NB pomaly a vyskakuji okna

Zpráva

Misel1 · #16 Příspěvek od **Misel1** » 17 zář 2014 16:11

chce to jeste restart... mam ho udelat?

#17 Příspěvek od **cernohous13** » 17 zář 2014 16:25

OK, MBAM odinstaluj http://www.malwarebytes.org/mbam-clean.exe

přitvrdíme

Stáhni si zde : ComboFix
a ulož ho na plochu.
návod na použití: http://www.bleepingcomputer.com/combofi ... t-combofix
Ukonči všechna aktivní okna,vypni Antispy a Antivir a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Odmítni stažení Konzole...
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna a nic nespouštěj
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud vyskočí hláška "Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění", tak jen restartuj PC - registr se dá do kupy
Kdyby ti po použití ComboFixu systém nenaběhl - při restartu F8 a "Poslední známá funkční konfigurace"

Misel1 · #18 Příspěvek od **Misel1** » 17 zář 2014 17:01

ComboFix 14-09-16.01 - Uživatel 17.09.2014 17:42:46.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.623 [GMT 2:00]
Spuštěný z: c:\documents and settings\U×ivatel\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
ADS - system32: deleted 2411 bytes in 1 streams.
ADS - WINDOWS: deleted 1694 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\Administrator\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\AvastSoftwareUpdater\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\Guest\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\Guest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\background.html
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\content.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\Igdy501f.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\lsdb.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\lldemdhbidjdpkohdlapmjhhdhhhnmie\1.0\manifest.json
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\background.html
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\content.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\lsdb.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\manifest.json
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\nlleibldknaoilpdolchcolpkoeelfbg\1.1\yuI0XwvPN.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\background.html
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\content.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\gxZWDKnt6aJV.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\lsdb.js
c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\169\manifest.json
C:\Documents
c:\windows\dasetup.log
c:\windows\iun6002.exe
c:\windows\Setup1.exe
c:\windows\ST6UNST.000
c:\windows\ST6UNST.EXE
c:\windows\system32\AutoRun.inf
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-17 do 2014-09-17 )))))))))))))))))))))))))))))))
.
.
2014-09-16 18:38 . 2014-09-16 18:38 -------- d-----w- C:\_OTM
2014-08-23 15:11 . 2014-08-23 15:11 -------- d-----w- C:\zoek_backup
2014-08-23 15:03 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-08-23 15:00 . 2014-08-23 15:04 -------- d-----w- C:\AdwCleaner
2014-08-23 14:27 . 2014-08-23 14:27 -------- d-----w- c:\windows\ERUNT
2014-08-23 09:27 . 2014-09-17 08:55 -------- d-----w- c:\program files\trend micro
2014-08-23 09:27 . 2014-08-23 09:29 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 09:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil VoIP Plugin.exe"=
"c:\\Program Files\\ProFact 3.0 Free\\ProFactFree.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\ADCDA2\\ADBCD.exe"=
"c:\\Documents and Settings\\Uživatel\\Plocha\\zoek.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1947:TCP"= 1947:TCP:HASP SRM
"1947:UDP"= 1947:UDP:HASP SRM
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [27.11.2013 21:56 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [27.11.2013 21:56 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.11.2013 21:56 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.11.2013 21:56 369584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [11.2.2014 22:42 218688]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [21.7.2014 15:01 24786]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.11.2013 21:56 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [27.11.2013 21:56 66336]
R2 COSIDS_TB;COSIDS_TB;c:\progra~1\COSIDS\BIN\TbMux32.exe [7.7.2014 19:39 165376]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 MachineTokenService;SOMTS;c:\mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe [20.3.2014 22:52 57344]
R2 ssinstall;SInstalátor;c:\windows\system32\ssins.exe [14.5.2014 20:17 2324216]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [19.3.2008 17:52 51816]
R2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [26.4.2014 23:42 5037888]
S3 cyg_bus;Cygnal USB Composite Device driver (WDM);c:\windows\system32\drivers\cyg_bus.sys [10.4.2014 12:55 51040]
S3 cyg_ser;CP2101 USB to UART Bridge Controller Drivers;c:\windows\system32\drivers\cyg_ser.sys [10.4.2014 12:55 82704]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [10.4.2014 12:32 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [10.4.2014 12:32 61312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-16 18:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{5054562D-5247-006A-76A7-7A786E7484D7} - (no file)
HKCU-Run-Yahoo! Search - c:\documents and settings\Uživatel\Data aplikací\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
HKLM-Run-AGRSMMSG - AGRSMMSG.exe
AddRemove-2d9cfc94-6f73-40be-9e94-afbcc5e7c566 - c:\docume~1\ALLUSE~1\DATAAP~1\INSTAL~1\{36564~1\Setup.exe
AddRemove-4Gas 7.0.0.2_is1 - c:\program files\4Gas II\unins000.exe
AddRemove-95a9c721-6b23-4de3-a9e0-c14520acea13 - c:\docume~1\ALLUSE~1\DATAAP~1\INSTAL~1\{5DA0B~1\Setup.exe
AddRemove-A106663FD3361BDFACB045D83EBA03858EB1E411 - c:\progra~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInstx86.exe
AddRemove-Ac Gas Synchro 1.13.13.0_is1 - c:\program files\AcGasSynchro\unins000.exe
AddRemove-Ac Gas Synchro 9.1.0.0_is1 - c:\program files\AcGasSynchro II\unins000.exe
AddRemove-Ac Lpg Win 1.79_is1 - c:\program files\AcLpgWin\unins000.exe
AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe
AddRemove-Adobe SVG Viewer - c:\program files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-CP2101 USB to UART Bridge Controller - c:\program files\Cygnal\CP2101 USB to UART Bridge Controller\CYG_Uninstall.exe
AddRemove-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\uninst.exe
AddRemove-DemoApp - c:\program files\Magic2 (1.3.1.0)\Uninstall.exe
AddRemove-F2F24872454C7CAEAABD8BB063F70FBEFF01989D - c:\progra~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInstx86.exe
AddRemove-Magic3 Injection System - c:\windows\GPInstall.exe
AddRemove-MAGIC_G4_nsis - c:\program files\HLPropan\MAGIC_G4\uninstall.exe
AddRemove-Modena_is1 - c:\program files\Technology Gaz Software\unins000.exe
AddRemove-Mozilla Firefox 28.0 (x86 cs) - c:\program files\Mozilla Firefox\uninstall\helper.exe
AddRemove-MozillaMaintenanceService - c:\program files\Mozilla Maintenance Service\uninstall.exe
AddRemove-ProFact 3.0 Free_is1 - c:\program files\ProFact 3.0 Free\unins000.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-TeamViewer 9 - c:\program files\TeamViewer\Version9\uninstall.exe
AddRemove-The KMPlayer - c:\program files\The KMPlayer\uninstall.exe
AddRemove-UltraISO_is1 - c:\program files\UltraISO\unins000.exe
AddRemove-WinRAR archiver - c:\program files\WinRAR\uninstall.exe
AddRemove-{280076EA-69FC-ECA5-C533-3E00D8501F9D}_is1 - c:\program files\Mozila Firefox 17.0.1 cz\unins000.exe
AddRemove-{461BAEEE-A978-8480-D111-E089FE7BDF49}_is1 - c:\program files\WinRAR 5.00 Beta 7 (32 - 64 bit) Incl Key -F1R3W1R3\unins000.exe
AddRemove-{58AE14BC-9BD9-3D47-A792-CBEF26A7FD60}_is1 - c:\program files\Winrar v3.42.cz pln verze v etin zdarma instaluj\unins000.exe
AddRemove-{5CAC4C47-4974-4789-8CA9-654D332F7280} - c:\program files\InstallShield Installation Information\{5CAC4C47-4974-4789-8CA9-654D332F7280}\setup.exe
AddRemove-{65472E49-8D5C-0FA4-2517-96A7F19CE2A8}_is1 - c:\program files\Adobe Acrobat Reader 10.10 CZ\unins000.exe
AddRemove-{9E53DB4A-8C55-4443-8E6E-91C6E95C9B21}_is1 - c:\azsoft\Autoservis\unins000.exe
AddRemove-{A9111573-EF12-4D80-A5B9-55F620D5BCA1} - c:\program files\InstallShield Installation Information\{A9111573-EF12-4D80-A5B9-55F620D5BCA1}\setup.exe
AddRemove-{B2C61EBB-F47C-48ba-B375-27A40F8F48F7} - c:\program files\HP\Digital Imaging\{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}\setup\hpzscr01.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-09-17 17:50
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2014-09-17 17:53:14
ComboFix-quarantined-files.txt 2014-09-17 15:53
.
Před spuštěním: Volných bajtů: 63 794 053 120
Po spuštění: Volných bajtů: 63 758 622 720
.
- - End Of File - - 8100307DB388CCF376E4205F752CD0F6
413FC2A0C716421B3158746D63736515

#19 Příspěvek od **cernohous13** » 17 zář 2014 17:52

Přesuň ComboFix přímo na C: - bude to C:\ComboFix
Otevři Poznámkový blok (Notepad) a zkopíruj celý zelený text z "CFScriptu".
Soubor ulož taky na C:\ CFScript a jeho ikonu přetáhni myší nad ikonu ComboFixu - tam pusť.

ComboFix se spustí - počkej na log a vlož ho sem.

CFScript

Kód: Vybrat vše

KillAll::

File::
c:\windows\system32\sqlite3.dll

Folder::
C:\zoek_backup
C:\AdwCleaner
c:\windows\ERUNT
c:\program files\trend micro

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000000
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"FirewallOverride"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"UacDisableNotify"=dword:00000000
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Documents and Settings\\Uživatel\\Plocha\\zoek.exe"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1947:TCP"=-
"1947:UDP"=-

Reboot::

Misel1 · #20 Příspěvek od **Misel1** » 17 zář 2014 19:11

ComboFix 14-09-16.01 - Uživatel 17.09.2014 19:33:59.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.617 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\windows\system32\sqlite3.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\AdwCleaner
c:\adwcleaner\AdwCleaner[R0].txt
c:\adwcleaner\AdwCleaner[S0].txt
c:\adwcleaner\Backup\C\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default\prefs_23_08_2014_17_04_32.js
c:\program files\trend micro
c:\program files\trend micro\hijackthis.exe
c:\program files\trend micro\hijackthis.log
c:\program files\trend micro\Uživatel.exe
c:\windows\ERUNT
c:\windows\ERUNT\JRT\default
c:\windows\ERUNT\JRT\ERDNT.CON
c:\windows\ERUNT\JRT\ERDNT.EXE
c:\windows\ERUNT\JRT\ERDNT.INF
c:\windows\ERUNT\JRT\ERDNTDOS.LOC
c:\windows\ERUNT\JRT\ERDNTWIN.LOC
c:\windows\ERUNT\JRT\SAM
c:\windows\ERUNT\JRT\SECURITY
c:\windows\ERUNT\JRT\software
c:\windows\ERUNT\JRT\system
c:\windows\ERUNT\JRT\system.LOG
c:\windows\ERUNT\JRT\Users\00000001\NTUSER.DAT
c:\windows\ERUNT\JRT\Users\00000002\UsrClass.dat
C:\zoek_backup
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AMSINT32
-------\Service_amsint32
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-17 do 2014-09-17 )))))))))))))))))))))))))))))))
.
.
2014-09-16 18:38 . 2014-09-16 18:38 -------- d-----w- C:\_OTM
2014-08-23 15:03 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-08-23 09:27 . 2014-08-23 09:29 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 09:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil VoIP Plugin.exe"=
"c:\\Program Files\\ProFact 3.0 Free\\ProFactFree.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\ADCDA2\\ADBCD.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\EXCEL.EXE"=
"c:\\WINDOWS\\system32\\cscript.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [27.11.2013 21:56 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [27.11.2013 21:56 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.11.2013 21:56 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.11.2013 21:56 369584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [11.2.2014 22:42 218688]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [21.7.2014 15:01 24786]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.11.2013 21:56 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [27.11.2013 21:56 66336]
R2 COSIDS_TB;COSIDS_TB;c:\progra~1\COSIDS\BIN\TbMux32.exe [7.7.2014 19:39 165376]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 MachineTokenService;SOMTS;c:\mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe [20.3.2014 22:52 57344]
R2 ssinstall;SInstalátor;c:\windows\system32\ssins.exe [14.5.2014 20:17 2324216]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [19.3.2008 17:52 51816]
R2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [26.4.2014 23:42 5037888]
S3 cyg_bus;Cygnal USB Composite Device driver (WDM);c:\windows\system32\drivers\cyg_bus.sys [10.4.2014 12:55 51040]
S3 cyg_ser;CP2101 USB to UART Bridge Controller Drivers;c:\windows\system32\drivers\cyg_ser.sys [10.4.2014 12:55 82704]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [10.4.2014 12:32 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [10.4.2014 12:32 61312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-16 18:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-09-17 19:44
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\windows\system32\crypserv.exe
c:\windows\system32\hasplms.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2014-09-17 19:47:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-17 17:47
ComboFix2.txt 2014-09-17 15:53
.
Před spuštěním: Volných bajtů: 63 593 803 776
Po spuštění: Volných bajtů: 63 462 637 568
.
- - End Of File - - 59C7B6850BAD04231DCBE0B67444A430
413FC2A0C716421B3158746D63736515

#21 Příspěvek od **cernohous13** » 17 zář 2014 19:34

Projdi to znovu Ccleanerem (hlavně registry)

Přidej nový RSIT

Misel1 · #22 Příspěvek od **Misel1** » 17 zář 2014 20:56

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2014-09-17 21:19:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 60 GB (75%) free of 80 GB
Total RAM: 1014 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:19:19, on 17.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ssins.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfxtwb.exe
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmrfase.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\NEBAFCZ0\RSIT[1].exe
C:\Program Files\trend micro\Uživatel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COSIDS_TB - TransAction Software, D 81737 Munich - C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
O23 - Service: CrypKey License - CrypKey (Canada) Ltd. - C:\WINDOWS\system32\crypserv.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SOMTS (MachineTokenService) - Unknown owner - C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 4488 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-11-28 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-11-28 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-12-15 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:ipsec"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe:*:Enabled:ipsec"
"C:\Program Files\ProFact 3.0 Free\ProFactFree.exe"="C:\Program Files\ProFact 3.0 Free\ProFactFree.exe:*:Enabled:ipsec"
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Disabled:ipsec"
"C:\ADCDA2\ADBCD.exe"="C:\ADCDA2\ADBCD.exe:*:Enabled:ipsec"
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE"="C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:ipsec"
"C:\WINDOWS\system32\cscript.exe"="C:\WINDOWS\system32\cscript.exe:*:Enabled:ipsec"
"C:\ComboFix\CF10821.3XE"="C:\ComboFix\CF10821.3XE:*:Enabled:ipsec"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfxtwb.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfxtwb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmrfase.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmrfase.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"SENTINEL"=snti386.dll

======List of files/folders created in the last 1 month======

2014-09-17 21:19:15 ----D---- C:\Program Files\trend micro
2014-09-17 21:02:37 ----SHD---- C:\RECYCLER
2014-09-17 20:55:05 ----D---- C:\Program Files\CCleaner
2014-09-17 19:47:48 ----A---- C:\ComboFix.txt
2014-09-17 19:44:14 ----D---- C:\WINDOWS\system32\LogFiles
2014-09-17 17:40:53 ----A---- C:\WINDOWS\zip.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\SWREG.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\PEV.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\NIRCMD.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\MBR.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\grep.exe
2014-09-17 17:40:52 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-09-17 17:40:52 ----A---- C:\WINDOWS\SWSC.exe
2014-09-17 17:40:52 ----A---- C:\WINDOWS\sed.exe
2014-09-17 17:40:40 ----D---- C:\Qoobox
2014-09-17 17:40:23 ----D---- C:\WINDOWS\erdnt
2014-09-17 17:39:37 ----R---- C:\ComboFix.exe
2014-09-16 20:38:17 ----D---- C:\_OTM
2014-08-23 17:03:41 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-08-23 11:27:54 ----D---- C:\rsit
2014-08-18 10:27:12 ----AD---- C:\WINDOWS\system32
2014-08-18 06:01:50 ----AD---- C:\WINDOWS

======List of files/folders modified in the last 1 month======

2014-09-17 21:19:15 ----RD---- C:\Program Files
2014-09-17 21:09:49 ----D---- C:\WINDOWS\Prefetch
2014-09-17 21:02:41 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DAEMON Tools Lite
2014-09-17 21:02:38 ----D---- C:\WINDOWS\Minidump
2014-09-17 21:02:38 ----D---- C:\WINDOWS\Debug
2014-09-17 19:47:51 ----D---- C:\WINDOWS\system32\drivers
2014-09-17 19:47:50 ----D---- C:\WINDOWS\Temp
2014-09-17 19:44:33 ----A---- C:\WINDOWS\win.ini
2014-09-17 19:43:57 ----A---- C:\WINDOWS\system.ini
2014-09-17 19:43:33 ----D---- C:\WINDOWS\system32\drivers\etc
2014-09-17 19:42:12 ----D---- C:\WINDOWS\system32\config
2014-09-17 19:38:00 ----D---- C:\WINDOWS\AppPatch
2014-09-17 19:37:53 ----D---- C:\Program Files\Common Files
2014-09-17 19:32:49 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-17 19:28:55 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-09-17 17:34:29 ----SHD---- C:\WINDOWS\Installer
2014-09-17 17:34:29 ----D---- C:\Config.Msi
2014-09-17 17:09:43 ----HD---- C:\WINDOWS\inf
2014-09-17 17:09:42 ----D---- C:\Program Files\avast free antivirus plna verze zdarma cz rar
2014-09-17 14:50:59 ----D---- C:\Program Files\Chiave Hardware Eutron
2014-09-16 20:39:11 ----D---- C:\WINDOWS\twain_32
2014-08-24 08:54:08 ----D---- C:\Program Files\WinRAR
2014-08-24 08:54:05 ----D---- C:\Program Files\Windows NT
2014-08-24 08:54:04 ----D---- C:\Program Files\Windows Media Player
2014-08-24 08:54:03 ----D---- C:\Program Files\UltraISO
2014-08-24 08:46:49 ----D---- C:\Program Files\Adobe Acrobat Reader 10.10 CZ
2014-08-24 06:38:50 ----D---- C:\Program Files\Mozilla Firefox
2014-08-23 17:04:30 ----SD---- C:\WINDOWS\Tasks
2014-08-23 17:04:10 ----D---- C:\Program Files\Kozaka
2014-08-19 15:05:03 ----D---- C:\AUTOLYSA
2014-08-18 15:28:26 ----AD---- C:\ADCDA2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-11-27 175176]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-11-27 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-11-27 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 218688]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 NetWorkX;NetworkX; C:\WINDOWS\System32\ckldrv.sys [2010-03-19 23360]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-04-06 73216]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-12-16 122942]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-12-16 99002]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-01-23 1166336]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-12-16 95579]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-10-17 247920]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-29 55320]
S3 cyg_bus;Cygnal USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\cyg_bus.sys [2007-10-24 51040]
S3 cyg_ser;CP2101 USB to UART Bridge Controller Drivers; C:\WINDOWS\system32\DRIVERS\cyg_ser.sys [2007-10-24 82704]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mbr;mbr; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2011-10-14 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2011-10-14 61312]
S3 Sntnlusb;Sntnlusb; C:\WINDOWS\System32\Drivers\SNTNLUSB.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2008-03-19 166520]
R2 COSIDS_TB;COSIDS_TB; C:\PROGRA~1\COSIDS\BIN\TbMux32.exe [2001-11-20 165376]
R2 CrypKey License;CrypKey License; C:\WINDOWS\system32\crypserv.exe [2010-03-18 126976]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2008-03-19 2558464]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-11-28 153376]
R2 MachineTokenService;SOMTS; C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe [2011-05-10 57344]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ssinstall;SInstalátor; C:\WINDOWS\System32\ssins.exe [2014-05-14 2324216]
R2 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-06-16 5037888]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

#23 Příspěvek od **cernohous13** » 18 zář 2014 04:59

Stáhni TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe . Pak použij tento návod od kolegy:

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit uložit do karantény (Quarantine), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Misel1 · #24 Příspěvek od **Misel1** » 18 zář 2014 19:00

19:59:11.0793 0x08cc TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
19:59:28.0347 0x08cc ============================================================
19:59:28.0347 0x08cc Current date / time: 2014/09/18 19:59:28.0347
19:59:28.0347 0x08cc SystemInfo:
19:59:28.0347 0x08cc
19:59:28.0347 0x08cc OS Version: 5.1.2600 ServicePack: 3.0
19:59:28.0347 0x08cc Product type: Workstation
19:59:28.0357 0x08cc ComputerName: MARTIN-D16844BB
19:59:28.0357 0x08cc UserName: Uživatel
19:59:28.0357 0x08cc Windows directory: C:\WINDOWS
19:59:28.0357 0x08cc System windows directory: C:\WINDOWS
19:59:28.0357 0x08cc Processor architecture: Intel x86
19:59:28.0357 0x08cc Number of processors: 1
19:59:28.0357 0x08cc Page size: 0x1000
19:59:28.0357 0x08cc Boot type: Normal boot
19:59:28.0357 0x08cc ============================================================
19:59:31.0081 0x08cc KLMD registered as C:\WINDOWS\system32\drivers\10862193.sys
19:59:31.0292 0x08cc System UUID: {6CE0FAE5-2FE1-FE26-CFC7-1D210B157AE7}
19:59:32.0283 0x08cc Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:59:32.0283 0x08cc ============================================================
19:59:32.0283 0x08cc \Device\Harddisk0\DR0:
19:59:32.0283 0x08cc MBR partitions:
19:59:32.0283 0x08cc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
19:59:32.0313 0x08cc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0x434DDAA
19:59:32.0313 0x08cc ============================================================
19:59:32.0403 0x08cc C: <-> \Device\Harddisk0\DR0\Partition1
19:59:32.0453 0x08cc D: <-> \Device\Harddisk0\DR0\Partition2
19:59:32.0453 0x08cc ============================================================
19:59:32.0453 0x08cc Initialize success
19:59:32.0453 0x08cc ============================================================
19:59:34.0787 0x0500 ============================================================
19:59:34.0787 0x0500 Scan started
19:59:34.0787 0x0500 Mode: Manual;
19:59:34.0787 0x0500 ============================================================
19:59:34.0787 0x0500 KSN ping started
19:59:37.0180 0x0500 KSN ping finished: true
19:59:38.0612 0x0500 ================ Scan system memory ========================
19:59:38.0612 0x0500 System memory - ok
19:59:38.0622 0x0500 ================ Scan services =============================
19:59:38.0742 0x0500 Abiosdsk - ok
19:59:38.0752 0x0500 abp480n5 - ok
19:59:38.0842 0x0500 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:59:38.0862 0x0500 ACPI - ok
19:59:39.0153 0x0500 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:59:39.0153 0x0500 ACPIEC - ok
19:59:39.0163 0x0500 adpu160m - ok
19:59:39.0203 0x0500 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:59:39.0213 0x0500 aec - ok
19:59:39.0243 0x0500 [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:59:39.0253 0x0500 AFD - ok
19:59:39.0383 0x0500 [ 262B19F246418A15C7D4B1250B7F12AC, 4B10F9BA67D131641BE5DE62741F5CC470BE65437A694A1FC7CDD60B613921B5 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
19:59:39.0453 0x0500 AgereSoftModem - ok
19:59:39.0513 0x0500 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
19:59:39.0513 0x0500 agp440 - ok
19:59:39.0523 0x0500 Aha154x - ok
19:59:39.0533 0x0500 aic78u2 - ok
19:59:39.0533 0x0500 aic78xx - ok
19:59:39.0613 0x0500 [ CB5A5079744A0535416D3A5E462C5EFE, D2FDB93619CEC4F66A799F16B2EC5CB7D7833F8F69554F7FE44DF7A5DC617391 ] aksfridge C:\WINDOWS\system32\drivers\aksfridge.sys
19:59:39.0644 0x0500 aksfridge - ok
19:59:39.0694 0x0500 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:59:39.0704 0x0500 Alerter - ok
19:59:39.0734 0x0500 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
19:59:39.0734 0x0500 ALG - ok
19:59:39.0744 0x0500 AliIde - ok
19:59:39.0754 0x0500 amsint - ok
19:59:39.0804 0x0500 [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:59:39.0824 0x0500 AppMgmt - ok
19:59:39.0834 0x0500 asc - ok
19:59:39.0844 0x0500 asc3350p - ok
19:59:39.0854 0x0500 asc3550 - ok
19:59:39.0944 0x0500 [ D33C507942299753868204CC7642FA27, 4E7096D6F4B1176C4823540427219988AC9180E70954D3BF32A6C15ED1332670 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:59:39.0954 0x0500 aspnet_state - ok
19:59:40.0004 0x0500 [ 4AF5F360BA1E8794D32B366E45A64A0A, 6AF5410168E06A6895237183AA9769576031FAF412ABFC46572A013432BE1F86 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:59:40.0004 0x0500 aswFsBlk - ok
19:59:40.0054 0x0500 [ 1F7094D4268D46F718C51286DC189791, 4820C1417876C45EBC1C33C66265AC16A6A016599256DDBA45D4D6E147DDE8A0 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
19:59:40.0064 0x0500 aswMonFlt - ok
19:59:40.0094 0x0500 [ 7B43265F92257A21CBFD88E7A651044C, E01A0E5BB3621CDEA906B63992A0258AC2BC79C487D128551153563FE1CBE819 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
19:59:40.0114 0x0500 AswRdr - ok
19:59:40.0124 0x0500 [ B680134BA1813B78B47FDD1DFF223CA5, 51B749766B8D1E75F8D652A9BDB8839A95A2637B05E1B2BFF4FF8B0E77A02D50 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
19:59:40.0134 0x0500 aswRvrt - ok
19:59:40.0254 0x0500 [ CCD565A8A72AF7D45F9A242013870926, 7E5A0EA32C5BAEA25C093A270CFEEE21E57272BC79221BDA58DDBF1CD9E9868C ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
19:59:40.0335 0x0500 aswSnx - ok
19:59:40.0425 0x0500 [ 937300BC7C4CDF7576BCCE44E19BBB9D, 2275DE904940042421D8A33ACC8C0E1C7FAED7E59FA4658938FB8DBE6D624634 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
19:59:40.0465 0x0500 aswSP - ok
19:59:40.0485 0x0500 [ 1F71F170D90E42EFDE9633D81D5E12DC, 62053E412F8269B4E906E482B905CADCFEA0D3296B525C1141944D5EA9B227A8 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
19:59:40.0495 0x0500 aswTdi - ok
19:59:40.0525 0x0500 [ 8CFAA2B965773A653F48F1207A9CB9C4, A4A58FAF10BB174A0400F3A25912A497300E5EEDF54B93B44FA67CA191047D06 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
19:59:40.0555 0x0500 aswVmm - ok
19:59:40.0585 0x0500 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:59:40.0595 0x0500 AsyncMac - ok
19:59:40.0605 0x0500 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:59:40.0605 0x0500 atapi - ok
19:59:40.0615 0x0500 Atdisk - ok
19:59:40.0655 0x0500 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:59:40.0655 0x0500 Atmarpc - ok
19:59:40.0705 0x0500 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:59:40.0715 0x0500 AudioSrv - ok
19:59:40.0765 0x0500 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:59:40.0765 0x0500 audstub - ok
19:59:40.0855 0x0500 [ 28D6701C710AD7BA3CB95E75F8F1A9AA, 66EE8BC56E5043B5A84E1BA37D591EAD132BD949F03CA8092FDCC3E196AB39D0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:59:40.0865 0x0500 avast! Antivirus - ok
19:59:40.0905 0x0500 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:59:40.0905 0x0500 Beep - ok
19:59:40.0965 0x0500 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
19:59:41.0036 0x0500 BITS - ok
19:59:41.0076 0x0500 [ 5FF9A3F3476D726AE62DA82D5DA94C36, 4261C50D2063C7A9785F0DE0FA27C277EFF5DA333DF21CFC38D1EE53CC001B1B ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
19:59:41.0076 0x0500 BlueletAudio - ok
19:59:41.0136 0x0500 [ BD91AFC523FD59F881E1763C38FB772F, F18C5EC193F984AA92CF6AF8398B1F810540A100A26CF014414A3D61E2EFF9FF ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
19:59:41.0136 0x0500 BlueletSCOAudio - ok
19:59:41.0206 0x0500 [ E460DBC78B9162A569C6CE3B7D31216D, EEEE511A0FD41BC53C8644CB2F17144817CE33553A622DB19344A05B64CCA083 ] BlueSoleil Hid Service C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
19:59:41.0226 0x0500 BlueSoleil Hid Service - ok
19:59:41.0296 0x0500 [ 249276D3EF1E74B992299CB96099E4D7, A7E23EC13CB96C0CFD12D2D75E7115361B1F9890DB815D90F7B0A878EF7738F5 ] Browser C:\WINDOWS\System32\browser.dll
19:59:41.0306 0x0500 Browser - ok
19:59:41.0346 0x0500 [ C5CCE2B26F73F8CF7F3C82159E79AA08, 09FDCB702ADB4A58F061D314BD7FD4A2BD487EA877F89A5F31B86BE0BBC24360 ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
19:59:41.0346 0x0500 BT - ok
19:59:41.0386 0x0500 [ FB2ABC6D08D9F8D5ED8E02CBD18B39BB, BF6682F0904A4FD90C1A57EEB1E111BEC9DF6FDFB13D23B06C87E7BA9D250528 ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys
19:59:41.0396 0x0500 Btcsrusb - ok
19:59:41.0436 0x0500 [ CE643D0918123D76A5CAAB008FCA9663, 045FA050D273C56AF13DC24A3E4AB14B236AC2CB4DD48D5B3180696096D3A931 ] BTHidEnum C:\WINDOWS\system32\Drivers\vbtenum.sys
19:59:41.0446 0x0500 BTHidEnum - ok
19:59:41.0466 0x0500 [ DFCA4FE4C8AEC786B4D0F432EB730F48, 3D9731A50127E86280B93466A3CAA90607027341E04EA3A8AE89B373DFC0A5B8 ] BTHidMgr C:\WINDOWS\system32\Drivers\BTHidMgr.sys
19:59:41.0476 0x0500 BTHidMgr - ok
19:59:41.0526 0x0500 [ FFF2E9961021B3BE82847690F54A2EF5, 394CE849BA6F821C99D1D96BFEE43749DD18F0A5D76109FD7F3117D3636B9318 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
19:59:41.0536 0x0500 BTWUSB - ok
19:59:41.0546 0x0500 catchme - ok
19:59:41.0586 0x0500 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:59:41.0596 0x0500 cbidf2k - ok
19:59:41.0606 0x0500 cd20xrnt - ok
19:59:41.0656 0x0500 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:59:41.0666 0x0500 Cdaudio - ok
19:59:41.0706 0x0500 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:59:41.0717 0x0500 Cdfs - ok
19:59:41.0757 0x0500 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:59:41.0767 0x0500 Cdrom - ok
19:59:41.0777 0x0500 Changer - ok
19:59:41.0837 0x0500 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:59:41.0837 0x0500 CiSvc - ok
19:59:41.0857 0x0500 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:59:41.0867 0x0500 ClipSrv - ok
19:59:41.0917 0x0500 [ 3C4D595E7F9B747325AEF28B4ADCAAE5, 4A283F3E2E659DA996EC16BC8181E9F521BDFDFCF246D0E432D65D2672AC9629 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:59:41.0957 0x0500 clr_optimization_v2.0.50727_32 - ok
19:59:41.0997 0x0500 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:59:41.0997 0x0500 CmBatt - ok
19:59:42.0017 0x0500 CmdIde - ok
19:59:42.0047 0x0500 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:59:42.0057 0x0500 Compbatt - ok
19:59:42.0067 0x0500 COMSysApp - ok
19:59:42.0187 0x0500 [ D5A310D8F315E96884EB06CB453B0A3C, CE7C2244A7128C9D24840D7E447AB2C6F4917273C5029E9E84071D57BF6163AE ] COSIDS_TB C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
19:59:42.0207 0x0500 COSIDS_TB - ok
19:59:42.0227 0x0500 Cpqarray - ok
19:59:42.0277 0x0500 [ 2177A0F611584BCA1DFDD7EEB35C0224, 7B9C74B11152398BAECBBA01A31F4D2009672BDD326E970C144FAD9CB80C444F ] CrypKey License C:\WINDOWS\system32\crypserv.exe
19:59:42.0297 0x0500 CrypKey License - ok
19:59:42.0347 0x0500 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:59:42.0357 0x0500 CryptSvc - ok
19:59:42.0428 0x0500 [ 9B3340E5B94690F8E9509610B2ABC371, 5CE20271B3FC2968E7BB508335854423C46FAF2F03C7D179914613681061E63B ] cyg_bus C:\WINDOWS\system32\DRIVERS\cyg_bus.sys
19:59:42.0438 0x0500 cyg_bus - ok
19:59:42.0478 0x0500 [ 71F31840B56A6DDB4508C3448E7F9DC7, EE7B663842403DBCF35771F11DF12B632A20BD9A872C97741A5719A51E47DC11 ] cyg_ser C:\WINDOWS\system32\DRIVERS\cyg_ser.sys
19:59:42.0498 0x0500 cyg_ser - ok
19:59:42.0508 0x0500 dac2w2k - ok
19:59:42.0528 0x0500 dac960nt - ok
19:59:42.0618 0x0500 [ C868F3AE15CF71A93F2AA3A32856D839, 7F08E40AE8F4F15F110550775183EDA690DBADAC95CF859C98A99B3DF308C8F5 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:59:42.0688 0x0500 DcomLaunch - ok
19:59:42.0758 0x0500 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:59:42.0768 0x0500 Dhcp - ok
19:59:42.0808 0x0500 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:59:42.0818 0x0500 Disk - ok
19:59:42.0838 0x0500 dmadmin - ok
19:59:42.0958 0x0500 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:59:43.0048 0x0500 dmboot - ok
19:59:43.0098 0x0500 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:59:43.0119 0x0500 dmio - ok
19:59:43.0149 0x0500 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:59:43.0149 0x0500 dmload - ok
19:59:43.0189 0x0500 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:59:43.0189 0x0500 dmserver - ok
19:59:43.0219 0x0500 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:59:43.0219 0x0500 DMusic - ok
19:59:43.0239 0x0500 [ 0634B791684B84F4A331F3D3536FEEF8, 562080C56BB92AB41657D43A4D7FA722F6134CF78CA69B58A1D64816234E768D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:59:43.0249 0x0500 Dnscache - ok
19:59:43.0319 0x0500 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:59:43.0329 0x0500 Dot3svc - ok
19:59:43.0349 0x0500 dpti2o - ok
19:59:43.0369 0x0500 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:59:43.0379 0x0500 drmkaud - ok
19:59:43.0449 0x0500 [ 555E54AC2F601A8821CEF58961653991, C094E4BE6903D73C45BEEA21B8E0B65FB94178FF99927640C2C2792F46D543A0 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
19:59:43.0469 0x0500 dtsoftbus01 - ok
19:59:43.0499 0x0500 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:59:43.0509 0x0500 EapHost - ok
19:59:43.0549 0x0500 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:59:43.0549 0x0500 ERSvc - ok
19:59:43.0609 0x0500 [ F7955F5273F7CA5DA13EBEEF4F736C44, 1369D016A9B955EC89F884C95858AA4F101641660E0C278B82787FD1E9D09205 ] eusk2par C:\WINDOWS\system32\Drivers\eusk2par.sys
19:59:43.0619 0x0500 eusk2par - ok
19:59:43.0669 0x0500 [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] Eventlog C:\WINDOWS\system32\services.exe
19:59:43.0689 0x0500 Eventlog - ok
19:59:43.0769 0x0500 [ 260C69FD67687B0DC062FC3D31655857, A491071B09A726BC77FB134D59FF4FAB3EF1E09F785D86E49142B3A25A96C192 ] EventSystem C:\WINDOWS\system32\es.dll
19:59:43.0789 0x0500 EventSystem - ok
19:59:43.0840 0x0500 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:59:43.0850 0x0500 Fastfat - ok
19:59:43.0910 0x0500 [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:59:43.0940 0x0500 FastUserSwitchingCompatibility - ok
19:59:43.0990 0x0500 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:59:44.0000 0x0500 Fdc - ok
19:59:44.0060 0x0500 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:59:44.0060 0x0500 Fips - ok
19:59:44.0100 0x0500 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:59:44.0100 0x0500 Flpydisk - ok
19:59:44.0170 0x0500 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:59:44.0190 0x0500 FltMgr - ok
19:59:44.0220 0x0500 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:59:44.0220 0x0500 Fs_Rec - ok
19:59:44.0280 0x0500 [ AAE37F0F2F613218DCE17B42A18C38DB, 3C235370054E1AB3EFD6E59825B38F63F6B861025ABFE05CAC940B56D17D25BC ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
19:59:44.0290 0x0500 FTDIBUS - ok
19:59:44.0320 0x0500 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:59:44.0340 0x0500 Ftdisk - ok
19:59:44.0380 0x0500 [ 48BFD1BA45C9C9E7AB339E25ABFBA1D2, 950F5C1A6FD00E0AABD090753781729EFFF8157525D0DD127864C27E0F7F21FA ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
19:59:44.0400 0x0500 FTSER2K - ok
19:59:44.0450 0x0500 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:59:44.0460 0x0500 Gpc - ok
19:59:44.0601 0x0500 [ 9DE9A7A19195C57EF38B4EE25422F2D7, EE03EA0F1A1B2DBED01567A0B8C9CF5BCE236FB9E09C9337A9E648982AB6A000 ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys
19:59:44.0671 0x0500 Hardlock - ok
19:59:44.0691 0x0500 hasplms - ok
19:59:44.0741 0x0500 [ 2DD25F060DC9F79B5CDF33D90ED93669, 1095E091B1F42E04B054478E029D166990A375D27E9B9D0D1170F35536462C8E ] Haspnt C:\WINDOWS\system32\drivers\Haspnt.sys
19:59:44.0751 0x0500 Haspnt - ok
19:59:44.0841 0x0500 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:59:44.0851 0x0500 helpsvc - ok
19:59:44.0871 0x0500 HidServ - ok
19:59:44.0911 0x0500 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:59:44.0921 0x0500 HidUsb - ok
19:59:44.0981 0x0500 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:59:45.0001 0x0500 hkmsvc - ok
19:59:45.0021 0x0500 hpn - ok
19:59:45.0181 0x0500 [ A30E97371E38EF45B0757561B2796733, 729044939EB962B9347B2DA7BB9C756A87BFBA445E9A64BD2CFEC2B7403CFC91 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:59:45.0212 0x0500 hpqcxs08 - ok
19:59:45.0262 0x0500 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:59:45.0272 0x0500 HPZid412 - ok
19:59:45.0292 0x0500 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:59:45.0292 0x0500 HPZipr12 - ok
19:59:45.0332 0x0500 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:59:45.0342 0x0500 HPZius12 - ok
19:59:45.0422 0x0500 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:59:45.0462 0x0500 HTTP - ok
19:59:45.0492 0x0500 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:59:45.0522 0x0500 HTTPFilter - ok
19:59:45.0532 0x0500 i2omgmt - ok
19:59:45.0552 0x0500 i2omp - ok
19:59:45.0592 0x0500 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:59:45.0602 0x0500 i8042prt - ok
19:59:45.0682 0x0500 [ 3DB0A9C35A5CF76386AADCEDA014E5E6, A4E769DB76B646B34F896B703CD18D9FAD2197A39526B8D6DDD540515FD2343D ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
19:59:45.0692 0x0500 ialm - ok
19:59:45.0752 0x0500 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:59:45.0752 0x0500 Imapi - ok
19:59:45.0832 0x0500 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:59:45.0852 0x0500 ImapiService - ok
19:59:45.0882 0x0500 ini910u - ok
19:59:45.0933 0x0500 [ 57D928E548B38502ABBA7A77A6EB7312, AD26B8096D918269BD7D9D454BB93850BCE595CE9E2A396F45777E7312396B33 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
19:59:45.0933 0x0500 IntelIde - ok
19:59:45.0953 0x0500 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:59:45.0963 0x0500 intelppm - ok
19:59:46.0003 0x0500 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:59:46.0013 0x0500 Ip6Fw - ok
19:59:46.0073 0x0500 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:59:46.0083 0x0500 IpFilterDriver - ok
19:59:46.0113 0x0500 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:59:46.0123 0x0500 IpInIp - ok
19:59:46.0173 0x0500 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:59:46.0193 0x0500 IpNat - ok
19:59:46.0223 0x0500 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:59:46.0233 0x0500 IPSec - ok
19:59:46.0253 0x0500 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:59:46.0263 0x0500 IRENUM - ok
19:59:46.0283 0x0500 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:59:46.0293 0x0500 isapnp - ok
19:59:46.0363 0x0500 [ 5645290B24D23612D8AE10BBE8BF03CE, 21DC0FFF80748CE3115658BD6CDFF9FC13711ED9E686D25233C3A73535157D0F ] ISODrive C:\Program Files\UltraISO\drivers\ISODrive.sys
19:59:46.0373 0x0500 ISODrive - ok
19:59:46.0443 0x0500 [ 381B25DC8E958D905B33130D500BBF29, DD351662579CD575A9C4A78901D30FFE909432A204B98B8328A00B16769A6838 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
19:59:46.0463 0x0500 JavaQuickStarterService - ok
19:59:46.0503 0x0500 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:59:46.0513 0x0500 Kbdclass - ok
19:59:46.0584 0x0500 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:59:46.0604 0x0500 kmixer - ok
19:59:46.0654 0x0500 [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:59:46.0664 0x0500 KSecDD - ok
19:59:46.0744 0x0500 [ 21920AC69594AB021237054FA728FE46, 01D1E231B85BF3B1979491BE6338EEE4A184AED9B8B113CB9AEFCACFAA7B73E9 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:59:46.0774 0x0500 lanmanserver - ok
19:59:46.0814 0x0500 [ 5190783F51A2D7A8495202C664D7C963, A3ABAC9DB3AE7A200B16E569F0C38007FB8D4F19BEDFB67B2F4229121E242531 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:59:46.0844 0x0500 lanmanworkstation - ok
19:59:46.0864 0x0500 lbrtfdc - ok
19:59:46.0904 0x0500 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:59:46.0924 0x0500 LmHosts - ok
19:59:46.0994 0x0500 [ 5A2257D5D981CEA769005D98D010B61D, C1BE4CED5CE1597A3A0902770742FE652EF0A10F5299D8FB4A0F509402B6D8FD ] MachineTokenService C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
19:59:47.0004 0x0500 MachineTokenService - ok
19:59:47.0034 0x0500 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:59:47.0044 0x0500 Messenger - ok
19:59:47.0094 0x0500 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:59:47.0094 0x0500 mnmdd - ok
19:59:47.0154 0x0500 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:59:47.0174 0x0500 mnmsrvc - ok
19:59:47.0234 0x0500 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:59:47.0244 0x0500 Modem - ok
19:59:47.0274 0x0500 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:59:47.0285 0x0500 Mouclass - ok
19:59:47.0325 0x0500 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:59:47.0335 0x0500 mouhid - ok
19:59:47.0385 0x0500 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:59:47.0395 0x0500 MountMgr - ok
19:59:47.0485 0x0500 [ 817EFA0406E506784AB734CFB7DBD28E, 301C14DFCFE9AA27E93A5161E3BA74A8139EA8778FC9C4AA16623B673B6DD58F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:59:47.0495 0x0500 MozillaMaintenance - ok
19:59:47.0515 0x0500 mraid35x - ok
19:59:47.0565 0x0500 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:59:47.0585 0x0500 MRxDAV - ok
19:59:47.0655 0x0500 [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:59:47.0705 0x0500 MRxSmb - ok
19:59:47.0745 0x0500 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:59:47.0755 0x0500 MSDTC - ok
19:59:47.0775 0x0500 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:59:47.0775 0x0500 Msfs - ok
19:59:47.0785 0x0500 MSIServer - ok
19:59:47.0805 0x0500 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:59:47.0815 0x0500 MSKSSRV - ok
19:59:47.0845 0x0500 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:59:47.0845 0x0500 MSPCLOCK - ok
19:59:47.0855 0x0500 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:59:47.0855 0x0500 MSPQM - ok
19:59:47.0885 0x0500 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:59:47.0885 0x0500 mssmbios - ok
19:59:47.0905 0x0500 [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:59:47.0915 0x0500 Mup - ok
19:59:47.0976 0x0500 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
19:59:47.0996 0x0500 napagent - ok
19:59:48.0046 0x0500 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:59:48.0056 0x0500 NDIS - ok
19:59:48.0086 0x0500 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:59:48.0086 0x0500 NdisTapi - ok
19:59:48.0106 0x0500 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:59:48.0106 0x0500 Ndisuio - ok
19:59:48.0136 0x0500 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:59:48.0146 0x0500 NdisWan - ok
19:59:48.0156 0x0500 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:59:48.0166 0x0500 NDProxy - ok
19:59:48.0236 0x0500 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
19:59:48.0246 0x0500 Net Driver HPZ12 - ok
19:59:48.0286 0x0500 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:59:48.0296 0x0500 NetBIOS - ok
19:59:48.0336 0x0500 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:59:48.0356 0x0500 NetBT - ok
19:59:48.0426 0x0500 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
19:59:48.0446 0x0500 NetDDE - ok
19:59:48.0466 0x0500 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:59:48.0486 0x0500 NetDDEdsdm - ok
19:59:48.0516 0x0500 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:59:48.0526 0x0500 Netlogon - ok
19:59:48.0596 0x0500 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
19:59:48.0626 0x0500 Netman - ok
19:59:48.0656 0x0500 [ 9446D03271BAF3496BBD2957D2732FD2, 8480B4BB52F39B08CF4158443BD37B2EAE7D90B69427F25B43149A1586D1B1EB ] NetWorkX C:\WINDOWS\System32\ckldrv.sys
19:59:48.0666 0x0500 NetWorkX - ok
19:59:48.0707 0x0500 [ AAC97DAB5F8A0573CF10E0EAC42A7724, DF151B3F1C6BBE59E72E3AC1053E6A6D2C60FDB21CD5819E6A69182BB4A90D76 ] Nla C:\WINDOWS\System32\mswsock.dll
19:59:48.0737 0x0500 Nla - ok
19:59:48.0767 0x0500 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:59:48.0777 0x0500 Npfs - ok
19:59:48.0847 0x0500 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:59:48.0897 0x0500 Ntfs - ok
19:59:48.0937 0x0500 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:59:48.0947 0x0500 NtLmSsp - ok
19:59:49.0097 0x0500 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:59:49.0157 0x0500 NtmsSvc - ok
19:59:49.0197 0x0500 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:59:49.0197 0x0500 Null - ok
19:59:49.0247 0x0500 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:59:49.0257 0x0500 NwlnkFlt - ok
19:59:49.0267 0x0500 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:59:49.0277 0x0500 NwlnkFwd - ok
19:59:49.0337 0x0500 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:59:49.0347 0x0500 Parport - ok
19:59:49.0388 0x0500 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:59:49.0388 0x0500 PartMgr - ok
19:59:49.0438 0x0500 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:59:49.0438 0x0500 ParVdm - ok
19:59:49.0468 0x0500 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:59:49.0478 0x0500 PCI - ok
19:59:49.0488 0x0500 PCIDump - ok
19:59:49.0528 0x0500 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:59:49.0538 0x0500 PCIIde - ok
19:59:49.0568 0x0500 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:59:49.0578 0x0500 Pcmcia - ok
19:59:49.0598 0x0500 PDCOMP - ok
19:59:49.0618 0x0500 PDFRAME - ok
19:59:49.0628 0x0500 PDRELI - ok
19:59:49.0648 0x0500 PDRFRAME - ok
19:59:49.0668 0x0500 perc2 - ok
19:59:49.0688 0x0500 perc2hib - ok
19:59:49.0788 0x0500 [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] PlugPlay C:\WINDOWS\system32\services.exe
19:59:49.0798 0x0500 PlugPlay - ok
19:59:49.0858 0x0500 [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
19:59:49.0868 0x0500 Pml Driver HPZ12 - ok
19:59:49.0878 0x0500 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:59:49.0888 0x0500 PolicyAgent - ok
19:59:49.0908 0x0500 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:59:49.0918 0x0500 PptpMiniport - ok
19:59:49.0928 0x0500 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:59:49.0928 0x0500 ProtectedStorage - ok
19:59:49.0938 0x0500 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:59:49.0948 0x0500 PSched - ok
19:59:49.0958 0x0500 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:59:49.0958 0x0500 Ptilink - ok
19:59:49.0968 0x0500 ql1080 - ok
19:59:49.0978 0x0500 Ql10wnt - ok
19:59:49.0988 0x0500 ql12160 - ok
19:59:49.0998 0x0500 ql1240 - ok
19:59:50.0008 0x0500 ql1280 - ok
19:59:50.0038 0x0500 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:59:50.0038 0x0500 RasAcd - ok
19:59:50.0099 0x0500 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:59:50.0119 0x0500 RasAuto - ok
19:59:50.0139 0x0500 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:59:50.0149 0x0500 Rasl2tp - ok
19:59:50.0209 0x0500 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:59:50.0229 0x0500 RasMan - ok
19:59:50.0249 0x0500 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:59:50.0259 0x0500 RasPppoe - ok
19:59:50.0269 0x0500 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:59:50.0279 0x0500 Raspti - ok
19:59:50.0319 0x0500 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:59:50.0339 0x0500 Rdbss - ok
19:59:50.0359 0x0500 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:59:50.0359 0x0500 RDPCDD - ok
19:59:50.0409 0x0500 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:59:50.0439 0x0500 rdpdr - ok
19:59:50.0489 0x0500 [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:59:50.0509 0x0500 RDPWD - ok
19:59:50.0549 0x0500 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:59:50.0569 0x0500 RDSessMgr - ok
19:59:50.0609 0x0500 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:59:50.0619 0x0500 redbook - ok
19:59:50.0659 0x0500 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:59:50.0679 0x0500 RemoteAccess - ok
19:59:50.0719 0x0500 [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:59:50.0739 0x0500 RemoteRegistry - ok
19:59:50.0790 0x0500 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
19:59:50.0790 0x0500 ROOTMODEM - ok
19:59:50.0810 0x0500 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
19:59:50.0830 0x0500 RpcLocator - ok
19:59:50.0890 0x0500 [ C868F3AE15CF71A93F2AA3A32856D839, 7F08E40AE8F4F15F110550775183EDA690DBADAC95CF859C98A99B3DF308C8F5 ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:59:50.0940 0x0500 RpcSs - ok
19:59:50.0960 0x0500 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:59:50.0990 0x0500 RSVP - ok
19:59:51.0030 0x0500 [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:59:51.0040 0x0500 rtl8139 - ok
19:59:51.0090 0x0500 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
19:59:51.0100 0x0500 SamSs - ok
19:59:51.0160 0x0500 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:59:51.0180 0x0500 SCardSvr - ok
19:59:51.0260 0x0500 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:59:51.0290 0x0500 Schedule - ok
19:59:51.0330 0x0500 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:59:51.0330 0x0500 Secdrv - ok
19:59:51.0360 0x0500 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:59:51.0380 0x0500 seclogon - ok
19:59:51.0400 0x0500 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
19:59:51.0420 0x0500 SENS - ok
19:59:51.0471 0x0500 [ DA17773297995D1135DFD1ACEEF07D58, E529A623AD145FFFA535F18BE171EEB810823A7AC01A66A051B2FB0D4ADA0467 ] Sentinel C:\WINDOWS\System32\Drivers\SENTINEL.SYS
19:59:51.0481 0x0500 Sentinel - ok
19:59:51.0521 0x0500 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:59:51.0531 0x0500 serenum - ok
19:59:51.0561 0x0500 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:59:51.0571 0x0500 Serial - ok
19:59:51.0601 0x0500 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:59:51.0601 0x0500 Sfloppy - ok
19:59:51.0711 0x0500 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:59:51.0751 0x0500 SharedAccess - ok
19:59:51.0801 0x0500 [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:59:51.0831 0x0500 ShellHWDetection - ok
19:59:51.0891 0x0500 [ 3EAD8E1668CE42A0AFE41D56E7157BCF, 90A1AA6372356046B28C079954458F42849779FFC48C93AF0549A7673B276EB3 ] silabenm C:\WINDOWS\system32\DRIVERS\silabenm.sys
19:59:51.0901 0x0500 silabenm - ok
19:59:51.0961 0x0500 [ B77C60B4A7848057BDCD0AA07299E8F3, B59F9C0459DADC1D5DD90541B9D4BE69855C16E3ADCD46ACFFAC622347E1F51E ] silabser C:\WINDOWS\system32\DRIVERS\silabser.sys
19:59:51.0971 0x0500 silabser - ok
19:59:51.0991 0x0500 Simbad - ok
19:59:52.0011 0x0500 Sntnlusb - ok
19:59:52.0021 0x0500 Sparrow - ok
19:59:52.0061 0x0500 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:59:52.0071 0x0500 splitter - ok
19:59:52.0141 0x0500 [ CB1090BCA0E7B40D0B5B4E4D66531809, BFA487D989B4C63FB40407A4FC877B54A3104D7394316E9B8A52E77129816B3D ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:59:52.0162 0x0500 Spooler - ok
19:59:52.0222 0x0500 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:59:52.0232 0x0500 sr - ok
19:59:52.0302 0x0500 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
19:59:52.0342 0x0500 srservice - ok
19:59:52.0392 0x0500 [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:59:52.0432 0x0500 Srv - ok
19:59:52.0462 0x0500 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:59:52.0472 0x0500 SSDPSRV - ok
19:59:52.0692 0x0500 [ E855AC5D4B09F651CE96415C557FF92D, 9A7D8C0586CD4034CEBC1A676484C0C52F17F431346C0632D2FE4EB44EB297B0 ] ssinstall C:\WINDOWS\System32\ssins.exe
19:59:52.0832 0x0500 ssinstall - ok
19:59:52.0903 0x0500 [ 0FDAF3B77C4FCCADCBBA97DBBEF817FD, B71B7F35DFB11653C4B3BE26AD8D1FC71386851DD0F73088A0F8B1570545ECFB ] STAC97 C:\WINDOWS\system32\drivers\stac97.sys
19:59:52.0923 0x0500 STAC97 - ok
19:59:52.0953 0x0500 [ 9D1A8732718438DC8C472D4D7762DE5F, B0AA8E791207BB2B66285A89B16B020DAC0B6460AD65EDADE39209ACE6EA0428 ] Start BT in service C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
19:59:52.0963 0x0500 Start BT in service - ok
19:59:53.0013 0x0500 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:59:53.0053 0x0500 stisvc - ok
19:59:53.0073 0x0500 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:59:53.0083 0x0500 swenum - ok
19:59:53.0133 0x0500 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:59:53.0143 0x0500 swmidi - ok
19:59:53.0153 0x0500 SwPrv - ok
19:59:53.0173 0x0500 symc810 - ok
19:59:53.0183 0x0500 symc8xx - ok
19:59:53.0203 0x0500 sym_hi - ok
19:59:53.0213 0x0500 sym_u3 - ok
19:59:53.0233 0x0500 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:59:53.0243 0x0500 sysaudio - ok
19:59:53.0283 0x0500 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:59:53.0303 0x0500 SysmonLog - ok
19:59:53.0353 0x0500 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:59:53.0383 0x0500 TapiSrv - ok
19:59:53.0443 0x0500 [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:59:53.0473 0x0500 Tcpip - ok
19:59:53.0503 0x0500 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:59:53.0503 0x0500 TDPIPE - ok
19:59:53.0533 0x0500 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:59:53.0533 0x0500 TDTCP - ok
19:59:54.0164 0x0500 [ 9A019ABD9CEAA6EA528E5438402907F7, E1B58B376D142B4472C64D020800AE0AC868C8F4EC18EA45D236E0EB8C3CB6F4 ] TeamViewer9 C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
19:59:54.0655 0x0500 TeamViewer9 - ok
19:59:54.0715 0x0500 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:59:54.0715 0x0500 TermDD - ok
19:59:54.0785 0x0500 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
19:59:54.0815 0x0500 TermService - ok
19:59:54.0835 0x0500 [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:59:54.0855 0x0500 Themes - ok
19:59:54.0895 0x0500 [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:59:54.0905 0x0500 TlntSvr - ok
19:59:54.0915 0x0500 TosIde - ok
19:59:54.0936 0x0500 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:59:54.0946 0x0500 TrkWks - ok
19:59:55.0006 0x0500 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:59:55.0016 0x0500 Udfs - ok
19:59:55.0026 0x0500 ultra - ok
19:59:55.0096 0x0500 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:59:55.0116 0x0500 Update - ok
19:59:55.0166 0x0500 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:59:55.0186 0x0500 upnphost - ok
19:59:55.0196 0x0500 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
19:59:55.0206 0x0500 UPS - ok
19:59:55.0256 0x0500 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:59:55.0266 0x0500 usbccgp - ok
19:59:55.0286 0x0500 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:59:55.0286 0x0500 usbehci - ok
19:59:55.0346 0x0500 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:59:55.0356 0x0500 usbhub - ok
19:59:55.0406 0x0500 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:59:55.0406 0x0500 usbprint - ok
19:59:55.0446 0x0500 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:59:55.0446 0x0500 usbscan - ok
19:59:55.0486 0x0500 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:59:55.0486 0x0500 usbstor - ok
19:59:55.0516 0x0500 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:59:55.0516 0x0500 usbuhci - ok
19:59:55.0566 0x0500 [ 51750B0539986186C6931FC40D171521, 8288954D1393D8D3EEECDF79A73FB82E19B03B67022AFE9C20E99134E6E4C8BF ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys
19:59:55.0576 0x0500 VComm - ok
19:59:55.0596 0x0500 [ 6D9C891C0A761AFED1F3609C2E56F2B9, 53A528AB64CE5567C05194D006F066E8ABA572DCF305A42A5915EFE66A127BDA ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys
19:59:55.0606 0x0500 VcommMgr - ok
19:59:55.0657 0x0500 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:59:55.0657 0x0500 VgaSave - ok
19:59:55.0667 0x0500 ViaIde - ok
19:59:55.0717 0x0500 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:59:55.0717 0x0500 VolSnap - ok
19:59:55.0807 0x0500 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
19:59:55.0857 0x0500 VSS - ok
19:59:56.0328 0x0500 [ C89DA341FCC883A3D79DC11727484FC2, F99585F92428721F66DBDA832EC84B62928970DB5E840E37FE2B99ABAA080421 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
19:59:56.0618 0x0500 w29n51 - ok
19:59:56.0668 0x0500 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
19:59:56.0688 0x0500 W32Time - ok
19:59:56.0718 0x0500 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:59:56.0718 0x0500 Wanarp - ok
19:59:56.0798 0x0500 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
19:59:56.0828 0x0500 Wdf01000 - ok
19:59:56.0838 0x0500 WDICA - ok
19:59:56.0858 0x0500 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:59:56.0868 0x0500 wdmaud - ok
19:59:56.0918 0x0500 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:59:56.0938 0x0500 WebClient - ok
19:59:57.0039 0x0500 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:59:57.0049 0x0500 winmgmt - ok
19:59:57.0119 0x0500 [ 6199B2AE3F9DB9CB6DB230471A1DC601, E66C788C3E46AAC2ABB76F6E55E912EB28CF3D4C3D74FE6E85A6FABB7F22A5C9 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
19:59:57.0139 0x0500 WmdmPmSN - ok
19:59:57.0239 0x0500 [ 6538D6BDE04B56737FE743C24D4CE83D, 66F807C849FE7E4ED327915F2901D03D7C4B33530BD2D801C9A47E1483455F91 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:59:57.0309 0x0500 Wmi - ok
19:59:57.0389 0x0500 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:59:57.0399 0x0500 WmiApSrv - ok
19:59:57.0449 0x0500 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:59:57.0459 0x0500 WS2IFSL - ok
19:59:57.0519 0x0500 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:59:57.0549 0x0500 wscsvc - ok
19:59:57.0579 0x0500 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:59:57.0599 0x0500 wuauserv - ok
19:59:57.0720 0x0500 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:59:57.0800 0x0500 WZCSVC - ok
19:59:57.0850 0x0500 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:59:57.0890 0x0500 xmlprov - ok
19:59:57.0960 0x0500 [ 9C4B8EAD60C0CE09C0FCF49F6788BB19, 00715DB179858FABD80D08D86333737688CB6E27D6244F1917E81F54587C034F ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
19:59:57.0980 0x0500 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
19:59:58.0030 0x0500 [ DFEBDCC9E3678FAD34B14867C47C1036, D7B32EE755112677883BD4C7AD1466C978FB7FDC22CDF6D5D078869FD8214F60 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
19:59:58.0050 0x0500 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
19:59:58.0060 0x0500 ================ Scan global ===============================
19:59:58.0120 0x0500 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
19:59:58.0190 0x0500 [ 77A41C497ADB0C96D1E8DF6F71D843C0, 39A425A66B127F91B9A6FB5A0832B51ACD5928645D62D09FDA0AB95D3836E479 ] C:\WINDOWS\system32\winsrv.dll
19:59:58.0280 0x0500 [ 77A41C497ADB0C96D1E8DF6F71D843C0, 39A425A66B127F91B9A6FB5A0832B51ACD5928645D62D09FDA0AB95D3836E479 ] C:\WINDOWS\system32\winsrv.dll
19:59:58.0360 0x0500 [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] C:\WINDOWS\system32\services.exe
19:59:58.0370 0x0500 [ Global ] - ok
19:59:58.0370 0x0500 ================ Scan MBR ==================================
19:59:58.0411 0x0500 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
19:59:58.0631 0x0500 \Device\Harddisk0\DR0 - ok
19:59:58.0631 0x0500 ================ Scan VBR ==================================
19:59:58.0631 0x0500 [ 1B3C6118DA480B9B59322872299D21FE ] \Device\Harddisk0\DR0\Partition1
19:59:58.0641 0x0500 \Device\Harddisk0\DR0\Partition1 - ok
19:59:58.0641 0x0500 [ 9D4D8A3DF9AC7379329461A9C8FDC19D ] \Device\Harddisk0\DR0\Partition2
19:59:58.0641 0x0500 \Device\Harddisk0\DR0\Partition2 - ok
19:59:58.0651 0x0500 ================ Scan generic autorun ======================
19:59:59.0202 0x0500 [ 3F11B20D12D89365D7721BDC860CE5F0, 9F6F8C0F1D39EEBB23E0D6E062F3B57FBC703330300B5EDB64AB1C51B859E56B ] C:\Program Files\AVAST Software\Avast\avastUI.exe
19:59:59.0572 0x0500 avast - ok
19:59:59.0602 0x0500 Waiting for KSN requests completion. In queue: 199
20:00:00.0604 0x0500 Waiting for KSN requests completion. In queue: 199
20:00:01.0605 0x0500 Waiting for KSN requests completion. In queue: 199
20:00:02.0707 0x0500 AV detected via SS1: avast! Antivirus, 5.0.134219217, disabled, updated
20:00:05.0120 0x0500 ============================================================
20:00:05.0120 0x0500 Scan finished
20:00:05.0120 0x0500 ============================================================
20:00:05.0140 0x0294 Detected object count: 0
20:00:05.0140 0x0294 Actual detected object count: 0

#25 Příspěvek od **cernohous13** » 19 zář 2014 06:52

Stahni Avenger zde:
http://swandog46.geekstogo.com/avenger.exe
Spusť a všude souhlas „Yes“
Hlavní okno
http://2i.cz/b9b1b69c4f
dole dej fajfku do obou čtverečků

Do pole „Input script here“ zkopíruj zelený text scriptu -> „Execute“ -> „Yes“
Bude restart a je potřeba vyčkat na otevření Notepadu a jeho obsah sem vložit. (C:\avenger.txt)

Script

Kód: Vybrat vše

Registry values to delete:
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list | C:\Documents and Settings\Uživatel\Local Settings\Temp\winfxtwb.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list | C:\Documents and Settings\Uživatel\Local Settings\Temp\winmrfase.exe

Files to delete:
C:\Documents and Settings\Uživatel\Local Settings\Temp\winfxtwb.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\winmrfase.exe

Misel1 · #26 Příspěvek od **Misel1** » 28 zář 2014 21:49

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Error: could not delete registry value "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list|C:\Documents and Settings\Uživatel\Local Settings\Temp\winfxtwb.exe"
Deletion of registry value "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list|C:\Documents and Settings\Uživatel\Local Settings\Temp\winfxtwb.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: could not delete registry value "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list|C:\Documents and Settings\Uživatel\Local Settings\Temp\winmrfase.exe"
Deletion of registry value "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list|C:\Documents and Settings\Uživatel\Local Settings\Temp\winmrfase.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "C:\Documents and Settings\Uživatel\Local Settings\Temp\winfxtwb.exe" deleted successfully.
File "C:\Documents and Settings\Uživatel\Local Settings\Temp\winmrfase.exe" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

#27 Příspěvek od **cernohous13** » 29 zář 2014 05:50

Tak ještě aktuální RSIT pro dočištění

Misel1 · #28 Příspěvek od **Misel1** » 29 zář 2014 08:14

dam vecer....
jenom pri spusteni toho Avenger, tak to 2x hodilo chybu, ze spravce odmitl udelat upravu registru...

#29 Příspěvek od **cernohous13** » 29 zář 2014 09:36

jj, byly to záznamy v registru jako výjimka ve FW - škodlivé soubory jak se zdá byly smazány - registry dočistíme následně

Misel1 · #30 Příspěvek od **Misel1** » 29 zář 2014 18:48

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2014-09-29 19:46:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 60 GB (75%) free of 80 GB
Total RAM: 1014 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:46:20, on 29.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
C:\WINDOWS\System32\ssins.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\6VGT7DCW\RSIT[1].exe
C:\Program Files\trend micro\Uživatel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COSIDS_TB - TransAction Software, D 81737 Munich - C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
O23 - Service: CrypKey License - CrypKey (Canada) Ltd. - C:\WINDOWS\system32\crypserv.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SOMTS (MachineTokenService) - Unknown owner - C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 4527 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\pounpfoc.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-11-28 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-11-28 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-12-15 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:ipsec"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe:*:Enabled:ipsec"
"C:\Program Files\ProFact 3.0 Free\ProFactFree.exe"="C:\Program Files\ProFact 3.0 Free\ProFactFree.exe:*:Enabled:ipsec"
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Disabled:ipsec"
"C:\ADCDA2\ADBCD.exe"="C:\ADCDA2\ADBCD.exe:*:Enabled:ipsec"
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE"="C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:ipsec"
"C:\WINDOWS\system32\cscript.exe"="C:\WINDOWS\system32\cscript.exe:*:Enabled:ipsec"
"C:\ComboFix\CF10821.3XE"="C:\ComboFix\CF10821.3XE:*:Enabled:ipsec"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfxtwb.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winfxtwb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmrfase.exe"="C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\winmrfase.exe:*:Enabled:ipsec"
"C:\Documents and Settings\Uživatel\Plocha\RSIT.exe"="C:\Documents and Settings\Uživatel\Plocha\RSIT.exe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"SENTINEL"=snti386.dll

======List of files/folders created in the last 1 month======

2014-09-28 22:42:52 ----D---- C:\Avenger
2014-09-28 22:42:51 ----A---- C:\avenger.txt
2014-09-18 19:59:11 ----A---- C:\TDSSKiller.3.0.0.40_18.09.2014_19.59.11_log.txt
2014-09-17 21:19:15 ----D---- C:\Program Files\trend micro
2014-09-17 21:02:37 ----SHD---- C:\RECYCLER
2014-09-17 20:55:05 ----D---- C:\Program Files\CCleaner
2014-09-17 19:47:48 ----A---- C:\ComboFix.txt
2014-09-17 19:44:14 ----D---- C:\WINDOWS\system32\LogFiles
2014-09-17 17:40:53 ----A---- C:\WINDOWS\zip.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\SWREG.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\PEV.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\NIRCMD.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\MBR.exe
2014-09-17 17:40:53 ----A---- C:\WINDOWS\grep.exe
2014-09-17 17:40:52 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-09-17 17:40:52 ----A---- C:\WINDOWS\SWSC.exe
2014-09-17 17:40:52 ----A---- C:\WINDOWS\sed.exe
2014-09-17 17:40:40 ----D---- C:\Qoobox
2014-09-17 17:40:23 ----D---- C:\WINDOWS\erdnt
2014-09-17 17:39:37 ----R---- C:\ComboFix.exe
2014-09-16 20:38:17 ----D---- C:\_OTM

======List of files/folders modified in the last 1 month======

2014-09-29 19:46:17 ----D---- C:\WINDOWS\Prefetch
2014-09-29 19:44:35 ----D---- C:\WINDOWS\system32\drivers
2014-09-29 19:44:05 ----D---- C:\WINDOWS\Temp
2014-09-28 22:44:29 ----A---- C:\WINDOWS\win.ini
2014-09-28 22:42:52 ----RD---- C:\Program Files
2014-09-28 22:42:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-18 19:57:44 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-09-18 19:57:38 ----D---- C:\Program Files\Mozilla Firefox
2014-09-18 19:40:58 ----AD---- C:\WINDOWS
2014-09-17 21:02:41 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DAEMON Tools Lite
2014-09-17 21:02:38 ----D---- C:\WINDOWS\Minidump
2014-09-17 21:02:38 ----D---- C:\WINDOWS\Debug
2014-09-17 19:44:14 ----AD---- C:\WINDOWS\system32
2014-09-17 19:43:57 ----A---- C:\WINDOWS\system.ini
2014-09-17 19:43:33 ----D---- C:\WINDOWS\system32\drivers\etc
2014-09-17 19:42:12 ----D---- C:\WINDOWS\system32\config
2014-09-17 19:38:00 ----D---- C:\WINDOWS\AppPatch
2014-09-17 19:37:53 ----D---- C:\Program Files\Common Files
2014-09-17 19:32:49 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-17 17:34:29 ----SHD---- C:\WINDOWS\Installer
2014-09-17 17:34:29 ----D---- C:\Config.Msi
2014-09-17 17:09:43 ----HD---- C:\WINDOWS\inf
2014-09-17 17:09:42 ----D---- C:\Program Files\avast free antivirus plna verze zdarma cz rar
2014-09-17 14:50:59 ----D---- C:\Program Files\Chiave Hardware Eutron
2014-09-16 20:39:11 ----D---- C:\WINDOWS\twain_32

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-11-27 175176]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-11-27 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-11-27 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 218688]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 NetWorkX;NetworkX; C:\WINDOWS\System32\ckldrv.sys [2010-03-19 23360]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-04-06 73216]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-12-16 122942]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-12-16 99002]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-01-23 1166336]
R3 amsint32;amsint32; \??\C:\WINDOWS\system32\drivers\ktigqn.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-12-16 95579]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-10-17 247920]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-10-29 55320]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cyg_bus;Cygnal USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\cyg_bus.sys [2007-10-24 51040]
S3 cyg_ser;CP2101 USB to UART Bridge Controller Drivers; C:\WINDOWS\system32\DRIVERS\cyg_ser.sys [2007-10-24 82704]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2011-10-14 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2011-10-14 61312]
S3 Sntnlusb;Sntnlusb; C:\WINDOWS\System32\Drivers\SNTNLUSB.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 COSIDS_TB;COSIDS_TB; C:\PROGRA~1\COSIDS\BIN\TbMux32.exe [2001-11-20 165376]
R2 CrypKey License;CrypKey License; C:\WINDOWS\system32\crypserv.exe [2010-03-18 126976]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2008-03-19 2558464]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-11-28 153376]
R2 MachineTokenService;SOMTS; C:\Mitchell1\OnDemand5\Mitchell1.Security.MachineTokenService.exe [2011-05-10 57344]
R2 ssinstall;SInstalátor; C:\WINDOWS\System32\ssins.exe [2014-05-14 2324216]
R2 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-06-16 5037888]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2008-03-19 166520]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-12 114288]

-----------------EOF-----------------

VIRY.CZ

NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna

Re: NB pomaly a vyskakuji okna