VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Centrum zabezpečení nelze spustit

https://forum.viry.cz:443/viewtopic.php?t=127530

Stránka 2 z 4

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 22:31
od vyosek
Poprosim o DDS http://forum.viry.cz/viewtopic.php?f=24&t=123680

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 22:38
od radim
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_37
Run by Radim at 22:36:34 on 2013-01-23
#Option Extended Search is enabled.
#Option Whitelisting is disabled.
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2381 [GMT 1:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Safari\Safari.exe
C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.centrum.cz/#utm_source=icq&utm_medium=generic
uLocal Page = C:\Windows\System32\blank.htm
uSearch Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
mStart Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
uProxyOverride = *.local
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: Microsoft Url Search Hook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
dURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
dURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Shell = explorer.exe
mWinlogon: Userinit = C:\Windows\System32\userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: WebTransBHO Class: {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: WebTranslator: {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
uRun: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Radim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GIGABY~1.LNK - C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableInstallerDetection = dword:1
mPolicies-System: EnableLUA = dword:1
mPolicies-System: EnableSecureUIAPaths = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableVirtualization = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:1
mPolicies-System: ValidateAdminCodeSignatures = dword:0
mPolicies-System: dontdisplaylastusername = dword:0
mPolicies-System: scforceoption = dword:0
mPolicies-System: shutdownwithoutlogon = dword:1
mPolicies-System: undockwithoutlogon = dword:1
mPolicies-System: FilterAdministratorToken = dword:0
mPolicies-System: EnableLinkedConnections = dword:1
mPolicies-System: DisableRegistryTools = dword:0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
LSP: %SystemRoot%\system32\mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{E8638410-AA74-4AEE-9CCA-3959AB13AA6A} : DHCPNameServer = 10.0.0.138
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
Handler: msdaipp - <Clsid value has no data>
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
SecurityProviders: SecurityProviders = credssp.dll
LSA: Authentication Packages = msv1_0
LSA: Notification Packages = scecli
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 winsrv:ConServerDllInitialization,2 sxssrv,4
mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
mASetup: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
mASetup: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\System32\themeui.dll
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
x64-mStart Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
x64-mLocal Page = C:\Windows\System32\blank.htm
x64-mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
x64-mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mSearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
x64-mCustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
x64-mWinlogon: Shell = Explorer.exe
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,
x64-mWinlogon: SFCDisable = dword:0
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll
x64-Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
x64-Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - <orphaned>
x64-Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: msdaipp - <Clsid value has no data>
x64-Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
x64-mASetup: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
x64-mASetup: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\System32\themeui.dll
x64-mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
x64-mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
x64-mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Radim\AppData\Roaming\Mozilla\Firefox\Profiles\yc4pjbi5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\browser\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
FF - plugin: C:\Users\Radim\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2011-05-01 18:38; {972ce4c6-7e08-4474-a285-3208198ce6fd}; C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - ExtSQL: 2011-09-22 17:40; {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}; C:\Users\Radim\AppData\Roaming\Mozilla\Firefox\Profiles\yc4pjbi5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - ExtSQL: 2011-10-08 06:34; {800b5000-a755-47e1-992b-48a1c1357f07}; C:\Users\Radim\AppData\Roaming\Mozilla\Firefox\Profiles\yc4pjbi5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - ExtSQL: 2011-11-23 12:04; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2012-06-27 09:47; {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF - ExtSQL: 2012-09-04 06:33; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF - ExtSQL: 2012-10-22 12:35; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 ACPI;Ovladač standardu ACPI společnosti Microsoft;C:\Windows\System32\drivers\acpi.sys [2011-5-1 334208]
R0 amdxata;amdxata;C:\Windows\System32\drivers\amdxata.sys [2011-4-27 27008]
R0 atapi;Kanál IDE;C:\Windows\System32\drivers\atapi.sys [2009-7-14 24128]
R0 CLFS;Systém souborů CLFS;C:\Windows\System32\clfs.sys [2009-7-14 367696]
R0 CNG;CNG;C:\Windows\System32\drivers\cng.sys [2012-7-11 458704]
R0 Disk;Ovladač disku;C:\Windows\System32\drivers\disk.sys [2009-7-14 73280]
R0 FileInfo;File Information FS MiniFilter;C:\Windows\System32\drivers\fileinfo.sys [2009-7-14 70224]
R0 FltMgr;Správce filtrů;C:\Windows\System32\drivers\fltMgr.sys [2011-5-1 289664]
R0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;C:\Windows\System32\drivers\fvevol.sys [2011-5-1 223248]
R0 hwpolicy;Hardware Policy Driver;C:\Windows\System32\drivers\hwpolicy.sys [2011-5-1 14720]
R0 intelide;intelide;C:\Windows\System32\drivers\intelide.sys [2009-7-14 16960]
R0 KSecDD;KSecDD;C:\Windows\System32\drivers\ksecdd.sys [2012-7-11 95600]
R0 KSecPkg;KSecPkg;C:\Windows\System32\drivers\ksecpkg.sys [2012-7-11 151920]
R0 mountmgr;Správce přípojných bodů;C:\Windows\System32\drivers\mountmgr.sys [2011-5-1 94592]
R0 msisadrv;msisadrv;C:\Windows\System32\drivers\msisadrv.sys [2009-7-14 15424]
R0 Mup;Mup;C:\Windows\System32\drivers\mup.sys [2009-7-14 60496]
R0 NDIS;Systémový ovladač rozhraní NDIS;C:\Windows\System32\drivers\ndis.sys [2012-9-12 950128]
R0 partmgr;Správce oddílů;C:\Windows\System32\drivers\partmgr.sys [2012-5-12 75120]
R0 pci;Řadič sběrnice PCI;C:\Windows\System32\drivers\pci.sys [2011-5-1 184704]
R0 pcw;Performance Counters for Windows Driver;C:\Windows\System32\drivers\pcw.sys [2009-7-14 50768]
R0 rdyboost;ReadyBoost;C:\Windows\System32\drivers\rdyboost.sys [2011-5-1 213888]
R0 spldr;Security Processor Loader Driver;C:\Windows\System32\drivers\spldr.sys [2009-7-13 19008]
R0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;C:\Windows\System32\drivers\vmstorfl.sys [2011-5-1 46464]
R0 Tcpip;Ovladač protokolu TCP/IP;C:\Windows\System32\drivers\tcpip.sys [2012-11-14 1914248]
R0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;C:\Windows\System32\drivers\vdrvroot.sys [2009-7-14 36432]
R0 vmbus;Sběrnice virtuálního počítače;C:\Windows\System32\drivers\vmbus.sys [2011-5-1 199552]
R0 volmgr;Ovladač správce svazků;C:\Windows\System32\drivers\volmgr.sys [2011-5-1 71552]
R0 volmgrx;Správce dynamických svazků;C:\Windows\System32\drivers\volmgrx.sys [2011-5-1 363392]
R0 volsnap;Svazky úložiště;C:\Windows\System32\drivers\volsnap.sys [2011-5-1 295808]
R0 Wdf01000;Služba Architektura ovladačů v režimu jádra;C:\Windows\System32\drivers\Wdf01000.sys [2012-11-14 785512]
R1 AFD;Ancillary Function Driver for Winsock;C:\Windows\System32\drivers\afd.sys [2012-2-16 498688]
R1 Beep;Beep;C:\Windows\System32\drivers\beep.sys [2009-7-14 6656]
R1 blbdrive;blbdrive;C:\Windows\System32\drivers\blbdrive.sys [2009-7-14 45056]
R1 cdrom;Ovladač jednotky CD-ROM;C:\Windows\System32\drivers\cdrom.sys [2011-5-1 147456]
R1 CSC;Ovladač souborů pro režim offline;C:\Windows\System32\drivers\csc.sys [2011-5-1 514560]
R1 DfsC;DFS Namespace Client Driver;C:\Windows\System32\drivers\dfsc.sys [2011-5-1 102400]
R1 discache;System Attribute Cache;C:\Windows\System32\drivers\discache.sys [2009-7-14 40448]
R1 ISODrive;ISO DVD/CD-ROM Device Driver;C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2011-7-12 115600]
R1 Msfs;Msfs;C:\Windows\System32\drivers\msfs.sys [2009-7-14 26112]
R1 mssmbios;Ovladač Microsoft System Management BIOS;C:\Windows\System32\drivers\mssmbios.sys [2009-7-14 32320]
R1 NetBIOS;NetBIOS Interface;C:\Windows\System32\drivers\netbios.sys [2009-7-14 44544]
R1 NetBT;NetBT;C:\Windows\System32\drivers\netbt.sys [2011-5-1 261632]
R1 Npfs;Npfs;C:\Windows\System32\drivers\npfs.sys [2009-7-14 44032]
R1 nsiproxy;NSI proxy service driver.;C:\Windows\System32\drivers\nsiproxy.sys [2009-7-14 24576]
R1 Null;Null;C:\Windows\System32\drivers\null.sys [2009-7-14 6144]
R1 Psched;Plánovač paketů technologie QoS;C:\Windows\System32\drivers\pacer.sys [2011-5-1 131584]
R1 rdbss;Podsystém přesměrovaného ukládání do vyrovnávací paměti;C:\Windows\System32\drivers\rdbss.sys [2011-5-1 309248]
R1 RDPCDD;RDPCDD;C:\Windows\System32\drivers\RDPCDD.sys [2009-7-14 7680]
R1 RDPENCDD;RDP Encoder Mirror Driver;C:\Windows\System32\drivers\RDPENCDD.sys [2009-7-14 7680]
R1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;C:\Windows\System32\drivers\RDPREFMP.sys [2009-7-14 8192]
R1 Serial;Ovladač sériového portu;C:\Windows\System32\drivers\serial.sys [2009-7-14 94208]
R1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;C:\Windows\System32\drivers\tdx.sys [2011-5-1 119296]
R1 TermDD;Ovladač terminálového zařízení;C:\Windows\System32\drivers\termdd.sys [2011-5-1 63360]
R1 VD_FileDisk;VD_FileDisk;C:\Windows\System32\drivers\vd_filedisk.sys [2011-1-26 30312]
R1 VgaSave;VgaSave;C:\Windows\System32\drivers\vga.sys [2009-7-14 29184]
R1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;C:\Windows\System32\drivers\wanarp.sys [2011-5-1 88576]
R1 WfpLwf;WFP Lightweight Filter;C:\Windows\System32\drivers\wfplwf.sys [2009-7-14 12800]
R1 ws2ifsl;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS;C:\Windows\System32\drivers\ws2ifsl.sys [2009-7-14 21504]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 Apple Mobile Device;Apple Mobile Device;C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 AudioSrv;Zvuk systému Windows;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 BFE;Služba BFE (Base Filtering Engine);C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
R2 Bonjour Service;Bonjour Service;C:\Program Files\Bonjour\mDNSResponder.exe [2011-8-30 462184]
R2 CryptSvc;Šifrování;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R2 CscService;Offline soubory;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 DcomLaunch;Spouštěč procesů serveru DCOM;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-14 27136]
R2 Dhcp;Klient DHCP;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 Dnscache;Klient DNS;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R2 DPS;Služba DPS (Diagnostic Policy Service);C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
R2 eventlog;Protokol událostí systému Windows;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 EventSystem;Systém událostí COM+;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R2 FDResPub;Publikování prostředků rozpoznávání funkcí;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
R2 FontCache;Mezipaměť písem Windows;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
R2 gpsvc;Klient zásad skupiny;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 iphlpsvc;Pomocná služba protokolu IP;C:\Windows\System32\svchost.exe -k NetSvcs [2009-7-14 27136]
R2 LanmanServer;Server;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 LanmanWorkstation;Pracovní stanice;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service;C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;C:\Windows\System32\drivers\lltdio.sys [2009-7-14 60928]
R2 lmhosts;Podpora rozhraní NetBIOS nad protokolem TCP/IP;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;C:\Windows\System32\drivers\luafv.sys [2009-7-14 113152]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-20 682344]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-20 398184]
R2 MMCSS;Služba Plánovač multimédií;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 MpsSvc;Brána Windows Firewall;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
R2 NlaSvc;Sledování umístění v síti (NLA);C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R2 nsi;Služba rozhraní síťového úložiště;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R2 nvsvc;NVIDIA Display Driver Service;C:\Windows\System32\nvvsvc.exe [2010-4-3 891240]
R2 PcaSvc;Program Compatibility Assistant Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 PEAUTH;PEAUTH;C:\Windows\System32\drivers\PEAuth.sys [2009-7-14 651264]
R2 PlugPlay;Plug and Play;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-14 27136]
R2 PnkBstrA;PnkBstrA;C:\Windows\System32\PnkBstrA.exe --> C:\Windows\System32\PnkBstrA.exe [?]
R2 Power;Napájení;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-14 27136]
R2 ProfSvc;Služba Profil uživatele;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;C:\Windows\System32\svchost.exe -k RPCSS [2009-7-14 27136]
R2 RpcSs;Vzdálené volání procedur (RPC);C:\Windows\System32\svchost.exe -k rpcss [2009-7-14 27136]
R2 rspndr;Link-Layer Topology Discovery Responder;C:\Windows\System32\drivers\rspndr.sys [2009-7-14 76800]
R2 SamSs;Správce zabezpečení účtů;C:\Windows\System32\lsass.exe [2012-1-31 31232]
R2 secdrv;Security Driver;C:\Windows\System32\drivers\secdrv.sys [2009-7-14 23040]
R2 seclogon;Sekundární přihlašování;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 SENS;Služba oznamování událostí systému;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 ServiceLayer;ServiceLayer;C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-6-11 724376]
R2 ShellHWDetection;Rozpoznávání hardwaru;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 Schedule;Plánovač úloh;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 Spooler;Služba zařazování tisku;C:\Windows\System32\spoolsv.exe [2012-8-15 559104]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 stisvc;Načítání obrázků (WIA);C:\Windows\System32\svchost.exe -k imgsvc [2009-7-14 27136]
R2 SysMain;Superfetch;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 tcpipreg;TCP/IP Registry Compatibility;C:\Windows\System32\drivers\tcpipreg.sys [2012-11-14 45568]
R2 Themes;Motivy;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 TrkWks;Klient služby Sledování distribuovaných odkazů;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 UxSms;Správce relací správce oken plochy;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 Winmgmt;Služba WMI;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-8-18 2291568]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing;C:\Program Files\Windows Media Player\wmpnetwk.exe [2011-5-1 1525248]
R2 WSearch;Windows Search;C:\Windows\System32\SearchIndexer.exe [2011-6-29 591872]
R2 wuauserv;Windows Update;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 wudfsvc;Platforma WDF (Windows Driver Foundation) – platforma ovladače v uživatelském režimu;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R3 AeLookupSvc;Funkčnost aplikací;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 Appinfo;Informace o aplikaci;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 BITS;Služba inteligentního přenosu na pozadí;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 bowser;Ovladač podpory prohlížeče;C:\Windows\System32\drivers\bowser.sys [2011-4-16 90624]
R3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;C:\Windows\System32\drivers\CompositeBus.sys [2011-5-1 38912]
R3 DXGKrnl;LDDM Graphics Subsystem;C:\Windows\System32\drivers\dxgkrnl.sys [2011-5-1 982912]
R3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 HDAudBus;Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio;C:\Windows\System32\drivers\hdaudbus.sys [2011-5-1 122368]
R3 HidUsb;Ovladač třídy standardu HID Microsoft;C:\Windows\System32\drivers\hidusb.sys [2011-5-1 30208]
R3 HomeGroupListener;Naslouchací proces domácí skupiny;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R3 HomeGroupProvider;Zprostředkovatel domácích skupin;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R3 HTTP;HTTP;C:\Windows\System32\drivers\http.sys [2011-5-1 753664]
R3 intelppm;Ovladač procesoru Intel;C:\Windows\System32\drivers\intelppm.sys [2009-7-14 62464]
R3 kbdclass;Keyboard Class Driver;C:\Windows\System32\drivers\kbdclass.sys [2009-7-14 50768]
R3 kbdhid;Ovladač klávesnice standardu HID;C:\Windows\System32\drivers\kbdhid.sys [2011-5-1 33280]
R3 KeyIso;Izolace klíče CNG;C:\Windows\System32\lsass.exe [2012-1-31 31232]
R3 ksthunk;Kernel Streaming Thunks;C:\Windows\System32\drivers\ksthunk.sys [2009-7-14 20992]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-20 24176]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft;C:\Windows\System32\drivers\monitor.sys [2009-7-14 30208]
R3 mouclass;Mouse Class Driver;C:\Windows\System32\drivers\mouclass.sys [2009-7-14 49216]
R3 mouhid;Ovladač myši standardu HID;C:\Windows\System32\drivers\mouhid.sys [2009-7-14 31232]
R3 mpsdrv;Ovladač ověření brány Windows Firewall;C:\Windows\System32\drivers\mpsdrv.sys [2009-7-14 77312]
R3 mrxsmb;Obálka a jádro minipřesměrovačů SMB;C:\Windows\System32\drivers\mrxsmb.sys [2011-6-16 158208]
R3 mrxsmb10;Mini-přesměrovač SMB 1.x;C:\Windows\System32\drivers\mrxsmb10.sys [2011-8-11 288768]
R3 mrxsmb20;Mini-přesměrovač SMB 2.0;C:\Windows\System32\drivers\mrxsmb20.sys [2011-6-16 128000]
R3 NdisTapi;Ovladač Remote Access NDIS TAPI;C:\Windows\System32\drivers\ndistapi.sys [2009-7-14 24064]
R3 NdisWan;Ovladač Remote Access NDIS WAN;C:\Windows\System32\drivers\ndiswan.sys [2011-5-1 164352]
R3 NDProxy;NDIS Proxy;C:\Windows\System32\drivers\ndproxy.sys [2011-5-1 57856]
R3 Netman;Síťová připojení;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R3 netprofm;Služba seznamu sítí;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 Ntfs;Ntfs;C:\Windows\System32\drivers\ntfs.sys [2012-10-10 1659760]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2012-10-7 189288]
R3 nvlddmkm;nvlddmkm;C:\Windows\System32\drivers\nvlddmkm.sys [2012-10-13 13443944]
R3 p2pimsvc;Správce identit sítě rovnocenných počítačů;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-14 27136]
R3 p2psvc;Seskupování v sítích peer-to-peer;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-14 27136]
R3 Parport;Ovladač paralelního portu;C:\Windows\System32\drivers\parport.sys [2009-7-14 97280]
R3 PNRPsvc;Protokol PNRP (Peer Name Resolution Protocol);C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-14 27136]
R3 PolicyAgent;Agent zásad protokolu IPsec;C:\Windows\System32\svchost.exe -k NetworkServiceNetworkRestricted [2009-7-14 27136]
R3 PptpMiniport;Připojení WAN Miniport (PPTP);C:\Windows\System32\drivers\raspptp.sys [2011-5-1 111104]
R3 RasAgileVpn;WAN Miniport (IKEv2);C:\Windows\System32\drivers\agilevpn.sys [2009-7-14 60416]
R3 Rasl2tp;Připojení WAN Miniport (L2TP);C:\Windows\System32\drivers\rasl2tp.sys [2011-5-1 129536]
R3 RasMan;Správce vzdáleného přístupu;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 RasPppoe;Ovladač pro vzdálený přístup PPPOE;C:\Windows\System32\drivers\raspppoe.sys [2009-7-14 92672]
R3 RasSstp;Připojení WAN Miniport (SSTP);C:\Windows\System32\drivers\rassstp.sys [2009-7-14 83968]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver;C:\Windows\System32\drivers\rdpbus.sys [2009-7-14 24064]
R3 Serenum;Ovladač filtru Serenum;C:\Windows\System32\drivers\serenum.sys [2009-7-14 23552]
R3 srv;Ovladač pro server SMB 1.xxx;C:\Windows\System32\drivers\srv.sys [2011-6-16 467456]
R3 srv2;Ovladač pro server SMB 2.xxx;C:\Windows\System32\drivers\srv2.sys [2011-6-16 410112]
R3 srvnet;srvnet;C:\Windows\System32\drivers\srvnet.sys [2011-6-16 168448]
R3 SSDPSRV;SSDP Discovery;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
R3 SstpSvc;Služba SSTP (Secure Socket Tunneling Protocol);C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 swenum;Softwarový ovladač sběrnice;C:\Windows\System32\drivers\swenum.sys [2009-7-14 12496]
R3 TapiSrv;Telefonní subsystém;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R3 TrustedInstaller;Instalační služba modulů systému Windows;C:\Windows\servicing\TrustedInstaller.exe [2011-5-1 194048]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver;C:\Windows\System32\drivers\tunnel.sys [2011-5-1 125440]
R3 umbus;Ovladač sběrnice UMBus Enumerator;C:\Windows\System32\drivers\umbus.sys [2011-5-1 48640]
R3 upnphost;Hostitel zařízení UPnP;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
R3 usbehci;Ovladač miniportu vylepšeného hostitelského řadiče Microsoft USB 2.0;C:\Windows\System32\drivers\usbehci.sys [2011-5-10 52736]
R3 usbhub;Ovladač standardního rozbočovače USB;C:\Windows\System32\drivers\usbhub.sys [2011-5-10 343040]
R3 usbuhci;Ovladač miniportu univerzálního hostitelského řadiče Microsoft USB;C:\Windows\System32\drivers\usbuhci.sys [2011-5-10 30720]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-11-30 1276928]
R3 WdiServiceHost;Hostitel diagnostické služby;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 WdiSystemHost;Hostitel diagnostického systému;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R3 WinHttpAutoProxySvc;Služba WinHTTP WPAD;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 WudfPf;User Mode Driver Frameworks Platform Driver;C:\Windows\System32\drivers\WUDFPf.sys [2012-11-14 87040]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-1 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-7 1258856]
S2 SharedAccess;Sdílení připojení k Internetu (ICS);C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 sppsvc;Ochrana softwaru;C:\Windows\System32\sppsvc.exe [2011-5-1 3524608]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;C:\Windows\System32\drivers\1394ohci.sys [2011-5-1 229888]
S3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;C:\Windows\System32\drivers\acpipmi.sys [2011-5-1 12800]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 251400]
S3 adp94xx;adp94xx;C:\Windows\System32\drivers\adp94xx.sys [2009-6-10 491088]
S3 adpahci;adpahci;C:\Windows\System32\drivers\adpahci.sys [2009-7-13 339536]
S3 adpu320;adpu320;C:\Windows\System32\drivers\adpu320.sys [2009-7-13 182864]
S3 agp440;Filtr Intel sběrnice AGP;C:\Windows\System32\drivers\AGP440.sys [2009-7-14 61008]
S3 ALG;Brána aplikační vrstvy;C:\Windows\System32\alg.exe [2009-7-14 79360]
S3 aliide;aliide;C:\Windows\System32\drivers\aliide.sys [2009-7-14 15440]
S3 amdide;amdide;C:\Windows\System32\drivers\amdide.sys [2009-7-14 15440]
S3 AmdK8;AMD K8 Processor Driver;C:\Windows\System32\drivers\amdk8.sys [2009-7-14 64512]
S3 AmdPPM;AMD Processor Driver;C:\Windows\System32\drivers\amdppm.sys [2009-7-14 60928]
S3 amdsata;amdsata;C:\Windows\System32\drivers\amdsata.sys [2011-4-27 107904]
S3 amdsbs;amdsbs;C:\Windows\System32\drivers\amdsbs.sys [2009-6-10 194128]
S3 AppID;Ovladač AppID;C:\Windows\System32\drivers\appid.sys [2011-5-1 61440]
S3 AppIDSvc;Identita aplikace;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 AppMgmt;Správa aplikací;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 arc;arc;C:\Windows\System32\drivers\arc.sys [2009-7-13 87632]
S3 arcsas;arcsas;C:\Windows\System32\drivers\arcsas.sys [2009-7-13 97856]
S3 aspnet_state;Stavová služba ASP.NET;C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe --> C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [?]
S3 AsyncMac;Ovladač asynchronních médií připojení RAS;C:\Windows\System32\drivers\asyncmac.sys [2009-7-14 23040]
S3 AxInstSV;Instalační program ovládacích prvků ActiveX (AxInstSV);C:\Windows\System32\svchost.exe -k AxInstSVGroup [2009-7-14 27136]
S3 b06bdrv;Broadcom NetXtreme II VBD;C:\Windows\System32\drivers\bxvbda.sys [2009-6-10 468480]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\b57nd60a.sys [2009-6-10 270848]
S3 BDESVC;Služba BitLocker Drive Encryption;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;C:\Windows\System32\drivers\BrFiltLo.sys [2009-7-14 18432]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;C:\Windows\System32\drivers\BrFiltUp.sys [2009-7-14 8704]
S3 BridgeMP;Miniport mostu MAC;C:\Windows\System32\drivers\bridge.sys [2009-7-14 95232]
S3 Browser;Prohledávání počítačů;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM);C:\Windows\System32\drivers\BrSerId.sys [2009-7-14 286720]
S3 BrSerWdm;Brother WDM Serial driver;C:\Windows\System32\drivers\BrSerWdm.sys [2009-7-14 47104]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;C:\Windows\System32\drivers\BrUsbMdm.sys [2009-7-14 14976]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\Windows\System32\drivers\BrUsbSer.sys [2009-7-14 14720]
S3 BTHMODEM;Bluetooth Serial Communications Driver;C:\Windows\System32\drivers\bthmodem.sys [2009-7-14 72192]
S3 bthserv;Služba pro podporu technologie Bluetooth;C:\Windows\System32\svchost.exe -k bthsvcs [2009-7-14 27136]
S3 CertPropSvc;Šíření certifikátů;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 circlass;Consumer IR Devices;C:\Windows\System32\drivers\circlass.sys [2009-7-14 45568]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver;C:\Windows\System32\drivers\CmBatt.sys [2009-7-14 17664]
S3 cmdide;cmdide;C:\Windows\System32\drivers\cmdide.sys [2009-7-14 17488]
S3 Compbatt;Compbatt;C:\Windows\System32\drivers\compbatt.sys [2009-7-14 21584]
S3 COMSysApp;Systémová aplikace modelu COM+;C:\Windows\System32\dllhost.exe [2009-7-14 9728]
S3 defragsvc;Defragmentace disku;C:\Windows\System32\svchost.exe -k defragsvc [2009-7-14 27136]
S3 dot3svc;Wired AutoConfig Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 drmkaud;Ovladače zvuku považované společností Microsoft za důvěryhodné;C:\Windows\System32\drivers\drmkaud.sys [2009-7-14 5632]
S3 EapHost;Protokol EAP (Extensible Authentication Protocol);C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;C:\Windows\System32\drivers\evbda.sys [2009-6-10 3286016]
S3 EFS;Systém souborů EFS (Encrypting File System);C:\Windows\System32\lsass.exe [2012-1-31 31232]
S3 ehRecvr;Služba přijímače aplikace Windows Media Center;C:\Windows\ehome\ehrecvr.exe [2011-5-1 696832]
S3 ehSched;Služba plánování aplikace Windows Media Center;C:\Windows\ehome\ehsched.exe [2009-7-14 127488]
S3 elxstor;elxstor;C:\Windows\System32\drivers\elxstor.sys [2009-6-10 530496]
S3 ErrDev;Ovladače chybového zařízení hardwaru Microsoft;C:\Windows\System32\drivers\errdev.sys [2009-7-14 9728]
S3 exfat;exFAT File System Driver;C:\Windows\System32\drivers\exfat.sys [2009-7-14 195072]
S3 fastfat;FAT12/16/32 File System Driver;C:\Windows\System32\drivers\fastfat.sys [2009-7-14 204800]
S3 Fax;Fax;C:\Windows\System32\FXSSVC.exe [2011-5-1 689152]
S3 fdc;Floppy Disk Controller Driver;C:\Windows\System32\drivers\fdc.sys [2009-7-14 29696]
S3 Filetrace;Filetrace;C:\Windows\System32\drivers\filetrace.sys [2009-7-14 34304]
S3 flpydisk;Floppy Disk Driver;C:\Windows\System32\drivers\flpydisk.sys [2009-7-14 24576]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [2011-5-1 42856]
S3 FsDepends;File System Dependency Minifilter;C:\Windows\System32\drivers\fsdepends.sys [2009-7-14 55376]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;C:\Windows\System32\drivers\GAGP30KX.SYS [2009-7-14 65088]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-1 136176]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver;C:\Windows\System32\drivers\hcw85cir.sys [2009-7-13 31232]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio;C:\Windows\System32\drivers\HdAudio.sys [2011-5-1 350208]
S3 HidBatt;HID UPS Battery Driver;C:\Windows\System32\drivers\hidbatt.sys [2009-7-14 26624]
S3 HidBth;Microsoft Bluetooth HID Miniport;C:\Windows\System32\drivers\hidbth.sys [2009-7-14 100864]
S3 HidIr;Microsoft Infrared HID Driver;C:\Windows\System32\drivers\hidir.sys [2009-7-14 46592]
S3 hidserv;Přístup k zařízením standardu HID;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 hkmsvc;Správa klíčů a certifikátů stavu;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 HpSAMD;HpSAMD;C:\Windows\System32\drivers\HpSAMD.sys [2011-5-1 78720]
S3 i8042prt;Ovladač portu klávesnice i8042 a myši PS/2;C:\Windows\System32\drivers\i8042prt.sys [2009-7-14 105472]
S3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;C:\Windows\System32\drivers\iaStorV.sys [2011-4-27 410496]
S3 IDriverT;InstallDriver Table Manager;C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-4-4 69632]
S3 idsvc;Služba Windows CardSpace;C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2011-5-1 856400]
S3 iirsp;iirsp;C:\Windows\System32\drivers\iirsp.sys [2009-7-13 44112]
S3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 IpFilterDriver;IP Traffic Filter Driver;C:\Windows\System32\drivers\ipfltdrv.sys [2011-5-1 82944]
S3 IPMIDRV;IPMIDRV;C:\Windows\System32\drivers\IPMIDrv.sys [2011-5-1 78848]
S3 IPNAT;IP Network Address Translator;C:\Windows\System32\drivers\ipnat.sys [2009-7-14 116224]
S3 IRENUM;IR Bus Enumerator;C:\Windows\System32\drivers\irenum.sys [2009-7-14 17920]
S3 isapnp;isapnp;C:\Windows\System32\drivers\isapnp.sys [2009-7-14 20544]
S3 iScsiPrt;Ovladač iScsiPort;C:\Windows\System32\drivers\msiscsi.sys [2011-5-1 273792]
S3 KtmRm;Služba KTMRM pro koordinátor DTC;C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation [2009-7-14 27136]
S3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 LSI_FC;LSI_FC;C:\Windows\System32\drivers\lsi_fc.sys [2009-7-13 114752]
S3 LSI_SAS;LSI_SAS;C:\Windows\System32\drivers\lsi_sas.sys [2009-7-13 106560]
S3 LSI_SAS2;LSI_SAS2;C:\Windows\System32\drivers\lsi_sas2.sys [2009-7-13 65600]
S3 LSI_SCSI;LSI_SCSI;C:\Windows\System32\drivers\lsi_scsi.sys [2009-7-13 115776]
S3 megasas;megasas;C:\Windows\System32\drivers\megasas.sys [2009-6-10 35392]
S3 MegaSR;MegaSR;C:\Windows\System32\drivers\MegaSR.sys [2009-7-13 284736]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-9-20 30785672]
S3 Modem;Modem;C:\Windows\System32\drivers\modem.sys [2009-7-14 40448]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 115608]
S3 mpio;Ovladač sběrnice Microsoft Multi-Path;C:\Windows\System32\drivers\mpio.sys [2011-5-1 155008]
S3 MRxDAV;Ovladač přesměrovače klienta WebDav;C:\Windows\System32\drivers\mrxdav.sys [2011-5-1 140800]
S3 msahci;msahci;C:\Windows\System32\drivers\msahci.sys [2011-5-1 31104]
S3 msdsm;Specifický modul zařízení Microsoft Multi-Path;C:\Windows\System32\drivers\msdsm.sys [2011-5-1 140672]
S3 MSDTC;Služba DTC (Distributed Transaction Coordinator);C:\Windows\System32\msdtc.exe [2009-7-14 141824]
S3 mshidkmdf;Pass-through HID to KMDF Filter Driver;C:\Windows\System32\drivers\mshidkmdf.sys [2009-7-14 8192]
S3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 msiserver;Instalační služba systému Windows;C:\Windows\System32\msiexec.exe [2011-5-1 128000]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft;C:\Windows\System32\drivers\mskssrv.sys [2009-7-14 11136]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft;C:\Windows\System32\drivers\mspclock.sys [2009-7-14 7168]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft;C:\Windows\System32\drivers\mspqm.sys [2009-7-14 6784]
S3 MsRPC;MsRPC;C:\Windows\System32\drivers\msrpc.sys [2011-5-1 366976]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft;C:\Windows\System32\drivers\mstee.sys [2009-7-14 8064]
S3 MTConfig;Microsoft Input Configuration Driver;C:\Windows\System32\drivers\MTConfig.sys [2009-7-14 15360]
S3 napagent;Agent architektury NAP (Network Access Protection);C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
S3 NativeWifiP;NativeWiFi Filter;C:\Windows\System32\drivers\nwifi.sys [2009-7-14 318976]
S3 NdisCap;NDIS Capture LightWeight Filter;C:\Windows\System32\drivers\ndiscap.sys [2009-7-14 35328]
S3 Ndisuio;NDIS Usermode I/O Protocol;C:\Windows\System32\drivers\ndisuio.sys [2011-5-1 56832]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2010-4-19 22528]
S3 Netlogon;Služba Netlogon;C:\Windows\System32\lsass.exe [2012-1-31 31232]
S3 nfrd960;nfrd960;C:\Windows\System32\drivers\nfrd960.sys [2009-7-13 51264]
S3 nmwcd;Nokia USB Phone Parent Driver;C:\Windows\System32\drivers\ccdcmbx64.sys [2012-1-9 19968]
S3 nmwcdc;Nokia USB Communication Driver;C:\Windows\System32\drivers\ccdcmbox64.sys [2012-1-9 27136]
S3 nv_agp;Filtr sběrnice NVIDIA nForce AGP;C:\Windows\System32\drivers\NV_AGP.SYS [2009-7-14 122960]
S3 nvraid;nvraid;C:\Windows\System32\drivers\nvraid.sys [2011-4-27 148352]
S3 nvstor;nvstor;C:\Windows\System32\drivers\nvstor.sys [2011-4-27 166272]
S3 ohci1394;Hostitelský řadič pro rozhraní OHCI standardu 1394 (zastaralé);C:\Windows\System32\drivers\ohci1394.sys [2009-7-14 72832]
S3 ose;Office Source Engine;C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 149352]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\Windows\System32\drivers\pccsmcfdx64.sys [2012-8-10 26112]
S3 pciide;pciide;C:\Windows\System32\drivers\pciide.sys [2009-7-14 12352]
S3 pcmcia;pcmcia;C:\Windows\System32\drivers\pcmcia.sys [2009-7-14 220752]
S3 PeerDistSvc;BranchCache;C:\Windows\System32\svchost.exe -k PeerDist [2009-7-14 27136]
S3 PerfHost;Hostitel knihoven DLL čítačů výkonu;C:\Windows\SysWOW64\perfhost.exe [2009-7-14 20992]
S3 pla;Výstrahy a protokolování výkonu;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
S3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-14 27136]
S3 Processor;Processor Driver;C:\Windows\System32\drivers\processr.sys [2009-7-14 60416]
S3 ProtectedStorage;Chráněné úložiště;C:\Windows\System32\lsass.exe [2012-1-31 31232]
S3 ql2300;ql2300;C:\Windows\System32\drivers\ql2300.sys [2009-6-10 1524816]
S3 ql40xx;ql40xx;C:\Windows\System32\drivers\ql40xx.sys [2009-7-13 128592]
S3 QWAVE;Sada qWave (Quality Windows Audio Video Experience);C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 QWAVEdrv;Ovladač QWAVE;C:\Windows\System32\drivers\qwavedrv.sys [2009-7-14 46592]
S3 RasAcd;Remote Access Auto Connection Driver;C:\Windows\System32\drivers\rasacd.sys [2009-7-14 14848]
S3 RasAuto;Správce automatického připojení pomocí vzdáleného přístupu;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 RDPDR;Terminal Server Device Redirector Driver;C:\Windows\System32\drivers\rdpdr.sys [2011-5-1 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-5-1 20992]
S3 RDPWD;RDP Winstation Driver;C:\Windows\System32\drivers\rdpwd.sys [2012-6-13 210944]
S3 RemoteRegistry;Vzdálený registr;C:\Windows\System32\svchost.exe -k regsvc [2009-7-14 27136]
S3 RpcLocator;Lokátor vzdáleného volání procedur (RPC);C:\Windows\System32\Locator.exe [2009-7-14 10240]
S3 s3cap;s3cap;C:\Windows\System32\drivers\vms3cap.sys [2011-5-1 6656]
S3 sbp2port;Ovladač sběrnice pro přenos dat zařízení podporujícího protokol SBP-2;C:\Windows\System32\drivers\sbp2port.sys [2011-5-1 103808]
S3 SCardSvr;Čipová karta;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 scfilter;Ovladač filtru čipových karet třídy PnP;C:\Windows\System32\drivers\scfilter.sys [2011-5-1 29696]
S3 SCPolicySvc;Zásady odebrání čipové karty;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 SDRSVC;Windows Zálohování;C:\Windows\System32\svchost.exe -k SDRSVC [2009-7-14 27136]
S3 SensrSvc;Adaptivní jas;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 sermouse;Serial Mouse Driver;C:\Windows\System32\drivers\sermouse.sys [2009-7-14 26624]
S3 SessionEnv;Konfigurace vzdálené plochy;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 sffdisk;Ovladač třídy úložiště SFF;C:\Windows\System32\drivers\sffdisk.sys [2009-7-14 14336]
S3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;C:\Windows\System32\drivers\sffp_mmc.sys [2009-7-14 13824]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus;C:\Windows\System32\drivers\sffp_sd.sys [2011-5-1 14336]
S3 sfloppy;High-Capacity Floppy Disk Drive;C:\Windows\System32\drivers\sfloppy.sys [2009-7-14 16896]
S3 SiSRaid2;SiSRaid2;C:\Windows\System32\drivers\sisraid2.sys [2009-6-10 43584]
S3 SiSRaid4;SiSRaid4;C:\Windows\System32\drivers\sisraid4.sys [2009-7-13 80464]
S3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);C:\Windows\System32\drivers\smb.sys [2009-7-14 93184]
S3 SNMPTRAP;Zachytávání pro službu SNMP;C:\Windows\System32\snmptrap.exe [2009-7-14 14336]
S3 sppuinotify;Služba Oznámení platformy SPP;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 stexstor;stexstor;C:\Windows\System32\drivers\stexstor.sys [2009-7-13 24656]
S3 storvsc;storvsc;C:\Windows\System32\drivers\storvsc.sys [2011-5-1 34688]
S3 swprv;služba Zprostředkovatel softwaru služby Stínová kopie svazků;C:\Windows\System32\svchost.exe -k swprv [2009-7-14 27136]
S3 TabletInputService;Služba Vstupní panel počítače Tablet PC;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TBS;Služba TPM Base Services;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 TCPIP6;Microsoft IPv6 Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2012-11-14 1914248]
S3 TDPIPE;TDPIPE;C:\Windows\System32\drivers\tdpipe.sys [2009-7-14 15872]
S3 TDTCP;TDTCP;C:\Windows\System32\drivers\tdtcp.sys [2012-3-14 23552]
S3 TermService;Vzdálená plocha;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
S3 THREADORDER;Server pro řazení podprocesů;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 tssecsrv;Remote Desktop Services Security Filter Driver;C:\Windows\System32\drivers\tssecsrv.sys [2011-5-1 39424]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-1 59392]
S3 uagp35;Microsoft AGPv3.5 Filter;C:\Windows\System32\drivers\UAGP35.SYS [2009-7-14 64080]
S3 UI0Detect;Zjišťování interaktivních služeb;C:\Windows\System32\UI0Detect.exe [2009-7-14 40960]
S3 uliagpkx;Filtr sběrnice Uli AGP;C:\Windows\System32\drivers\ULIAGPKX.SYS [2009-7-14 64592]
S3 UmPass;Microsoft UMPass Driver;C:\Windows\System32\drivers\umpass.sys [2009-7-14 9728]
S3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 upperdev;upperdev;C:\Windows\System32\drivers\usbser_lowerfltx64.sys [2012-1-9 9216]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\Windows\System32\drivers\usbccgp.sys [2011-5-10 98816]
S3 usbcir;Infračervený přijímač eHome (USBCIR);C:\Windows\System32\drivers\usbcir.sys [2009-7-14 100352]
S3 usbohci;Ovladač miniportu otevřeného hostitelského řadiče Microsoft USB;C:\Windows\System32\drivers\usbohci.sys [2011-5-10 25600]
S3 usbprint;Microsoft USB PRINTER Class;C:\Windows\System32\drivers\usbprint.sys [2009-7-14 25088]
S3 usbser;USB Modem Driver;C:\Windows\System32\drivers\usbser.sys [2011-5-1 32768]
S3 UsbserFilt;UsbserFilt;C:\Windows\System32\drivers\usbser_lowerfltjx64.sys [2012-1-9 9216]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\Windows\System32\drivers\USBSTOR.SYS [2011-4-27 91648]
S3 VaultSvc;Správce pověření;C:\Windows\System32\lsass.exe [2012-1-31 31232]
S3 vds;Virtuální disk;C:\Windows\System32\vds.exe [2011-5-1 533504]
S3 vga;vga;C:\Windows\System32\drivers\vgapnp.sys [2009-7-14 29184]
S3 vhdmp;vhdmp;C:\Windows\System32\drivers\vhdmp.sys [2011-5-1 215936]
S3 viaide;viaide;C:\Windows\System32\drivers\viaide.sys [2009-7-14 17488]
S3 VMBusHID;VMBusHID;C:\Windows\System32\drivers\VMBusHID.sys [2011-5-1 21760]
S3 vsmraid;vsmraid;C:\Windows\System32\drivers\vsmraid.sys [2009-6-10 161872]
S3 VSS;Stínová kopie svazku;C:\Windows\System32\VSSVC.exe [2011-5-1 1600512]
S3 vwifibus;Ovladač sběrnice Virtual WiFi;C:\Windows\System32\drivers\vwifibus.sys [2009-7-14 24576]
S3 W32Time;Systémový čas;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 WacomPen;Wacom Serial Pen HID Driver;C:\Windows\System32\drivers\wacompen.sys [2009-7-14 27776]
S3 WANARP;Ovladač pro vzdálený přístup IP ARP;C:\Windows\System32\drivers\wanarp.sys [2011-5-1 88576]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-1 1255736]
S3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;C:\Windows\System32\wbengine.exe [2011-5-1 1504256]
S3 WbioSrvc;Biometrická služba systému Windows;C:\Windows\System32\svchost.exe -k WbioSvcGroup [2009-7-14 27136]
S3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 WcsPlugInService;Systém barev systému Windows;C:\Windows\System32\svchost.exe -k wcssvc [2009-7-14 27136]
S3 Wd;Wd;C:\Windows\System32\drivers\wd.sys [2009-7-14 21056]
S3 WebClient;Webový klient;C:\Windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 Wecsvc;Sběr událostí systému Windows;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
S3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;C:\Windows\System32\svchost.exe -k WerSvcGroup [2009-7-14 27136]
S3 WIMMount;WIMMount;C:\Windows\System32\drivers\wimmount.sys [2009-7-14 22096]
S3 WinRM;Vzdálená správa systému Windows (WS-Management);C:\Windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
S3 WinUsb;WinUsb;C:\Windows\System32\drivers\winusb.sys [2011-5-1 41984]
S3 Wlansvc;Automatická konfigurace sítě WLAN;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\Windows\System32\drivers\wmiacpi.sys [2009-7-14 14336]
S3 wmiApSrv;WMI Performance Adapter;C:\Windows\System32\wbem\WmiApSrv.exe [2009-7-14 203264]
S3 WPCSvc;Parental Controls;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
S3 WPDBusEnum;Služba Výčet přenosných zařízení;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 WUDFRd;WUDFRd;C:\Windows\System32\drivers\WUDFRd.sys [2012-11-14 198656]
S3 WwanSvc;Automatická konfigurace sítě WWAN;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
S4 cdfs;CD/DVD File System Reader;C:\Windows\System32\drivers\cdfs.sys [2009-7-14 92160]
S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86;C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-7-13 66384]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-7-13 89920]
S4 crcdisk;Crcdisk Filter Driver;C:\Windows\System32\drivers\crcdisk.sys [2009-7-14 24144]
S4 Mcx2Svc;Služba zařízení Media Center Extender;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp;C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-7-14 116560]
S4 RemoteAccess;Směrování a vzdálený přístup;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S4 udfs;udfs;C:\Windows\System32\drivers\udfs.sys [2011-5-1 328192]
S4 WinDefend;Windows Defender;C:\Windows\System32\svchost.exe -k secsvcs [2009-7-14 27136]
S4 wscsvc;Centrum zabezpečení;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
.
=============== File Associations ===============
.
FileExt: .bat: batfile="%1" %*
FileExt: .cmd: cmdfile="%1" %*
FileExt: .com: ComFile="%1" %*
FileExt: .exe: exefile="%1" %*
FileExt: .pif: piffile="%1" %*
FileExt: .scr: scrfile="%1" /S
FileExt: .reg: regfile=regedit.exe "%1"
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .chm: chm.file="C:\Windows\hh.exe" %1
FileExt: .ini: inifile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: AcroRD32.exe: Read="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" "%1"
ShellExec: CoverDes.exe: open="C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverDes.exe" "%1"
ShellExec: ehshell.exe: open="C:\Windows\eHome\ehshell.exe" "%1"
ShellExec: iexplore.exe: open="C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
ShellExec: mpc-hc.exe: open="C:\Program Files (x86)\Combined Community Codec Pack\MPC\mpc-hc.exe" "%1"
ShellExec: mspaint.exe: edit="C:\Windows\System32\mspaint.exe" "%1"
ShellExec: NeroExpress.exe: open="C:\Program Files (x86)\Nero\Nero 9\Nero Express\NeroExpress.exe" "%1"
ShellExec: NeroStartSmart.exe: open="C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe" "%1"
ShellExec: notepad.exe: edit=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: notepad.exe: open=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: ois.exe: Edit=C:\PROGRA~2\MICROS~1\Office14\OIS.EXE /shellEdit "%1"
ShellExec: ois.exe: Open=C:\PROGRA~2\MICROS~1\Office14\OIS.EXE /shellOpen "%1"
ShellExec: ois.exe: Preview=C:\PROGRA~2\MICROS~1\Office14\OIS.EXE /shellPreview "%1"
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Opera.exe" "%1"
ShellExec: photoviewer.dll: open=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: photoviewer.dll: print=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: RealPlay.exe: open="C:\Program Files (x86)\Real\RealPlayer\realplay.exe" "%1"
ShellExec: SC2Editor.exe: open="C:\Program Files (x86)\StarCraft II\Support\SC2Editor.exe" "%1"
ShellExec: StarCraft II.exe: open="C:\Program Files (x86)\StarCraft II\StarCraft II.exe" "%1"
ShellExec: uTorrent.exe: open="C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1"
ShellExec: vlc.exe: Open="C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
ShellExec: Winword.exe: edit="C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "%1"
ShellExec: wmplayer.exe: open="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Open "%L"
ShellExec: wmplayer.exe: play="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play "%L"
ShellExec: wordpad.exe: open="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1"
ShellExec: xnview.exe: open="C:\Program Files (x86)\XnView\xnview.exe" "%1"
.

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 22:39
od radim
=============== Created Last 60 ================
.
2013-01-23 19:59:27 -------- d-----w- C:\Program Files\trend micro
2013-01-23 19:59:26 -------- d-----w- C:\rsit
2013-01-22 22:53:15 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-22 22:50:28 -------- d-----w- C:\Windows\temp
2013-01-22 22:37:02 98816 ----a-w- C:\Windows\sed.exe
2013-01-22 22:37:02 80412 ----a-w- C:\Windows\grep.exe
2013-01-22 22:37:02 68096 ----a-w- C:\Windows\zip.exe
2013-01-22 22:37:02 60416 ----a-w- C:\Windows\NIRCMD.exe
2013-01-22 22:37:02 518144 ----a-w- C:\Windows\SWREG.exe
2013-01-22 22:37:02 406528 ----a-w- C:\Windows\SWSC.exe
2013-01-22 22:37:02 256000 ----a-w- C:\Windows\PEV.exe
2013-01-22 22:37:02 208896 ----a-w- C:\Windows\MBR.exe
2013-01-22 22:24:45 -------- d-----w- C:\Config.Msi
2013-01-22 22:23:23 -------- d-----w- C:\Qoobox
2013-01-22 22:23:11 -------- d-----w- C:\Windows\erdnt
2013-01-20 12:22:28 -------- d-----w- C:\Users\Radim\AppData\Roaming\Malwarebytes
2013-01-20 12:22:07 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-20 12:22:05 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-20 12:22:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-20 12:21:55 -------- d-----w- C:\Users\Radim\AppData\Local\Programs
2013-01-20 00:06:34 118784 --sha-r- C:\Windows\SysWow64\dsauthv.dll
2013-01-19 23:20:44 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-01-19 20:03:24 -------- d-----w- C:\Users\Radim\AppData\Local\ALI213
2013-01-19 17:57:16 -------- d--h--w- C:\Windows\msdownld.tmp
2013-01-19 17:56:41 -------- d-----w- C:\Windows\SysWow64\directx
2013-01-19 17:13:24 -------- d-----w- C:\Games
2013-01-18 22:02:31 96664 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-01-18 22:02:31 92056 ----a-w- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
2013-01-18 22:02:31 865656 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2013-01-18 22:02:31 271768 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe
2013-01-18 22:02:31 19352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
2013-01-18 22:02:31 17802648 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2013-01-18 22:02:31 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
2013-01-18 22:02:31 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
2013-01-18 22:02:31 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-01-18 22:02:31 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-01-18 22:02:31 157712 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2013-01-18 22:02:31 155544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
2013-01-18 22:02:31 151960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
2013-01-18 22:02:30 917400 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2013-01-18 22:02:30 91544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
2013-01-18 22:02:30 813976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2013-01-18 22:02:30 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2013-01-18 22:02:30 74136 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2013-01-18 22:02:30 641944 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
2013-01-18 22:02:30 59288 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2013-01-18 22:02:30 478104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2013-01-18 22:02:30 4550304 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-01-18 22:02:30 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2013-01-18 22:02:30 375192 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
2013-01-18 22:02:30 3022232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-01-18 22:02:30 2850200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2013-01-18 22:02:30 277400 ----a-w- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
2013-01-18 22:02:30 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2013-01-18 22:02:30 21912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
2013-01-18 22:02:30 21400 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
2013-01-18 22:02:30 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2013-01-18 22:02:30 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2013-01-18 22:02:30 19352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2013-01-18 22:02:30 193168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2013-01-18 22:02:30 186584 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-01-18 22:02:30 17304 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
2013-01-18 22:02:30 171928 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
2013-01-18 22:02:30 16280 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2013-01-18 22:02:30 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-01-18 22:02:30 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-01-18 22:02:30 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-01-18 22:02:30 142744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2013-01-18 22:02:30 116120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
2013-01-18 22:02:30 115608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2013-01-18 22:02:30 104344 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
2013-01-18 22:02:30 -------- d-----w- C:\Program Files (x86)\Mozilla Firefox
2013-01-12 23:40:34 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-01-12 19:26:13 -------- d-----w- C:\Program Files (x86)\Warhammer 40000 Dawn of War II - Chaos Rising
2013-01-10 05:46:16 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-10 05:46:15 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-01-10 05:46:14 1161216 ----a-w- C:\Windows\System32\kernel32.dll
2013-01-10 05:46:14 1114112 ----a-w- C:\Windows\SysWow64\kernel32.dll
2013-01-10 05:46:13 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-10 05:46:13 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-01-10 05:46:13 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-01-10 05:46:13 243200 ----a-w- C:\Windows\System32\wow64.dll
2013-01-10 05:46:13 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-10 05:46:13 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-01-10 05:46:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-10 05:46:13 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-01-10 05:46:12 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-10 05:46:10 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-10 05:46:10 5120 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-01-10 05:46:10 5120 ---ha-w- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-01-10 05:46:10 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 05:46:10 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 05:46:10 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 05:46:10 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 05:46:09 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 05:46:09 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 05:46:09 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 05:46:09 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 05:46:09 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 05:46:09 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 05:46:09 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 05:46:09 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 05:46:09 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 05:46:09 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 05:46:09 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 05:46:09 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-01-10 05:46:09 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 05:46:09 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-10 05:46:09 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 05:46:08 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 05:46:08 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 05:46:08 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 05:46:08 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 05:46:08 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 05:46:07 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-10 05:46:07 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 05:46:07 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 05:46:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-01-10 05:46:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 05:46:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 05:46:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 05:46:07 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 05:46:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-10 05:46:05 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-10 05:46:05 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 05:46:05 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 05:46:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-01-10 05:46:05 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-01-10 05:46:04 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-10 05:45:33 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-01-10 05:45:33 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-01-10 05:45:17 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-10 05:45:16 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-10 05:45:15 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-10 05:45:14 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-10 05:45:13 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-01-10 05:45:13 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-01-10 05:45:10 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-01-10 05:45:09 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2013-01-10 05:44:54 46592 ----a-w- C:\Windows\SysWow64\fpb.rs
2013-01-10 05:44:54 46592 ----a-w- C:\Windows\System32\fpb.rs
2013-01-10 05:44:54 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs
2013-01-10 05:44:54 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2013-01-10 05:44:54 44544 ----a-w- C:\Windows\SysWow64\pegibbfc.rs
2013-01-10 05:44:54 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2013-01-10 05:44:54 43520 ----a-w- C:\Windows\SysWow64\csrr.rs
2013-01-10 05:44:54 43520 ----a-w- C:\Windows\System32\csrr.rs
2013-01-10 05:44:54 40960 ----a-w- C:\Windows\SysWow64\cob-au.rs
2013-01-10 05:44:54 40960 ----a-w- C:\Windows\System32\cob-au.rs
2013-01-10 05:44:54 30720 ----a-w- C:\Windows\SysWow64\usk.rs
2013-01-10 05:44:54 30720 ----a-w- C:\Windows\System32\usk.rs
2013-01-10 05:44:54 21504 ----a-w- C:\Windows\SysWow64\grb.rs
2013-01-10 05:44:54 21504 ----a-w- C:\Windows\System32\grb.rs
2013-01-10 05:44:54 20480 ----a-w- C:\Windows\SysWow64\pegi.rs
2013-01-10 05:44:54 20480 ----a-w- C:\Windows\SysWow64\pegi-pt.rs
2013-01-10 05:44:54 20480 ----a-w- C:\Windows\System32\pegi.rs
2013-01-10 05:44:54 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2013-01-10 05:44:54 15360 ----a-w- C:\Windows\SysWow64\djctq.rs
2013-01-10 05:44:54 15360 ----a-w- C:\Windows\System32\djctq.rs
2013-01-10 05:44:53 441856 ----a-w- C:\Windows\System32\Wpc.dll
2013-01-10 05:44:53 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2013-01-10 05:44:53 2746368 ----a-w- C:\Windows\System32\gameux.dll
2013-01-10 05:44:53 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2013-01-10 05:44:50 55296 ----a-w- C:\Windows\SysWow64\cero.rs
2013-01-10 05:44:50 55296 ----a-w- C:\Windows\System32\cero.rs
2013-01-10 05:44:50 51712 ----a-w- C:\Windows\SysWow64\esrb.rs
2013-01-10 05:44:50 51712 ----a-w- C:\Windows\System32\esrb.rs
2013-01-10 05:44:50 23552 ----a-w- C:\Windows\SysWow64\oflc.rs
2013-01-10 05:44:50 23552 ----a-w- C:\Windows\System32\oflc.rs
2013-01-10 05:44:50 20480 ----a-w- C:\Windows\SysWow64\pegi-fi.rs
2013-01-10 05:44:50 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2013-01-10 05:44:08 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-10 05:44:06 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-22 22:33:24 -------- d-----w- C:\Users\Radim\AppData\Local\SKIDROW
2012-12-22 11:38:14 -------- d-----w- C:\Users\Radim\AppData\Local\My Games
2012-12-22 11:30:38 517960 ----a-w- C:\Windows\System32\XAudio2_5.dll
2012-12-22 11:30:38 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2012-12-22 11:30:37 2582888 ----a-w- C:\Windows\System32\D3DCompiler_42.dll
2012-12-22 11:30:37 238936 ----a-w- C:\Windows\SysWow64\xactengine3_5.dll
2012-12-22 11:30:37 176968 ----a-w- C:\Windows\System32\xactengine3_5.dll
2012-12-22 11:30:35 5554512 ----a-w- C:\Windows\System32\d3dcsx_42.dll
2012-12-22 11:30:35 5501792 ----a-w- C:\Windows\SysWow64\d3dcsx_42.dll
2012-12-22 11:30:34 285024 ----a-w- C:\Windows\System32\d3dx11_42.dll
2012-12-22 11:30:34 235344 ----a-w- C:\Windows\SysWow64\d3dx11_42.dll
2012-12-22 11:30:33 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2012-12-22 11:30:32 2475352 ----a-w- C:\Windows\System32\D3DX9_42.dll
2012-12-22 11:30:31 520544 ----a-w- C:\Windows\System32\d3dx10_41.dll
2012-12-22 11:30:31 453456 ----a-w- C:\Windows\SysWow64\d3dx10_41.dll
2012-12-22 11:30:31 2430312 ----a-w- C:\Windows\System32\D3DCompiler_41.dll
2012-12-22 11:30:31 1846632 ----a-w- C:\Windows\SysWow64\D3DCompiler_41.dll
2012-12-22 11:30:29 73544 ----a-w- C:\Windows\System32\XAPOFX1_3.dll
2012-12-22 11:30:29 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2012-12-22 11:30:29 5425496 ----a-w- C:\Windows\System32\D3DX9_41.dll
2012-12-22 11:30:29 521560 ----a-w- C:\Windows\System32\XAudio2_4.dll
2012-12-22 11:30:29 517448 ----a-w- C:\Windows\SysWow64\XAudio2_4.dll
2012-12-22 11:30:29 4178264 ----a-w- C:\Windows\SysWow64\D3DX9_41.dll
2012-12-22 11:30:28 24920 ----a-w- C:\Windows\System32\X3DAudio1_6.dll
2012-12-22 11:30:28 235352 ----a-w- C:\Windows\SysWow64\xactengine3_4.dll
2012-12-22 11:30:28 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_6.dll
2012-12-22 11:30:28 174936 ----a-w- C:\Windows\System32\xactengine3_4.dll
2012-12-22 11:30:26 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll
2012-12-22 11:30:26 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2012-12-22 11:30:26 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll
2012-12-22 11:30:26 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
2012-12-22 11:30:24 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll
2012-12-22 11:30:23 74576 ----a-w- C:\Windows\System32\XAPOFX1_2.dll
2012-12-22 11:30:23 70992 ----a-w- C:\Windows\SysWow64\XAPOFX1_2.dll
2012-12-22 11:30:23 518480 ----a-w- C:\Windows\System32\XAudio2_3.dll
2012-12-22 11:30:23 514384 ----a-w- C:\Windows\SysWow64\XAudio2_3.dll
2012-12-22 11:30:23 235856 ----a-w- C:\Windows\SysWow64\xactengine3_3.dll
2012-12-22 11:30:23 175440 ----a-w- C:\Windows\System32\xactengine3_3.dll
2012-12-22 11:30:22 25936 ----a-w- C:\Windows\System32\X3DAudio1_5.dll
2012-12-22 11:30:22 23376 ----a-w- C:\Windows\SysWow64\X3DAudio1_5.dll
2012-12-22 11:30:21 72200 ----a-w- C:\Windows\System32\XAPOFX1_1.dll
2012-12-22 11:30:21 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2012-12-22 11:30:21 513544 ----a-w- C:\Windows\System32\XAudio2_2.dll
2012-12-22 11:30:21 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2012-12-22 11:30:21 238088 ----a-w- C:\Windows\SysWow64\xactengine3_2.dll
2012-12-22 11:30:21 177672 ----a-w- C:\Windows\System32\xactengine3_2.dll
2012-12-22 11:30:20 540688 ----a-w- C:\Windows\System32\d3dx10_39.dll
2012-12-22 11:30:20 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2012-12-22 11:30:20 1942552 ----a-w- C:\Windows\System32\D3DCompiler_39.dll
2012-12-22 11:30:20 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2012-12-22 11:30:18 4992520 ----a-w- C:\Windows\System32\D3DX9_39.dll
2012-12-22 11:30:18 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2012-12-22 11:20:37 -------- d-----w- C:\Program Files (x86)\Sid Meier's Civilization V
2012-12-21 11:57:09 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 11:57:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 11:57:08 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 11:57:07 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-18 14:28:14 186584 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2012-12-12 14:24:10 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-12-12 14:24:10 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-12-12 14:24:09 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2012-12-12 14:24:09 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2012-12-12 14:24:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-12-12 14:24:09 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2012-12-12 14:24:09 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2012-12-12 14:24:09 149552 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2012-12-12 14:24:08 248320 ----a-w- C:\Windows\System32\ieui.dll
2012-12-12 14:24:08 237056 ----a-w- C:\Windows\System32\url.dll
2012-12-12 14:24:08 231936 ----a-w- C:\Windows\SysWow64\url.dll
2012-12-12 14:24:08 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2012-12-12 14:24:08 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2012-12-12 14:24:08 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-12-12 14:24:08 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-12-12 14:24:07 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2012-12-12 14:24:07 757296 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2012-12-12 14:24:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-12-12 14:24:07 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-12-12 14:24:07 1346048 ----a-w- C:\Windows\System32\urlmon.dll
2012-12-12 14:24:07 1103872 ----a-w- C:\Windows\SysWow64\urlmon.dll
2012-12-12 14:24:06 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2012-12-12 14:24:06 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2012-12-12 14:24:06 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2012-12-12 14:24:06 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-12-12 14:24:06 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2012-12-12 14:24:06 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-12-12 14:24:06 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-12-12 14:24:05 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2012-12-12 14:24:05 816640 ----a-w- C:\Windows\System32\jscript.dll
2012-12-12 14:24:05 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2012-12-12 14:24:05 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-12-12 14:24:05 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-12-12 14:24:04 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2012-12-12 14:24:04 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2012-12-12 14:24:04 2144768 ----a-w- C:\Windows\System32\iertutil.dll
2012-12-12 14:24:04 1793024 ----a-w- C:\Windows\SysWow64\iertutil.dll
2012-12-12 14:24:03 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2012-12-12 14:24:03 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2012-12-12 14:24:03 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2012-12-12 14:24:02 12320256 ----a-w- C:\Windows\SysWow64\mshtml.dll
2012-12-12 14:24:01 17811968 ----a-w- C:\Windows\System32\mshtml.dll
2012-12-12 14:24:00 9738240 ----a-w- C:\Windows\SysWow64\ieframe.dll
2012-12-12 14:24:00 10925568 ----a-w- C:\Windows\System32\ieframe.dll
2012-12-12 13:49:32 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-12 13:49:32 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-12 13:49:01 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-12 13:49:01 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
.
==================== Find6M ====================
.
2013-01-10 06:03:40 67599240 ----a-w- C:\Windows\System32\MRT.exe
2013-01-09 16:14:44 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 16:14:44 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-30 04:45:10 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-10-02 11:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-24 13:32:24 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-09-24 13:32:20 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-24 13:23:41 157680 ----a-w- C:\Windows\SysWow64\javaws.exe
2012-09-24 13:23:37 149488 ----a-w- C:\Windows\SysWow64\javaw.exe
2012-09-24 13:23:26 149488 ----a-w- C:\Windows\SysWow64\java.exe
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
.
============= FINISH: 22:36:59,69 ===============

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 22:44
od vyosek
:arrow: Stahnete Deckard's Association File Tool http://vyosek.ic.cz/BE/daft.exe
  • Ulozte nejlepe na plochu a spustte
  • Klikne na Scan, probehne hledani
  • Nasledne kliknete na Save Log, ulozte log daft.txt a dejte jej sem

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 22:47
od radim
DAFT Log saved on 2013-01-23 22:46:53
-----------------------------------------------------------------------
.chm - chm.file - shell\open\command - "%SystemRoot%\hh.exe" %1
.hlp - hlpfile - shell\open\command - %SystemRoot%\winhlp32.exe %1
.reg - regfile - shell\edit\command - %SystemRoot%\system32\notepad.exe "%1"
.vbs - VBSFile - shell\edit\command - "%SystemRoot%\System32\Notepad.exe" %1

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 22:48
od vyosek
:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    KillAll::

DDS::
uStart Page = hxxp://www.centrum.cz/#utm_source=icq&u ... um=generic
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: Microsoft Url Search Hook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
dURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
dURLSearchHooks: <No Name>: - LocalServer32 - <no file>

File::
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

Collect::
C:\Windows\tasks\pdjrpawnu.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"NokiaOviSuite2"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"=-
"HDAudDeck"=-
"QuickTime Task"=-
"NBAgent"=-
"BCSSync"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-

Firefox::
FF - ProfilePath - c:\users\Radim\AppData\Roaming\Mozilla\Firefox\Profiles\yc4pjbi5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.3.3&q=
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.6&q=

RegNull::
[HKEY_USERS\S-1-5-21-1535415641-937967992-3815561836-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-1535415641-937967992-3815561836-1000\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 23:30
od radim
ComboFix 13-01-23.01 - Radim 23.01.2013 22:59:17.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2059 [GMT 1:00]
Spuštěný z: c:\users\Radim\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radim\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\pdjrpawnu.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-23 do 2013-01-23 )))))))))))))))))))))))))))))))
.
.
2013-01-23 22:10 . 2013-01-23 22:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-23 22:10 . 2013-01-23 22:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-23 19:59 . 2013-01-23 20:04 -------- d-----w- c:\program files\trend micro
2013-01-23 19:59 . 2013-01-23 19:59 -------- d-----w- C:\rsit
2013-01-20 12:22 . 2013-01-20 12:22 -------- d-----w- c:\users\Radim\AppData\Roaming\Malwarebytes
2013-01-20 12:22 . 2013-01-20 12:22 -------- d-----w- c:\programdata\Malwarebytes
2013-01-20 12:22 . 2013-01-20 12:22 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-20 12:22 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-20 12:21 . 2013-01-20 12:21 -------- d-----w- c:\users\Radim\AppData\Local\Programs
2013-01-20 00:06 . 2013-01-20 00:06 118784 --sha-r- c:\windows\SysWow64\dsauthv.dll
2013-01-19 23:20 . 2013-01-19 23:20 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-01-19 20:03 . 2013-01-19 20:03 -------- d-----w- c:\users\Radim\AppData\Local\ALI213
2013-01-19 17:57 . 2013-01-19 17:57 -------- d--h--w- c:\windows\msdownld.tmp
2013-01-19 17:13 . 2013-01-22 20:48 -------- d-----w- C:\Games
2013-01-12 23:40 . 2013-01-20 11:32 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-01-12 19:26 . 2013-01-12 23:58 -------- d-----w- c:\program files (x86)\Warhammer 40000 Dawn of War II - Chaos Rising
2013-01-10 05:45 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 05:45 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-10 05:45 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-10 05:45 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-10 05:45 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-10 05:45 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-10 05:45 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-10 05:45 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-10 05:45 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-10 05:45 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 06:03 . 2011-01-05 15:01 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 16:14 . 2012-04-04 09:15 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:14 . 2011-09-17 07:42 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-16 17:11 . 2012-12-21 11:57 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 11:57 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 11:57 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 11:57 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-10 05:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 14:24 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 14:24 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 14:24 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 14:24 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 14:24 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 14:24 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 14:24 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 14:24 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 14:24 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 14:24 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 14:24 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 14:24 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 14:24 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 14:24 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 14:24 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 14:24 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 14:24 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 14:24 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 14:24 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 14:24 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 14:24 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 14:24 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 13:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 13:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 13:49 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 13:49 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
.
c:\users\Radim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE Gamer HUD Lite.lnk - c:\program files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe [2010-4-30 1679872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2010-04-19 22528]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-01 1255736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-04-20 503352]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-11-25 1276928]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 11:49 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-15 21:57 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAAUD"="c:\program files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Radim\AppData\Roaming\Mozilla\Firefox\Profiles\yc4pjbi5.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Convert PDF To Image_is1 - c:\program files (x86)\Softinterface
AddRemove-CyberLink PowerDVD 10.0.1516.51 - c:\program files (x86)\CyberLink\PowerDVD10\odinstalovat_cz.exe
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
AddRemove-PC Translator - c:\users\Radim\AppData\Local\Temp\UN32.EXE
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Searchqu MediaBar - c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2013-01-23 23:22:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-23 22:22
ComboFix2.txt 2013-01-22 22:50
.
Před spuštěním: Volných bajtů: 51 099 394 048
Po spuštění: Volných bajtů: 51 155 210 240
.
- - End Of File - - F1B471FDBD8823E98B69C6066C230CCA
Nahr nˇ probŘhlo ŁspŘçnŘ

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 23:35
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc]
"DisplayName"="@%SystemRoot%\\System32\\wscsvc.dll,-200"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
  00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,\
  72,00,69,00,63,00,74,00,65,00,64,00,00,00
"Start"=dword:00000002
"Type"=dword:00000020
"Description"="@%SystemRoot%\\System32\\wscsvc.dll,-201"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,57,00,69,00,6e,00,\
  4d,00,67,00,6d,00,74,00,00,00,00,00
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
  00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
  67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
  00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
  00,00,00,00
"DelayedAutoStart"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  77,00,73,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Security]
"Security"=hex:01,00,14,80,c8,00,00,00,d4,00,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,98,00,06,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
  05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
  20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
  00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\
  00,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,28,00,15,00,00,00,01,06,00,\
  00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,\
  7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,\
  00,00,00

:files
C:\Users\Radim\AppData\Roaming\Mozilla\Firefox\Profiles\yc4pjbi5.default\searchplugins\icqplugin*.xml
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 23:46
od radim
All processes killed
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"DisplayName"|"@%SystemRoot%\\System32\\wscsvc.dll,-200" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"ImagePath"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,72,00,69,00,63,00,74,00,65,00,64,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"Start"|dword:00000002 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"Description"|"@%SystemRoot%\\System32\\wscsvc.dll,-201" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"DependOnService"|hex(7):52,00,70,00,63,00,53,00,73,00,00,00,57,00,69,00,6e,00,4d,00,67,00,6d,00,74,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"ObjectName"|"NT AUTHORITY\\LocalService" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"ServiceSidType"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"RequiredPrivileges"|hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"DelayedAutoStart"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\\"FailureActions"|hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Parameters\\"ServiceDllUnloadOnStop"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Parameters\\"ServiceDll"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,77,00,73,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Security\\"Security"|hex:01,00,14,80,c8,00,00,00,d4,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,98,00,06,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,00,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,28,00,15,00,00,00,01,06,00,00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 /E : value set successfully!
========== FILES ==========
File\Folder C:\Users\Radim\AppData\Roaming\Mozilla\Firefox\Profiles\yc4pjbi5.default\searchplugins\icqplugin*.xml not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\msdownld.tmp folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Radim
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 190618196 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 786965805 bytes
->Google Chrome cache emptied: 253820274 bytes
->Apple Safari cache emptied: 176239616 bytes
->Opera cache emptied: 55192550 bytes
->Flash cache emptied: 181790 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68045 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 395,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Radim
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Radim
->Java cache emptied: 0 bytes

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01232013_233755

Files\Folders moved on Reboot...
C:\Users\Radim\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 23:47
od vyosek
:arrow: Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe
  • Ulozte nejlepe na Plochu
  • U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
  • Kliknete na Scan
  • Po dokonceni skenu se objevi log FSS.txt ten sem vlozte
:arrow: Napiste co PC

Re: Centrum zabezpečení nelze spustit

Napsal: 23 led 2013 23:52
od radim
Farbar Service Scanner Version: 16-01-2013
Ran by Radim (administrator) on 23-01-2013 at 23:50:31
Running from "C:\Users\Radim\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

PC stále stené jako předtím, teda jeom to centrum zabezpečení..jinak vypadá pěkně pročistěně,parádně rychlej náběh po restartu měl

Re: Centrum zabezpečení nelze spustit

Napsal: 24 led 2013 07:57
od vyosek
:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
  • Provedte aktualizaci
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Re: Centrum zabezpečení nelze spustit

Napsal: 24 led 2013 18:20
od radim
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.24.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Radim :: RADIM-PC [administrátor]

Ochrana: Zakázána

24.1.2013 17:27:25
mbam-log-2013-01-24 (17-27-25).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 416770
Uplynulý čas: 51 minut, 21 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Re: Centrum zabezpečení nelze spustit

Napsal: 24 led 2013 22:01
od vyosek
:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pockejte na dokonceni PreScanu
  • Zvolte moznost Prohledat (scan)
  • Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
  • Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Re: Centrum zabezpečení nelze spustit

Napsal: 24 led 2013 22:37
od radim
RogueKiller V8.4.3 [Jan 24 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Radim [Práva správce]
Mód : Kontrola -- Datum : 01/24/2013 22:36:31
| ARK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAKS-00L9A0 ATA Device +++++
--- User ---
[MBR] 615b4438dfdc003caf2129b120f45be8
[BSP] f0d1b9e5e07449aa4f7ac43233fc555c : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305143 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_01242013_02d2236.txt >>
RKreport[1]_S_01242013_02d2236.txt
Všechny časy jsou v UTC+01:00
Stránka 2 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz