 18:08
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-484763869-796845957-839522115-1003\Software\Microsoft\Windows\CurrentVersion\UnreadMail]
@Denied: (Full) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-484763869-796845957-839522115-1003\Software\Microsoft\Windows\CurrentVersion\UnreadMail\mirkazda@seznam.cz]
"MessageCount"=dword:00000100
"TimeStamp"=hex:34,35,f5,e8,17,94,c9,01
"Application"="%SystemDrive%\\PROGRA~1\\MICROS~3\\Office12\\OUTLOOK.EXE /profile Outlook"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1004)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'csrss.exe'(920)
c:\windows\system32\cmdcsr.dll
.
Celkový čas: 2012-10-22 18:10:40
ComboFix-quarantined-files.txt 2012-10-22 16:10
.
Před spuštěním: Volných bajtů: 28 822 106 112
Po spuštění: Volných bajtů: 28 895 117 312
.
- - End Of File - - BF04FC3254427D92536ABEF21F03B303
výsledek posílám v příloze:
ComboFix 12-10-22.01 - Mirek mladší 22.10.2012 18:01:26.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2353 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mirek mladší\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Internet Explorer\SET12.tmp
c:\program files\Internet Explorer\SET13.tmp
c:\program files\Internet Explorer\SET14.tmp
c:\program files\Internet Explorer\SET15.tmp
c:\program files\Internet Explorer\SET16.tmp
c:\program files\Internet Explorer\SET17.tmp
c:\program files\Internet Explorer\SET2.tmp
c:\program files\Internet Explorer\SET29.tmp
c:\program files\Internet Explorer\SET2A.tmp
c:\program files\Internet Explorer\SET2B.tmp
c:\program files\Internet Explorer\SET2C.tmp
c:\program files\Internet Explorer\SET2D.tmp
c:\program files\Internet Explorer\SET2E.tmp
c:\program files\Internet Explorer\SET3.tmp
c:\program files\Internet Explorer\SET4.tmp
c:\program files\Internet Explorer\SET5.tmp
c:\program files\Internet Explorer\SET6.tmp
c:\program files\Internet Explorer\SET7.tmp
c:\program files\Internet Explorer\SET8.tmp
c:\program files\Internet Explorer\SET9.tmp
c:\program files\Internet Explorer\SETA.tmp
c:\windows\system32\SET100.tmp
c:\windows\system32\SET101.tmp
c:\windows\system32\SET102.tmp
c:\windows\system32\SET103.tmp
c:\windows\system32\SET104.tmp
c:\windows\system32\SET105.tmp
c:\windows\system32\SET106.tmp
c:\windows\system32\SET107.tmp
c:\windows\system32\SET108.tmp
c:\windows\system32\SET109.tmp
c:\windows\system32\SET10A.tmp
c:\windows\system32\SET10B.tmp
c:\windows\system32\SET10C.tmp
c:\windows\system32\SET10D.tmp
c:\windows\system32\SET10E.tmp
c:\windows\system32\SET10F.tmp
c:\windows\system32\SET110.tmp
c:\windows\system32\SET111.tmp
c:\windows\system32\SET112.tmp
c:\windows\system32\SET113.tmp
c:\windows\system32\SET114.tmp
c:\windows\system32\SET115.tmp
c:\windows\system32\SET116.tmp
c:\windows\system32\SET117.tmp
c:\windows\system32\SET118.tmp
c:\windows\system32\SET119.tmp
c:\windows\system32\SET11A.tmp
c:\windows\system32\SET11B.tmp
c:\windows\system32\SET11C.tmp
c:\windows\system32\SET11D.tmp
c:\windows\system32\SET11E.tmp
c:\windows\system32\SET11F.tmp
c:\windows\system32\SET120.tmp
c:\windows\system32\SET122.tmp
c:\windows\system32\SET123.tmp
c:\windows\system32\SET124.tmp
c:\windows\system32\SET125.tmp
c:\windows\system32\SET126.tmp
c:\windows\system32\SET127.tmp
c:\windows\system32\SET128.tmp
c:\windows\system32\SET129.tmp
c:\windows\system32\SET12A.tmp
c:\windows\system32\SET12B.tmp
c:\windows\system32\SET12C.tmp
c:\windows\system32\SET12D.tmp
c:\windows\system32\SET12E.tmp
c:\windows\system32\SET12F.tmp
c:\windows\system32\SET13.tmp
c:\windows\system32\SET130.tmp
c:\windows\system32\SET131.tmp
c:\windows\system32\SET132.tmp
c:\windows\system32\SET133.tmp
c:\windows\system32\SET134.tmp
c:\windows\system32\SET135.tmp
c:\windows\system32\SET136.tmp
c:\windows\system32\SET137.tmp
c:\windows\system32\SET138.tmp
c:\windows\system32\SET139.tmp
c:\windows\system32\SET13A.tmp
c:\windows\system32\SET13B.tmp
c:\windows\system32\SET13C.tmp
c:\windows\system32\SET13D.tmp
c:\windows\system32\SET13E.tmp
c:\windows\system32\SET13F.tmp
c:\windows\system32\SET14.tmp
c:\windows\system32\SET140.tmp
c:\windows\system32\SET141.tmp
c:\windows\system32\SET142.tmp
c:\windows\system32\SET143.tmp
c:\windows\system32\SET144.tmp
c:\windows\system32\SET145.tmp
c:\windows\system32\SET146.tmp
c:\windows\system32\SET147.tmp
c:\windows\system32\SET148.tmp
c:\windows\system32\SET149.tmp
c:\windows\system32\SET14A.tmp
c:\windows\system32\SET14B.tmp
c:\windows\system32\SET14C.tmp
c:\windows\system32\SET14D.tmp
c:\windows\system32\SET14E.tmp
c:\windows\system32\SET14F.tmp
c:\windows\system32\SET15.tmp
c:\windows\system32\SET150.tmp
c:\windows\system32\SET151.tmp
c:\windows\system32\SET153.tmp
c:\windows\system32\SET154.tmp
c:\windows\system32\SET155.tmp
c:\windows\system32\SET156.tmp
c:\windows\system32\SET157.tmp
c:\windows\system32\SET158.tmp
c:\windows\system32\SET159.tmp
c:\windows\system32\SET15A.tmp
c:\windows\system32\SET15B.tmp
c:\windows\system32\SET15C.tmp
c:\windows\system32\SET15D.tmp
c:\windows\system32\SET15E.tmp
c:\windows\system32\SET15F.tmp
c:\windows\system32\SET16.tmp
c:\windows\system32\SET160.tmp
c:\windows\system32\SET161.tmp
c:\windows\system32\SET162.tmp
c:\windows\system32\SET163.tmp
c:\windows\system32\SET164.tmp
c:\windows\system32\SET165.tmp
c:\windows\system32\SET166.tmp
c:\windows\system32\SET167.tmp
c:\windows\system32\SET168.tmp
c:\windows\system32\SET169.tmp
c:\windows\system32\SET16A.tmp
c:\windows\system32\SET16B.tmp
c:\windows\system32\SET16C.tmp
c:\windows\system32\SET17.tmp
c:\windows\system32\SET18.tmp
c:\windows\system32\SET19.tmp
c:\windows\system32\SET1A.tmp
c:\windows\system32\SET1B.tmp
c:\windows\system32\SET1C.tmp
c:\windows\system32\SET1D.tmp
c:\windows\system32\SET1E.tmp
c:\windows\system32\SET1F.tmp
c:\windows\system32\SET20.tmp
c:\windows\system32\SET21.tmp
c:\windows\system32\SET22.tmp
c:\windows\system32\SET23.tmp
c:\windows\system32\SET24.tmp
c:\windows\system32\SET25.tmp
c:\windows\system32\SET26.tmp
c:\windows\system32\SET27.tmp
c:\windows\system32\SET28.tmp
c:\windows\system32\SET2A.tmp
c:\windows\system32\SET2B.tmp
c:\windows\system32\SET2D.tmp
c:\windows\system32\SET2F.tmp
c:\windows\system32\SET30.tmp
c:\windows\system32\SET31.tmp
c:\windows\system32\SET32.tmp
c:\windows\system32\SET33.tmp
c:\windows\system32\SET34.tmp
c:\windows\system32\SET35.tmp
c:\windows\system32\SET36.tmp
c:\windows\system32\SET37.tmp
c:\windows\system32\SET38.tmp
c:\windows\system32\SET39.tmp
c:\windows\system32\SET3A.tmp
c:\windows\system32\SET3B.tmp
c:\windows\system32\SET3C.tmp
c:\windows\system32\SET3D.tmp
c:\windows\system32\SET3E.tmp
c:\windows\system32\SET3F.tmp
c:\windows\system32\SET40.tmp
c:\windows\system32\SET41.tmp
c:\windows\system32\SET42.tmp
c:\windows\system32\SET43.tmp
c:\windows\system32\SET44.tmp
c:\windows\system32\SET45.tmp
c:\windows\system32\SET46.tmp
c:\windows\system32\SET47.tmp
c:\windows\system32\SET48.tmp
c:\windows\system32\SET49.tmp
c:\windows\system32\SET4A.tmp
c:\windows\system32\SET4B.tmp
c:\windows\system32\SET4C.tmp
c:\windows\system32\SET4D.tmp
c:\windows\system32\SET4E.tmp
c:\windows\system32\SET4F.tmp
c:\windows\system32\SET50.tmp
c:\windows\system32\SET51.tmp
c:\windows\system32\SET53.tmp
c:\windows\system32\SET54.tmp
c:\windows\system32\SET55.tmp
c:\windows\system32\SET56.tmp
c:\windows\system32\SET57.tmp
c:\windows\system32\SET58.tmp
c:\windows\system32\SET59.tmp
c:\windows\system32\SET5A.tmp
c:\windows\system32\SET5B.tmp
c:\windows\system32\SET5C.tmp
c:\windows\system32\SET5D.tmp
c:\windows\system32\SET5E.tmp
c:\windows\system32\SET60.tmp
c:\windows\system32\SET61.tmp
c:\windows\system32\SET62.tmp
c:\windows\system32\SET63.tmp
c:\windows\system32\SET64.tmp
c:\windows\system32\SET65.tmp
c:\windows\system32\SET66.tmp
c:\windows\system32\SET67.tmp
c:\windows\system32\SET68.tmp
c:\windows\system32\SET69.tmp
c:\windows\system32\SET6A.tmp
c:\windows\system32\SET6B.tmp
c:\windows\system32\SET6C.tmp
c:\windows\system32\SET6D.tmp
c:\windows\system32\SET6E.tmp
c:\windows\system32\SET6F.tmp
c:\windows\system32\SET70.tmp
c:\windows\system32\SET71.tmp
c:\windows\system32\SET72.tmp
c:\windows\system32\SET73.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SET75.tmp
c:\windows\system32\SET76.tmp
c:\windows\system32\SET77.tmp
c:\windows\system32\SET78.tmp
c:\windows\system32\SET79.tmp
c:\windows\system32\SET7A.tmp
c:\windows\system32\SET7B.tmp
c:\windows\system32\SET7C.tmp
c:\windows\system32\SET7D.tmp
c:\windows\system32\SET7E.tmp
c:\windows\system32\SET7F.tmp
c:\windows\system32\SET80.tmp
c:\windows\system32\SET81.tmp
c:\windows\system32\SET82.tmp
c:\windows\system32\SET83.tmp
c:\windows\system32\SET84.tmp
c:\windows\system32\SET85.tmp
c:\windows\system32\SET86.tmp
c:\windows\system32\SET87.tmp
c:\windows\system32\SET88.tmp
c:\windows\system32\SET89.tmp
c:\windows\system32\SET8A.tmp
c:\windows\system32\SET8B.tmp
c:\windows\system32\SET8C.tmp
c:\windows\system32\SET8D.tmp
c:\windows\system32\SET8F.tmp
c:\windows\system32\SET90.tmp
c:\windows\system32\SET91.tmp
c:\windows\system32\SET92.tmp
c:\windows\system32\SET93.tmp
c:\windows\system32\SET94.tmp
c:\windows\system32\SET95.tmp
c:\windows\system32\SET96.tmp
c:\windows\system32\SET97.tmp
c:\windows\system32\SET98.tmp
c:\windows\system32\SET99.tmp
c:\windows\system32\SET9A.tmp
c:\windows\system32\SET9B.tmp
c:\windows\system32\SET9C.tmp
c:\windows\system32\SET9D.tmp
c:\windows\system32\SET9E.tmp
c:\windows\system32\SET9F.tmp
c:\windows\system32\SETA0.tmp
c:\windows\system32\SETA1.tmp
c:\windows\system32\SETA2.tmp
c:\windows\system32\SETA3.tmp
c:\windows\system32\SETA4.tmp
c:\windows\system32\SETA5.tmp
c:\windows\system32\SETA6.tmp
c:\windows\system32\SETA7.tmp
c:\windows\system32\SETA8.tmp
c:\windows\system32\SETA9.tmp
c:\windows\system32\SETAA.tmp
c:\windows\system32\SETAB.tmp
c:\windows\system32\SETAC.tmp
c:\windows\system32\SETAD.tmp
c:\windows\system32\SETAE.tmp
c:\windows\system32\SETAF.tmp
c:\windows\system32\SETB0.tmp
c:\windows\system32\SETB1.tmp
c:\windows\system32\SETB2.tmp
c:\windows\system32\SETB3.tmp
c:\windows\system32\SETB4.tmp
c:\windows\system32\SETB5.tmp
c:\windows\system32\SETB6.tmp
c:\windows\system32\SETB7.tmp
c:\windows\system32\SETB8.tmp
c:\windows\system32\SETB9.tmp
c:\windows\system32\SETBA.tmp
c:\windows\system32\SETBB.tmp
c:\windows\system32\SETBC.tmp
c:\windows\system32\SETBD.tmp
c:\windows\system32\SETBE.tmp
c:\windows\system32\SETC0.tmp
c:\windows\system32\SETC1.tmp
c:\windows\system32\SETC2.tmp
c:\windows\system32\SETC3.tmp
c:\windows\system32\SETC4.tmp
c:\windows\system32\SETC5.tmp
c:\windows\system32\SETC6.tmp
c:\windows\system32\SETC7.tmp
c:\windows\system32\SETC8.tmp
c:\windows\system32\SETC9.tmp
c:\windows\system32\SETCA.tmp
c:\windows\system32\SETCB.tmp
c:\windows\system32\SETCC.tmp
c:\windows\system32\SETCD.tmp
c:\windows\system32\SETCE.tmp
c:\windows\system32\SETCF.tmp
c:\windows\system32\SETD0.tmp
c:\windows\system32\SETD1.tmp
c:\windows\system32\SETD2.tmp
c:\windows\system32\SETD3.tmp
c:\windows\system32\SETD4.tmp
c:\windows\system32\SETD5.tmp
c:\windows\system32\SETD6.tmp
c:\windows\system32\SETD7.tmp
c:\windows\system32\SETD8.tmp
c:\windows\system32\SETD9.tmp
c:\windows\system32\SETDA.tmp
c:\windows\system32\SETDB.tmp
c:\windows\system32\SETDC.tmp
c:\windows\system32\SETDD.tmp
c:\windows\system32\SETDE.tmp
c:\windows\system32\SETDF.tmp
c:\windows\system32\SETE0.tmp
c:\windows\system32\SETE1.tmp
c:\windows\system32\SETE2.tmp
c:\windows\system32\SETE3.tmp
c:\windows\system32\SETE4.tmp
c:\windows\system32\SETE5.tmp
c:\windows\system32\SETE6.tmp
c:\windows\system32\SETE7.tmp
c:\windows\system32\SETE8.tmp
c:\windows\system32\SETE9.tmp
c:\windows\system32\SETEA.tmp
c:\windows\system32\SETEB.tmp
c:\windows\system32\SETEC.tmp
c:\windows\system32\SETED.tmp
c:\windows\system32\SETEE.tmp
c:\windows\system32\SETEF.tmp
c:\windows\system32\SETF1.tmp
c:\windows\system32\SETF2.tmp
c:\windows\system32\SETF3.tmp
c:\windows\system32\SETF4.tmp
c:\windows\system32\SETF5.tmp
c:\windows\system32\SETF6.tmp
c:\windows\system32\SETF7.tmp
c:\windows\system32\SETF8.tmp
c:\windows\system32\SETF9.tmp
c:\windows\system32\SETFA.tmp
c:\windows\system32\SETFB.tmp
c:\windows\system32\SETFC.tmp
c:\windows\system32\SETFD.tmp
c:\windows\system32\SETFE.tmp
c:\windows\system32\SETFF.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-22 do 2012-10-22 )))))))))))))))))))))))))))))))
.
.
2012-10-22 15:50 . 2012-10-22 15:50 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2012-10-22 15:50 . 2012-10-22 15:50 23327 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2012-10-22 15:50 . 2012-10-22 15:50 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2012-10-20 08:29 . 2012-10-20 08:29 -------- d-----w- c:\documents and settings\Mirek mladší\Data aplikací\SUPERAntiSpyware.com
2012-10-20 08:29 . 2012-10-20 08:29 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-20 08:29 . 2012-10-20 08:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2012-10-19 20:22 . 2012-08-21 09:13 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-19 20:22 . 2012-08-21 09:13 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-19 20:22 . 2012-08-21 09:13 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-19 20:22 . 2012-08-21 09:13 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-19 20:22 . 2012-08-21 09:13 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-19 20:22 . 2012-08-21 09:13 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-10-19 20:22 . 2012-08-21 09:13 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-10-19 20:22 . 2012-08-21 09:13 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-10-19 20:21 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr
2012-10-19 20:21 . 2012-08-21 09:12 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-19 20:21 . 2012-10-19 20:21 -------- d-----w- c:\program files\AVAST Software
2012-10-19 20:14 . 2012-10-19 20:15 -------- dc-h--w- c:\windows\ie8
2012-10-19 19:34 . 2012-10-19 19:39 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2012-10-19 17:02 . 2012-10-19 17:02 -------- d-----w- c:\program files\trend micro
2012-10-19 15:53 . 2012-10-19 15:53 177496 ----a-w- c:\windows\system32\drivers\04092950.sys
2012-10-19 15:36 . 2012-10-19 15:36 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-13 18:06 . 2012-10-13 18:06 -------- d-----w- c:\documents and settings\Mirek mladší\Local Settings\Data aplikací\MediaShow
2012-10-13 16:50 . 2012-10-13 16:50 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\MediaServer
2012-10-13 16:50 . 2012-10-13 16:50 -------- d-----w- c:\documents and settings\Mirek mladší\Local Settings\Data aplikací\MediaServer
2012-10-13 16:50 . 2012-10-13 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PDVD
2012-10-13 16:49 . 2012-10-13 17:55 -------- d-----w- c:\documents and settings\Mirek mladší\CyberLink
2012-10-13 16:42 . 2012-10-13 16:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\install_clap
2012-10-13 15:55 . 2012-09-23 14:28 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-13 15:55 . 2012-09-23 14:28 5947392 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-06 10:14 . 2012-10-06 10:14 -------- d-----w- c:\documents and settings\Mirek mladší\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-10-06 09:27 . 2012-10-06 09:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\regid.1986-12.com.adobe
2012-09-28 14:03 . 2012-09-28 14:19 -------- d-----w- c:\documents and settings\Mirek mladší\.frostwire5
2012-09-27 17:34 . 2012-09-27 17:34 -------- d-----w- c:\windows\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-13 16:14 . 2012-03-30 16:01 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-13 16:14 . 2011-12-17 14:46 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-29 17:54 . 2012-01-07 17:44 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-23 14:28 . 2011-06-13 12:21 7446528 ----a-w- c:\windows\system32\nvcuda.dll
2012-09-23 14:28 . 2011-06-13 12:21 2578792 ----a-w- c:\windows\system32\nvcuvid.dll
2012-09-23 14:28 . 2011-06-13 12:21 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-09-23 14:28 . 2011-06-13 12:21 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-09-23 14:28 . 2011-06-13 12:21 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-09-23 14:28 . 2011-06-13 12:21 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-09-23 14:28 . 2010-11-13 20:21 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-09-23 14:28 . 2009-02-19 18:56 12557728 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-09-23 14:28 . 2009-02-19 18:56 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-09-23 13:09 . 2011-06-13 12:22 253952 -c--a-w- c:\windows\system32\nvrsth.dll
2012-09-23 13:09 . 2011-06-13 12:22 274432 -c--a-w- c:\windows\system32\nvrspt.dll
2012-09-23 13:09 . 2011-06-13 12:22 274432 -c--a-w- c:\windows\system32\nvrsja.dll
2012-09-23 13:09 . 2011-06-13 12:22 270336 -c--a-w- c:\windows\system32\nvrsptb.dll
2012-09-23 13:09 . 2011-06-13 12:22 335872 -c--a-w- c:\windows\system32\nvrsar.dll
2012-09-23 13:09 . 2011-06-13 12:22 282624 -c--a-w- c:\windows\system32\nvrses.dll
2012-09-23 13:09 . 2011-06-13 12:22 258048 -c--a-w- c:\windows\system32\nvrssl.dll
2012-09-23 13:09 . 2011-06-13 12:22 258048 -c--a-w- c:\windows\system32\nvrssk.dll
2012-09-23 13:09 . 2011-06-13 12:22 253952 -c--a-w- c:\windows\system32\nvrssv.dll
2012-09-23 13:09 . 2011-06-13 12:22 229376 -c--a-w- c:\windows\system32\nvrszhc.dll
2012-09-23 13:09 . 2011-06-13 12:22 286720 -c--a-w- c:\windows\system32\nvrsfr.dll
2012-09-23 13:09 . 2011-06-13 12:22 258048 -c--a-w- c:\windows\system32\nvrstr.dll
2012-09-23 13:09 . 2011-06-13 12:22 258048 -c--a-w- c:\windows\system32\nvrspl.dll
2012-09-23 13:09 . 2011-06-13 12:22 253952 -c--a-w- c:\windows\system32\nvrsno.dll
2012-09-23 13:09 . 2011-06-13 12:22 335872 -c--a-w- c:\windows\system32\nvrshe.dll
2012-09-23 13:09 . 2011-06-13 12:22 282624 -c--a-w- c:\windows\system32\nvrsit.dll
2012-09-23 13:09 . 2011-06-13 12:22 282624 -c--a-w- c:\windows\system32\nvrsel.dll
2012-09-23 13:09 . 2011-06-13 12:22 249856 -c--a-w- c:\windows\system32\nvrseng.dll
2012-09-23 13:09 . 2011-06-13 12:22 266240 -c--a-w- c:\windows\system32\nvrsko.dll
2012-09-23 13:09 . 2011-06-13 12:22 274432 -c--a-w- c:\windows\system32\nvrsesm.dll
2012-09-23 13:09 . 2011-06-13 12:22 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-09-23 13:09 . 2011-06-13 12:22 270336 -c--a-w- c:\windows\system32\nvrsru.dll
2012-09-23 13:09 . 2011-06-13 12:22 249856 -c--a-w- c:\windows\system32\nvrsfi.dll
2012-09-23 13:09 . 2011-06-13 12:22 274432 -c--a-w- c:\windows\system32\nvrsnl.dll
2012-09-23 13:09 . 2011-06-13 12:22 126976 -c--a-w- c:\windows\system32\nvrszht.dll
2012-09-23 13:09 . 2011-06-13 12:22 278528 -c--a-w- c:\windows\system32\nvrsde.dll
2012-09-23 13:09 . 2011-06-13 12:22 262144 -c--a-w- c:\windows\system32\nvrshu.dll
2012-09-23 13:09 . 2011-06-13 12:22 253952 -c--a-w- c:\windows\system32\nvrsda.dll
2012-09-23 13:04 . 2011-06-13 12:22 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-09-23 13:04 . 2011-06-13 12:22 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-23 13:04 . 2011-06-13 12:22 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-09-23 13:04 . 2011-06-13 12:22 143720 -c--a-w- c:\windows\system32\nvcolor.exe
2012-09-23 13:04 . 2011-06-13 12:22 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-28 15:18 . 2004-08-17 14:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-17 14:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-17 14:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-17 14:44 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-17 14:49 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2004-08-17 15:45 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-23 06:27 . 2004-08-17 14:45 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-14 16:21 . 2012-10-14 16:21 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 17:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-06-14 01:53 369784 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-06-14 01:53 369784 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-06-14 01:53 369784 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-06-14 01:53 369784 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Startup Guard"="c:\program files\Zabezpečení\StartupGuard\SG.EXE" [2004-08-23 57344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zástupce stránky vlastností sběrnice High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QuickTime Task"="c:\program files\Audio a video\QuickTime\qttask.exe" [2010-11-29 421888]
"COMODO Internet Security"="c:\program files\Zabezpečení\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-09-23 15512424]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VoipDiscount\\VoipDiscount.exe"=
"c:\\Program Files\\Internet a programy\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VoipBlast\\VoipBlast.exe"=
"c:\\Hry\\PES 2011\\pes2011.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Hry\\Virtua Tennis 4\\VT4.exe"=
"c:\\Program Files\\Audio a video\\Veetle\\Player\\VeetleNet.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Audio a video\\Samsung PC Share Manager\\WiselinkPro.exe"=
"c:\\Program Files\\Audio a video\\Samsung PC Share Manager\\http_ss_win_pro.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Internet a programy\\FrostWire 5\\FrostWire.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Audio a video\\Serviio\\bin\\ServiioService.exe"=
"c:\\Program Files\\Audio a video\\Serviio\\bin\\ServiioConsole.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\PowerDVD12.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\Kernel\\DMR\\PowerDVD12DMREngine.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\Kernel\\DMS\\CLMSServerPDVD12.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\PowerDVD12Agent.exe"=
"c:\\Program Files\\Audio a video\\PowerDVD 12\\PowerDVD12\\PowerDVD12ML.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [20.2.2009 23:44 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [20.2.2009 23:44 5248]
R0 fsh;fsh;c:\windows\system32\drivers\fsh.sys [23.5.2010 6:05 39744]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [22.3.2010 20:27 911680]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [19.10.2012 22:22 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.10.2012 22:22 355632]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [11.3.2012 22:13 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [11.3.2012 22:13 31704]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [18.2.2012 11:00 32768]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11.7.2012 20:54 116608]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/10/20 10:43];c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl [11.1.2012 22:57 87536]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [22.3.2010 20:27 2480048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.10.2012 22:22 21256]
R2 BCWipeSvc;BCWipe service;c:\program files\Diagnostika a údržba\BCWipe\BCWipeSvc.exe [23.5.2010 6:05 95544]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [20.10.2012 10:42 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [20.10.2012 10:42 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [20.10.2012 10:42 296232]
R2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [20.10.2012 10:42 120432]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [4.3.2012 16:50 1258856]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2.6.2012 10:23 14976]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [18.2.2012 11:00 482992]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [22.3.2010 20:27 160288]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 tvtool;tvtool;c:\program files\Audio a video\TVTool\TVTOOL.SYS [3.4.1996 20:33 5248]
S2 gupdate1c99a896891aac6;Google Update Service (gupdate1c99a896891aac6);c:\program files\Google\Update\GoogleUpdate.exe [31.7.2010 13:56 136176]
S2 INETLOCK;INETLOCK;c:\windows\system32\drivers\InetLock.sys [9.9.2007 7:27 16587]
S2 INETLOCKSVC;Internet Lock Service;c:\program files\Internet a programy\Internet Lock 5.1\ILSvc.exe [9.9.2007 7:27 106496]
S2 Serviio;Serviio;c:\program files\Audio a video\Serviio\bin\ServiioService.exe [9.8.2012 20:25 279552]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30.3.2012 18:01 250808]
S3 AllShare;SAMSUNG AllShare Service;c:\program files\Audio a video\Samsung PC Share Manager\WiselinkPro.exe [16.7.2010 17:23 6638080]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [13.3.2010 22:24 23456]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [31.7.2010 13:56 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25.4.2012 18:06 115168]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [17.8.2004 16:49 14336]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20.10.2009 20:19 50704]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [6.6.2010 15:18 9040]
S3 RDPVDD;RDPVDD;c:\windows\system32\drivers\rdpvmp.sys [6.6.2010 15:18 19408]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [7.3.2009 15:20 23600]
S4 BCSWAP;BCSWAP;c:\windows\system32\drivers\bcswap.sys [23.5.2010 6:05 92096]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - PROCEXP152
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 16:14]
.
2012-10-22 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-19 09:12]
.
2012-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-31 11:56]
.
2012-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-31 11:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.40/TSWeb.cab
FF - ProfilePath - c:\documents and settings\Mirek mladší\Data aplikací\Mozilla\Firefox\Profiles\5mekgo92.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2012-09-15 21:13; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\documents and settings\Mirek mladÅ¡ĂÂ\Data aplikacĂÂ\Mozilla\Firefox\Profiles\5mekgo92.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-22 18:08
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\Audio a video\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-484763869-796845957-839522115-1003\Software\Microsoft\Windows\CurrentVersion\UnreadMail]
@Denied: (Full) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-484763869-796845957-839522115-1003\Software\Microsoft\Windows\CurrentVersion\UnreadMail\mirkazda@seznam.cz]
"MessageCount"=dword:00000100
"TimeStamp"=hex:34,35,f5,e8,17,94,c9,01
"Application"="%SystemDrive%\\PROGRA~1\\MICROS~3\\Office12\\OUTLOOK.EXE /profile Outlook"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1004)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'csrss.exe'(920)
c:\windows\system32\cmdcsr.dll
.
Celkový čas: 2012-10-22 18:10:40
ComboFix-quarantined-files.txt 2012-10-22 16:10
.
Před spuštěním: Volných bajtů: 28 822 106 112
Po spuštění: Volných bajtů: 28 895 117 312
.
- - End Of File - - BF04FC3254427D92536ABEF21F03B303
Re: Pomoc- System Idle Process 95-100%
Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- Kliknete na volbu Change parametrs
- V okne Additional Option zakliknete vsechny moznosti
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomoc- System Idle Process 95-100%
20:34:33.0468 2432 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:34:33.0796 2432 ============================================================
20:34:33.0796 2432 Current date / time: 2012/10/22 20:34:33.0796
20:34:33.0796 2432 SystemInfo:
20:34:33.0796 2432
20:34:33.0796 2432 OS Version: 5.1.2600 ServicePack: 3.0
20:34:33.0796 2432 Product type: Workstation
20:34:33.0796 2432 ComputerName: COMPUTER
20:34:33.0796 2432 UserName: Mirek mladší
20:34:33.0796 2432 Windows directory: C:\WINDOWS
20:34:33.0796 2432 System windows directory: C:\WINDOWS
20:34:33.0796 2432 Processor architecture: Intel x86
20:34:33.0796 2432 Number of processors: 2
20:34:33.0796 2432 Page size: 0x1000
20:34:33.0796 2432 Boot type: Normal boot
20:34:33.0796 2432 ============================================================
20:34:34.0890 2432 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:34:34.0890 2432 Drive \Device\Harddisk1\DR1 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:34:34.0890 2432 ============================================================
20:34:34.0890 2432 \Device\Harddisk0\DR0:
20:34:34.0890 2432 MBR partitions:
20:34:34.0890 2432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
20:34:34.0906 2432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x950E500, BlocksNum 0x6B1F74C1
20:34:34.0906 2432 \Device\Harddisk1\DR1:
20:34:34.0906 2432 MBR partitions:
20:34:34.0906 2432 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x6FC7C41
20:34:34.0906 2432 ============================================================
20:34:34.0921 2432 C: <-> \Device\Harddisk0\DR0\Partition1
20:34:34.0937 2432 D: <-> \Device\Harddisk0\DR0\Partition2
20:34:34.0968 2432 E: <-> \Device\Harddisk1\DR1\Partition1
20:34:34.0968 2432 ============================================================
20:34:34.0968 2432 Initialize success
20:34:34.0968 2432 ============================================================
20:34:37.0328 3344 ============================================================
20:34:37.0328 3344 Scan started
20:34:37.0328 3344 Mode: Manual;
20:34:37.0328 3344 ============================================================
20:34:38.0609 3344 ================ Scan system memory ========================
20:34:38.0609 3344 System memory - ok
20:34:38.0609 3344 ================ Scan services =============================
20:34:38.0671 3344 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:34:38.0671 3344 !SASCORE - ok
20:34:38.0906 3344 [ 1F61CACACB521215F39061789147968C ] a347bus C:\WINDOWS\system32\DRIVERS\a347bus.sys
20:34:38.0906 3344 a347bus - ok
20:34:38.0921 3344 [ 113E4B318BBAA7483CA4E582A4D63F49 ] a347scsi C:\WINDOWS\system32\Drivers\a347scsi.sys
20:34:38.0921 3344 a347scsi - ok
20:34:38.0953 3344 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
20:34:38.0953 3344 Aavmker4 - ok
20:34:38.0953 3344 Abiosdsk - ok
20:34:38.0968 3344 abp480n5 - ok
20:34:39.0000 3344 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:34:39.0000 3344 ACPI - ok
20:34:39.0031 3344 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:34:39.0046 3344 ACPIEC - ok
20:34:39.0171 3344 [ F6A4BC03DD6EF8A5794A865DEDE28B23 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
20:34:39.0187 3344 AcrSch2Svc - ok
20:34:39.0234 3344 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:34:39.0250 3344 AdobeFlashPlayerUpdateSvc - ok
20:34:39.0250 3344 adpu160m - ok
20:34:39.0312 3344 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:34:39.0312 3344 aec - ok
20:34:39.0453 3344 [ EF1AFA9752E468013584585666A3B119 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
20:34:39.0453 3344 afcdp - ok
20:34:39.0578 3344 [ B8C03E224E49E0F9726CDDEF872237EB ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
20:34:39.0593 3344 afcdpsrv - ok
20:34:39.0625 3344 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:34:39.0625 3344 AFD - ok
20:34:39.0640 3344 Aha154x - ok
20:34:39.0640 3344 aic78u2 - ok
20:34:39.0656 3344 aic78xx - ok
20:34:39.0687 3344 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:34:39.0687 3344 Alerter - ok
20:34:39.0703 3344 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
20:34:39.0703 3344 ALG - ok
20:34:39.0703 3344 AliIde - ok
20:34:39.0828 3344 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] AllShare C:\Program Files\Audio a video\Samsung PC Share Manager\WiselinkPro.exe
20:34:39.0937 3344 AllShare - ok
20:34:39.0953 3344 amsint - ok
20:34:39.0984 3344 [ A198FD45DFE819C1F9A7BED90339842F ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
20:34:39.0984 3344 AnyDVD - ok
20:34:40.0000 3344 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:34:40.0000 3344 AppMgmt - ok
20:34:40.0000 3344 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:34:40.0000 3344 Arp1394 - ok
20:34:40.0015 3344 asc - ok
20:34:40.0015 3344 asc3350p - ok
20:34:40.0031 3344 asc3550 - ok
20:34:40.0046 3344 [ 54AB078660E536DA72B21A27F56B035B ] ASPI32 C:\WINDOWS\system32\drivers\aspi32.sys
20:34:40.0046 3344 ASPI32 - ok
20:34:40.0109 3344 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:34:40.0140 3344 aspnet_state - ok
20:34:40.0156 3344 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
20:34:40.0156 3344 aswFsBlk - ok
20:34:40.0171 3344 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
20:34:40.0171 3344 aswMon2 - ok
20:34:40.0187 3344 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
20:34:40.0187 3344 AswRdr - ok
20:34:40.0218 3344 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
20:34:40.0218 3344 aswSnx - ok
20:34:40.0234 3344 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
20:34:40.0250 3344 aswSP - ok
20:34:40.0250 3344 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
20:34:40.0265 3344 aswTdi - ok
20:34:40.0281 3344 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:34:40.0281 3344 AsyncMac - ok
20:34:40.0296 3344 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:34:40.0312 3344 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9F3A2F5AA6875C72BF062C712CFA2674
20:34:40.0312 3344 atapi ( LockedFile.Multi.Generic ) - warning
20:34:40.0312 3344 atapi - detected LockedFile.Multi.Generic (1)
20:34:40.0312 3344 Atdisk - ok
20:34:40.0343 3344 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:34:40.0343 3344 Atmarpc - ok
20:34:40.0359 3344 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:34:40.0359 3344 AudioSrv - ok
20:34:40.0375 3344 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:34:40.0375 3344 audstub - ok
20:34:40.0421 3344 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:34:40.0421 3344 avast! Antivirus - ok
20:34:40.0484 3344 [ EF192AC8664700136C9021A79DA28700 ] BCSWAP C:\WINDOWS\system32\drivers\BCSWAP.sys
20:34:40.0484 3344 BCSWAP - ok
20:34:40.0531 3344 [ FF8047C0B95C4E11442C75368BA3A582 ] BCWipeSvc C:\Program Files\Diagnostika a údržba\BCWipe\BCWipeSvc.exe
20:34:40.0531 3344 BCWipeSvc - ok
20:34:40.0546 3344 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:34:40.0546 3344 Beep - ok
20:34:40.0562 3344 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
20:34:40.0578 3344 BITS - ok
20:34:40.0609 3344 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
20:34:40.0609 3344 Browser - ok
20:34:40.0703 3344 catchme - ok
20:34:40.0718 3344 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:34:40.0718 3344 cbidf2k - ok
20:34:40.0718 3344 cd20xrnt - ok
20:34:40.0734 3344 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:34:40.0750 3344 Cdaudio - ok
20:34:40.0765 3344 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:34:40.0765 3344 Cdfs - ok
20:34:40.0781 3344 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:34:40.0781 3344 Cdrom - ok
20:34:40.0781 3344 Changer - ok
20:34:40.0796 3344 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:34:40.0812 3344 CiSvc - ok
20:34:40.0937 3344 [ 4C6406CF07D4EBB70C5774D55C6688FB ] CLHNServiceForPowerDVD12 C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
20:34:40.0937 3344 CLHNServiceForPowerDVD12 - ok
20:34:40.0953 3344 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:34:40.0953 3344 ClipSrv - ok
20:34:40.0984 3344 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:34:40.0984 3344 clr_optimization_v2.0.50727_32 - ok
20:34:41.0000 3344 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:34:41.0031 3344 clr_optimization_v4.0.30319_32 - ok
20:34:41.0031 3344 CmdIde - ok
20:34:41.0031 3344 COMSysApp - ok
20:34:41.0046 3344 Cpqarray - ok
20:34:41.0078 3344 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:34:41.0093 3344 CryptSvc - ok
20:34:41.0218 3344 [ EA22BCA708B37B82ADEBC822A171B92E ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
20:34:41.0218 3344 CyberLink PowerDVD 12 Media Server Monitor Service - ok
20:34:41.0250 3344 [ 3168D2F171A64590E7A11355CAE60A1E ] CyberLink PowerDVD 12 Media Server Service C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
20:34:41.0250 3344 CyberLink PowerDVD 12 Media Server Service - ok
20:34:41.0250 3344 dac2w2k - ok
20:34:41.0265 3344 dac960nt - ok
20:34:41.0296 3344 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:34:41.0328 3344 DcomLaunch - ok
20:34:41.0359 3344 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:34:41.0375 3344 Dhcp - ok
20:34:41.0375 3344 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:34:41.0390 3344 Disk - ok
20:34:41.0390 3344 dmadmin - ok
20:34:41.0421 3344 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:34:41.0437 3344 dmboot - ok
20:34:41.0453 3344 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:34:41.0453 3344 dmio - ok
20:34:41.0515 3344 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:34:41.0515 3344 dmload - ok
20:34:41.0546 3344 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:34:41.0546 3344 dmserver - ok
20:34:41.0562 3344 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:34:41.0562 3344 DMusic - ok
20:34:41.0578 3344 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:34:41.0593 3344 Dnscache - ok
20:34:41.0625 3344 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:34:41.0656 3344 Dot3svc - ok
20:34:41.0656 3344 dpti2o - ok
20:34:41.0671 3344 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:34:41.0687 3344 drmkaud - ok
20:34:41.0703 3344 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
20:34:41.0718 3344 DrvAgent32 - ok
20:34:41.0734 3344 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:34:41.0750 3344 EapHost - ok
20:34:41.0765 3344 [ 6E883BF518296A40959131C2304AF714 ] EL90XBC C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
20:34:41.0765 3344 EL90XBC - ok
20:34:41.0781 3344 [ 309AC30471A0F1C3A89DEE1C81230576 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
20:34:41.0781 3344 ElbyCDIO - ok
20:34:41.0812 3344 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:34:41.0812 3344 ERSvc - ok
20:34:41.0828 3344 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
20:34:41.0843 3344 Eventlog - ok
20:34:41.0859 3344 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
20:34:41.0875 3344 EventSystem - ok
20:34:41.0890 3344 [ 3EF58F2EAE3AECAB45D682152DB2F67D ] exFat C:\WINDOWS\system32\drivers\exFat.sys
20:34:41.0890 3344 exFat - ok
20:34:41.0906 3344 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:34:41.0921 3344 Fastfat - ok
20:34:41.0937 3344 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:34:41.0968 3344 FastUserSwitchingCompatibility - ok
20:34:42.0000 3344 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:34:42.0000 3344 Fdc - ok
20:34:42.0015 3344 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:34:42.0015 3344 Fips - ok
20:34:42.0015 3344 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:34:42.0015 3344 Flpydisk - ok
20:34:42.0031 3344 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:34:42.0031 3344 FltMgr - ok
20:34:42.0078 3344 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:34:42.0078 3344 FontCache3.0.0.0 - ok
20:34:42.0093 3344 [ ED75A99AB3D9512A6D1B7FED070348EB ] fsh C:\WINDOWS\system32\drivers\fsh.sys
20:34:42.0093 3344 fsh - ok
20:34:42.0109 3344 [ C865B83411D7347627A4BEEC22543FB1 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:34:42.0109 3344 Fs_Rec - ok
20:34:42.0125 3344 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:34:42.0125 3344 Ftdisk - ok
20:34:42.0156 3344 [ 360FC9E29EBCD7CB75320E2663EBA0F2 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
20:34:42.0156 3344 getPlusHelper - ok
20:34:42.0171 3344 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
20:34:42.0187 3344 giveio - ok
20:34:42.0187 3344 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:34:42.0187 3344 Gpc - ok
20:34:42.0234 3344 [ F02A533F517EB38333CB12A9E8963773 ] gupdate1c99a896891aac6 C:\Program Files\Google\Update\GoogleUpdate.exe
20:34:42.0250 3344 gupdate1c99a896891aac6 - ok
20:34:42.0250 3344 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:34:42.0250 3344 gupdatem - ok
20:34:42.0265 3344 [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:34:42.0281 3344 HdAudAddService - ok
20:34:42.0296 3344 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:34:42.0296 3344 HDAudBus - ok
20:34:42.0328 3344 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:34:42.0328 3344 helpsvc - ok
20:34:42.0343 3344 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:34:42.0343 3344 HidServ - ok
20:34:42.0375 3344 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:34:42.0375 3344 HidUsb - ok
20:34:42.0390 3344 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:34:42.0406 3344 hkmsvc - ok
20:34:42.0406 3344 hpn - ok
20:34:42.0453 3344 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:34:42.0468 3344 HTTP - ok
20:34:42.0484 3344 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:34:42.0515 3344 HTTPFilter - ok
20:34:42.0531 3344 i2omgmt - ok
20:34:42.0531 3344 i2omp - ok
20:34:42.0578 3344 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:34:42.0578 3344 i8042prt - ok
20:34:42.0625 3344 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:34:42.0625 3344 IDriverT - ok
20:34:42.0656 3344 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:34:42.0671 3344 idsvc - ok
20:34:42.0703 3344 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:34:42.0703 3344 Imapi - ok
20:34:42.0718 3344 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:34:42.0718 3344 ImapiService - ok
20:34:42.0734 3344 [ 655E5F7FC976C3C9BA1E3EB036F2D3E6 ] INETLOCK C:\WINDOWS\system32\drivers\Inetlock.sys
20:34:42.0734 3344 Suspicious file (Forged): C:\WINDOWS\system32\drivers\Inetlock.sys. Real md5: 655E5F7FC976C3C9BA1E3EB036F2D3E6, Fake md5: 98542E18D9E2A79177DC974D30E6F79C
20:34:42.0734 3344 INETLOCK ( ForgedFile.Multi.Generic ) - warning
20:34:42.0734 3344 INETLOCK - detected ForgedFile.Multi.Generic (1)
20:34:42.0765 3344 [ B405532C8A9C3B277E26A6182562FBA2 ] INETLOCKSVC C:\Program Files\Internet a programy\Internet Lock 5.1\ILSvc.exe
20:34:42.0765 3344 INETLOCKSVC - ok
20:34:42.0781 3344 ini910u - ok
20:34:42.0796 3344 IntcAzAudAddService - ok
20:34:42.0812 3344 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:34:42.0812 3344 IntelIde - ok
20:34:42.0812 3344 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:34:42.0828 3344 intelppm - ok
20:34:42.0859 3344 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:34:42.0859 3344 Ip6Fw - ok
20:34:42.0875 3344 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:34:42.0875 3344 IpFilterDriver - ok
20:34:42.0890 3344 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:34:42.0890 3344 IpInIp - ok
20:34:42.0906 3344 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:34:42.0906 3344 IpNat - ok
20:34:42.0921 3344 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:34:42.0921 3344 IPSec - ok
20:34:42.0937 3344 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:34:42.0937 3344 IRENUM - ok
20:34:42.0937 3344 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:34:42.0953 3344 isapnp - ok
20:34:42.0968 3344 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
20:34:42.0968 3344 JavaQuickStarterService - ok
20:34:42.0984 3344 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:34:42.0984 3344 Kbdclass - ok
20:34:43.0000 3344 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:34:43.0000 3344 kbdhid - ok
20:34:43.0015 3344 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:34:43.0015 3344 kmixer - ok
20:34:43.0046 3344 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:34:43.0046 3344 KSecDD - ok
20:34:43.0062 3344 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:34:43.0078 3344 lanmanserver - ok
20:34:43.0093 3344 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:34:43.0125 3344 lanmanworkstation - ok
20:34:43.0125 3344 Lbd - ok
20:34:43.0125 3344 lbrtfdc - ok
20:34:43.0140 3344 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:34:43.0156 3344 LmHosts - ok
20:34:43.0171 3344 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:34:43.0171 3344 Messenger - ok
20:34:43.0234 3344 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:34:43.0234 3344 Microsoft Office Groove Audit Service - ok
20:34:43.0250 3344 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:34:43.0250 3344 mnmdd - ok
20:34:43.0265 3344 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:34:43.0281 3344 mnmsrvc - ok
20:34:43.0296 3344 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:34:43.0296 3344 Modem - ok
20:34:43.0296 3344 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:34:43.0312 3344 Mouclass - ok
20:34:43.0312 3344 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:34:43.0312 3344 mouhid - ok
20:34:43.0328 3344 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:34:43.0328 3344 MountMgr - ok
20:34:43.0359 3344 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:34:43.0359 3344 MozillaMaintenance - ok
20:34:43.0375 3344 mraid35x - ok
20:34:43.0375 3344 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:34:43.0390 3344 MRxDAV - ok
20:34:43.0406 3344 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:34:43.0421 3344 MRxSmb - ok
20:34:43.0453 3344 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:34:43.0453 3344 MSDTC - ok
20:34:43.0468 3344 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:34:43.0468 3344 Msfs - ok
20:34:43.0484 3344 MSIServer - ok
20:34:43.0484 3344 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:34:43.0500 3344 MSKSSRV - ok
20:34:43.0500 3344 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:34:43.0500 3344 MSPCLOCK - ok
20:34:43.0515 3344 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:34:43.0515 3344 MSPQM - ok
20:34:43.0515 3344 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:34:43.0515 3344 mssmbios - ok
20:34:43.0531 3344 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:34:43.0546 3344 Mup - ok
20:34:43.0578 3344 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:34:43.0609 3344 napagent - ok
20:34:43.0625 3344 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:34:43.0625 3344 NDIS - ok
20:34:43.0640 3344 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:34:43.0640 3344 NdisTapi - ok
20:34:43.0640 3344 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:34:43.0656 3344 Ndisuio - ok
20:34:43.0656 3344 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:34:43.0656 3344 NdisWan - ok
20:34:43.0671 3344 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:34:43.0671 3344 NDProxy - ok
20:34:43.0687 3344 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:34:43.0687 3344 NetBIOS - ok
20:34:43.0687 3344 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:34:43.0703 3344 NetBT - ok
20:34:43.0734 3344 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:34:43.0734 3344 NetDDE - ok
20:34:43.0750 3344 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:34:43.0765 3344 NetDDEdsdm - ok
20:34:43.0781 3344 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:34:43.0796 3344 Netlogon - ok
20:34:43.0812 3344 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
20:34:43.0843 3344 Netman - ok
20:34:43.0875 3344 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:34:43.0906 3344 NetTcpPortSharing - ok
20:34:43.0921 3344 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:34:43.0921 3344 NIC1394 - ok
20:34:43.0968 3344 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
20:34:43.0984 3344 Nla - ok
20:34:44.0000 3344 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
20:34:44.0000 3344 nm - ok
20:34:44.0031 3344 [ 1ACF98D80E95ADD298832C7A8996B48C ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
20:34:44.0031 3344 nosGetPlusHelper - ok
20:34:44.0062 3344 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\npf.sys
20:34:44.0078 3344 NPF - ok
20:34:44.0078 3344 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:34:44.0093 3344 Npfs - ok
20:34:44.0109 3344 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:34:44.0125 3344 Ntfs - ok
20:34:44.0140 3344 [ 4A6A8C2882EA29F7CAE995E82C259EEB ] ntk_PowerDVD12 C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys
20:34:44.0156 3344 ntk_PowerDVD12 - ok
20:34:44.0156 3344 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:34:44.0171 3344 NtLmSsp - ok
20:34:44.0187 3344 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:34:44.0218 3344 NtmsSvc - ok
20:34:44.0218 3344 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:34:44.0218 3344 Null - ok
20:34:44.0968 3344 [ 68B8C35782FFD20973524F748234B5A9 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:34:45.0171 3344 nv - ok
20:34:45.0234 3344 [ 210EE09CB9C2655E55BD48D851369DC1 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:34:45.0234 3344 nvUpdatusService - ok
20:34:45.0265 3344 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:34:45.0265 3344 NwlnkFlt - ok
20:34:45.0281 3344 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:34:45.0281 3344 NwlnkFwd - ok
20:34:45.0328 3344 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:34:45.0343 3344 odserv - ok
20:34:45.0359 3344 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:34:45.0359 3344 ohci1394 - ok
20:34:45.0390 3344 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:34:45.0390 3344 ose - ok
20:34:45.0406 3344 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:34:45.0406 3344 Parport - ok
20:34:45.0421 3344 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:34:45.0421 3344 PartMgr - ok
20:34:45.0437 3344 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:34:45.0437 3344 ParVdm - ok
20:34:45.0453 3344 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:34:45.0453 3344 PCI - ok
20:34:45.0453 3344 PCIDump - ok
20:34:45.0484 3344 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:34:45.0484 3344 PCIIde - ok
20:34:45.0484 3344 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:34:45.0500 3344 Pcmcia - ok
20:34:45.0500 3344 PDCOMP - ok
20:34:45.0515 3344 PDFRAME - ok
20:34:45.0515 3344 PDRELI - ok
20:34:45.0515 3344 PDRFRAME - ok
20:34:45.0531 3344 perc2 - ok
20:34:45.0531 3344 perc2hib - ok
20:34:45.0562 3344 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
20:34:45.0562 3344 PlugPlay - ok
20:34:45.0578 3344 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:34:45.0578 3344 PolicyAgent - ok
20:34:45.0609 3344 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:34:45.0609 3344 PptpMiniport - ok
20:34:45.0609 3344 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:34:45.0625 3344 ProtectedStorage - ok
20:34:45.0625 3344 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:34:45.0640 3344 PSched - ok
20:34:45.0656 3344 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:34:45.0656 3344 Ptilink - ok
20:34:45.0656 3344 ql1080 - ok
20:34:45.0671 3344 Ql10wnt - ok
20:34:45.0671 3344 ql12160 - ok
20:34:45.0687 3344 ql1240 - ok
20:34:45.0687 3344 ql1280 - ok
20:34:45.0703 3344 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:34:45.0703 3344 RasAcd - ok
20:34:45.0718 3344 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:34:45.0734 3344 RasAuto - ok
20:34:45.0734 3344 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:34:45.0750 3344 Rasl2tp - ok
20:34:45.0765 3344 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:34:45.0781 3344 RasMan - ok
20:34:45.0796 3344 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:34:45.0796 3344 RasPppoe - ok
20:34:45.0796 3344 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:34:45.0812 3344 Raspti - ok
20:34:45.0812 3344 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:34:45.0828 3344 Rdbss - ok
20:34:45.0828 3344 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:34:45.0828 3344 RDPCDD - ok
20:34:45.0859 3344 [ A862A3A8D7D2D75BDC41B556325E9876 ] RDPDISPM C:\WINDOWS\system32\DRIVERS\rdpdispm.sys
20:34:45.0859 3344 RDPDISPM - ok
20:34:45.0875 3344 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:34:45.0875 3344 rdpdr - ok
20:34:45.0890 3344 [ 95508469D4DA5C13BBFEF9C35F3E5C61 ] RDPVDD C:\WINDOWS\system32\DRIVERS\rdpvmp.sys
20:34:45.0890 3344 RDPVDD - ok
20:34:45.0921 3344 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:34:45.0921 3344 RDPWD - ok
20:34:45.0953 3344 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:34:45.0984 3344 RDSessMgr - ok
20:34:45.0984 3344 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:34:45.0984 3344 redbook - ok
20:34:46.0015 3344 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:34:46.0015 3344 RemoteAccess - ok
20:34:46.0031 3344 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:34:46.0046 3344 RemoteRegistry - ok
20:34:46.0062 3344 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
20:34:46.0078 3344 rpcapd - ok
20:34:46.0093 3344 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:34:46.0109 3344 RpcLocator - ok
20:34:46.0156 3344 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:34:46.0171 3344 RpcSs - ok
20:34:46.0187 3344 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:34:46.0218 3344 RSVP - ok
20:34:46.0265 3344 [ 2377F31CBB8277807C3351302CF133E9 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
20:34:46.0281 3344 RTL8023xp - ok
20:34:46.0312 3344 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:34:46.0312 3344 rtl8139 - ok
20:34:46.0343 3344 [ A79FBDBC6A979259E38DEA7D29B57619 ] SaiMini C:\WINDOWS\system32\DRIVERS\SaiMini.sys
20:34:46.0343 3344 SaiMini - ok
20:34:46.0359 3344 [ BB20EBA89E0EF39697A1A8728C5685FE ] SaiNtBus C:\WINDOWS\system32\drivers\SaiBus.sys
20:34:46.0375 3344 SaiNtBus - ok
20:34:46.0375 3344 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
20:34:46.0390 3344 SamSs - ok
20:34:46.0406 3344 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:34:46.0406 3344 SASDIFSV - ok
20:34:46.0421 3344 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:34:46.0421 3344 SASKUTIL - ok
20:34:46.0437 3344 [ 729248B54AFF21E740054ACEBFDBCB1C ] SBKUPNT C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
20:34:46.0437 3344 SBKUPNT - ok
20:34:46.0453 3344 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:34:46.0468 3344 SCardSvr - ok
20:34:46.0500 3344 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:34:46.0515 3344 Schedule - ok
20:34:46.0531 3344 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:34:46.0531 3344 Secdrv - ok
20:34:46.0562 3344 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:34:46.0562 3344 seclogon - ok
20:34:46.0593 3344 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
20:34:46.0609 3344 SENS - ok
20:34:46.0609 3344 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:34:46.0625 3344 serenum - ok
20:34:46.0625 3344 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:34:46.0625 3344 Serial - ok
20:34:46.0796 3344 [ A9AF077DDB5AEB97BCC5C41504E27223 ] Serviio C:\Program Files\Audio a video\Serviio\bin\ServiioService.exe
20:34:46.0796 3344 Serviio - ok
20:34:46.0812 3344 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:34:46.0812 3344 Sfloppy - ok
20:34:46.0828 3344 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:34:46.0859 3344 SharedAccess - ok
20:34:46.0859 3344 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:34:46.0875 3344 ShellHWDetection - ok
20:34:46.0890 3344 Simbad - ok
20:34:46.0937 3344 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:34:46.0937 3344 SkypeUpdate - ok
20:34:46.0968 3344 [ 5BCEB1B306878035DACBA6DD18366EDA ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
20:34:46.0984 3344 snapman - ok
20:34:47.0000 3344 Sparrow - ok
20:34:47.0015 3344 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\WINDOWS\system32\speedfan.sys
20:34:47.0031 3344 speedfan - ok
20:34:47.0046 3344 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:34:47.0046 3344 splitter - ok
20:34:47.0062 3344 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:34:47.0078 3344 Spooler - ok
20:34:47.0093 3344 [ 7B426B8E809EDF081D771EF429345528 ] sp_rsdrv2 C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
20:34:47.0093 3344 sp_rsdrv2 - ok
20:34:47.0125 3344 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:34:47.0125 3344 sr - ok
20:34:47.0156 3344 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
20:34:47.0171 3344 srservice - ok
20:34:47.0218 3344 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:34:47.0218 3344 Srv - ok
20:34:47.0234 3344 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:34:47.0250 3344 SSDPSRV - ok
20:34:47.0281 3344 [ 0A4BB0FF55C8FA9BF7ADC673D5CFE680 ] ST2012_Svc C:\Program Files\Spyware Terminator\st_rsser.exe
20:34:47.0281 3344 ST2012_Svc - ok
20:34:47.0312 3344 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:34:47.0343 3344 stisvc - ok
20:34:47.0343 3344 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:34:47.0359 3344 swenum - ok
20:34:47.0406 3344 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:34:47.0421 3344 SwitchBoard - ok
20:34:47.0437 3344 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:34:47.0437 3344 swmidi - ok
20:34:47.0437 3344 SwPrv - ok
20:34:47.0453 3344 symc810 - ok
20:34:47.0453 3344 symc8xx - ok
20:34:47.0468 3344 sym_hi - ok
20:34:47.0468 3344 sym_u3 - ok
20:34:47.0484 3344 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:34:47.0484 3344 sysaudio - ok
20:34:47.0500 3344 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:34:47.0515 3344 SysmonLog - ok
20:34:47.0531 3344 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:34:47.0546 3344 TapiSrv - ok
20:34:47.0562 3344 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:34:47.0578 3344 Tcpip - ok
20:34:47.0578 3344 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:34:47.0593 3344 TDPIPE - ok
20:34:47.0640 3344 [ 8DE3E45000BA8C9EBB16737D3F83E216 ] tdrpman258 C:\WINDOWS\system32\DRIVERS\tdrpm258.sys
20:34:47.0656 3344 tdrpman258 - ok
20:34:47.0656 3344 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:34:47.0656 3344 TDTCP - ok
20:34:47.0671 3344 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:34:47.0671 3344 TermDD - ok
20:34:47.0687 3344 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
20:34:47.0703 3344 TermService - ok
20:34:47.0718 3344 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:34:47.0718 3344 Themes - ok
20:34:47.0750 3344 [ 3E06987FEDBCDFBFF8E85EF8108565F9 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
20:34:47.0796 3344 timounter - ok
20:34:47.0796 3344 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:34:47.0812 3344 TlntSvr - ok
20:34:47.0828 3344 TosIde - ok
20:34:47.0843 3344 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:34:47.0859 3344 TrkWks - ok
20:34:47.0875 3344 [ E266683FC95ABDEC17CD378564E1B54B ] TVICHW32 C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
20:34:47.0875 3344 TVICHW32 - ok
20:34:47.0890 3344 [ 77EBF3E9386DAA51551AF429052D88D0 ] tvtool C:\Program Files\Audio a video\TVTool\tvtool.sys
20:34:47.0890 3344 tvtool - ok
20:34:47.0906 3344 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:34:47.0906 3344 Udfs - ok
20:34:47.0906 3344 ultra - ok
20:34:47.0937 3344 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:34:47.0953 3344 Update - ok
20:34:47.0968 3344 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
20:34:48.0000 3344 upnphost - ok
20:34:48.0015 3344 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
20:34:48.0031 3344 UPS - ok
20:34:48.0031 3344 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:34:48.0031 3344 usbehci - ok
20:34:48.0046 3344 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:34:48.0062 3344 usbhub - ok
20:34:48.0078 3344 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:34:48.0078 3344 usbprint - ok
20:34:48.0093 3344 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:34:48.0093 3344 USBSTOR - ok
20:34:48.0109 3344 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:34:48.0109 3344 usbuhci - ok
20:34:48.0125 3344 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:34:48.0125 3344 VgaSave - ok
20:34:48.0140 3344 ViaIde - ok
20:34:48.0156 3344 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:34:48.0156 3344 VolSnap - ok
20:34:48.0187 3344 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
20:34:48.0218 3344 VSS - ok
20:34:48.0234 3344 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
20:34:48.0265 3344 W32Time - ok
20:34:48.0265 3344 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:34:48.0281 3344 Wanarp - ok
20:34:48.0296 3344 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
20:34:48.0296 3344 wceusbsh - ok
20:34:48.0296 3344 WDICA - ok
20:34:48.0328 3344 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:34:48.0328 3344 wdmaud - ok
20:34:48.0343 3344 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:34:48.0359 3344 WebClient - ok
20:34:48.0406 3344 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:34:48.0421 3344 winmgmt - ok
20:34:48.0546 3344 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:34:48.0609 3344 wlidsvc - ok
20:34:48.0640 3344 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:34:48.0640 3344 WmdmPmSN - ok
20:34:48.0687 3344 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:34:48.0703 3344 Wmi - ok
20:34:48.0718 3344 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:34:48.0734 3344 WmiApSrv - ok
20:34:48.0875 3344 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:34:48.0906 3344 WMPNetworkSvc - ok
20:34:48.0968 3344 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:34:48.0984 3344 WPFFontCache_v0400 - ok
20:34:49.0015 3344 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:34:49.0015 3344 WS2IFSL - ok
20:34:49.0046 3344 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:34:49.0078 3344 wscsvc - ok
20:34:49.0093 3344 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:34:49.0125 3344 wuauserv - ok
20:34:49.0156 3344 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:34:49.0156 3344 WudfPf - ok
20:34:49.0171 3344 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:34:49.0171 3344 WudfRd - ok
20:34:49.0187 3344 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:34:49.0203 3344 WudfSvc - ok
20:34:49.0234 3344 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:34:49.0265 3344 WZCSVC - ok
20:34:49.0296 3344 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:34:49.0312 3344 xmlprov - ok
20:34:49.0421 3344 [ 74EC37B9EAF9FCA015B933A526825C7A ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl
20:34:49.0421 3344 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
20:34:49.0437 3344 ================ Scan global ===============================
20:34:49.0468 3344 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
20:34:49.0500 3344 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
20:34:49.0531 3344 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
20:34:49.0546 3344 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
20:34:49.0562 3344 [Global] - ok
20:34:49.0562 3344 ================ Scan MBR ==================================
20:34:49.0562 3344 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
20:34:49.0687 3344 \Device\Harddisk0\DR0 - ok
20:34:49.0703 3344 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
20:34:49.0718 3344 \Device\Harddisk1\DR1 - ok
20:34:49.0718 3344 ================ Scan VBR ==================================
20:34:49.0718 3344 [ DB7AC4AD890CEBEA5311396DC3A7821E ] \Device\Harddisk0\DR0\Partition1
20:34:49.0718 3344 \Device\Harddisk0\DR0\Partition1 - ok
20:34:49.0718 3344 [ 31AFA0CE0012037BF80A5117EC5E82BE ] \Device\Harddisk0\DR0\Partition2
20:34:49.0734 3344 \Device\Harddisk0\DR0\Partition2 - ok
20:34:49.0734 3344 [ A0C69141D3DDA1A0A735EF8E2BA2900E ] \Device\Harddisk1\DR1\Partition1
20:34:49.0734 3344 \Device\Harddisk1\DR1\Partition1 - ok
20:34:49.0734 3344 ============================================================
20:34:49.0734 3344 Scan finished
20:34:49.0734 3344 ============================================================
20:34:49.0734 3532 Detected object count: 2
20:34:49.0734 3532 Actual detected object count: 2
20:34:55.0812 3532 atapi ( LockedFile.Multi.Generic ) - skipped by user
20:34:55.0812 3532 atapi ( LockedFile.Multi.Generic ) - User select action: Skip
20:34:55.0828 3532 INETLOCK ( ForgedFile.Multi.Generic ) - skipped by user
20:34:55.0828 3532 INETLOCK ( ForgedFile.Multi.Generic ) - User select action: Skip
20:35:06.0734 2072 Deinitialize success
20:34:33.0796 2432 ============================================================
20:34:33.0796 2432 Current date / time: 2012/10/22 20:34:33.0796
20:34:33.0796 2432 SystemInfo:
20:34:33.0796 2432
20:34:33.0796 2432 OS Version: 5.1.2600 ServicePack: 3.0
20:34:33.0796 2432 Product type: Workstation
20:34:33.0796 2432 ComputerName: COMPUTER
20:34:33.0796 2432 UserName: Mirek mladší
20:34:33.0796 2432 Windows directory: C:\WINDOWS
20:34:33.0796 2432 System windows directory: C:\WINDOWS
20:34:33.0796 2432 Processor architecture: Intel x86
20:34:33.0796 2432 Number of processors: 2
20:34:33.0796 2432 Page size: 0x1000
20:34:33.0796 2432 Boot type: Normal boot
20:34:33.0796 2432 ============================================================
20:34:34.0890 2432 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:34:34.0890 2432 Drive \Device\Harddisk1\DR1 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:34:34.0890 2432 ============================================================
20:34:34.0890 2432 \Device\Harddisk0\DR0:
20:34:34.0890 2432 MBR partitions:
20:34:34.0890 2432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
20:34:34.0906 2432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x950E500, BlocksNum 0x6B1F74C1
20:34:34.0906 2432 \Device\Harddisk1\DR1:
20:34:34.0906 2432 MBR partitions:
20:34:34.0906 2432 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x6FC7C41
20:34:34.0906 2432 ============================================================
20:34:34.0921 2432 C: <-> \Device\Harddisk0\DR0\Partition1
20:34:34.0937 2432 D: <-> \Device\Harddisk0\DR0\Partition2
20:34:34.0968 2432 E: <-> \Device\Harddisk1\DR1\Partition1
20:34:34.0968 2432 ============================================================
20:34:34.0968 2432 Initialize success
20:34:34.0968 2432 ============================================================
20:34:37.0328 3344 ============================================================
20:34:37.0328 3344 Scan started
20:34:37.0328 3344 Mode: Manual;
20:34:37.0328 3344 ============================================================
20:34:38.0609 3344 ================ Scan system memory ========================
20:34:38.0609 3344 System memory - ok
20:34:38.0609 3344 ================ Scan services =============================
20:34:38.0671 3344 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:34:38.0671 3344 !SASCORE - ok
20:34:38.0906 3344 [ 1F61CACACB521215F39061789147968C ] a347bus C:\WINDOWS\system32\DRIVERS\a347bus.sys
20:34:38.0906 3344 a347bus - ok
20:34:38.0921 3344 [ 113E4B318BBAA7483CA4E582A4D63F49 ] a347scsi C:\WINDOWS\system32\Drivers\a347scsi.sys
20:34:38.0921 3344 a347scsi - ok
20:34:38.0953 3344 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
20:34:38.0953 3344 Aavmker4 - ok
20:34:38.0953 3344 Abiosdsk - ok
20:34:38.0968 3344 abp480n5 - ok
20:34:39.0000 3344 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:34:39.0000 3344 ACPI - ok
20:34:39.0031 3344 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:34:39.0046 3344 ACPIEC - ok
20:34:39.0171 3344 [ F6A4BC03DD6EF8A5794A865DEDE28B23 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
20:34:39.0187 3344 AcrSch2Svc - ok
20:34:39.0234 3344 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:34:39.0250 3344 AdobeFlashPlayerUpdateSvc - ok
20:34:39.0250 3344 adpu160m - ok
20:34:39.0312 3344 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:34:39.0312 3344 aec - ok
20:34:39.0453 3344 [ EF1AFA9752E468013584585666A3B119 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
20:34:39.0453 3344 afcdp - ok
20:34:39.0578 3344 [ B8C03E224E49E0F9726CDDEF872237EB ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
20:34:39.0593 3344 afcdpsrv - ok
20:34:39.0625 3344 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:34:39.0625 3344 AFD - ok
20:34:39.0640 3344 Aha154x - ok
20:34:39.0640 3344 aic78u2 - ok
20:34:39.0656 3344 aic78xx - ok
20:34:39.0687 3344 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:34:39.0687 3344 Alerter - ok
20:34:39.0703 3344 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
20:34:39.0703 3344 ALG - ok
20:34:39.0703 3344 AliIde - ok
20:34:39.0828 3344 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] AllShare C:\Program Files\Audio a video\Samsung PC Share Manager\WiselinkPro.exe
20:34:39.0937 3344 AllShare - ok
20:34:39.0953 3344 amsint - ok
20:34:39.0984 3344 [ A198FD45DFE819C1F9A7BED90339842F ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
20:34:39.0984 3344 AnyDVD - ok
20:34:40.0000 3344 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:34:40.0000 3344 AppMgmt - ok
20:34:40.0000 3344 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:34:40.0000 3344 Arp1394 - ok
20:34:40.0015 3344 asc - ok
20:34:40.0015 3344 asc3350p - ok
20:34:40.0031 3344 asc3550 - ok
20:34:40.0046 3344 [ 54AB078660E536DA72B21A27F56B035B ] ASPI32 C:\WINDOWS\system32\drivers\aspi32.sys
20:34:40.0046 3344 ASPI32 - ok
20:34:40.0109 3344 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:34:40.0140 3344 aspnet_state - ok
20:34:40.0156 3344 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
20:34:40.0156 3344 aswFsBlk - ok
20:34:40.0171 3344 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
20:34:40.0171 3344 aswMon2 - ok
20:34:40.0187 3344 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
20:34:40.0187 3344 AswRdr - ok
20:34:40.0218 3344 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
20:34:40.0218 3344 aswSnx - ok
20:34:40.0234 3344 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
20:34:40.0250 3344 aswSP - ok
20:34:40.0250 3344 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
20:34:40.0265 3344 aswTdi - ok
20:34:40.0281 3344 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:34:40.0281 3344 AsyncMac - ok
20:34:40.0296 3344 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:34:40.0312 3344 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9F3A2F5AA6875C72BF062C712CFA2674
20:34:40.0312 3344 atapi ( LockedFile.Multi.Generic ) - warning
20:34:40.0312 3344 atapi - detected LockedFile.Multi.Generic (1)
20:34:40.0312 3344 Atdisk - ok
20:34:40.0343 3344 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:34:40.0343 3344 Atmarpc - ok
20:34:40.0359 3344 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:34:40.0359 3344 AudioSrv - ok
20:34:40.0375 3344 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:34:40.0375 3344 audstub - ok
20:34:40.0421 3344 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:34:40.0421 3344 avast! Antivirus - ok
20:34:40.0484 3344 [ EF192AC8664700136C9021A79DA28700 ] BCSWAP C:\WINDOWS\system32\drivers\BCSWAP.sys
20:34:40.0484 3344 BCSWAP - ok
20:34:40.0531 3344 [ FF8047C0B95C4E11442C75368BA3A582 ] BCWipeSvc C:\Program Files\Diagnostika a údržba\BCWipe\BCWipeSvc.exe
20:34:40.0531 3344 BCWipeSvc - ok
20:34:40.0546 3344 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:34:40.0546 3344 Beep - ok
20:34:40.0562 3344 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
20:34:40.0578 3344 BITS - ok
20:34:40.0609 3344 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
20:34:40.0609 3344 Browser - ok
20:34:40.0703 3344 catchme - ok
20:34:40.0718 3344 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:34:40.0718 3344 cbidf2k - ok
20:34:40.0718 3344 cd20xrnt - ok
20:34:40.0734 3344 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:34:40.0750 3344 Cdaudio - ok
20:34:40.0765 3344 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:34:40.0765 3344 Cdfs - ok
20:34:40.0781 3344 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:34:40.0781 3344 Cdrom - ok
20:34:40.0781 3344 Changer - ok
20:34:40.0796 3344 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:34:40.0812 3344 CiSvc - ok
20:34:40.0937 3344 [ 4C6406CF07D4EBB70C5774D55C6688FB ] CLHNServiceForPowerDVD12 C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
20:34:40.0937 3344 CLHNServiceForPowerDVD12 - ok
20:34:40.0953 3344 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:34:40.0953 3344 ClipSrv - ok
20:34:40.0984 3344 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:34:40.0984 3344 clr_optimization_v2.0.50727_32 - ok
20:34:41.0000 3344 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:34:41.0031 3344 clr_optimization_v4.0.30319_32 - ok
20:34:41.0031 3344 CmdIde - ok
20:34:41.0031 3344 COMSysApp - ok
20:34:41.0046 3344 Cpqarray - ok
20:34:41.0078 3344 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:34:41.0093 3344 CryptSvc - ok
20:34:41.0218 3344 [ EA22BCA708B37B82ADEBC822A171B92E ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
20:34:41.0218 3344 CyberLink PowerDVD 12 Media Server Monitor Service - ok
20:34:41.0250 3344 [ 3168D2F171A64590E7A11355CAE60A1E ] CyberLink PowerDVD 12 Media Server Service C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
20:34:41.0250 3344 CyberLink PowerDVD 12 Media Server Service - ok
20:34:41.0250 3344 dac2w2k - ok
20:34:41.0265 3344 dac960nt - ok
20:34:41.0296 3344 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:34:41.0328 3344 DcomLaunch - ok
20:34:41.0359 3344 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:34:41.0375 3344 Dhcp - ok
20:34:41.0375 3344 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:34:41.0390 3344 Disk - ok
20:34:41.0390 3344 dmadmin - ok
20:34:41.0421 3344 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:34:41.0437 3344 dmboot - ok
20:34:41.0453 3344 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:34:41.0453 3344 dmio - ok
20:34:41.0515 3344 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:34:41.0515 3344 dmload - ok
20:34:41.0546 3344 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:34:41.0546 3344 dmserver - ok
20:34:41.0562 3344 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:34:41.0562 3344 DMusic - ok
20:34:41.0578 3344 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:34:41.0593 3344 Dnscache - ok
20:34:41.0625 3344 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:34:41.0656 3344 Dot3svc - ok
20:34:41.0656 3344 dpti2o - ok
20:34:41.0671 3344 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:34:41.0687 3344 drmkaud - ok
20:34:41.0703 3344 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
20:34:41.0718 3344 DrvAgent32 - ok
20:34:41.0734 3344 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:34:41.0750 3344 EapHost - ok
20:34:41.0765 3344 [ 6E883BF518296A40959131C2304AF714 ] EL90XBC C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
20:34:41.0765 3344 EL90XBC - ok
20:34:41.0781 3344 [ 309AC30471A0F1C3A89DEE1C81230576 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
20:34:41.0781 3344 ElbyCDIO - ok
20:34:41.0812 3344 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:34:41.0812 3344 ERSvc - ok
20:34:41.0828 3344 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
20:34:41.0843 3344 Eventlog - ok
20:34:41.0859 3344 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
20:34:41.0875 3344 EventSystem - ok
20:34:41.0890 3344 [ 3EF58F2EAE3AECAB45D682152DB2F67D ] exFat C:\WINDOWS\system32\drivers\exFat.sys
20:34:41.0890 3344 exFat - ok
20:34:41.0906 3344 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:34:41.0921 3344 Fastfat - ok
20:34:41.0937 3344 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:34:41.0968 3344 FastUserSwitchingCompatibility - ok
20:34:42.0000 3344 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:34:42.0000 3344 Fdc - ok
20:34:42.0015 3344 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:34:42.0015 3344 Fips - ok
20:34:42.0015 3344 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:34:42.0015 3344 Flpydisk - ok
20:34:42.0031 3344 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:34:42.0031 3344 FltMgr - ok
20:34:42.0078 3344 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:34:42.0078 3344 FontCache3.0.0.0 - ok
20:34:42.0093 3344 [ ED75A99AB3D9512A6D1B7FED070348EB ] fsh C:\WINDOWS\system32\drivers\fsh.sys
20:34:42.0093 3344 fsh - ok
20:34:42.0109 3344 [ C865B83411D7347627A4BEEC22543FB1 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:34:42.0109 3344 Fs_Rec - ok
20:34:42.0125 3344 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:34:42.0125 3344 Ftdisk - ok
20:34:42.0156 3344 [ 360FC9E29EBCD7CB75320E2663EBA0F2 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
20:34:42.0156 3344 getPlusHelper - ok
20:34:42.0171 3344 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
20:34:42.0187 3344 giveio - ok
20:34:42.0187 3344 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:34:42.0187 3344 Gpc - ok
20:34:42.0234 3344 [ F02A533F517EB38333CB12A9E8963773 ] gupdate1c99a896891aac6 C:\Program Files\Google\Update\GoogleUpdate.exe
20:34:42.0250 3344 gupdate1c99a896891aac6 - ok
20:34:42.0250 3344 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:34:42.0250 3344 gupdatem - ok
20:34:42.0265 3344 [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:34:42.0281 3344 HdAudAddService - ok
20:34:42.0296 3344 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:34:42.0296 3344 HDAudBus - ok
20:34:42.0328 3344 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:34:42.0328 3344 helpsvc - ok
20:34:42.0343 3344 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:34:42.0343 3344 HidServ - ok
20:34:42.0375 3344 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:34:42.0375 3344 HidUsb - ok
20:34:42.0390 3344 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:34:42.0406 3344 hkmsvc - ok
20:34:42.0406 3344 hpn - ok
20:34:42.0453 3344 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:34:42.0468 3344 HTTP - ok
20:34:42.0484 3344 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:34:42.0515 3344 HTTPFilter - ok
20:34:42.0531 3344 i2omgmt - ok
20:34:42.0531 3344 i2omp - ok
20:34:42.0578 3344 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:34:42.0578 3344 i8042prt - ok
20:34:42.0625 3344 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:34:42.0625 3344 IDriverT - ok
20:34:42.0656 3344 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:34:42.0671 3344 idsvc - ok
20:34:42.0703 3344 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:34:42.0703 3344 Imapi - ok
20:34:42.0718 3344 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:34:42.0718 3344 ImapiService - ok
20:34:42.0734 3344 [ 655E5F7FC976C3C9BA1E3EB036F2D3E6 ] INETLOCK C:\WINDOWS\system32\drivers\Inetlock.sys
20:34:42.0734 3344 Suspicious file (Forged): C:\WINDOWS\system32\drivers\Inetlock.sys. Real md5: 655E5F7FC976C3C9BA1E3EB036F2D3E6, Fake md5: 98542E18D9E2A79177DC974D30E6F79C
20:34:42.0734 3344 INETLOCK ( ForgedFile.Multi.Generic ) - warning
20:34:42.0734 3344 INETLOCK - detected ForgedFile.Multi.Generic (1)
20:34:42.0765 3344 [ B405532C8A9C3B277E26A6182562FBA2 ] INETLOCKSVC C:\Program Files\Internet a programy\Internet Lock 5.1\ILSvc.exe
20:34:42.0765 3344 INETLOCKSVC - ok
20:34:42.0781 3344 ini910u - ok
20:34:42.0796 3344 IntcAzAudAddService - ok
20:34:42.0812 3344 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:34:42.0812 3344 IntelIde - ok
20:34:42.0812 3344 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:34:42.0828 3344 intelppm - ok
20:34:42.0859 3344 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:34:42.0859 3344 Ip6Fw - ok
20:34:42.0875 3344 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:34:42.0875 3344 IpFilterDriver - ok
20:34:42.0890 3344 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:34:42.0890 3344 IpInIp - ok
20:34:42.0906 3344 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:34:42.0906 3344 IpNat - ok
20:34:42.0921 3344 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:34:42.0921 3344 IPSec - ok
20:34:42.0937 3344 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:34:42.0937 3344 IRENUM - ok
20:34:42.0937 3344 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:34:42.0953 3344 isapnp - ok
20:34:42.0968 3344 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
20:34:42.0968 3344 JavaQuickStarterService - ok
20:34:42.0984 3344 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:34:42.0984 3344 Kbdclass - ok
20:34:43.0000 3344 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:34:43.0000 3344 kbdhid - ok
20:34:43.0015 3344 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:34:43.0015 3344 kmixer - ok
20:34:43.0046 3344 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:34:43.0046 3344 KSecDD - ok
20:34:43.0062 3344 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:34:43.0078 3344 lanmanserver - ok
20:34:43.0093 3344 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:34:43.0125 3344 lanmanworkstation - ok
20:34:43.0125 3344 Lbd - ok
20:34:43.0125 3344 lbrtfdc - ok
20:34:43.0140 3344 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:34:43.0156 3344 LmHosts - ok
20:34:43.0171 3344 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:34:43.0171 3344 Messenger - ok
20:34:43.0234 3344 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:34:43.0234 3344 Microsoft Office Groove Audit Service - ok
20:34:43.0250 3344 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:34:43.0250 3344 mnmdd - ok
20:34:43.0265 3344 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:34:43.0281 3344 mnmsrvc - ok
20:34:43.0296 3344 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:34:43.0296 3344 Modem - ok
20:34:43.0296 3344 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:34:43.0312 3344 Mouclass - ok
20:34:43.0312 3344 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:34:43.0312 3344 mouhid - ok
20:34:43.0328 3344 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:34:43.0328 3344 MountMgr - ok
20:34:43.0359 3344 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:34:43.0359 3344 MozillaMaintenance - ok
20:34:43.0375 3344 mraid35x - ok
20:34:43.0375 3344 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:34:43.0390 3344 MRxDAV - ok
20:34:43.0406 3344 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:34:43.0421 3344 MRxSmb - ok
20:34:43.0453 3344 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:34:43.0453 3344 MSDTC - ok
20:34:43.0468 3344 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:34:43.0468 3344 Msfs - ok
20:34:43.0484 3344 MSIServer - ok
20:34:43.0484 3344 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:34:43.0500 3344 MSKSSRV - ok
20:34:43.0500 3344 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:34:43.0500 3344 MSPCLOCK - ok
20:34:43.0515 3344 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:34:43.0515 3344 MSPQM - ok
20:34:43.0515 3344 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:34:43.0515 3344 mssmbios - ok
20:34:43.0531 3344 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:34:43.0546 3344 Mup - ok
20:34:43.0578 3344 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:34:43.0609 3344 napagent - ok
20:34:43.0625 3344 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:34:43.0625 3344 NDIS - ok
20:34:43.0640 3344 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:34:43.0640 3344 NdisTapi - ok
20:34:43.0640 3344 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:34:43.0656 3344 Ndisuio - ok
20:34:43.0656 3344 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:34:43.0656 3344 NdisWan - ok
20:34:43.0671 3344 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:34:43.0671 3344 NDProxy - ok
20:34:43.0687 3344 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:34:43.0687 3344 NetBIOS - ok
20:34:43.0687 3344 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:34:43.0703 3344 NetBT - ok
20:34:43.0734 3344 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:34:43.0734 3344 NetDDE - ok
20:34:43.0750 3344 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:34:43.0765 3344 NetDDEdsdm - ok
20:34:43.0781 3344 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:34:43.0796 3344 Netlogon - ok
20:34:43.0812 3344 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
20:34:43.0843 3344 Netman - ok
20:34:43.0875 3344 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:34:43.0906 3344 NetTcpPortSharing - ok
20:34:43.0921 3344 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:34:43.0921 3344 NIC1394 - ok
20:34:43.0968 3344 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
20:34:43.0984 3344 Nla - ok
20:34:44.0000 3344 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
20:34:44.0000 3344 nm - ok
20:34:44.0031 3344 [ 1ACF98D80E95ADD298832C7A8996B48C ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
20:34:44.0031 3344 nosGetPlusHelper - ok
20:34:44.0062 3344 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\npf.sys
20:34:44.0078 3344 NPF - ok
20:34:44.0078 3344 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:34:44.0093 3344 Npfs - ok
20:34:44.0109 3344 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:34:44.0125 3344 Ntfs - ok
20:34:44.0140 3344 [ 4A6A8C2882EA29F7CAE995E82C259EEB ] ntk_PowerDVD12 C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys
20:34:44.0156 3344 ntk_PowerDVD12 - ok
20:34:44.0156 3344 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:34:44.0171 3344 NtLmSsp - ok
20:34:44.0187 3344 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:34:44.0218 3344 NtmsSvc - ok
20:34:44.0218 3344 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:34:44.0218 3344 Null - ok
20:34:44.0968 3344 [ 68B8C35782FFD20973524F748234B5A9 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:34:45.0171 3344 nv - ok
20:34:45.0234 3344 [ 210EE09CB9C2655E55BD48D851369DC1 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:34:45.0234 3344 nvUpdatusService - ok
20:34:45.0265 3344 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:34:45.0265 3344 NwlnkFlt - ok
20:34:45.0281 3344 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:34:45.0281 3344 NwlnkFwd - ok
20:34:45.0328 3344 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:34:45.0343 3344 odserv - ok
20:34:45.0359 3344 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:34:45.0359 3344 ohci1394 - ok
20:34:45.0390 3344 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:34:45.0390 3344 ose - ok
20:34:45.0406 3344 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:34:45.0406 3344 Parport - ok
20:34:45.0421 3344 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:34:45.0421 3344 PartMgr - ok
20:34:45.0437 3344 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:34:45.0437 3344 ParVdm - ok
20:34:45.0453 3344 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:34:45.0453 3344 PCI - ok
20:34:45.0453 3344 PCIDump - ok
20:34:45.0484 3344 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:34:45.0484 3344 PCIIde - ok
20:34:45.0484 3344 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:34:45.0500 3344 Pcmcia - ok
20:34:45.0500 3344 PDCOMP - ok
20:34:45.0515 3344 PDFRAME - ok
20:34:45.0515 3344 PDRELI - ok
20:34:45.0515 3344 PDRFRAME - ok
20:34:45.0531 3344 perc2 - ok
20:34:45.0531 3344 perc2hib - ok
20:34:45.0562 3344 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
20:34:45.0562 3344 PlugPlay - ok
20:34:45.0578 3344 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:34:45.0578 3344 PolicyAgent - ok
20:34:45.0609 3344 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:34:45.0609 3344 PptpMiniport - ok
20:34:45.0609 3344 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:34:45.0625 3344 ProtectedStorage - ok
20:34:45.0625 3344 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:34:45.0640 3344 PSched - ok
20:34:45.0656 3344 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:34:45.0656 3344 Ptilink - ok
20:34:45.0656 3344 ql1080 - ok
20:34:45.0671 3344 Ql10wnt - ok
20:34:45.0671 3344 ql12160 - ok
20:34:45.0687 3344 ql1240 - ok
20:34:45.0687 3344 ql1280 - ok
20:34:45.0703 3344 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:34:45.0703 3344 RasAcd - ok
20:34:45.0718 3344 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:34:45.0734 3344 RasAuto - ok
20:34:45.0734 3344 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:34:45.0750 3344 Rasl2tp - ok
20:34:45.0765 3344 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:34:45.0781 3344 RasMan - ok
20:34:45.0796 3344 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:34:45.0796 3344 RasPppoe - ok
20:34:45.0796 3344 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:34:45.0812 3344 Raspti - ok
20:34:45.0812 3344 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:34:45.0828 3344 Rdbss - ok
20:34:45.0828 3344 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:34:45.0828 3344 RDPCDD - ok
20:34:45.0859 3344 [ A862A3A8D7D2D75BDC41B556325E9876 ] RDPDISPM C:\WINDOWS\system32\DRIVERS\rdpdispm.sys
20:34:45.0859 3344 RDPDISPM - ok
20:34:45.0875 3344 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:34:45.0875 3344 rdpdr - ok
20:34:45.0890 3344 [ 95508469D4DA5C13BBFEF9C35F3E5C61 ] RDPVDD C:\WINDOWS\system32\DRIVERS\rdpvmp.sys
20:34:45.0890 3344 RDPVDD - ok
20:34:45.0921 3344 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:34:45.0921 3344 RDPWD - ok
20:34:45.0953 3344 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:34:45.0984 3344 RDSessMgr - ok
20:34:45.0984 3344 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:34:45.0984 3344 redbook - ok
20:34:46.0015 3344 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:34:46.0015 3344 RemoteAccess - ok
20:34:46.0031 3344 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:34:46.0046 3344 RemoteRegistry - ok
20:34:46.0062 3344 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
20:34:46.0078 3344 rpcapd - ok
20:34:46.0093 3344 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:34:46.0109 3344 RpcLocator - ok
20:34:46.0156 3344 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:34:46.0171 3344 RpcSs - ok
20:34:46.0187 3344 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:34:46.0218 3344 RSVP - ok
20:34:46.0265 3344 [ 2377F31CBB8277807C3351302CF133E9 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
20:34:46.0281 3344 RTL8023xp - ok
20:34:46.0312 3344 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:34:46.0312 3344 rtl8139 - ok
20:34:46.0343 3344 [ A79FBDBC6A979259E38DEA7D29B57619 ] SaiMini C:\WINDOWS\system32\DRIVERS\SaiMini.sys
20:34:46.0343 3344 SaiMini - ok
20:34:46.0359 3344 [ BB20EBA89E0EF39697A1A8728C5685FE ] SaiNtBus C:\WINDOWS\system32\drivers\SaiBus.sys
20:34:46.0375 3344 SaiNtBus - ok
20:34:46.0375 3344 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
20:34:46.0390 3344 SamSs - ok
20:34:46.0406 3344 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:34:46.0406 3344 SASDIFSV - ok
20:34:46.0421 3344 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:34:46.0421 3344 SASKUTIL - ok
20:34:46.0437 3344 [ 729248B54AFF21E740054ACEBFDBCB1C ] SBKUPNT C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
20:34:46.0437 3344 SBKUPNT - ok
20:34:46.0453 3344 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:34:46.0468 3344 SCardSvr - ok
20:34:46.0500 3344 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:34:46.0515 3344 Schedule - ok
20:34:46.0531 3344 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:34:46.0531 3344 Secdrv - ok
20:34:46.0562 3344 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:34:46.0562 3344 seclogon - ok
20:34:46.0593 3344 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
20:34:46.0609 3344 SENS - ok
20:34:46.0609 3344 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:34:46.0625 3344 serenum - ok
20:34:46.0625 3344 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:34:46.0625 3344 Serial - ok
20:34:46.0796 3344 [ A9AF077DDB5AEB97BCC5C41504E27223 ] Serviio C:\Program Files\Audio a video\Serviio\bin\ServiioService.exe
20:34:46.0796 3344 Serviio - ok
20:34:46.0812 3344 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:34:46.0812 3344 Sfloppy - ok
20:34:46.0828 3344 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:34:46.0859 3344 SharedAccess - ok
20:34:46.0859 3344 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:34:46.0875 3344 ShellHWDetection - ok
20:34:46.0890 3344 Simbad - ok
20:34:46.0937 3344 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:34:46.0937 3344 SkypeUpdate - ok
20:34:46.0968 3344 [ 5BCEB1B306878035DACBA6DD18366EDA ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
20:34:46.0984 3344 snapman - ok
20:34:47.0000 3344 Sparrow - ok
20:34:47.0015 3344 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\WINDOWS\system32\speedfan.sys
20:34:47.0031 3344 speedfan - ok
20:34:47.0046 3344 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:34:47.0046 3344 splitter - ok
20:34:47.0062 3344 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:34:47.0078 3344 Spooler - ok
20:34:47.0093 3344 [ 7B426B8E809EDF081D771EF429345528 ] sp_rsdrv2 C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
20:34:47.0093 3344 sp_rsdrv2 - ok
20:34:47.0125 3344 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:34:47.0125 3344 sr - ok
20:34:47.0156 3344 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
20:34:47.0171 3344 srservice - ok
20:34:47.0218 3344 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:34:47.0218 3344 Srv - ok
20:34:47.0234 3344 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:34:47.0250 3344 SSDPSRV - ok
20:34:47.0281 3344 [ 0A4BB0FF55C8FA9BF7ADC673D5CFE680 ] ST2012_Svc C:\Program Files\Spyware Terminator\st_rsser.exe
20:34:47.0281 3344 ST2012_Svc - ok
20:34:47.0312 3344 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:34:47.0343 3344 stisvc - ok
20:34:47.0343 3344 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:34:47.0359 3344 swenum - ok
20:34:47.0406 3344 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:34:47.0421 3344 SwitchBoard - ok
20:34:47.0437 3344 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:34:47.0437 3344 swmidi - ok
20:34:47.0437 3344 SwPrv - ok
20:34:47.0453 3344 symc810 - ok
20:34:47.0453 3344 symc8xx - ok
20:34:47.0468 3344 sym_hi - ok
20:34:47.0468 3344 sym_u3 - ok
20:34:47.0484 3344 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:34:47.0484 3344 sysaudio - ok
20:34:47.0500 3344 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:34:47.0515 3344 SysmonLog - ok
20:34:47.0531 3344 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:34:47.0546 3344 TapiSrv - ok
20:34:47.0562 3344 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:34:47.0578 3344 Tcpip - ok
20:34:47.0578 3344 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:34:47.0593 3344 TDPIPE - ok
20:34:47.0640 3344 [ 8DE3E45000BA8C9EBB16737D3F83E216 ] tdrpman258 C:\WINDOWS\system32\DRIVERS\tdrpm258.sys
20:34:47.0656 3344 tdrpman258 - ok
20:34:47.0656 3344 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:34:47.0656 3344 TDTCP - ok
20:34:47.0671 3344 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:34:47.0671 3344 TermDD - ok
20:34:47.0687 3344 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
20:34:47.0703 3344 TermService - ok
20:34:47.0718 3344 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:34:47.0718 3344 Themes - ok
20:34:47.0750 3344 [ 3E06987FEDBCDFBFF8E85EF8108565F9 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
20:34:47.0796 3344 timounter - ok
20:34:47.0796 3344 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:34:47.0812 3344 TlntSvr - ok
20:34:47.0828 3344 TosIde - ok
20:34:47.0843 3344 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:34:47.0859 3344 TrkWks - ok
20:34:47.0875 3344 [ E266683FC95ABDEC17CD378564E1B54B ] TVICHW32 C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
20:34:47.0875 3344 TVICHW32 - ok
20:34:47.0890 3344 [ 77EBF3E9386DAA51551AF429052D88D0 ] tvtool C:\Program Files\Audio a video\TVTool\tvtool.sys
20:34:47.0890 3344 tvtool - ok
20:34:47.0906 3344 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:34:47.0906 3344 Udfs - ok
20:34:47.0906 3344 ultra - ok
20:34:47.0937 3344 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:34:47.0953 3344 Update - ok
20:34:47.0968 3344 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
20:34:48.0000 3344 upnphost - ok
20:34:48.0015 3344 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
20:34:48.0031 3344 UPS - ok
20:34:48.0031 3344 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:34:48.0031 3344 usbehci - ok
20:34:48.0046 3344 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:34:48.0062 3344 usbhub - ok
20:34:48.0078 3344 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:34:48.0078 3344 usbprint - ok
20:34:48.0093 3344 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:34:48.0093 3344 USBSTOR - ok
20:34:48.0109 3344 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:34:48.0109 3344 usbuhci - ok
20:34:48.0125 3344 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:34:48.0125 3344 VgaSave - ok
20:34:48.0140 3344 ViaIde - ok
20:34:48.0156 3344 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:34:48.0156 3344 VolSnap - ok
20:34:48.0187 3344 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
20:34:48.0218 3344 VSS - ok
20:34:48.0234 3344 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
20:34:48.0265 3344 W32Time - ok
20:34:48.0265 3344 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:34:48.0281 3344 Wanarp - ok
20:34:48.0296 3344 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
20:34:48.0296 3344 wceusbsh - ok
20:34:48.0296 3344 WDICA - ok
20:34:48.0328 3344 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:34:48.0328 3344 wdmaud - ok
20:34:48.0343 3344 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:34:48.0359 3344 WebClient - ok
20:34:48.0406 3344 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:34:48.0421 3344 winmgmt - ok
20:34:48.0546 3344 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:34:48.0609 3344 wlidsvc - ok
20:34:48.0640 3344 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:34:48.0640 3344 WmdmPmSN - ok
20:34:48.0687 3344 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:34:48.0703 3344 Wmi - ok
20:34:48.0718 3344 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:34:48.0734 3344 WmiApSrv - ok
20:34:48.0875 3344 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:34:48.0906 3344 WMPNetworkSvc - ok
20:34:48.0968 3344 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:34:48.0984 3344 WPFFontCache_v0400 - ok
20:34:49.0015 3344 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:34:49.0015 3344 WS2IFSL - ok
20:34:49.0046 3344 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:34:49.0078 3344 wscsvc - ok
20:34:49.0093 3344 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:34:49.0125 3344 wuauserv - ok
20:34:49.0156 3344 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:34:49.0156 3344 WudfPf - ok
20:34:49.0171 3344 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:34:49.0171 3344 WudfRd - ok
20:34:49.0187 3344 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:34:49.0203 3344 WudfSvc - ok
20:34:49.0234 3344 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:34:49.0265 3344 WZCSVC - ok
20:34:49.0296 3344 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:34:49.0312 3344 xmlprov - ok
20:34:49.0421 3344 [ 74EC37B9EAF9FCA015B933A526825C7A ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl
20:34:49.0421 3344 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
20:34:49.0437 3344 ================ Scan global ===============================
20:34:49.0468 3344 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
20:34:49.0500 3344 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
20:34:49.0531 3344 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
20:34:49.0546 3344 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
20:34:49.0562 3344 [Global] - ok
20:34:49.0562 3344 ================ Scan MBR ==================================
20:34:49.0562 3344 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
20:34:49.0687 3344 \Device\Harddisk0\DR0 - ok
20:34:49.0703 3344 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
20:34:49.0718 3344 \Device\Harddisk1\DR1 - ok
20:34:49.0718 3344 ================ Scan VBR ==================================
20:34:49.0718 3344 [ DB7AC4AD890CEBEA5311396DC3A7821E ] \Device\Harddisk0\DR0\Partition1
20:34:49.0718 3344 \Device\Harddisk0\DR0\Partition1 - ok
20:34:49.0718 3344 [ 31AFA0CE0012037BF80A5117EC5E82BE ] \Device\Harddisk0\DR0\Partition2
20:34:49.0734 3344 \Device\Harddisk0\DR0\Partition2 - ok
20:34:49.0734 3344 [ A0C69141D3DDA1A0A735EF8E2BA2900E ] \Device\Harddisk1\DR1\Partition1
20:34:49.0734 3344 \Device\Harddisk1\DR1\Partition1 - ok
20:34:49.0734 3344 ============================================================
20:34:49.0734 3344 Scan finished
20:34:49.0734 3344 ============================================================
20:34:49.0734 3532 Detected object count: 2
20:34:49.0734 3532 Actual detected object count: 2
20:34:55.0812 3532 atapi ( LockedFile.Multi.Generic ) - skipped by user
20:34:55.0812 3532 atapi ( LockedFile.Multi.Generic ) - User select action: Skip
20:34:55.0828 3532 INETLOCK ( ForgedFile.Multi.Generic ) - skipped by user
20:34:55.0828 3532 INETLOCK ( ForgedFile.Multi.Generic ) - User select action: Skip
20:35:06.0734 2072 Deinitialize success
Re: Pomoc- System Idle Process 95-100%
Poprosim o log z DDS http://forum.viry.cz/viewtopic.php?f=24&t=123680"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomoc- System Idle Process 95-100%
Zdravím,
dodávám DDS log:
DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1
Run by Mirek mladší at 18:16:36 on 2012-10-23
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2464 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\ZabezpeC:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Audio a video\Serviio\bin\ServiioService.exe
C:\Program Files\Audio a video\Serviio\bin\ServiioService.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: WebTransBHO Class: {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: Lištička: {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - c:\program files\seznam.cz\listicka.dll
TB: Nástroje Lištičky: {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - c:\program files\seznam.cz\listicka.dll
TB: WebTranslator: {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
TB: Nástroje Lištičky: {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - c:\program files\seznam.cz\toolbar\toolbar.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Startup Guard] c:\program files\zabezpečení\startupguard\SG.EXE
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Zástupce stránky vlastností sběrnice High Definition Audio] HDAudPropShortcut.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\audio a video\quicktime\qttask.exe" -atboottime
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [COMODO Internet Security] "c:\program files\zabezpečení\comodo firewall\comodo\comodo internet security\cfp.exe" -h
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\seznam.cz\listicka.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - c:\program files\seznam.cz\listicka.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\icq7.5\ICQ.exe
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.40/TSWeb.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{E7CEB363-FF65-4E09-8B03-5A19E1BF9656} : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mirek mladší\data aplikací\mozilla\firefox\profiles\5mekgo92.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\documents and settings\mirek mladĺˇă\local settings\data aplikacă\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin2.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin3.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin4.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin5.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin6.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin7.dll
FF - plugin: c:\program files\audio a video\realplayer\netscape6\nppl3260.dll
FF - plugin: c:\program files\audio a video\realplayer\netscape6\nprjplug.dll
FF - plugin: c:\program files\audio a video\realplayer\netscape6\nprpjplug.dll
FF - plugin: c:\program files\audio a video\veetle\player\npvlc.dll
FF - plugin: c:\program files\audio a video\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\internet a programy\tvuplayer\npTVUAx.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows media player\np_plugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-09-15 21:13; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\documents and settings\mirek mladă…âˇăâ\data aplikacăâ\mozilla\firefox\profiles\5mekgo92.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2009-2-20 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2009-2-20 5248]
R0 fsh;fsh;c:\windows\system32\drivers\fsh.sys [2010-5-23 39744]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [2010-3-22 911680]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-22 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-22 355632]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-10-5 497952]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-10-5 32640]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2012-2-18 32768]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/10/20 10:43:37];c:\program files\audio a video\powerdvd 12\powerdvd12\common\navfilter\000.fcl [2012-1-11 87536]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2010-3-22 2480048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-22 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-10-22 44808]
R2 BCWipeSvc;BCWipe service;c:\program files\diagnostika a údržba\bcwipe\BCWipeSvc.exe [2010-5-23 95544]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files\audio a video\powerdvd 12\powerdvd12\kernel\dmp\clhnserver\CLHNServiceForPowerDVD12.exe [2012-10-20 87336]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\zabezpečení\comodo firewall\comodo\comodo internet security\cmdagent.exe [2012-10-5 1990464]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files\audio a video\powerdvd 12\powerdvd12\kernel\dms\CLMSMonitorServicePDVD12.exe [2012-10-20 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files\audio a video\powerdvd 12\powerdvd12\kernel\dms\CLMSServerPDVD12.exe [2012-10-20 296232]
R2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files\audio a video\powerdvd 12\powerdvd12\kernel\dmp\clhnserver\ntk_PowerDVD12.sys [2012-10-20 120432]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-3-4 1258856]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2012-6-2 14976]
R2 Serviio;Serviio;c:\program files\audio a video\serviio\bin\ServiioService.exe [2012-8-9 279552]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\spyware terminator\st_rsser.exe [2012-2-18 482992]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2010-3-22 160288]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-8-4 69120]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S1 tvtool;tvtool;c:\program files\audio a video\tvtool\TVTOOL.SYS [1996-4-3 5248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c99a896891aac6;Google Update Service (gupdate1c99a896891aac6);c:\program files\google\update\GoogleUpdate.exe [2010-7-31 136176]
S2 INETLOCK;INETLOCK;c:\windows\system32\drivers\InetLock.sys [2007-9-9 16587]
S2 INETLOCKSVC;Internet Lock Service;c:\program files\internet a programy\internet lock 5.1\ILSvc.exe [2007-9-9 106496]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-30 250808]
S3 AllShare;SAMSUNG AllShare Service;c:\program files\audio a video\samsung pc share manager\WiselinkPro.exe [2010-7-16 6638080]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-3-13 23456]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-31 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 115168]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-17 14336]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2010-6-6 9040]
S3 RDPVDD;RDPVDD;c:\windows\system32\drivers\rdpvmp.sys [2010-6-6 19408]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [2009-3-7 23600]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 BCSWAP;BCSWAP;c:\windows\system32\drivers\bcswap.sys [2010-5-23 92096]
.
=============== Created Last 30 ================
.
2012-10-22 18:28:30 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-22 18:28:14 41224 ----a-w- c:\windows\avastSS.scr
2012-10-22 17:56:44 -------- d-----w- c:\program files\Seznam.cz
2012-10-22 17:56:43 -------- d--h--w- c:\windows\msdownld.tmp
2012-10-22 17:52:49 -------- dc-h--w- c:\windows\ie8
2012-10-22 15:59:10 98816 ----a-w- c:\windows\sed.exe
2012-10-22 15:59:10 256000 ----a-w- c:\windows\PEV.exe
2012-10-22 15:59:10 208896 ----a-w- c:\windows\MBR.exe
2012-10-20 08:29:59 -------- d-----w- c:\documents and settings\mirek mladší\data aplikací\SUPERAntiSpyware.com
2012-10-20 08:29:32 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-20 08:29:32 -------- d-----w- c:\documents and settings\all users\data aplikací\SUPERAntiSpyware.com
2012-10-19 20:21:11 -------- d-----w- c:\program files\AVAST Software
2012-10-19 19:34:46 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2012-10-19 17:02:10 -------- d-----w- c:\program files\trend micro
2012-10-19 15:53:59 177496 ----a-w- c:\windows\system32\drivers\04092950.sys
2012-10-19 15:36:15 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-10-19 15:36:15 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-13 18:06:56 -------- d-----w- c:\documents and settings\mirek mladší\local settings\data aplikací\MediaShow
2012-10-13 16:50:52 -------- d-----w- c:\documents and settings\mirek mladší\local settings\data aplikací\MediaServer
2012-10-13 16:50:49 -------- d-----w- c:\documents and settings\all users\data aplikací\PDVD
2012-10-13 16:49:36 -------- d-----w- c:\documents and settings\mirek mladší\CyberLink
2012-10-13 16:42:17 -------- d-----w- c:\documents and settings\all users\data aplikací\install_clap
2012-10-13 15:55:03 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-13 15:55:03 5947392 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-06 10:14:58 -------- d-----w- c:\documents and settings\mirek mladší\data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-10-06 09:27:20 -------- d-----w- c:\documents and settings\all users\data aplikací\regid.1986-12.com.adobe
2012-10-04 23:32:58 497952 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-10-04 23:32:58 32640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-10-04 23:32:54 18096 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-10-04 23:32:14 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-10-04 23:32:12 301264 ----a-w- c:\windows\system32\guard32.dll
2012-09-28 14:03:54 -------- d-----w- c:\documents and settings\mirek mladší\.frostwire5
2012-09-27 17:34:01 -------- d-----w- c:\windows\Downloaded Installations
.
==================== Find3M ====================
.
2012-10-13 18:26:27 1101436 -c--a-w- c:\windows\system32\nvdrsdb0.bin
2012-10-13 18:26:27 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-10-13 18:25:51 1101436 -c--a-w- c:\windows\system32\nvdrsdb1.bin
2012-10-13 16:14:42 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-13 16:14:42 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-29 17:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-23 14:28:00 7446528 ----a-w- c:\windows\system32\nvcuda.dll
2012-09-23 14:28:00 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-09-23 14:28:00 2578792 ----a-w- c:\windows\system32\nvcuvid.dll
2012-09-23 14:28:00 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-09-23 14:28:00 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-09-23 14:28:00 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-09-23 14:28:00 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-09-23 14:28:00 12557728 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-09-23 14:28:00 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-09-23 13:04:24 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-09-23 13:04:12 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-23 13:04:11 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-09-23 13:04:11 143720 -c--a-w- c:\windows\system32\nvcolor.exe
2012-09-23 13:04:11 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-28 15:18:59 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:32 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53:44 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27:26 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-23 06:27:26 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 18:17:57,95 ===============
dodávám DDS log:
DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1
Run by Mirek mladší at 18:16:36 on 2012-10-23
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2464 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files\Audio a video\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\ZabezpeC:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Audio a video\Serviio\bin\ServiioService.exe
C:\Program Files\Audio a video\Serviio\bin\ServiioService.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: WebTransBHO Class: {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: Lištička: {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - c:\program files\seznam.cz\listicka.dll
TB: Nástroje Lištičky: {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - c:\program files\seznam.cz\listicka.dll
TB: WebTranslator: {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
TB: Nástroje Lištičky: {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - c:\program files\seznam.cz\toolbar\toolbar.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Startup Guard] c:\program files\zabezpečení\startupguard\SG.EXE
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Zástupce stránky vlastností sběrnice High Definition Audio] HDAudPropShortcut.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\audio a video\quicktime\qttask.exe" -atboottime
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [COMODO Internet Security] "c:\program files\zabezpečení\comodo firewall\comodo\comodo internet security\cfp.exe" -h
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\seznam.cz\listicka.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - c:\program files\seznam.cz\listicka.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\icq7.5\ICQ.exe
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.40/TSWeb.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{E7CEB363-FF65-4E09-8B03-5A19E1BF9656} : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mirek mladší\data aplikací\mozilla\firefox\profiles\5mekgo92.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\documents and settings\mirek mladĺˇă\local settings\data aplikacă\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin2.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin3.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin4.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin5.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin6.dll
FF - plugin: c:\program files\audio a video\quicktime\plugins\npqtplugin7.dll
FF - plugin: c:\program files\audio a video\realplayer\netscape6\nppl3260.dll
FF - plugin: c:\program files\audio a video\realplayer\netscape6\nprjplug.dll
FF - plugin: c:\program files\audio a video\realplayer\netscape6\nprpjplug.dll
FF - plugin: c:\program files\audio a video\veetle\player\npvlc.dll
FF - plugin: c:\program files\audio a video\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\internet a programy\tvuplayer\npTVUAx.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows media player\np_plugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-09-15 21:13; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\documents and settings\mirek mladă…âˇăâ\data aplikacăâ\mozilla\firefox\profiles\5mekgo92.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2009-2-20 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2009-2-20 5248]
R0 fsh;fsh;c:\windows\system32\drivers\fsh.sys [2010-5-23 39744]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [2010-3-22 911680]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-22 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-22 355632]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-10-5 497952]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-10-5 32640]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2012-2-18 32768]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/10/20 10:43:37];c:\program files\audio a video\powerdvd 12\powerdvd12\common\navfilter\000.fcl [2012-1-11 87536]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2010-3-22 2480048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-22 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-10-22 44808]
R2 BCWipeSvc;BCWipe service;c:\program files\diagnostika a údržba\bcwipe\BCWipeSvc.exe [2010-5-23 95544]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files\audio a video\powerdvd 12\powerdvd12\kernel\dmp\clhnserver\CLHNServiceForPowerDVD12.exe [2012-10-20 87336]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\zabezpečení\comodo firewall\comodo\comodo internet security\cmdagent.exe [2012-10-5 1990464]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files\audio a video\powerdvd 12\powerdvd12\kernel\dms\CLMSMonitorServicePDVD12.exe [2012-10-20 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files\audio a video\powerdvd 12\powerdvd12\kernel\dms\CLMSServerPDVD12.exe [2012-10-20 296232]
R2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files\audio a video\powerdvd 12\powerdvd12\kernel\dmp\clhnserver\ntk_PowerDVD12.sys [2012-10-20 120432]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-3-4 1258856]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2012-6-2 14976]
R2 Serviio;Serviio;c:\program files\audio a video\serviio\bin\ServiioService.exe [2012-8-9 279552]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\spyware terminator\st_rsser.exe [2012-2-18 482992]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2010-3-22 160288]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-8-4 69120]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S1 tvtool;tvtool;c:\program files\audio a video\tvtool\TVTOOL.SYS [1996-4-3 5248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c99a896891aac6;Google Update Service (gupdate1c99a896891aac6);c:\program files\google\update\GoogleUpdate.exe [2010-7-31 136176]
S2 INETLOCK;INETLOCK;c:\windows\system32\drivers\InetLock.sys [2007-9-9 16587]
S2 INETLOCKSVC;Internet Lock Service;c:\program files\internet a programy\internet lock 5.1\ILSvc.exe [2007-9-9 106496]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-30 250808]
S3 AllShare;SAMSUNG AllShare Service;c:\program files\audio a video\samsung pc share manager\WiselinkPro.exe [2010-7-16 6638080]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-3-13 23456]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-31 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 115168]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-17 14336]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2010-6-6 9040]
S3 RDPVDD;RDPVDD;c:\windows\system32\drivers\rdpvmp.sys [2010-6-6 19408]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [2009-3-7 23600]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 BCSWAP;BCSWAP;c:\windows\system32\drivers\bcswap.sys [2010-5-23 92096]
.
=============== Created Last 30 ================
.
2012-10-22 18:28:30 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-22 18:28:14 41224 ----a-w- c:\windows\avastSS.scr
2012-10-22 17:56:44 -------- d-----w- c:\program files\Seznam.cz
2012-10-22 17:56:43 -------- d--h--w- c:\windows\msdownld.tmp
2012-10-22 17:52:49 -------- dc-h--w- c:\windows\ie8
2012-10-22 15:59:10 98816 ----a-w- c:\windows\sed.exe
2012-10-22 15:59:10 256000 ----a-w- c:\windows\PEV.exe
2012-10-22 15:59:10 208896 ----a-w- c:\windows\MBR.exe
2012-10-20 08:29:59 -------- d-----w- c:\documents and settings\mirek mladší\data aplikací\SUPERAntiSpyware.com
2012-10-20 08:29:32 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-20 08:29:32 -------- d-----w- c:\documents and settings\all users\data aplikací\SUPERAntiSpyware.com
2012-10-19 20:21:11 -------- d-----w- c:\program files\AVAST Software
2012-10-19 19:34:46 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2012-10-19 17:02:10 -------- d-----w- c:\program files\trend micro
2012-10-19 15:53:59 177496 ----a-w- c:\windows\system32\drivers\04092950.sys
2012-10-19 15:36:15 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-10-19 15:36:15 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-13 18:06:56 -------- d-----w- c:\documents and settings\mirek mladší\local settings\data aplikací\MediaShow
2012-10-13 16:50:52 -------- d-----w- c:\documents and settings\mirek mladší\local settings\data aplikací\MediaServer
2012-10-13 16:50:49 -------- d-----w- c:\documents and settings\all users\data aplikací\PDVD
2012-10-13 16:49:36 -------- d-----w- c:\documents and settings\mirek mladší\CyberLink
2012-10-13 16:42:17 -------- d-----w- c:\documents and settings\all users\data aplikací\install_clap
2012-10-13 15:55:03 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-13 15:55:03 5947392 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-06 10:14:58 -------- d-----w- c:\documents and settings\mirek mladší\data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-10-06 09:27:20 -------- d-----w- c:\documents and settings\all users\data aplikací\regid.1986-12.com.adobe
2012-10-04 23:32:58 497952 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-10-04 23:32:58 32640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-10-04 23:32:54 18096 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-10-04 23:32:14 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-10-04 23:32:12 301264 ----a-w- c:\windows\system32\guard32.dll
2012-09-28 14:03:54 -------- d-----w- c:\documents and settings\mirek mladší\.frostwire5
2012-09-27 17:34:01 -------- d-----w- c:\windows\Downloaded Installations
.
==================== Find3M ====================
.
2012-10-13 18:26:27 1101436 -c--a-w- c:\windows\system32\nvdrsdb0.bin
2012-10-13 18:26:27 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-10-13 18:25:51 1101436 -c--a-w- c:\windows\system32\nvdrsdb1.bin
2012-10-13 16:14:42 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-13 16:14:42 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-29 17:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-23 14:28:00 7446528 ----a-w- c:\windows\system32\nvcuda.dll
2012-09-23 14:28:00 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-09-23 14:28:00 2578792 ----a-w- c:\windows\system32\nvcuvid.dll
2012-09-23 14:28:00 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-09-23 14:28:00 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-09-23 14:28:00 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-09-23 14:28:00 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-09-23 14:28:00 12557728 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-09-23 14:28:00 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-09-23 13:04:24 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-09-23 13:04:12 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-23 13:04:11 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-09-23 13:04:11 143720 -c--a-w- c:\windows\system32\nvcolor.exe
2012-09-23 13:04:11 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-28 15:18:59 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:32 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53:44 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27:26 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-23 06:27:26 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 18:17:57,95 ===============
Re: Pomoc- System Idle Process 95-100%
Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe
- Ulozte nejlepe na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Report
- Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomoc- System Idle Process 95-100%
Zdravím,
MbrReport:
MbrReport:
Kód: Vybrat vše
MBRScan v1.1.1
OS : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR : x86 Family 15 Model 3 Stepping 4, GenuineIntel
BOOT : Normal Boot
DATE : 2012/10/24 (ISO 8601) at 18:12:39
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __WDC WD10EALS-00Z8A0 (05.01D05)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
DISK : Device\Harddisk1\DR1 __WDC WD600JB-00ETA0 (77.07W77)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 931.5 Go [Fixed] ==> XP MBR Code
MBR_MD5 : DC9026931AACE035229E3DD7E91451C6
MBR_SHA1 : 07CE58DC5C2B079F71AD4E8F13E4F469BC4DA33A
Device\Harddisk0\Partition1 74.53 Go 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 857.0 Go 0x07 NTFS / HPFS
________________________________________________________________________________
Device\Harddisk1\DR1 55.90 Go [Fixed] ==> XP MBR Code
MBR_MD5 : B1CDD28FE9DB3AF951CD46FC171AD838
MBR_SHA1 : 31E57696DAAD1C882A2B02D42B7916E6479B60F3
Device\Harddisk1\Partition1 55.89 Go 0x07 NTFS / HPFS
________________________________________________________________________________
############################### Additional scan ################################
DRIVER : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xB1C1D000
SIZE : 96.0 Ko
DRIVER : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xB23EF000
SIZE : 8.0 Ko
SystemStartOptions : NOEXECUTE=OPTIN FASTDETECT
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C 3À.м.|ûP.P.ü¾.|
0x00000010 BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04 ¿..PW¹å.ó¤Ë½¾.±.
0x00000020 38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5 8n.|.u..Å.âôÍ..õ
0x00000030 83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B .Æ.It.8,tö.µ.´..
0x00000040 F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88 ð¬<.tü»..´.Í.ëò.
0x00000050 4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B N.èF.s*þF..~..t.
0x00000060 80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83 .~..t..¶.uÒ.F...
0x00000070 46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB F...V..è!.s..¶.ë
0x00000080 BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0 ¼.>þ}Uªt..~..tÈ.
0x00000090 B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56 ·.ë©.ü.W.õË¿...V
0x000000A0 00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC .´.Í.r#.Á$?..Þ.ü
0x000000B0 43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56 C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0 0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C .w#r.9F.s.¸..».|
0x000000D0 8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A .N..V.Í.sQOtN2ä.
0x000000E0 56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD V.Í.ëä.V.`»ªU´AÍ
0x000000F0 13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60 .r6.ûUªu0öÁ.t+a`
0x00000100 6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A j.j..v..v.j.h.|j
0x00000110 01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B .j.´B.ôÍ.aas.Ot.
0x00000120 32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C 2ä.V.Í.ëÖaùÃNepl
0x00000130 61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64 atn. tabulka odd
0x00000140 A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61 ¡l..Chyba pýi na
0x00000150 9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68 .¡t.n¡ opera.n¡h
0x00000160 6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F o syst.mu.Opera.
0x00000170 6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65 n¡ syst.m nenale
0x00000180 7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00 zen.............
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 6A B9 90 BF 87 00 00 80 01 .....,Dj¹.¿.....
0x000001C0 01 00 07 FE FF FF 3F 00 00 00 82 E4 50 09 00 00 ...þ..?....äP...
0x000001D0 C1 FF 05 FE FF FF C1 E4 50 09 00 75 1F 6B 00 00 Á..þ..ÁäP..u.k..
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
_______MBR \Device\Harddisk1\DR1
0x00000000 33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C 3À.м.|ûP.P.ü¾.|
0x00000010 BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04 ¿..PW¹å.ó¤Ë½¾.±.
0x00000020 38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5 8n.|.u..Å.âôÍ..õ
0x00000030 83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B .Æ.It.8,tö.µ.´..
0x00000040 F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88 ð¬<.tü»..´.Í.ëò.
0x00000050 4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B N.èF.s*þF..~..t.
0x00000060 80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83 .~..t..¶.uÒ.F...
0x00000070 46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB F...V..è!.s..¶.ë
0x00000080 BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0 ¼.>þ}Uªt..~..tÈ.
0x00000090 B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56 ·.ë©.ü.W.õË¿...V
0x000000A0 00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC .´.Í.r#.Á$?..Þ.ü
0x000000B0 43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56 C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0 0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C .w#r.9F.s.¸..».|
0x000000D0 8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A .N..V.Í.sQOtN2ä.
0x000000E0 56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD V.Í.ëä.V.`»ªU´AÍ
0x000000F0 13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60 .r6.ûUªu0öÁ.t+a`
0x00000100 6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A j.j..v..v.j.h.|j
0x00000110 01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B .j.´B.ôÍ.aas.Ot.
0x00000120 32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C 2ä.V.Í.ëÖaùÃNepl
0x00000130 61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64 atn. tabulka odd
0x00000140 A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61 ¡l..Chyba pýi na
0x00000150 9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68 .¡t.n¡ opera.n¡h
0x00000160 6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F o syst.mu.Opera.
0x00000170 6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65 n¡ syst.m nenale
0x00000180 7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00 zen.............
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 6A C7 F9 C7 F9 00 00 00 00 .....,DjÇùÇù....
0x000001C0 01 01 0F FE FF FF C1 3E 00 00 80 7C FC 06 00 00 ...þ..Á>...|ü...
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
Přispějete na provoz fóra?