Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Zpráva

misak35 · #1 Příspěvek od **misak35** » 03 bře 2014 12:35

Zdravím, dneska mi zamrzlo PC a naběhla modrá obrazovka....nechal jsem proběhnout kontrolu, restartoval PC, projel Ccleanrem a pokračoval v práci...asi po 2 hodinách zamzlo znovu, ale už jen na pár sekund. Prosím o kontrolu logu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Metrix at 2014-03-03 12:37:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 147 GB (31%) free of 477 GB
Total RAM: 3063 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:37:59, on 3.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\TeamViewer\Version9\tv_w32.exe
C:\Program Files\ControlCenter4\BrCtrlCntr.exe
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Clip2Net\clip2net.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Documents and Settings\Metrix\Data aplikací\uTorrent\uTorrent.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Viber\Viber.exe
C:\Program Files\ControlCenter4\BrCcUxSys.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
C:\Documents and Settings\Metrix\Data aplikací\Dropbox\bin\Dropbox.exe
C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\FreeCommander\FreeCommander.exe
C:\Program Files\Opera\19.0.1326.63\opera.exe
C:\Program Files\Opera\19.0.1326.63\opera_crashreporter.exe
C:\Program Files\Opera\19.0.1326.63\opera.exe
C:\Program Files\Opera\19.0.1326.63\opera.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Opera\19.0.1326.63\opera.exe
C:\Program Files\Opera\19.0.1326.63\opera.exe
C:\Program Files\Opera\19.0.1326.63\opera.exe
C:\Program Files\Opera\19.0.1326.63\opera.exe
C:\Program Files\Opera\19.0.1326.63\opera.exe
C:\Documents and Settings\Metrix\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Metrix.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://smart-homepage.blogspot.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunOnce: [20131224] C:\Program Files\Alwil Software\Avast5\setup\emupdate\6802e02c-b1f6-498a-aa2d-3923450ed90d.exe /check
O4 - HKCU\..\Run: [Clip2Net] C:\Program Files\Clip2Net\clip2net.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Metrix\Data aplikací\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VirtualDiskAutomount] rundll32 "C:\Program Files\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx",MountAfterReboot
O4 - HKCU\..\Run: [Viber] "C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: Facebook Messenger.lnk = ?
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O15 - Trusted Zone: www.ceskatelevize.cz
O15 - Trusted Zone: http://www.ceskatelevize.cz
O15 - Trusted Zone: www.ivysilani.cz
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Metrix\Dokumenty\Obrázky\Dominička\Nová složka (2) 2\Snímek 086.jpg

--
End of file - 9568 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Apps Hat-codedownloader.job
C:\WINDOWS\tasks\Apps Hat-firefoxinstaller.job
C:\WINDOWS\tasks\Apps Hat-updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1390067357-725345543-842925246-1004Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1390067357-725345543-842925246-1004UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-725345543-842925246-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-725345543-842925246-1004UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{CDD8B6CC-8954-4561-B99B-ADF2001FE0BD}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Metrix\Data aplikací\Mozilla\Firefox\Profiles\g8k047gs.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://smart-homepage.blogspot.com"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.6.0.10, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.21"
prefs.js - "keyword.URL" - "http://www.google.com/cse?cx=partner-pu ... pot.com&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Metrix\Data aplikací\Mozilla\Firefox\Profiles\g8k047gs.default\extensions\
39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
{20a82645-c095-46ed-80e3-08825760534b}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-02-10 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-02-10 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-02-10 3767096]
"ControlCenter4"=C:\Program Files\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]
"BrStsMon00"=C:\Program Files\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-02-19 1089536]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"20131224"=C:\Program Files\Alwil Software\Avast5\setup\emupdate\6802e02c-b1f6-498a-aa2d-3923450ed90d.exe [2014-03-03 181136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Clip2Net"=C:\Program Files\Clip2Net\clip2net.exe [2009-10-08 1635328]
"uTorrent"=C:\Documents and Settings\Metrix\Data aplikací\uTorrent\uTorrent.exe [2014-02-11 905296]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2012-12-29 2587136]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2014-01-30 21822128]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"VirtualDiskAutomount"=rundll32 C:\Program Files\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx,MountAfterReboot []
"Viber"=C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Viber\Viber.exe [2013-12-02 936456]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]
"Facebook Update"=C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2014-01-28 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11]
C:\Program Files\Cobian Backup 11\Cobian.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Documents and Settings\Metrix\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Documents and Settings\Metrix\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2014-01-28 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry]
C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_12_0_0_43_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-08-23 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-06-07 844168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe [2013-04-23 1561968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
C:\Program Files\Mobogenie\DaemonProcess.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\network_tokenads_1]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive]
C:\Documents and Settings\Metrix\Data aplikací\newnext.me\nengine.dll [2013-11-14 1283584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RDReminder]
C:\Program Files\RegClean Pro\RegCleanPro.exe -rem []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer]
C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2013-07-22 2054776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualDiskAutomount]
rundll32 C:\Program Files\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx,MountAfterReboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XWidget]
C:\Program Files\XWidget\xwidget.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cobian Backup 11 - Uživatelské rozhraní.lnk]
C:\PROGRA~1\Cobian Backup 11\cbInterface.exe [2012-06-29 4407808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\38A0D1~1.130\SSSCHE~1.EXE [2013-09-06 273296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^hjhpfbbyfvxqbcafcrx.lnk]
C:\DOCUME~1\Metrix\LOCALS~1\Temp\xrcfacbqxvfybbfphjh.bfg,OKL00 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^icjxwynjyucbjxaeons.lnk]
C:\WINDOWS\system32\rundll32.exe [2008-04-14 33280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^Mozilla Thunderbird.lnk]
C:\PROGRA~1\MOZILL~2\THUNDE~1.EXE [2014-02-05 390256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^MyPhoneExplorer.lnk]
C:\PROGRA~1\MYPHON~1\MYPHON~1.EXE [2013-08-26 5127896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^RocketDock.lnk]
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^XWidget.lnk]
C:\Program Files\XWidget\xwidget.exe []

C:\Documents and Settings\Metrix\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\Metrix\Data aplikací\Dropbox\bin\Dropbox.exe
Facebook Messenger.lnk - C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe"="C:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe:*:Enabled:BRAdmin Light"
"C:\Program Files\Brother\Brmfl08g\FAXRX.exe"="C:\Program Files\Brother\Brmfl08g\FAXRX.exe:*:Enabled:FAXRX.EXE"
"C:\Program Files\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe"="C:\Program Files\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe:*:Enabled:Product Key Explorer"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\TC UP\TOTALCMD.EXE"="C:\Program Files\TC UP\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Bentley\Program\MicroStation\ustation.exe"="C:\Program Files\Bentley\Program\MicroStation\ustation.exe:*:Enabled:MicroStation for Windows x86"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\IM\IM.exe"="C:\Program Files\IM\IM.exe:*:Enabled:IM"
"C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe"="C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe:*:Enabled:MyPhoneExplorer"
"C:\Program Files\Cobian Backup 11\cbRemoteManager.exe"="C:\Program Files\Cobian Backup 11\cbRemoteManager.exe:*:Enabled:Cobian Backup 11, Gravity, Remote Manager"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Documents and Settings\Metrix\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Metrix\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\FIFA 13\Game\fifa13.exe"="C:\Program Files\FIFA 13\Game\fifa13.exe:*:Enabled:FIFA 13"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Brother\Brmfl10g\FAXRX.exe"="C:\Program Files\Brother\Brmfl10g\FAXRX.exe:*:Enabled:FAXRX.EXE"
"C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Viber\Viber.exe"="C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Viber\Viber.exe:*:Enabled:Viber"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Metrix\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Metrix\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\GameforgeLive\gfl_client.exe"="C:\Program Files\GameforgeLive\gfl_client.exe:*:Enabled:Gameforge Live"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Viber\Viber.exe"="C:\Documents and Settings\Metrix\Local Settings\Data aplikací\Viber\Viber.exe:*:Enabled:Viber"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll

======List of files/folders created in the last 1 month======

2014-02-26 12:55:13 ----D---- C:\Program Files\GameforgeLive
2014-02-19 10:00:09 ----D---- C:\Program Files\LibreOffice 4
2014-02-13 03:18:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-02-12 13:37:44 ----D---- C:\Program Files\Apps Hat
2014-02-12 13:37:04 ----D---- C:\Program Files\SmartTweak
2014-02-12 13:37:00 ----D---- C:\Program Files\Seznam.cz
2014-02-12 13:35:33 ----D---- C:\Documents and Settings\Metrix\Data aplikací\Seznam.cz
2014-02-12 13:33:57 ----D---- C:\Documents and Settings\Metrix\Data aplikací\newnext.me
2014-02-12 13:33:18 ----A---- C:\WINDOWS\unins000.exe
2014-02-12 13:33:18 ----A---- C:\WINDOWS\unins000.dat
2014-02-05 14:57:30 ----D---- C:\Program Files\Mozilla Thunderbird
2014-02-05 09:42:17 ----D---- C:\Program Files\PdfMerge

======List of files/folders modified in the last 1 month======

2014-03-03 12:37:48 ----D---- C:\WINDOWS\Prefetch
2014-03-03 12:37:44 ----D---- C:\Program Files\trend micro
2014-03-03 12:37:23 ----D---- C:\Documents and Settings\Metrix\Data aplikací\uTorrent
2014-03-03 12:36:24 ----D---- C:\VKM5
2014-03-03 12:36:22 ----D---- C:\VKMN
2014-03-03 12:25:48 ----D---- C:\WINDOWS\Temp
2014-03-03 12:06:08 ----D---- C:\Documents and Settings\Metrix\Data aplikací\Skype
2014-03-03 10:54:51 ----D---- C:\Program Files\Defraggler
2014-03-03 10:50:39 ----D---- C:\WINDOWS\Minidump
2014-03-03 10:50:39 ----D---- C:\WINDOWS\Debug
2014-03-03 10:50:39 ----D---- C:\WINDOWS
2014-03-03 10:45:02 ----D---- C:\Program Files\CCleaner
2014-03-03 09:52:03 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-03 09:51:58 ----D---- C:\Documents and Settings\Metrix\Data aplikací\Dropbox
2014-03-03 09:51:21 ----RD---- C:\Disk Google
2014-03-03 09:50:37 ----D---- C:\Documents and Settings\Metrix\Data aplikací\ViberPC
2014-03-03 09:50:00 ----D---- C:\Program Files\SpeedFan
2014-03-03 09:49:14 ----D---- C:\Scan
2014-03-03 09:47:03 ----SHD---- C:\Config.Msi
2014-03-03 01:23:06 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-02-26 12:55:35 ----SHD---- C:\WINDOWS\Installer
2014-02-26 12:55:13 ----RD---- C:\Program Files
2014-02-26 11:14:15 ----D---- C:\_pracovní
2014-02-24 09:37:28 ----D---- C:\Documents and Settings\Metrix\Data aplikací\MyPhoneExplorer
2014-02-23 19:19:04 ----HD---- C:\WINDOWS\inf
2014-02-23 19:19:02 ----D---- C:\WINDOWS\system32\drivers
2014-02-23 19:18:56 ----D---- C:\WINDOWS\system32\CatRoot2
2014-02-21 10:18:36 ----D---- C:\WINDOWS\system32
2014-02-19 10:02:41 ----RSD---- C:\WINDOWS\assembly
2014-02-19 10:01:15 ----RSD---- C:\WINDOWS\Fonts
2014-02-19 09:58:59 ----D---- C:\Program Files\LibreOffice 4.0
2014-02-18 11:14:03 ----D---- C:\Pošta
2014-02-13 13:19:28 ----D---- C:\Program Files\Opera
2014-02-13 03:19:36 ----D---- C:\WINDOWS\Microsoft.NET
2014-02-13 03:18:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-02-13 03:15:49 ----D---- C:\WINDOWS\WinSxS
2014-02-13 03:14:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-13 03:08:03 ----D---- C:\WINDOWS\system32\MRT
2014-02-13 03:07:57 ----A---- C:\WINDOWS\system32\MRT.exe
2014-02-13 03:04:23 ----D---- C:\Program Files\Internet Explorer
2014-02-13 03:04:09 ----D---- C:\WINDOWS\ie8updates
2014-02-12 13:38:55 ----SD---- C:\WINDOWS\Tasks
2014-02-12 10:57:21 ----D---- C:\_0_Texty
2014-02-11 08:54:58 ----D---- C:\Program Files\uTorrent
2014-02-10 16:00:02 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-02-10 15:09:28 ----D---- C:\pomoc
2014-02-10 14:20:49 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-02-06 11:38:22 ----D---- C:\Program Files\ProFact 3.0 Free
2014-02-06 04:38:36 ----A---- C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\url.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\occache.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08:33 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\corpol.dll
2014-02-05 23:24:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2014-02-05 11:12:47 ----D---- C:\WINDOWS\pss
2014-02-05 09:38:52 ----D---- C:\Program Files\PDFCreator

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-11-27 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-12-30 180248]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2009-10-25 16384]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-08-07 21035]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2009-06-26 1656960]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-10-05 7655872]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2009-08-21 57248]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol); C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS [2005-12-27 33792]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2013-10-17 25088]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-11-25 1617408]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2013-04-03 32064]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 BrSerIb;Brother Serial Interface Driver(WDM); C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [2012-07-31 78960]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\WINDOWS\System32\Drivers\BrSerIf.sys [2006-12-12 52224]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [2006-09-03 11904]
S3 BrUsbSIb;Brother Serial USB Driver(WDM); C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [2012-06-22 18800]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-04-03 83864]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-10-31 20032]
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2008-12-02 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-04-22 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-08-30 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTLWUSB;11g Wireless USB Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-07-04 178048]
S3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-05-07 10343168]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2013-04-03 136904]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2013-04-03 17864]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2013-04-03 153672]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2013-04-03 130248]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-04-03 181912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-02-10 50344]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2013-04-18 233472]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-08-10 75136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [2012-06-05 266240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-17 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-03 257928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-08-07 79360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-17 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-05 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2010-08-07 79360]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **JaRon** » 03 bře 2014 14:11

ahoj,
no ciste to nie je ,,, v nudzovom rezime vykonaj:
stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim

akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)

misak35 · #3 Příspěvek od **misak35** » 04 bře 2014 09:20

ComboFix 14-03-03.02 - Administrator 04.03.2014 9:15.2.4 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3063.2630 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Metrix\6872061.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-04 do 2014-03-04 )))))))))))))))))))))))))))))))
.
.
2014-03-04 08:01 . 2014-03-04 08:01 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Opera Software
2014-03-04 08:01 . 2014-03-04 08:01 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Opera Software
2014-03-04 08:00 . 2014-03-04 08:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google
2014-02-26 11:55 . 2014-02-26 11:55 -------- d-----w- c:\program files\GameforgeLive
2014-02-19 09:00 . 2014-02-19 09:02 -------- d-----w- c:\program files\LibreOffice 4
2014-02-12 12:37 . 2014-02-12 12:38 -------- d-----w- c:\program files\Apps Hat
2014-02-12 12:37 . 2014-02-12 12:43 -------- d-----w- c:\program files\SmartTweak
2014-02-12 12:37 . 2014-02-12 12:37 -------- d-----w- c:\program files\Seznam.cz
2014-02-12 12:33 . 2014-02-12 12:33 718497 ----a-w- c:\windows\unins000.exe
2014-02-10 13:26 . 2014-02-10 13:26 -------- d-----w- c:\documents and settings\Metrix\.thumbnails
2014-02-05 13:57 . 2014-02-06 14:39 -------- d-----w- c:\program files\Mozilla Thunderbird
2014-02-05 08:42 . 2014-02-05 08:42 -------- d-----w- c:\program files\PdfMerge
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-03 08:52 . 2012-04-12 05:54 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-03 08:52 . 2011-05-17 06:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-10 13:21 . 2013-03-14 10:35 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-02-10 13:20 . 2011-05-22 09:40 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-10 13:20 . 2010-08-07 09:00 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-10 13:20 . 2010-08-07 09:00 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-02-10 13:20 . 2010-08-07 09:00 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-02-10 13:20 . 2010-08-07 09:00 43152 ----a-w- c:\windows\avastSS.scr
2014-02-10 13:20 . 2010-08-07 09:00 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-06 03:38 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2014-02-05 23:08 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-05 23:08 . 2008-04-14 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-05 23:08 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-05 22:24 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2014-01-24 12:13 . 2014-01-24 12:13 22688 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2014-01-04 03:12 . 2008-04-14 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-30 07:59 . 2013-03-14 10:35 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-18 20:10 . 2014-01-20 07:43 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-18 19:46 . 2011-03-22 16:22 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-12-05 11:26 . 2008-04-14 12:00 1172992 ----a-w- c:\windows\system32\msxml3.dll
2013-04-04 07:28 . 2011-09-13 08:51 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 22:10 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-10 13:20 259464 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0MegaCloudNormal]
@="{03FB4211-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4211-3964-44E8-97D7-A2FA49CF5576}]
2012-08-31 12:45 242864 ----a-w- c:\documents and settings\Metrix\Data aplikací\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MegaCloudModified]
@="{03FB4212-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4212-3964-44E8-97D7-A2FA49CF5576}]
2012-08-31 12:45 242864 ----a-w- c:\documents and settings\Metrix\Data aplikací\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2MeagCloudError]
@="{03FB4213-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4213-3964-44E8-97D7-A2FA49CF5576}]
2012-08-31 12:45 242864 ----a-w- c:\documents and settings\Metrix\Data aplikací\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-02-10 3767096]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2012-09-06 143360]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2012-06-06 3076096]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cobian Backup 11 - Uživatelské rozhraní.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Cobian Backup 11 - Uživatelské rozhraní.lnk
backup=c:\windows\pss\Cobian Backup 11 - Uživatelské rozhraní.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^hjhpfbbyfvxqbcafcrx.lnk]
path=c:\documents and settings\Metrix\Nabídka Start\Programy\Po spuštění\hjhpfbbyfvxqbcafcrx.lnk
backup=c:\windows\pss\hjhpfbbyfvxqbcafcrx.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^icjxwynjyucbjxaeons.lnk]
path=c:\documents and settings\Metrix\Nabídka Start\Programy\Po spuštění\icjxwynjyucbjxaeons.lnk
backup=c:\windows\pss\icjxwynjyucbjxaeons.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^Mozilla Thunderbird.lnk]
path=c:\documents and settings\Metrix\Nabídka Start\Programy\Po spuštění\Mozilla Thunderbird.lnk
backup=c:\windows\pss\Mozilla Thunderbird.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^MyPhoneExplorer.lnk]
path=c:\documents and settings\Metrix\Nabídka Start\Programy\Po spuštění\MyPhoneExplorer.lnk
backup=c:\windows\pss\MyPhoneExplorer.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^RocketDock.lnk]
path=c:\documents and settings\Metrix\Nabídka Start\Programy\Po spuštění\RocketDock.lnk
backup=c:\windows\pss\RocketDock.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^XWidget.lnk]
path=c:\documents and settings\Metrix\Nabídka Start\Programy\Po spuštění\XWidget.lnk
backup=c:\windows\pss\XWidget.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 12:00 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
2013-05-16 13:25 1062472 ----a-w- c:\documents and settings\Metrix\Data aplikací\Seznam.cz\szninstall.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
2013-04-12 08:10 92664 ----a-w- c:\documents and settings\Metrix\Data aplikací\Seznam.cz\bin\wszndesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2014-01-28 11:47 138096 ----atw- c:\documents and settings\Metrix\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-23 08:38 136176 ----atw- c:\documents and settings\Metrix\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2013-06-07 10:43 844168 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-04-23 04:48 1561968 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive]
2013-11-14 02:53 1283584 ----a-w- c:\documents and settings\Metrix\Data aplikací\newnext.me\nengine.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-09-27 16:19 13918208 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
2013-05-16 13:25 1062472 ----a-w- c:\program files\Seznam.cz\distribution\szninstall.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-14 15:42 20584608 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer]
2013-07-22 12:34 2054776 ----a-w- c:\program files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualDiskAutomount]
2009-08-24 18:43 139264 ----a-w- c:\program files\TC UP\PLUGINS\wfx\VirtualDisk\VirtualDisk.wfx
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Brother\\BRAdmin Light\\BRAdmLight.exe"=
"c:\\Program Files\\Brother\\Brmfl08g\\FAXRX.exe"=
"c:\\Program Files\\Nsasoft\\ProductKeyExplorer\\ProductKeyExplorer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\TC UP\\TOTALCMD.EXE"=
"c:\\Program Files\\Bentley\\Program\\MicroStation\\ustation.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\IM\\IM.exe"=
"c:\\Program Files\\MyPhoneExplorer\\MyPhoneExplorer.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Documents and Settings\\Metrix\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Brother\\Brmfl10g\\FAXRX.exe"=
"c:\\Documents and Settings\\Metrix\\Local Settings\\Data aplikací\\Viber\\Viber.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Metrix\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
"c:\\Program Files\\GameforgeLive\\gfl_client.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"54925:UDP"= 54925:UDP:BrotherNetwork Scanner
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [7.8.2010 17:08 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [7.8.2010 17:08 5248]
R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [30.9.2011 8:08 33792]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [1.5.2011 11:17 25088]
S0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [14.3.2013 11:35 49944]
S0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [14.3.2013 11:35 180248]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [22.5.2011 10:40 775952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.8.2010 10:00 410784]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [24.1.2014 13:13 22688]
S1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [25.10.2009 17:30 16384]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [14.3.2013 11:35 67824]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [7.6.2013 11:23 233472]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [10.2.2014 16:05 4915040]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [7.8.2010 9:01 1656960]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [10.6.2013 5:24 32064]
S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [17.12.2013 7:52 78960]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [17.12.2013 7:52 18800]
S3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [17.12.2013 7:56 266240]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [7.8.2010 9:04 79360]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [10.6.2013 5:33 83864]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [18.11.2011 14:02 20032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [7.6.2013 11:23 37344]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [6.9.2013 18:29 235216]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [14.6.2012 18:41 137600]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [30.8.2010 7:12 47360]
S3 RTLWUSB;11g Wireless USB Adapter;c:\windows\system32\drivers\RTL8187.sys [7.8.2010 19:47 178048]
S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [21.3.2011 21:17 10343168]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [7.8.2010 9:04 79360]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [10.6.2013 5:24 136904]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [10.6.2013 5:24 17864]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [10.6.2013 5:24 153672]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [10.6.2013 5:24 130248]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [10.6.2013 5:33 181912]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [7.8.2010 9:01 1617408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 05:54 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 08:52]
.
2014-02-12 c:\windows\Tasks\Apps Hat-codedownloader.job
- c:\program files\Apps Hat\Apps Hat-codedownloader.exe [2014-02-12 12:38]
.
2014-02-12 c:\windows\Tasks\Apps Hat-firefoxinstaller.job
- c:\program files\Apps Hat\Apps Hat-firefoxinstaller.exe [2014-02-12 12:37]
.
2014-02-12 c:\windows\Tasks\Apps Hat-updater.job
- c:\program files\Apps Hat\Apps Hat-updater.exe [2014-02-12 12:38]
.
2014-02-12 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-17 13:20]
.
2014-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-17 09:33]
.
2014-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-17 09:33]
.
2014-03-04 c:\windows\Tasks\User_Feed_Synchronization-{CDD8B6CC-8954-4561-B99B-ADF2001FE0BD}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-Cobian Backup 11 - c:\program files\Cobian Backup 11\Cobian.exe
MSConfigStartUp-FixMyRegistry - c:\program files\SmartTweak\FixMyRegistry\FixMyRegistry.exe
MSConfigStartUp-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil32_12_0_0_43_Plugin.exe
MSConfigStartUp-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
MSConfigStartUp-RDReminder - c:\program files\RegClean Pro\RegCleanPro.exe
MSConfigStartUp-XWidget - c:\program files\XWidget\xwidget.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-04 09:23
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-03-04 09:24:18
ComboFix-quarantined-files.txt 2014-03-04 08:24
ComboFix2.txt 2012-12-20 10:28
.
Před spuštěním: Volných bajtů: 153 806 462 976
Po spuštění: Volných bajtů: 153 878 863 872
.
- - End Of File - - 0780C6D8EFB15B0A16BF64ACDB8FB634
413FC2A0C716421B3158746D63736515

#4 Příspěvek od **JaRon** » 04 bře 2014 09:26

vyhladaj a ZMAZ subory vyskytujuce sa v uvedenych riadkoch:
[HKLM\~\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^hjhpfbbyfvxqbcafcrx.lnk]
path=c:\documents and settings\Metrix\Nabídka Start\Programy\Po spuštění\hjhpfbbyfvxqbcafcrx.lnk
backup=c:\windows\pss\hjhpfbbyfvxqbcafcrx.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Metrix^Nabídka Start^Programy^Po spuštění^icjxwynjyucbjxaeons.lnk]
path=c:\documents and settings\Metrix\Nabídka Start\Programy\Po spuštění\icjxwynjyucbjxaeons.lnk
backup=c:\windows\pss\icjxwynjyucbjxaeons.lnkStartup.

+ restart a vloz log z TDSSKiller

misak35 · #5 Příspěvek od **misak35** » 04 bře 2014 09:52

09:56:03.0984 5292 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:56:05.0515 5292 ============================================================
09:56:05.0515 5292 Current date / time: 2014/03/04 09:56:05.0515
09:56:05.0515 5292 SystemInfo:
09:56:05.0515 5292
09:56:05.0515 5292 OS Version: 5.1.2600 ServicePack: 3.0
09:56:05.0515 5292 Product type: Workstation
09:56:05.0515 5292 ComputerName: MICHAL
09:56:05.0515 5292 UserName: Metrix
09:56:05.0515 5292 Windows directory: C:\WINDOWS
09:56:05.0515 5292 System windows directory: C:\WINDOWS
09:56:05.0515 5292 Processor architecture: Intel x86
09:56:05.0515 5292 Number of processors: 4
09:56:05.0515 5292 Page size: 0x1000
09:56:05.0515 5292 Boot type: Normal boot
09:56:05.0515 5292 ============================================================
09:56:07.0234 5292 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:56:07.0250 5292 ============================================================
09:56:07.0250 5292 \Device\Harddisk0\DR0:
09:56:07.0250 5292 MBR partitions:
09:56:07.0250 5292 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
09:56:07.0250 5292 ============================================================
09:56:07.0328 5292 C: <-> \Device\Harddisk0\DR0\Partition1
09:56:07.0593 5292 ============================================================
09:56:07.0593 5292 Initialize success
09:56:07.0593 5292 ============================================================
09:56:14.0546 3928 ============================================================
09:56:14.0546 3928 Scan started
09:56:14.0546 3928 Mode: Manual;
09:56:14.0546 3928 ============================================================
09:56:15.0625 3928 ================ Scan system memory ========================
09:56:15.0625 3928 System memory - ok
09:56:15.0625 3928 ================ Scan services =============================
09:56:15.0968 3928 [ 1F61CACACB521215F39061789147968C ] a347bus C:\WINDOWS\system32\DRIVERS\a347bus.sys
09:56:15.0968 3928 a347bus - ok
09:56:15.0984 3928 [ 113E4B318BBAA7483CA4E582A4D63F49 ] a347scsi C:\WINDOWS\system32\Drivers\a347scsi.sys
09:56:15.0984 3928 a347scsi - ok
09:56:15.0984 3928 Abiosdsk - ok
09:56:15.0984 3928 abp480n5 - ok
09:56:16.0015 3928 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:56:16.0015 3928 ACPI - ok
09:56:16.0062 3928 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:56:16.0062 3928 ACPIEC - ok
09:56:16.0156 3928 [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:56:16.0171 3928 AdobeFlashPlayerUpdateSvc - ok
09:56:16.0171 3928 adpu160m - ok
09:56:16.0218 3928 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:56:16.0234 3928 aec - ok
09:56:16.0281 3928 [ 30BB1BDE595CA65FD5549462080D94E5 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:56:16.0281 3928 AegisP - ok
09:56:16.0343 3928 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:56:16.0343 3928 AFD - ok
09:56:16.0343 3928 Aha154x - ok
09:56:16.0343 3928 aic78u2 - ok
09:56:16.0343 3928 aic78xx - ok
09:56:16.0375 3928 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:56:16.0390 3928 Alerter - ok
09:56:16.0390 3928 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
09:56:16.0390 3928 ALG - ok
09:56:16.0406 3928 AliIde - ok
09:56:16.0453 3928 [ 57221EF8A056B5FB47CDDA3BA28DD377 ] AMBFilt C:\WINDOWS\system32\drivers\AMBFilt.sys
09:56:16.0515 3928 AMBFilt - ok
09:56:16.0515 3928 amsint - ok
09:56:16.0562 3928 [ 2F8616646215EEDB28C2E40994DB8E38 ] androidusb C:\WINDOWS\system32\Drivers\ssadadb.sys
09:56:16.0562 3928 androidusb - ok
09:56:16.0578 3928 AppMgmt - ok
09:56:16.0578 3928 asc - ok
09:56:16.0578 3928 asc3350p - ok
09:56:16.0578 3928 asc3550 - ok
09:56:16.0703 3928 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:56:16.0703 3928 aspnet_state - ok
09:56:16.0750 3928 [ 7021F01CCAC1538CCF9AE004723AF033 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
09:56:16.0750 3928 aswMonFlt - ok
09:56:16.0796 3928 [ 98C18C78B0C3E7EFBDDA7BD0C35F5903 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
09:56:16.0796 3928 aswRdr - ok
09:56:16.0843 3928 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
09:56:16.0843 3928 aswRvrt - ok
09:56:17.0000 3928 [ 8CD8710457FCC1CDE88CBFA3AA119B92 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
09:56:17.0000 3928 aswSnx - ok
09:56:17.0046 3928 [ C1F95C9481F46B96E23A276639C55AC9 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
09:56:17.0046 3928 aswSP - ok
09:56:17.0062 3928 [ E6390554DCB2A730702188547267093C ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
09:56:17.0062 3928 aswTdi - ok
09:56:17.0078 3928 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
09:56:17.0093 3928 aswVmm - ok
09:56:17.0125 3928 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:56:17.0125 3928 AsyncMac - ok
09:56:17.0171 3928 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:56:17.0171 3928 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9F3A2F5AA6875C72BF062C712CFA2674
09:56:17.0171 3928 atapi ( LockedFile.Multi.Generic ) - warning
09:56:17.0171 3928 atapi - detected LockedFile.Multi.Generic (1)
09:56:17.0171 3928 Atdisk - ok
09:56:17.0218 3928 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:56:17.0234 3928 Atmarpc - ok
09:56:17.0250 3928 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:56:17.0281 3928 AudioSrv - ok
09:56:17.0359 3928 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:56:17.0375 3928 audstub - ok
09:56:17.0515 3928 [ CC42F104172B4A62793083D380867317 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:56:17.0546 3928 avast! Antivirus - ok
09:56:17.0578 3928 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:56:17.0593 3928 Beep - ok
09:56:17.0687 3928 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
09:56:17.0750 3928 BITS - ok
09:56:17.0796 3928 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
09:56:17.0812 3928 Browser - ok
09:56:17.0843 3928 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
09:56:17.0843 3928 BrScnUsb - ok
09:56:17.0906 3928 [ 7FDC0A90C231874253C0F4AC4343E288 ] BrSerIb C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
09:56:17.0937 3928 BrSerIb - ok
09:56:17.0953 3928 [ 1A5FC78E41840EDF79D65EC16EFF2787 ] BrSerIf C:\WINDOWS\system32\Drivers\BrSerIf.sys
09:56:17.0953 3928 BrSerIf - ok
09:56:17.0968 3928 [ A24C7B39602218F8DBDB2B6704325FC7 ] BrUsbSer C:\WINDOWS\system32\Drivers\BrUsbSer.sys
09:56:17.0968 3928 BrUsbSer - ok
09:56:17.0968 3928 [ F5390255C73F8CB4995BDC687555FD19 ] BrUsbSIb C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
09:56:17.0984 3928 BrUsbSIb - ok
09:56:18.0046 3928 [ DB109DA005B6FE2A350C5DD7CA768DFD ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
09:56:18.0062 3928 BrYNSvc - ok
09:56:18.0093 3928 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
09:56:18.0109 3928 BthEnum - ok
09:56:18.0140 3928 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
09:56:18.0140 3928 BTHMODEM - ok
09:56:18.0171 3928 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
09:56:18.0187 3928 BthPan - ok
09:56:18.0218 3928 [ F338662A6C1FC11DD9508F6DFF2C06A2 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
09:56:18.0234 3928 BTHPORT - ok
09:56:18.0281 3928 [ 70CA4B3F634C9DCA200832F8DA76E009 ] BthServ C:\WINDOWS\System32\bthserv.dll
09:56:18.0281 3928 BthServ - ok
09:56:18.0312 3928 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
09:56:18.0312 3928 BTHUSB - ok
09:56:18.0359 3928 [ 04E1C782CF14B7282EBC633B0FD3ED16 ] Cardex C:\WINDOWS\system32\drivers\TBPANEL.SYS
09:56:18.0359 3928 Cardex - ok
09:56:18.0484 3928 catchme - ok
09:56:18.0546 3928 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:56:18.0546 3928 cbidf2k - ok
09:56:18.0593 3928 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:56:18.0593 3928 CCDECODE - ok
09:56:18.0593 3928 cd20xrnt - ok
09:56:18.0625 3928 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:56:18.0640 3928 Cdaudio - ok
09:56:18.0687 3928 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:56:18.0687 3928 Cdfs - ok
09:56:18.0734 3928 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:56:18.0734 3928 Cdrom - ok
09:56:18.0734 3928 Changer - ok
09:56:18.0765 3928 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:56:18.0781 3928 CiSvc - ok
09:56:18.0796 3928 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:56:18.0812 3928 ClipSrv - ok
09:56:18.0843 3928 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:18.0843 3928 clr_optimization_v2.0.50727_32 - ok
09:56:18.0968 3928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:56:18.0968 3928 clr_optimization_v4.0.30319_32 - ok
09:56:18.0968 3928 CmdIde - ok
09:56:18.0968 3928 COMSysApp - ok
09:56:18.0968 3928 Cpqarray - ok
09:56:19.0046 3928 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:56:19.0062 3928 Creative Audio Engine Licensing Service - ok
09:56:19.0109 3928 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:56:19.0125 3928 CryptSvc - ok
09:56:19.0187 3928 [ F054744F67576A01139885173392502B ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfo.sys
09:56:19.0187 3928 CrystalSysInfo - ok
09:56:19.0265 3928 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
09:56:19.0296 3928 CTAudSvcService - ok
09:56:19.0296 3928 dac2w2k - ok
09:56:19.0296 3928 dac960nt - ok
09:56:19.0359 3928 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:56:19.0375 3928 DcomLaunch - ok
09:56:19.0421 3928 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
09:56:19.0421 3928 dgderdrv - ok
09:56:19.0484 3928 [ B575C523F537F24D66D31F8877E6BCAB ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
09:56:19.0500 3928 dg_ssudbus - ok
09:56:19.0546 3928 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:56:19.0562 3928 Dhcp - ok
09:56:19.0562 3928 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:56:19.0578 3928 Disk - ok
09:56:19.0578 3928 dmadmin - ok
09:56:19.0625 3928 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:56:19.0656 3928 dmboot - ok
09:56:19.0656 3928 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:56:19.0656 3928 dmio - ok
09:56:19.0703 3928 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:56:19.0718 3928 dmload - ok
09:56:19.0734 3928 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:56:19.0750 3928 dmserver - ok
09:56:19.0781 3928 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:56:19.0781 3928 DMusic - ok
09:56:19.0828 3928 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:56:19.0828 3928 Dnscache - ok
09:56:19.0875 3928 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:56:19.0906 3928 Dot3svc - ok
09:56:19.0906 3928 dpti2o - ok
09:56:19.0937 3928 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:56:19.0953 3928 drmkaud - ok
09:56:19.0968 3928 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:56:19.0984 3928 EapHost - ok
09:56:20.0015 3928 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:56:20.0015 3928 ERSvc - ok
09:56:20.0078 3928 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
09:56:20.0109 3928 Eventlog - ok
09:56:20.0125 3928 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
09:56:20.0140 3928 EventSystem - ok
09:56:20.0203 3928 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:56:20.0234 3928 Fastfat - ok
09:56:20.0296 3928 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:56:20.0312 3928 FastUserSwitchingCompatibility - ok
09:56:20.0328 3928 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:56:20.0343 3928 Fdc - ok
09:56:20.0375 3928 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:56:20.0375 3928 Fips - ok
09:56:20.0390 3928 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:56:20.0406 3928 Flpydisk - ok
09:56:20.0437 3928 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:56:20.0453 3928 FltMgr - ok
09:56:20.0515 3928 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:56:20.0515 3928 FontCache3.0.0.0 - ok
09:56:20.0562 3928 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
09:56:20.0578 3928 FsUsbExDisk - ok
09:56:20.0609 3928 [ 0796C1E47ADB9825269E64B9DAB4E741 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
09:56:20.0625 3928 FsUsbExService - ok
09:56:20.0656 3928 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:56:20.0671 3928 Fs_Rec - ok
09:56:20.0718 3928 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:56:20.0718 3928 Ftdisk - ok
09:56:20.0734 3928 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
09:56:20.0750 3928 giveio - ok
09:56:20.0781 3928 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:56:20.0781 3928 Gpc - ok
09:56:20.0859 3928 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:56:20.0859 3928 gupdate - ok
09:56:20.0875 3928 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:56:20.0875 3928 gupdatem - ok
09:56:20.0984 3928 [ C1CC0C9742B881C42F1CC628E6F9EBD1 ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys
09:56:21.0015 3928 Hardlock - ok
09:56:21.0046 3928 [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt C:\WINDOWS\system32\drivers\Haspnt.sys
09:56:21.0046 3928 Haspnt - ok
09:56:21.0093 3928 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:56:21.0093 3928 HDAudBus - ok
09:56:21.0187 3928 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:56:21.0187 3928 helpsvc - ok
09:56:21.0234 3928 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:56:21.0234 3928 HidServ - ok
09:56:21.0281 3928 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:56:21.0281 3928 hidusb - ok
09:56:21.0328 3928 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:56:21.0359 3928 hkmsvc - ok
09:56:21.0359 3928 hpn - ok
09:56:21.0421 3928 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:56:21.0421 3928 HTTP - ok
09:56:21.0437 3928 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:56:21.0453 3928 HTTPFilter - ok
09:56:21.0500 3928 [ 4745A8B2BE115B054F31A86B0E64BB01 ] HWiNFO32 C:\WINDOWS\system32\drivers\HWiNFO32.SYS
09:56:21.0500 3928 HWiNFO32 - ok
09:56:21.0500 3928 i2omgmt - ok
09:56:21.0500 3928 i2omp - ok
09:56:21.0515 3928 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:56:21.0515 3928 i8042prt - ok
09:56:21.0640 3928 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:56:21.0718 3928 idsvc - ok
09:56:21.0750 3928 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:56:21.0750 3928 Imapi - ok
09:56:21.0781 3928 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:56:21.0781 3928 ImapiService - ok
09:56:21.0781 3928 ini910u - ok
09:56:21.0781 3928 IntelIde - ok
09:56:21.0812 3928 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:56:21.0828 3928 intelppm - ok
09:56:21.0843 3928 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:56:21.0859 3928 Ip6Fw - ok
09:56:21.0906 3928 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:56:21.0906 3928 IpFilterDriver - ok
09:56:21.0921 3928 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:56:21.0921 3928 IpInIp - ok
09:56:21.0937 3928 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:56:21.0953 3928 IpNat - ok
09:56:21.0984 3928 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:56:21.0984 3928 IPSec - ok
09:56:22.0031 3928 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
09:56:22.0046 3928 irda - ok
09:56:22.0093 3928 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:56:22.0093 3928 IRENUM - ok
09:56:22.0125 3928 [ 8024EA8C5B2D2A4D201F418B0AADB804 ] Irmon C:\WINDOWS\System32\irmon.dll
09:56:22.0125 3928 Irmon - ok
09:56:22.0140 3928 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
09:56:22.0140 3928 irsir - ok
09:56:22.0187 3928 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:56:22.0187 3928 isapnp - ok
09:56:22.0343 3928 [ B9436A665A8621073A12338B16D7BFD4 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
09:56:22.0359 3928 JavaQuickStarterService - ok
09:56:22.0406 3928 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:56:22.0406 3928 Kbdclass - ok
09:56:22.0453 3928 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:56:22.0453 3928 kbdhid - ok
09:56:22.0468 3928 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:56:22.0468 3928 kmixer - ok
09:56:22.0484 3928 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:56:22.0500 3928 KSecDD - ok
09:56:22.0546 3928 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
09:56:22.0578 3928 LanmanServer - ok
09:56:22.0640 3928 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:56:22.0640 3928 lanmanworkstation - ok
09:56:22.0640 3928 lbrtfdc - ok
09:56:22.0718 3928 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:56:22.0718 3928 LmHosts - ok
09:56:22.0812 3928 [ E4DFBE4C4A9C2BD87C1430F445F3E3CB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
09:56:22.0843 3928 McComponentHostService - ok
09:56:22.0875 3928 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:56:22.0890 3928 Messenger - ok
09:56:22.0906 3928 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:56:22.0921 3928 mnmdd - ok
09:56:22.0953 3928 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:56:22.0968 3928 mnmsrvc - ok
09:56:23.0000 3928 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:56:23.0015 3928 Modem - ok
09:56:23.0234 3928 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] MonFilt C:\WINDOWS\system32\drivers\MonFilt.sys
09:56:23.0484 3928 MonFilt - ok
09:56:23.0515 3928 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:56:23.0546 3928 Mouclass - ok
09:56:23.0578 3928 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:56:23.0609 3928 mouhid - ok
09:56:23.0656 3928 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:56:23.0687 3928 MountMgr - ok
09:56:23.0734 3928 [ C956DFD0C0BC91625EC4193579488054 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:56:23.0765 3928 MozillaMaintenance - ok
09:56:23.0765 3928 mraid35x - ok
09:56:23.0781 3928 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:56:23.0796 3928 MRxDAV - ok
09:56:23.0859 3928 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:56:23.0875 3928 MRxSmb - ok
09:56:23.0890 3928 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:56:23.0906 3928 MSDTC - ok
09:56:23.0921 3928 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:56:23.0921 3928 Msfs - ok
09:56:23.0921 3928 MSIServer - ok
09:56:23.0953 3928 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:56:23.0984 3928 MSKSSRV - ok
09:56:23.0984 3928 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:56:24.0000 3928 MSPCLOCK - ok
09:56:24.0000 3928 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:56:24.0015 3928 MSPQM - ok
09:56:24.0046 3928 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:56:24.0078 3928 mssmbios - ok
09:56:24.0109 3928 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:56:24.0109 3928 MSTEE - ok
09:56:24.0156 3928 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:56:24.0171 3928 Mup - ok
09:56:24.0203 3928 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:56:24.0234 3928 NABTSFEC - ok
09:56:24.0265 3928 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:56:24.0296 3928 napagent - ok
09:56:24.0343 3928 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:56:24.0343 3928 NDIS - ok
09:56:24.0375 3928 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:56:24.0375 3928 NdisIP - ok
09:56:24.0421 3928 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:56:24.0421 3928 NdisTapi - ok
09:56:24.0468 3928 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:56:24.0468 3928 Ndisuio - ok
09:56:24.0500 3928 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:56:24.0500 3928 NdisWan - ok
09:56:24.0546 3928 [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:56:24.0546 3928 NDProxy - ok
09:56:24.0562 3928 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:56:24.0562 3928 NetBIOS - ok
09:56:24.0593 3928 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:56:24.0609 3928 NetBT - ok
09:56:24.0640 3928 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
09:56:24.0656 3928 NetDDE - ok
09:56:24.0671 3928 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:56:24.0671 3928 NetDDEdsdm - ok
09:56:24.0750 3928 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:56:24.0750 3928 Netlogon - ok
09:56:24.0796 3928 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
09:56:24.0812 3928 Netman - ok
09:56:24.0843 3928 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:56:24.0859 3928 NetTcpPortSharing - ok
09:56:24.0890 3928 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
09:56:24.0906 3928 Nla - ok
09:56:24.0937 3928 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
09:56:24.0968 3928 nmwcd - ok
09:56:25.0015 3928 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
09:56:25.0031 3928 nmwcdc - ok
09:56:25.0062 3928 [ 99B224F8026CB534724AA3C408561E45 ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
09:56:25.0062 3928 nmwcdnsu - ok
09:56:25.0109 3928 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:56:25.0109 3928 Npfs - ok
09:56:25.0203 3928 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:56:25.0296 3928 Ntfs - ok
09:56:25.0343 3928 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:56:25.0343 3928 NtLmSsp - ok
09:56:25.0375 3928 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:56:25.0406 3928 NtmsSvc - ok
09:56:25.0437 3928 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:56:25.0453 3928 Null - ok
09:56:25.0875 3928 [ 4C3696C1ED1A36629EBB348BF745A328 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:56:26.0359 3928 nv - ok
09:56:26.0406 3928 [ CF68BCAC297B4C98C1D25B81E4011DE4 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
09:56:26.0406 3928 NVHDA - ok
09:56:26.0484 3928 [ 96F1A6F0A0D4F11047DF2F5C17C87E9D ] nvsvc C:\WINDOWS\system32\nvsvc32.exe
09:56:26.0500 3928 nvsvc - ok
09:56:26.0531 3928 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:56:26.0562 3928 NwlnkFlt - ok
09:56:26.0578 3928 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:56:26.0609 3928 NwlnkFwd - ok
09:56:26.0625 3928 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:56:26.0625 3928 Parport - ok
09:56:26.0703 3928 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:56:26.0703 3928 PartMgr - ok
09:56:26.0750 3928 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:56:26.0765 3928 ParVdm - ok
09:56:26.0796 3928 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:56:26.0796 3928 pccsmcfd - ok
09:56:26.0828 3928 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:56:26.0828 3928 PCI - ok
09:56:26.0828 3928 PCIDump - ok
09:56:26.0843 3928 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:56:26.0859 3928 PCIIde - ok
09:56:26.0890 3928 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:56:26.0921 3928 Pcmcia - ok
09:56:26.0953 3928 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
09:56:26.0968 3928 pcouffin - ok
09:56:26.0968 3928 PDCOMP - ok
09:56:26.0968 3928 PDFRAME - ok
09:56:26.0968 3928 PDRELI - ok
09:56:26.0968 3928 PDRFRAME - ok
09:56:26.0984 3928 perc2 - ok
09:56:26.0984 3928 perc2hib - ok
09:56:27.0015 3928 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
09:56:27.0031 3928 PlugPlay - ok
09:56:27.0078 3928 [ 1713D9DE407313138118D501B0E3C05B ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
09:56:27.0093 3928 PnkBstrA - ok
09:56:27.0125 3928 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:56:27.0125 3928 PolicyAgent - ok
09:56:27.0140 3928 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:56:27.0140 3928 PptpMiniport - ok
09:56:27.0156 3928 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:56:27.0156 3928 ProtectedStorage - ok
09:56:27.0171 3928 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:56:27.0187 3928 PSched - ok
09:56:27.0187 3928 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:56:27.0187 3928 Ptilink - ok
09:56:27.0187 3928 ql1080 - ok
09:56:27.0187 3928 Ql10wnt - ok
09:56:27.0203 3928 ql12160 - ok
09:56:27.0203 3928 ql1240 - ok
09:56:27.0203 3928 ql1280 - ok
09:56:27.0218 3928 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:56:27.0234 3928 RasAcd - ok
09:56:27.0265 3928 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:56:27.0296 3928 RasAuto - ok
09:56:27.0312 3928 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
09:56:27.0312 3928 Rasirda - ok
09:56:27.0328 3928 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:56:27.0328 3928 Rasl2tp - ok
09:56:27.0390 3928 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:56:27.0390 3928 RasMan - ok
09:56:27.0421 3928 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:56:27.0421 3928 RasPppoe - ok
09:56:27.0421 3928 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:56:27.0421 3928 Raspti - ok
09:56:27.0468 3928 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:56:27.0468 3928 Rdbss - ok
09:56:27.0500 3928 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:56:27.0500 3928 RDPCDD - ok
09:56:27.0546 3928 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:56:27.0578 3928 RDPWD - ok
09:56:27.0625 3928 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:56:27.0640 3928 RDSessMgr - ok
09:56:27.0671 3928 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:56:27.0687 3928 redbook - ok
09:56:27.0718 3928 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:56:27.0734 3928 RemoteAccess - ok
09:56:27.0750 3928 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
09:56:27.0781 3928 RFCOMM - ok
09:56:27.0843 3928 [ 9FFC7E81313D48A27DF2727F82E402D4 ] RMSPPPOE C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS
09:56:27.0859 3928 RMSPPPOE - ok
09:56:27.0890 3928 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
09:56:27.0890 3928 RpcLocator - ok
09:56:27.0921 3928 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
09:56:27.0937 3928 RpcSs - ok
09:56:27.0968 3928 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:56:27.0984 3928 RSVP - ok
09:56:28.0062 3928 [ A1AD65718870DBF2BCB81E3C1406469E ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
09:56:28.0062 3928 RTLE8023xp - ok
09:56:28.0093 3928 [ 7A0801E1273F710A7217F00D86DC5B9B ] RTLWUSB C:\WINDOWS\system32\DRIVERS\RTL8187.sys
09:56:28.0109 3928 RTLWUSB - ok
09:56:28.0156 3928 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
09:56:28.0156 3928 SamSs - ok
09:56:28.0218 3928 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:56:28.0234 3928 SCardSvr - ok
09:56:28.0296 3928 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:56:28.0328 3928 Schedule - ok
09:56:28.0343 3928 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:56:28.0359 3928 Secdrv - ok
09:56:28.0390 3928 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:56:28.0390 3928 seclogon - ok
09:56:28.0468 3928 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
09:56:28.0468 3928 SENS - ok
09:56:28.0531 3928 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:56:28.0546 3928 serenum - ok
09:56:28.0546 3928 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:56:28.0546 3928 Serial - ok
09:56:28.0640 3928 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:56:28.0703 3928 ServiceLayer - ok
09:56:28.0734 3928 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:56:28.0734 3928 Sfloppy - ok
09:56:28.0796 3928 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:56:28.0812 3928 SharedAccess - ok
09:56:28.0843 3928 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:56:28.0859 3928 ShellHWDetection - ok
09:56:28.0859 3928 Simbad - ok
09:56:28.0859 3928 SjyPkt - ok
09:56:28.0906 3928 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:56:28.0906 3928 SkypeUpdate - ok
09:56:28.0953 3928 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:56:28.0953 3928 SLIP - ok
09:56:29.0390 3928 [ A12BE6B3F784BD66110EFC649F31038B ] SNP325 C:\WINDOWS\system32\DRIVERS\snp325.sys
09:56:29.0953 3928 SNP325 - ok
09:56:29.0984 3928 [ FFC5F7ED77AA59AA0A6B70F3D7A22A93 ] Sound Blaster X-Fi MB Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
09:56:30.0000 3928 Sound Blaster X-Fi MB Licensing Service - ok
09:56:30.0000 3928 Sparrow - ok
09:56:30.0046 3928 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\WINDOWS\system32\speedfan.sys
09:56:30.0046 3928 speedfan - ok
09:56:30.0109 3928 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:56:30.0125 3928 splitter - ok
09:56:30.0156 3928 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:56:30.0156 3928 Spooler - ok
09:56:30.0171 3928 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:56:30.0187 3928 sr - ok
09:56:30.0234 3928 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
09:56:30.0250 3928 srservice - ok
09:56:30.0312 3928 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:56:30.0312 3928 Srv - ok
09:56:30.0625 3928 [ BB6EDB0257860083193CC1581AC7D485 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
09:56:30.0656 3928 ssadbus - ok
09:56:30.0703 3928 [ 5BCB68F7B62159C07789D3F405750623 ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
09:56:30.0703 3928 ssadmdfl - ok
09:56:30.0781 3928 [ 1588A89F9CD9E68DE9FCC9F60FDB5C08 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
09:56:30.0796 3928 ssadmdm - ok
09:56:30.0859 3928 [ 9EFD9F42795C9E90206C1E9A9B25E8D3 ] ssadserd C:\WINDOWS\system32\DRIVERS\ssadserd.sys
09:56:30.0859 3928 ssadserd - ok
09:56:30.0890 3928 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:56:30.0906 3928 SSDPSRV - ok
09:56:30.0937 3928 [ CA22092117F4F8BA3700B4BF9962444A ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
09:56:30.0937 3928 ssudmdm - ok
09:56:30.0984 3928 [ 06CDA2A5A549BC455D004461E6BC5B33 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
09:56:30.0984 3928 StillCam - ok
09:56:31.0062 3928 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:56:31.0109 3928 stisvc - ok
09:56:31.0156 3928 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:56:31.0156 3928 streamip - ok
09:56:31.0203 3928 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:56:31.0203 3928 swenum - ok
09:56:31.0234 3928 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:56:31.0250 3928 swmidi - ok
09:56:31.0250 3928 SwPrv - ok
09:56:31.0250 3928 symc810 - ok
09:56:31.0250 3928 symc8xx - ok
09:56:31.0250 3928 sym_hi - ok
09:56:31.0250 3928 sym_u3 - ok
09:56:31.0296 3928 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:56:31.0296 3928 sysaudio - ok
09:56:31.0312 3928 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:56:31.0343 3928 SysmonLog - ok
09:56:31.0375 3928 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:56:31.0390 3928 TapiSrv - ok
09:56:31.0421 3928 [ 04E1C782CF14B7282EBC633B0FD3ED16 ] TBPanel C:\WINDOWS\system32\drivers\TBPanel.sys
09:56:31.0421 3928 TBPanel - ok
09:56:31.0468 3928 [ D9F19E78F98834CB411D6AD3C68D181A ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:56:31.0484 3928 Tcpip - ok
09:56:31.0515 3928 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:56:31.0546 3928 TDPIPE - ok
09:56:31.0578 3928 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:56:31.0578 3928 TDTCP - ok
09:56:31.0953 3928 [ 2B29FD3AF7B4FEB272CD1F6EEC8FE4BA ] TeamViewer9 C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
09:56:31.0968 3928 TeamViewer9 - ok
09:56:32.0015 3928 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
09:56:32.0031 3928 teamviewervpn - ok
09:56:32.0062 3928 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:56:32.0078 3928 TermDD - ok
09:56:32.0093 3928 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
09:56:32.0125 3928 TermService - ok
09:56:32.0171 3928 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
09:56:32.0171 3928 Themes - ok
09:56:32.0171 3928 TosIde - ok
09:56:32.0203 3928 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:56:32.0203 3928 TrkWks - ok
09:56:32.0250 3928 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:56:32.0250 3928 Udfs - ok
09:56:32.0250 3928 ultra - ok
09:56:32.0296 3928 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:56:32.0312 3928 Update - ok
09:56:32.0375 3928 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
09:56:32.0406 3928 upnphost - ok
09:56:32.0437 3928 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
09:56:32.0437 3928 upperdev - ok
09:56:32.0453 3928 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
09:56:32.0468 3928 UPS - ok
09:56:32.0515 3928 [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:56:32.0531 3928 usbccgp - ok
09:56:32.0562 3928 [ 4BAC8DF07F1D8434FC640E677A62204E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:56:32.0562 3928 usbehci - ok
09:56:32.0593 3928 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:56:32.0593 3928 usbhub - ok
09:56:32.0625 3928 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:56:32.0625 3928 usbprint - ok
09:56:32.0656 3928 [ F8EDE2B6928970DCE3D5614C27D9E7F6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:56:32.0687 3928 usbscan - ok
09:56:32.0718 3928 [ 84C44D720655A8AA475E57A9E764D675 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
09:56:32.0734 3928 usbser - ok
09:56:32.0750 3928 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
09:56:32.0750 3928 UsbserFilt - ok
09:56:32.0781 3928 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:56:32.0781 3928 USBSTOR - ok
09:56:32.0812 3928 [ EB532174B0C331B02A08125BC5D21D5F ] VD_FileDisk C:\WINDOWS\system32\drivers\VD_FileDisk.sys
09:56:32.0812 3928 VD_FileDisk - ok
09:56:32.0812 3928 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:56:32.0812 3928 VgaSave - ok
09:56:32.0921 3928 [ F29BFD0C5CCCC9823E5FCDEE71DBC054 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
09:56:32.0984 3928 VIAHdAudAddService - ok
09:56:32.0984 3928 ViaIde - ok
09:56:33.0000 3928 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:56:33.0000 3928 VolSnap - ok
09:56:33.0062 3928 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
09:56:33.0078 3928 VSS - ok
09:56:33.0093 3928 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
09:56:33.0109 3928 W32Time - ok
09:56:33.0140 3928 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:56:33.0140 3928 Wanarp - ok
09:56:33.0187 3928 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
09:56:33.0203 3928 wceusbsh - ok
09:56:33.0250 3928 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
09:56:33.0281 3928 Wdf01000 - ok
09:56:33.0281 3928 WDICA - ok
09:56:33.0296 3928 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:56:33.0328 3928 wdmaud - ok
09:56:33.0359 3928 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:56:33.0375 3928 WebClient - ok
09:56:33.0468 3928 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:56:33.0468 3928 winmgmt - ok
09:56:33.0515 3928 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
09:56:33.0515 3928 WinUSB - ok
09:56:33.0765 3928 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:56:33.0843 3928 wlidsvc - ok
09:56:33.0890 3928 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:56:33.0906 3928 WmdmPmSN - ok
09:56:33.0937 3928 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:56:33.0953 3928 WmiApSrv - ok
09:56:34.0062 3928 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
09:56:34.0093 3928 WMPNetworkSvc - ok
09:56:34.0140 3928 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:56:34.0140 3928 WpdUsb - ok
09:56:34.0281 3928 [ 15673BD0B86150CB8E27766059C72A9B ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:56:34.0312 3928 WPFFontCache_v0400 - ok
09:56:34.0343 3928 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:56:34.0343 3928 WS2IFSL - ok
09:56:34.0390 3928 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:56:34.0406 3928 wscsvc - ok
09:56:34.0406 3928 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:56:34.0406 3928 WSTCODEC - ok
09:56:34.0453 3928 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:56:34.0453 3928 wuauserv - ok
09:56:34.0500 3928 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:56:34.0515 3928 WudfPf - ok
09:56:34.0546 3928 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:56:34.0546 3928 WudfRd - ok
09:56:34.0562 3928 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:56:34.0578 3928 WudfSvc - ok
09:56:34.0625 3928 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:56:34.0640 3928 WZCSVC - ok
09:56:34.0671 3928 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:56:34.0687 3928 xmlprov - ok
09:56:34.0687 3928 ================ Scan global ===============================
09:56:34.0718 3928 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
09:56:34.0781 3928 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
09:56:34.0812 3928 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
09:56:34.0859 3928 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
09:56:34.0859 3928 [Global] - ok
09:56:34.0859 3928 ================ Scan MBR ==================================
09:56:34.0906 3928 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
09:56:35.0328 3928 \Device\Harddisk0\DR0 - ok
09:56:35.0328 3928 ================ Scan VBR ==================================
09:56:35.0328 3928 [ DB92FF437C776055406D5C0C6FB6AF7D ] \Device\Harddisk0\DR0\Partition1
09:56:35.0328 3928 \Device\Harddisk0\DR0\Partition1 - ok
09:56:35.0343 3928 ============================================================
09:56:35.0343 3928 Scan finished
09:56:35.0343 3928 ============================================================
09:56:35.0343 2260 Detected object count: 1
09:56:35.0343 2260 Actual detected object count: 1
09:56:44.0828 2260 atapi ( LockedFile.Multi.Generic ) - skipped by user
09:56:44.0828 2260 atapi ( LockedFile.Multi.Generic ) - User select action: Skip

#6 Příspěvek od **JaRon** » 04 bře 2014 10:18

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

FCopy::
c:\windows\system32\dllcache\atapi.sys | c:\windows\system32\drivers\atapi.sys

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem

misak35 · #7 Příspěvek od **misak35** » 04 bře 2014 11:26

ComboFix pár minut běžel a pak modrá obrazovka

#8 Příspěvek od **JaRon** » 04 bře 2014 11:32

1. premenuj Combofix na Uninstall a spust
2. citat:

Po stažení aswMBR.exe z http://public.avast.com/~gmerek/aswMBR.htm ho spusť

- klik na Ne
- klik na SCAN
- v případě zámrzu či problému s dokončením odoznač možnost "Trace disk IO calls"
- po dokončeni klik na "Save log" , ulož
- klik na Exit (Ano)

Soubor aswMBR.txt otevři, jeho obsah sem zkopíruj.

misak35 · #9 Příspěvek od **misak35** » 04 bře 2014 14:52

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-04 12:35:08
-----------------------------
12:35:08.250 OS Version: Windows 5.1.2600 Service Pack 3
12:35:08.250 Number of processors: 4 586 0x2502
12:35:08.250 ComputerName: MICHAL UserName: Metrix
12:35:09.406 Initialize success
12:35:13.109 AVAST engine defs: 14030201
12:35:23.062 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-12
12:35:23.062 Disk 0 Vendor: ST3500418AS CC38 Size: 476940MB BusType: 3
12:35:23.062 Device \Driver\atapi -> MajorFunction 8af88008
12:35:23.078 Disk 0 MBR read successfully
12:35:23.078 Disk 0 MBR scan
12:35:23.078 Disk 0 Windows XP default MBR code
12:35:23.078 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
12:35:23.078 Disk 0 scanning sectors +976752000
12:35:23.156 Disk 0 scanning C:\WINDOWS\system32\drivers
12:35:32.062 Service scanning
12:35:33.437 Service atapi C:\WINDOWS\system32\DRIVERS\atapi.sys **LOCKED** 32
12:35:46.062 Modules scanning
12:35:52.000 Disk 0 trace - called modules:
12:35:52.343 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8af88008]<<
12:35:52.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b1ffab8]
12:35:52.343 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000007d[0x8b1869e8]
12:35:52.343 5 ACPI.sys[f7586620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-12[0x8b185d98]
12:35:52.343 \Driver\atapi[0x8b2450b8] -> IRP_MJ_CREATE -> 0x8af88008
12:35:55.281 AVAST engine scan C:\WINDOWS
12:36:00.390 AVAST engine scan C:\WINDOWS\system32
12:38:24.609 AVAST engine scan C:\WINDOWS\system32\drivers
12:38:39.781 AVAST engine scan C:\Documents and Settings\Metrix
12:39:39.328 File: C:\Documents and Settings\Metrix\Data aplikací\newnext.me\nengine.dll **INFECTED** Win32:NextLive-A [Adw]
12:40:20.000 File: C:\Documents and Settings\Metrix\Data aplikací\Sun\Java\Deployment\cache\6.0\30\9afc21e-42c91931 **INFECTED** Win32:Reveton-WI [Trj]
12:41:56.203 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Metrix\Plocha\MBR.dat"
12:41:56.203 The log file has been saved successfully to "C:\Documents and Settings\Metrix\Plocha\aswMBR.txt"

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-04 13:15:16
-----------------------------
13:15:16.140 OS Version: Windows 5.1.2600 Service Pack 3
13:15:16.140 Number of processors: 4 586 0x2502
13:15:16.140 ComputerName: MICHAL UserName: Metrix
13:15:17.281 Initialize success
13:15:20.734 AVAST engine defs: 14030201
13:15:22.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-12
13:15:22.234 Disk 0 Vendor: ST3500418AS CC38 Size: 476940MB BusType: 3
13:15:22.234 Device \Driver\atapi -> MajorFunction 8af88008
13:15:22.250 Disk 0 MBR read successfully
13:15:22.265 Disk 0 MBR scan
13:15:22.265 Disk 0 Windows XP default MBR code
13:15:22.281 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
13:15:22.296 Disk 0 scanning sectors +976752000
13:15:22.468 Disk 0 scanning C:\WINDOWS\system32\drivers
13:15:47.687 Service scanning
13:15:48.718 Service atapi C:\WINDOWS\system32\DRIVERS\atapi.sys **LOCKED** 32
13:16:00.937 Modules scanning
13:16:29.031 Disk 0 trace - called modules:
13:16:29.062 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8af88008]<<
13:16:29.062 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b1ffab8]
13:16:29.062 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000007d[0x8b1869e8]
13:16:29.062 5 ACPI.sys[f7586620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-12[0x8b185d98]
13:16:29.062 \Driver\atapi[0x8b2450b8] -> IRP_MJ_CREATE -> 0x8af88008
13:16:30.140 AVAST engine scan C:\WINDOWS
13:17:30.453 AVAST engine scan C:\WINDOWS\system32
13:25:38.156 AVAST engine scan C:\WINDOWS\system32\drivers
13:27:06.281 AVAST engine scan C:\Documents and Settings\Metrix
13:29:24.453 File: C:\Documents and Settings\Metrix\Data aplikací\newnext.me\nengine.dll **INFECTED** Win32:NextLive-A [Adw]
13:30:48.515 File: C:\Documents and Settings\Metrix\Data aplikací\Sun\Java\Deployment\cache\6.0\30\9afc21e-42c91931 **INFECTED** Win32:Reveton-WI [Trj]
14:23:52.843 File: C:\Documents and Settings\Metrix\Local Settings\Data aplikací\genienext\nengine.dll **INFECTED** Win32:NextLive-A [Adw]
14:41:52.421 AVAST engine scan C:\Documents and Settings\All Users
14:47:42.687 Scan finished successfully
14:57:44.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Metrix\Plocha\MBR.dat"
14:57:44.640 The log file has been saved successfully to "C:\Documents and Settings\Metrix\Plocha\aswMBR.txt"

#10 Příspěvek od **JaRon** » 04 bře 2014 14:58

ZMAZ subor C:\Documents and Settings\Metrix\Data aplikací\newnext.me\nengine.dll
restart a napis, ci su este problemy

misak35 · #11 Příspěvek od **misak35** » 06 bře 2014 10:04

Vypadá to, že je to vpořádku

Děkuji

#12 Příspěvek od **JaRon** » 06 bře 2014 10:11

rado sa stalo

zastav sa za 2-3 tyzdne na preventivku

VIRY.CZ

Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí

Re: Zamrznutí PC - modrá obrazovka - opětovné zamrznutí