Nemohu nainstalovat Norton internet security

Tom10 · Příspěvekod **Tom10** » 27 úno 2013 16:23

Dobrý den,

prosím o pomoc. Zakoupil jsem si elektronickou verzi Norton internet security 2013 (přístupový kód). Když jsem si však z netu stáhnul trial verzi tohoto softwaru, po spuštění instalace mi píše: NIS nebude provádět instalaci v režimu kompatibility. Zavřete okno a poté spusťte instalační program v běžném režimu.
Jelikož jsem měl v PC nějakou zkušební verzi Nortonu na 60 dní nainstalovanou výrobcem (již nevím, jaký tip, pc mám od roku 2008), myslel jsem, že tam něco zbylo a tluče se s novou instalací.Zkusil jsem tedy použít Norton Removal Tool. Také jsem v PC měl McAfee. Našel jsem nějaký soubor, který měl udělat podobnou službu jako zmíněný Norton Removal Tool. Ale po všech těchto operacích nic. Stále stejná hláška. Zkusil jsem vypnout i firewall ve windows. V PC jsem tak před měsícem a půl formátoval disk (poslední rok jsem tam měl AVG 2012 - předpokládám, že formátem se všechny soubory odstranili). Jako ochrana mi sloužil právě ten norton nainstalovaný výrobcem spolu s McAfee. Možná se to i nějak tlouklo, nevím.Norton mi poslední dva týdny psal, že mám zastaralou databázi virů a mám jej aktualizovat. Aktualizace se ale nedařila. Tak jsem to ignoroval,následně odinstaloval a nechal tam ten MacAfee. Až po týdnu jsem se rozhodnul zakoupit NIS 2013. Asi to byla chyba a měl jsem to zkusit nějak upgredovat.
Jinak můj OS jsou Win Vista 32 home premium.
Už si nevím rady. Poslední možnost je znovu formát disku, ale do toho se mi zatím moc nechce. Nejsem moc velký pc expert, proto prosím o radu, co s tím. Pokud možno polopaticky :smile:

Na radu jara3 jsem stáhnul a spustil HijackThis. Předem díky za pomoc.

Tom

Zde je výpis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:18:03, on 27.2.2013
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 8036 bytes

Reklama

Příspěvekod **jaro3** » 27 úno 2013 19:23

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Tom10 · Příspěvekod **Tom10** » 27 úno 2013 21:53

Tak jsem udělal vše v pořadí, jak jsi napsal. Vkládám tedy
a) log z AdwCleaneru:

# AdwCleaner v2.113 - Logfile created 02/27/2013 at 21:32:15
# Updated 23/02/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium (32 bits)
# User : Tomas - TOMAS-PC
# Boot Mode : Normal
# Running from : C:\Users\Tomas\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\searchplugins\Askcom.xml
File Found : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\searchplugins\Conduit.xml
Folder Found : C:\Program Files\Conduit
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Tomas\AppData\LocalLow\Conduit
Folder Found : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\CT3176921
Folder Found : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}
Folder Found : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\jetpack
Folder Found : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\Smartbar

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-2808716350-2188489223-21215460-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-2808716350-2188489223-21215460-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16982

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\prefs.js

Found : user_pref("CT3176921.1000082.isPlayDisplay", "true");
Found : user_pref("CT3176921.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Found : user_pref("CT3176921.3176921a129719618372458539000000paramsGK1.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzU5OT[...]
Found : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_followers.enc", "MHgwMDM[...]
Found : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_followers_count.enc", "M[...]
Found : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_following.enc", "");
Found : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_following_count.enc", "M[...]
Found : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_home.enc", "MHgwMDMxLDB4[...]
Found : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_home_count.enc", "Nw==")[...]
Found : user_pref("CT3176921.3176921a129720553164390415000000paramsGK0.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzU5OT[...]
Found : user_pref("CT3176921.CBOpenMAMSettings.enc", "MA==");
Found : user_pref("CT3176921.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3176921.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3176921.FirstTime", "true");
Found : user_pref("CT3176921.FirstTimeFF3", "true");
Found : user_pref("CT3176921.LoginRevertSettingsEnabled", true);
Found : user_pref("CT3176921.PG_ENABLE", "dHJ1ZQ==");
Found : user_pref("CT3176921.RevertSettingsEnabled", true);
Found : user_pref("CT3176921.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT317[...]
Found : user_pref("CT3176921.UserID", "UN37091567452177010");
Found : user_pref("CT3176921.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3176921.autoDisableScopes", -1);
Found : user_pref("CT3176921.browser.search.defaultthis.engineName", "true");
Found : user_pref("CT3176921.cbcountry_001.enc", "Q1o=");
Found : user_pref("CT3176921.cbfirsttime.enc", "U3VuIEZlYiAwMyAyMDEzIDIxOjUzOjA0IEdNVCswMTAw");
Found : user_pref("CT3176921.defaultSearch", "true");
Found : user_pref("CT3176921.enableAlerts", "always");
Found : user_pref("CT3176921.enableFix404ByUser", "FALSE");
Found : user_pref("CT3176921.enableSearchFromAddressBar", "true");
Found : user_pref("CT3176921.firstTimeDialogOpened", "true");
Found : user_pref("CT3176921.fixPageNotFoundError", "true");
Found : user_pref("CT3176921.fixPageNotFoundErrorByUser", "true");
Found : user_pref("CT3176921.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3176921.fixUrls", true);
Found : user_pref("CT3176921.homepageuserchanged", true);
Found : user_pref("CT3176921.installDate", "3/2/2013 21:52:25");
Found : user_pref("CT3176921.installId", "stub.exe");
Found : user_pref("CT3176921.installType", "conduitnsisintegration");
Found : user_pref("CT3176921.isCheckedStartAsHidden", true);
Found : user_pref("CT3176921.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3176921.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT3176921.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3176921.keyword", "true");
Found : user_pref("CT3176921.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Found : user_pref("CT3176921.lastVersion", "10.14.65.43");
Found : user_pref("CT3176921.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
Found : user_pref("CT3176921.migrateAppsAndComponents", true);
Found : user_pref("CT3176921.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Found : user_pref("CT3176921.openThankYouPage", "false");
Found : user_pref("CT3176921.openUninstallPage", "true");
Found : user_pref("CT3176921.revertSettingsEnabled", "false");
Found : user_pref("CT3176921.search.searchAppId", "10000002");
Found : user_pref("CT3176921.search.searchCount", "0");
Found : user_pref("CT3176921.searchInNewTabEnabledByUser", "true");
Found : user_pref("CT3176921.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT3176921.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3176921.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT3176921.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3176921.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359924770233");
Found : user_pref("CT3176921.serviceLayer_services_appsMetadata_lastUpdate", "1359924770073");
Found : user_pref("CT3176921.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359924769885");
Found : user_pref("CT3176921.serviceLayer_services_login_10.14.42.7_lastUpdate", "1361569824905");
Found : user_pref("CT3176921.serviceLayer_services_login_10.14.65.43_lastUpdate", "1361996206668");
Found : user_pref("CT3176921.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359924769981");
Found : user_pref("CT3176921.serviceLayer_services_searchAPI_lastUpdate", "1359924757715");
Found : user_pref("CT3176921.serviceLayer_services_serviceMap_lastUpdate", "1361987916726");
Found : user_pref("CT3176921.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359924769636");
Found : user_pref("CT3176921.serviceLayer_services_toolbarSettings_lastUpdate", "1361996208620");
Found : user_pref("CT3176921.serviceLayer_services_translation_lastUpdate", "1361987917174");
Found : user_pref("CT3176921.settingsINI", true);
Found : user_pref("CT3176921.shouldFirstTimeDialog", "false");
Found : user_pref("CT3176921.smartbar.CTID", "CT3176921");
Found : user_pref("CT3176921.smartbar.Uninstall", "0");
Found : user_pref("CT3176921.smartbar.homepage", "true");
Found : user_pref("CT3176921.smartbar.isHidden", true);
Found : user_pref("CT3176921.smartbar.toolbarName", "express-files ");
Found : user_pref("CT3176921.startPage", "true");
Found : user_pref("CT3176921.toolbarBornServerTime", "3-2-2013");
Found : user_pref("CT3176921.toolbarCurrentServerTime", "27-2-2013");
Found : user_pref("CT3176921.twitterTemplate_3176921a129719618372458539000000_DailyActivity.enc", "MTM1OTkyN[...]
Found : user_pref("CT3176921.twitterTemplate_3176921a129719618372458539000000_LifetimeSent.enc", "VFJVRQ==")[...]
Found : user_pref("CT3176921.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Found : user_pref("CT3176921.url_history0001.enc", "aHR0cDovL3d3dy5maXh5YS5jb20vZi9zZWFyY2gvcDEyNjE0MjctYXV0[...]
Found : user_pref("CT3176921_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Found : user_pref("Smartbar.ConduitHomepagesList", "");
Found : user_pref("Smartbar.ConduitSearchEngineList", "express-files Customized Web Search");
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921[...]
Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3176921");
Found : user_pref("browser.search.defaultthis.engineName", "express-files Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&Sea[...]
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("ct3176921.UserID", "UN37091567452177010");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&SearchSource=2&CU[...]
Found : user_pref("smartBar.searchInNewTabOwner", "CT3176921");
Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3176921&SearchSource=13[...]
Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Found : user_pref("smartbar.machineId", "PRQT8JZC2287EWDGGYBBMSA4RYC7BC9PCF2LZYYCWBRUMEXCABA2GA6XSYSLKPUKVYW[...]
Found : user_pref("smartbar.originalHomepage", "hxxp://www.seznam.cz/");
Found : user_pref("smartbar.originalSearchAddressUrl", "");
Found : user_pref("smartbar.originalSearchEngine", "Ask.com");

*************************

AdwCleaner[R1].txt - [12086 octets] - [27/02/2013 21:32:15]

########## EOF - C:\AdwCleaner[R1].txt - [12147 octets] ##########

b) log z Malwarebytes' Anti-Malware:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.27.10

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16982
Tomas :: TOMAS-PC [administrátor]

Ochrana: Povolena

27.2.2013 21:39:46
mbam-log-2013-02-27 (21-39-46).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 201394
Uplynulý čas: 4 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Příspěvekod **jaro3** » 27 úno 2013 23:44

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Tom10 · Příspěvekod **Tom10** » 28 úno 2013 19:56

1. Log z AdwCleaneru:

# AdwCleaner v2.113 - Logfile created 02/28/2013 at 19:15:10
# Updated 23/02/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium (32 bits)
# User : Tomas - TOMAS-PC
# Boot Mode : Normal
# Running from : C:\Users\Tomas\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Tomas\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\CT3176921
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\jetpack
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16982

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\prefs.js

C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\user.js ... Deleted !

Deleted : user_pref("CT3176921.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3176921.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3176921.3176921a129719618372458539000000paramsGK1.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzU5OT[...]
Deleted : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_followers.enc", "MHgwMDM[...]
Deleted : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_followers_count.enc", "M[...]
Deleted : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_following.enc", "");
Deleted : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_following_count.enc", "M[...]
Deleted : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_home.enc", "MHgwMDMxLDB4[...]
Deleted : user_pref("CT3176921.3176921a129719618372458539000000twitterTemplate_notify_home_count.enc", "Nw==")[...]
Deleted : user_pref("CT3176921.3176921a129720553164390415000000paramsGK0.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzU5OT[...]
Deleted : user_pref("CT3176921.CBOpenMAMSettings.enc", "MA==");
Deleted : user_pref("CT3176921.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3176921.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3176921.FirstTime", "true");
Deleted : user_pref("CT3176921.FirstTimeFF3", "true");
Deleted : user_pref("CT3176921.LoginRevertSettingsEnabled", true);
Deleted : user_pref("CT3176921.PG_ENABLE", "dHJ1ZQ==");
Deleted : user_pref("CT3176921.RevertSettingsEnabled", true);
Deleted : user_pref("CT3176921.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT317[...]
Deleted : user_pref("CT3176921.UserID", "UN37091567452177010");
Deleted : user_pref("CT3176921.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3176921.autoDisableScopes", -1);
Deleted : user_pref("CT3176921.browser.search.defaultthis.engineName", "true");
Deleted : user_pref("CT3176921.cbcountry_001.enc", "Q1o=");
Deleted : user_pref("CT3176921.cbfirsttime.enc", "U3VuIEZlYiAwMyAyMDEzIDIxOjUzOjA0IEdNVCswMTAw");
Deleted : user_pref("CT3176921.defaultSearch", "true");
Deleted : user_pref("CT3176921.enableAlerts", "always");
Deleted : user_pref("CT3176921.enableFix404ByUser", "FALSE");
Deleted : user_pref("CT3176921.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3176921.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3176921.fixPageNotFoundError", "true");
Deleted : user_pref("CT3176921.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT3176921.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3176921.fixUrls", true);
Deleted : user_pref("CT3176921.homepageuserchanged", true);
Deleted : user_pref("CT3176921.installDate", "3/2/2013 21:52:25");
Deleted : user_pref("CT3176921.installId", "stub.exe");
Deleted : user_pref("CT3176921.installType", "conduitnsisintegration");
Deleted : user_pref("CT3176921.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3176921.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3176921.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3176921.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3176921.keyword", "true");
Deleted : user_pref("CT3176921.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Deleted : user_pref("CT3176921.lastVersion", "10.14.65.43");
Deleted : user_pref("CT3176921.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3176921.migrateAppsAndComponents", true);
Deleted : user_pref("CT3176921.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT3176921.openThankYouPage", "false");
Deleted : user_pref("CT3176921.openUninstallPage", "true");
Deleted : user_pref("CT3176921.revertSettingsEnabled", "false");
Deleted : user_pref("CT3176921.search.searchAppId", "10000002");
Deleted : user_pref("CT3176921.search.searchCount", "0");
Deleted : user_pref("CT3176921.searchInNewTabEnabledByUser", "true");
Deleted : user_pref("CT3176921.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3176921.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3176921.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3176921.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3176921.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359924770233");
Deleted : user_pref("CT3176921.serviceLayer_services_appsMetadata_lastUpdate", "1359924770073");
Deleted : user_pref("CT3176921.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359924769885");
Deleted : user_pref("CT3176921.serviceLayer_services_login_10.14.42.7_lastUpdate", "1361569824905");
Deleted : user_pref("CT3176921.serviceLayer_services_login_10.14.65.43_lastUpdate", "1361996206668");
Deleted : user_pref("CT3176921.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359924769981");
Deleted : user_pref("CT3176921.serviceLayer_services_searchAPI_lastUpdate", "1359924757715");
Deleted : user_pref("CT3176921.serviceLayer_services_serviceMap_lastUpdate", "1361987916726");
Deleted : user_pref("CT3176921.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359924769636");
Deleted : user_pref("CT3176921.serviceLayer_services_toolbarSettings_lastUpdate", "1361996208620");
Deleted : user_pref("CT3176921.serviceLayer_services_translation_lastUpdate", "1361987917174");
Deleted : user_pref("CT3176921.settingsINI", true);
Deleted : user_pref("CT3176921.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3176921.smartbar.CTID", "CT3176921");
Deleted : user_pref("CT3176921.smartbar.Uninstall", "0");
Deleted : user_pref("CT3176921.smartbar.homepage", "true");
Deleted : user_pref("CT3176921.smartbar.isHidden", true);
Deleted : user_pref("CT3176921.smartbar.toolbarName", "express-files ");
Deleted : user_pref("CT3176921.startPage", "true");
Deleted : user_pref("CT3176921.toolbarBornServerTime", "3-2-2013");
Deleted : user_pref("CT3176921.toolbarCurrentServerTime", "27-2-2013");
Deleted : user_pref("CT3176921.twitterTemplate_3176921a129719618372458539000000_DailyActivity.enc", "MTM1OTkyN[...]
Deleted : user_pref("CT3176921.twitterTemplate_3176921a129719618372458539000000_LifetimeSent.enc", "VFJVRQ==")[...]
Deleted : user_pref("CT3176921.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Deleted : user_pref("CT3176921.url_history0001.enc", "aHR0cDovL3d3dy5maXh5YS5jb20vZi9zZWFyY2gvcDEyNjE0MjctYXV0[...]
Deleted : user_pref("CT3176921_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "express-files Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3176921");
Deleted : user_pref("browser.search.defaultthis.engineName", "express-files Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&Sea[...]
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("ct3176921.UserID", "UN37091567452177010");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&SearchSource=2&CU[...]
Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3176921");
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3176921&SearchSource=13[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.machineId", "PRQT8JZC2287EWDGGYBBMSA4RYC7BC9PCF2LZYYCWBRUMEXCABA2GA6XSYSLKPUKVYW[...]
Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.seznam.cz/");
Deleted : user_pref("smartbar.originalSearchAddressUrl", "");
Deleted : user_pref("smartbar.originalSearchEngine", "Ask.com");

*************************

AdwCleaner[R1].txt - [12217 octets] - [27/02/2013 21:32:15]
AdwCleaner[S1].txt - [12215 octets] - [28/02/2013 19:15:10]

########## EOF - C:\AdwCleaner[S1].txt - [12276 octets] ##########

Tom10 · Příspěvekod **Tom10** » 28 úno 2013 19:57

2. Log zTDSSKiller:

19:21:36.0107 5536 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:21:36.0356 5536 ============================================================
19:21:36.0356 5536 Current date / time: 2013/02/28 19:21:36.0356
19:21:36.0356 5536 SystemInfo:
19:21:36.0356 5536
19:21:36.0356 5536 OS Version: 6.0.6000 ServicePack: 0.0
19:21:36.0356 5536 Product type: Workstation
19:21:36.0356 5536 ComputerName: TOMAS-PC
19:21:36.0356 5536 UserName: Tomas
19:21:36.0356 5536 Windows directory: C:\Windows
19:21:36.0356 5536 System windows directory: C:\Windows
19:21:36.0356 5536 Processor architecture: Intel x86
19:21:36.0356 5536 Number of processors: 2
19:21:36.0356 5536 Page size: 0x1000
19:21:36.0356 5536 Boot type: Normal boot
19:21:36.0356 5536 ============================================================
19:21:36.0840 5536 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:21:36.0856 5536 ============================================================
19:21:36.0856 5536 \Device\Harddisk0\DR0:
19:21:36.0856 5536 MBR partitions:
19:21:36.0856 5536 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x65F99C1
19:21:36.0856 5536 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x65F9A00, BlocksNum 0xB274D80
19:21:36.0856 5536 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1186E780, BlocksNum 0x11AA341
19:21:36.0856 5536 ============================================================
19:21:37.0074 5536 C: <-> \Device\Harddisk0\DR0\Partition1
19:21:37.0261 5536 D: <-> \Device\Harddisk0\DR0\Partition2
19:21:37.0292 5536 E: <-> \Device\Harddisk0\DR0\Partition3
19:21:37.0292 5536 ============================================================
19:21:37.0292 5536 Initialize success
19:21:37.0292 5536 ============================================================
19:21:40.0038 5744 ============================================================
19:21:40.0054 5744 Scan started
19:21:40.0054 5744 Mode: Manual;
19:21:40.0054 5744 ============================================================
19:21:40.0646 5744 ================ Scan system memory ========================
19:21:40.0646 5744 System memory - ok
19:21:40.0646 5744 ================ Scan services =============================
19:21:41.0270 5744 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
19:21:41.0286 5744 ACPI - ok
19:21:41.0442 5744 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:21:41.0442 5744 AdobeARMservice - ok
19:21:41.0536 5744 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:21:41.0551 5744 AdobeFlashPlayerUpdateSvc - ok
19:21:41.0598 5744 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:21:41.0614 5744 adp94xx - ok
19:21:41.0645 5744 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:21:41.0645 5744 adpahci - ok
19:21:41.0660 5744 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:21:41.0660 5744 adpu160m - ok
19:21:41.0676 5744 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:21:41.0676 5744 adpu320 - ok
19:21:41.0707 5744 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:21:41.0707 5744 AeLookupSvc - ok
19:21:41.0754 5744 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
19:21:41.0754 5744 AFD - ok
19:21:41.0801 5744 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:21:41.0801 5744 agp440 - ok
19:21:41.0848 5744 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:21:41.0848 5744 aic78xx - ok
19:21:41.0894 5744 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
19:21:41.0894 5744 ALG - ok
19:21:41.0926 5744 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
19:21:41.0926 5744 aliide - ok
19:21:41.0957 5744 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:21:41.0957 5744 amdagp - ok
19:21:41.0957 5744 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
19:21:41.0972 5744 amdide - ok
19:21:41.0988 5744 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:21:41.0988 5744 AmdK7 - ok
19:21:42.0004 5744 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:21:42.0004 5744 AmdK8 - ok
19:21:42.0050 5744 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
19:21:42.0050 5744 Appinfo - ok
19:21:42.0082 5744 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
19:21:42.0082 5744 arc - ok
19:21:42.0113 5744 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:21:42.0128 5744 arcsas - ok
19:21:42.0269 5744 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:21:42.0269 5744 aspnet_state - ok
19:21:42.0316 5744 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:21:42.0316 5744 AsyncMac - ok
19:21:42.0347 5744 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\drivers\atapi.sys
19:21:42.0347 5744 atapi - ok
19:21:42.0409 5744 [ 69E65A2CE11619F0C868967CA9540B80 ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys
19:21:42.0409 5744 ATSWPDRV - ok
19:21:42.0503 5744 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:21:42.0518 5744 AudioEndpointBuilder - ok
19:21:42.0518 5744 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:21:42.0518 5744 Audiosrv - ok
19:21:42.0596 5744 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
19:21:42.0628 5744 Autodesk Content Service - ok
19:21:42.0706 5744 [ 32A5DEFDDC3562BF89D73586F5915B34 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
19:21:42.0706 5744 Autodesk Licensing Service - ok
19:21:42.0784 5744 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
19:21:42.0799 5744 BCM43XV - ok
19:21:42.0846 5744 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
19:21:42.0846 5744 Beep - ok
19:21:42.0893 5744 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
19:21:42.0893 5744 BFE - ok
19:21:42.0971 5744 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\system32\qmgr.dll
19:21:42.0986 5744 BITS - ok
19:21:43.0002 5744 blbdrive - ok
19:21:43.0018 5744 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:21:43.0033 5744 bowser - ok
19:21:43.0064 5744 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:21:43.0064 5744 BrFiltLo - ok
19:21:43.0064 5744 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:21:43.0064 5744 BrFiltUp - ok
19:21:43.0111 5744 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
19:21:43.0111 5744 Browser - ok
19:21:43.0142 5744 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:21:43.0142 5744 Brserid - ok
19:21:43.0142 5744 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:21:43.0158 5744 BrSerWdm - ok
19:21:43.0158 5744 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:21:43.0158 5744 BrUsbMdm - ok
19:21:43.0189 5744 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:21:43.0189 5744 BrUsbSer - ok
19:21:43.0236 5744 [ CF97C2D6A011EE9403B42191B5F95BA8 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:21:43.0236 5744 BthEnum - ok
19:21:43.0252 5744 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:21:43.0252 5744 BTHMODEM - ok
19:21:43.0267 5744 [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:21:43.0267 5744 BthPan - ok
19:21:43.0283 5744 [ B4CE8000AAB30A9AB16CD0FB3DB4D7CF ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:21:43.0298 5744 BTHPORT - ok
19:21:43.0314 5744 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
19:21:43.0330 5744 BthServ - ok
19:21:43.0361 5744 [ 9A4DDC8544C1459AA2A118A8858DADE3 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:21:43.0361 5744 BTHUSB - ok
19:21:43.0392 5744 [ 99AEEA7CEFDFC6E4151A8F620D682088 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:21:43.0408 5744 btwaudio - ok
19:21:43.0423 5744 [ 195872E48A7FB01F8BC9B800F70F4054 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:21:43.0439 5744 btwavdt - ok
19:21:43.0486 5744 [ 0724E7D6C9B6A289EDDDA33FA8176E80 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:21:43.0486 5744 btwrchid - ok
19:21:43.0595 5744 catchme - ok
19:21:43.0704 5744 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:21:43.0704 5744 cdfs - ok
19:21:43.0735 5744 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:21:43.0766 5744 cdrom - ok
19:21:43.0813 5744 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
19:21:43.0813 5744 CertPropSvc - ok
19:21:43.0844 5744 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
19:21:43.0844 5744 circlass - ok
19:21:43.0876 5744 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
19:21:43.0891 5744 CLFS - ok
19:21:43.0954 5744 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:21:43.0954 5744 clr_optimization_v2.0.50727_32 - ok
19:21:44.0000 5744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:21:44.0032 5744 clr_optimization_v4.0.30319_32 - ok
19:21:44.0063 5744 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:21:44.0078 5744 CmBatt - ok
19:21:44.0110 5744 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:21:44.0110 5744 cmdide - ok
19:21:44.0219 5744 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
19:21:44.0219 5744 Com4QLBEx - ok
19:21:44.0234 5744 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:21:44.0250 5744 Compbatt - ok
19:21:44.0266 5744 COMSysApp - ok
19:21:44.0281 5744 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:21:44.0281 5744 crcdisk - ok
19:21:44.0312 5744 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:21:44.0312 5744 Crusoe - ok
19:21:44.0344 5744 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:21:44.0359 5744 CryptSvc - ok
19:21:44.0422 5744 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
19:21:44.0422 5744 DcomLaunch - ok
19:21:44.0437 5744 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:21:44.0437 5744 DfsC - ok
19:21:44.0734 5744 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
19:21:44.0796 5744 DFSR - ok
19:21:44.0843 5744 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:21:44.0858 5744 Dhcp - ok
19:21:44.0890 5744 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
19:21:44.0890 5744 disk - ok
19:21:44.0921 5744 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:21:44.0936 5744 Dnscache - ok
19:21:44.0952 5744 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
19:21:44.0952 5744 dot3svc - ok
19:21:45.0077 5744 [ 876C4144EF6F1107C04A092CA03F89E0 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
19:21:45.0077 5744 DpHost - ok
19:21:45.0139 5744 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
19:21:45.0139 5744 DPS - ok
19:21:45.0186 5744 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:21:45.0186 5744 drmkaud - ok
19:21:45.0217 5744 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:21:45.0233 5744 DXGKrnl - ok
19:21:45.0264 5744 [ C0B00E55CF82D122D25983C7A6A53DEA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
19:21:45.0280 5744 E100B - ok
19:21:45.0295 5744 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:21:45.0295 5744 E1G60 - ok
19:21:45.0342 5744 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
19:21:45.0342 5744 EapHost - ok
19:21:45.0389 5744 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
19:21:45.0404 5744 Ecache - ok
19:21:45.0467 5744 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:21:45.0482 5744 ehRecvr - ok
19:21:45.0529 5744 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:21:45.0529 5744 ehSched - ok
19:21:45.0560 5744 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:21:45.0560 5744 ehstart - ok
19:21:45.0607 5744 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:21:45.0623 5744 elxstor - ok
19:21:45.0670 5744 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:21:45.0685 5744 EMDMgmt - ok
19:21:45.0732 5744 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
19:21:45.0732 5744 EventSystem - ok
19:21:45.0748 5744 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:21:45.0763 5744 fastfat - ok
19:21:45.0794 5744 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:21:45.0794 5744 fdc - ok
19:21:45.0810 5744 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
19:21:45.0810 5744 fdPHost - ok
19:21:45.0841 5744 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:21:45.0841 5744 FDResPub - ok
19:21:45.0857 5744 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:21:45.0872 5744 FileInfo - ok
19:21:45.0888 5744 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:21:45.0888 5744 Filetrace - ok
19:21:46.0184 5744 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:21:46.0200 5744 FLEXnet Licensing Service - ok
19:21:46.0216 5744 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:21:46.0231 5744 flpydisk - ok
19:21:46.0278 5744 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:21:46.0278 5744 FltMgr - ok
19:21:46.0356 5744 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:21:46.0372 5744 FontCache3.0.0.0 - ok
19:21:46.0387 5744 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:21:46.0387 5744 Fs_Rec - ok
19:21:46.0418 5744 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:21:46.0418 5744 gagp30kx - ok
19:21:46.0465 5744 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
19:21:46.0496 5744 gpsvc - ok
19:21:46.0559 5744 [ 93AEE3434935FC2F805FEFD8DC5ED1B4 ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
19:21:46.0559 5744 HBtnKey - ok
19:21:46.0621 5744 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:21:46.0621 5744 HdAudAddService - ok
19:21:46.0652 5744 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:21:46.0652 5744 HDAudBus - ok
19:21:46.0668 5744 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:21:46.0668 5744 HidBth - ok
19:21:46.0746 5744 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:21:46.0746 5744 HidIr - ok
19:21:46.0808 5744 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll
19:21:46.0840 5744 hidserv - ok
19:21:46.0871 5744 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:21:46.0871 5744 HidUsb - ok
19:21:46.0902 5744 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
19:21:46.0902 5744 hkmsvc - ok
19:21:46.0964 5744 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
19:21:46.0996 5744 HP Health Check Service - ok
19:21:47.0027 5744 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:21:47.0042 5744 HpCISSs - ok
19:21:47.0074 5744 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
19:21:47.0074 5744 HpqKbFiltr - ok
19:21:47.0276 5744 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
19:21:47.0276 5744 hpqwmiex - ok
19:21:47.0354 5744 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:21:47.0354 5744 HSFHWAZL - ok
19:21:47.0417 5744 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:21:47.0432 5744 HSF_DPV - ok
19:21:47.0526 5744 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:21:47.0542 5744 HTTP - ok
19:21:47.0573 5744 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:21:47.0573 5744 i2omp - ok
19:21:47.0635 5744 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:21:47.0635 5744 i8042prt - ok
19:21:47.0698 5744 [ 68431DB6633ED4C9D18226384498310A ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:21:47.0713 5744 IAANTMON - ok
19:21:47.0947 5744 [ 496DB78E6A0C4C44023D9A92B4A7AC31 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
19:21:47.0994 5744 ialm - ok
19:21:48.0041 5744 [ 2358C53F30CB9DCD1D3843C4E2F299B2 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:21:48.0041 5744 iaStor - ok
19:21:48.0134 5744 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:21:48.0166 5744 iaStorV - ok
19:21:48.0228 5744 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:21:48.0228 5744 IDriverT - ok
19:21:48.0478 5744 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:21:48.0493 5744 idsvc - ok
19:21:48.0540 5744 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:21:48.0540 5744 iirsp - ok
19:21:48.0743 5744 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
19:21:48.0743 5744 IKEEXT - ok
19:21:48.0883 5744 [ 9F5898EBD3BBE82EADF2EFA595F02A72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:21:48.0930 5744 IntcAzAudAddService - ok
19:21:48.0977 5744 [ 988981C840084F480BA9E3319CEBDE1B ] intelide C:\Windows\system32\drivers\intelide.sys
19:21:48.0992 5744 intelide - ok
19:21:49.0024 5744 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:21:49.0024 5744 intelppm - ok
19:21:49.0055 5744 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:21:49.0055 5744 IPBusEnum - ok
19:21:49.0086 5744 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:21:49.0086 5744 IpFilterDriver - ok
19:21:49.0148 5744 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:21:49.0148 5744 iphlpsvc - ok
19:21:49.0164 5744 IpInIp - ok
19:21:49.0195 5744 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:21:49.0226 5744 IPMIDRV - ok
19:21:49.0242 5744 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:21:49.0242 5744 IPNAT - ok
19:21:49.0289 5744 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:21:49.0289 5744 IRENUM - ok
19:21:49.0320 5744 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:21:49.0320 5744 isapnp - ok
19:21:49.0336 5744 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:21:49.0336 5744 iScsiPrt - ok
19:21:49.0351 5744 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:21:49.0351 5744 iteatapi - ok
19:21:49.0367 5744 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:21:49.0367 5744 iteraid - ok
19:21:49.0398 5744 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:21:49.0398 5744 kbdclass - ok
19:21:49.0445 5744 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:21:49.0507 5744 kbdhid - ok
19:21:49.0538 5744 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
19:21:49.0538 5744 KeyIso - ok
19:21:49.0663 5744 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:21:49.0663 5744 KSecDD - ok
19:21:49.0726 5744 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
19:21:49.0726 5744 KtmRm - ok
19:21:49.0819 5744 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\System32\srvsvc.dll
19:21:49.0819 5744 LanmanServer - ok
19:21:49.0897 5744 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:21:49.0897 5744 LanmanWorkstation - ok
19:21:49.0991 5744 [ 53710476495886D9961BE46983A6A33F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:21:49.0991 5744 LightScribeService - ok
19:21:50.0038 5744 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:21:50.0038 5744 lltdio - ok
19:21:50.0084 5744 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:21:50.0084 5744 lltdsvc - ok
19:21:50.0100 5744 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:21:50.0116 5744 lmhosts - ok
19:21:50.0131 5744 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:21:50.0131 5744 LSI_FC - ok
19:21:50.0147 5744 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:21:50.0147 5744 LSI_SAS - ok
19:21:50.0162 5744 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:21:50.0162 5744 LSI_SCSI - ok
19:21:50.0194 5744 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
19:21:50.0194 5744 luafv - ok
19:21:50.0225 5744 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:21:50.0225 5744 MBAMProtector - ok
19:21:50.0272 5744 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:21:50.0287 5744 MBAMScheduler - ok
19:21:50.0334 5744 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:21:50.0350 5744 MBAMService - ok
19:21:50.0381 5744 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:21:50.0381 5744 Mcx2Svc - ok
19:21:50.0443 5744 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
19:21:50.0443 5744 megasas - ok
19:21:50.0459 5744 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
19:21:50.0459 5744 MMCSS - ok
19:21:50.0490 5744 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
19:21:50.0506 5744 Modem - ok
19:21:50.0584 5744 [ 7E222A1BAAA42C8559DB2CE8A12AD828 ] MODEMCSA C:\Windows\system32\drivers\MODEMCSA.sys
19:21:50.0584 5744 MODEMCSA - ok
19:21:50.0646 5744 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:21:50.0646 5744 monitor - ok
19:21:50.0662 5744 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:21:50.0662 5744 mouclass - ok
19:21:50.0693 5744 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:21:50.0693 5744 mouhid - ok
19:21:50.0708 5744 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:21:50.0708 5744 MountMgr - ok
19:21:50.0755 5744 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:21:50.0771 5744 MozillaMaintenance - ok
19:21:50.0833 5744 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
19:21:50.0833 5744 mpio - ok
19:21:50.0864 5744 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:21:50.0864 5744 mpsdrv - ok
19:21:50.0927 5744 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
19:21:50.0927 5744 MpsSvc - ok
19:21:50.0958 5744 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:21:50.0958 5744 Mraid35x - ok
19:21:50.0989 5744 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:21:50.0989 5744 MRxDAV - ok
19:21:51.0020 5744 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:21:51.0020 5744 mrxsmb - ok
19:21:51.0036 5744 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:21:51.0036 5744 mrxsmb10 - ok
19:21:51.0052 5744 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:21:51.0052 5744 mrxsmb20 - ok
19:21:51.0098 5744 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
19:21:51.0098 5744 msahci - ok
19:21:51.0114 5744 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:21:51.0114 5744 msdsm - ok
19:21:51.0161 5744 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
19:21:51.0161 5744 MSDTC - ok
19:21:51.0192 5744 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:21:51.0192 5744 Msfs - ok
19:21:51.0208 5744 [ 2C3F1983CD3629573CB9E9658247847A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:21:51.0223 5744 msisadrv - ok
19:21:51.0239 5744 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:21:51.0239 5744 MSiSCSI - ok
19:21:51.0254 5744 msiserver - ok
19:21:51.0286 5744 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:21:51.0286 5744 MSKSSRV - ok
19:21:51.0317 5744 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:21:51.0317 5744 MSPCLOCK - ok
19:21:51.0332 5744 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:21:51.0332 5744 MSPQM - ok
19:21:51.0395 5744 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:21:51.0395 5744 MsRPC - ok
19:21:51.0410 5744 [ 1F6F7159C75E4B27D138B5225808860F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:21:51.0410 5744 mssmbios - ok
19:21:51.0410 5744 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:21:51.0410 5744 MSTEE - ok
19:21:51.0426 5744 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
19:21:51.0426 5744 Mup - ok
19:21:51.0473 5744 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
19:21:51.0473 5744 napagent - ok
19:21:51.0520 5744 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:21:51.0535 5744 NativeWifiP - ok
19:21:51.0722 5744 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:21:51.0722 5744 NDIS - ok
19:21:51.0769 5744 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:21:51.0800 5744 NdisTapi - ok
19:21:51.0832 5744 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:21:51.0832 5744 Ndisuio - ok
19:21:51.0847 5744 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:21:51.0847 5744 NdisWan - ok
19:21:51.0863 5744 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:21:51.0863 5744 NDProxy - ok
19:21:51.0878 5744 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:21:51.0878 5744 NetBIOS - ok
19:21:51.0910 5744 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:21:51.0910 5744 netbt - ok
19:21:51.0925 5744 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
19:21:51.0925 5744 Netlogon - ok
19:21:52.0003 5744 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
19:21:52.0003 5744 Netman - ok
19:21:52.0034 5744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:21:52.0066 5744 NetMsmqActivator - ok
19:21:52.0066 5744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:21:52.0066 5744 NetPipeActivator - ok
19:21:52.0097 5744 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
19:21:52.0097 5744 netprofm - ok
19:21:52.0097 5744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:21:52.0112 5744 NetTcpActivator - ok
19:21:52.0112 5744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:21:52.0112 5744 NetTcpPortSharing - ok
19:21:52.0456 5744 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
19:21:52.0471 5744 NETw3v32 - ok
19:21:52.0924 5744 [ 25ACCCFC33DD448B9D3037C5E439E830 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
19:21:53.0033 5744 NETw4v32 - ok
19:21:53.0719 5744 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
19:21:53.0875 5744 NETw5v32 - ok
19:21:53.0906 5744 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:21:53.0922 5744 nfrd960 - ok
19:21:53.0969 5744 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
19:21:53.0969 5744 NlaSvc - ok
19:21:54.0000 5744 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:21:54.0000 5744 Npfs - ok
19:21:54.0016 5744 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
19:21:54.0031 5744 nsi - ok
19:21:54.0047 5744 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:21:54.0047 5744 nsiproxy - ok
19:21:54.0281 5744 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:21:54.0328 5744 Ntfs - ok
19:21:54.0359 5744 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:21:54.0359 5744 ntrigdigi - ok
19:21:54.0390 5744 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
19:21:54.0390 5744 Null - ok
19:21:55.0466 5744 [ 24000B817CC84AC1555F41929879AF5A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:21:55.0950 5744 nvlddmkm - ok
19:21:55.0981 5744 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:21:55.0997 5744 nvraid - ok
19:21:56.0012 5744 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:21:56.0012 5744 nvstor - ok
19:21:56.0059 5744 [ C4D17F11526F87BC762F31DA5BD2580B ] nvsvc C:\Windows\system32\nvvsvc.exe
19:21:56.0059 5744 nvsvc - ok
19:21:56.0090 5744 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:21:56.0090 5744 nv_agp - ok
19:21:56.0090 5744 NwlnkFlt - ok
19:21:56.0106 5744 NwlnkFwd - ok
19:21:56.0137 5744 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:21:56.0137 5744 ohci1394 - ok
19:21:56.0200 5744 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:21:56.0200 5744 ose - ok
19:21:56.0356 5744 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:21:56.0371 5744 p2pimsvc - ok
19:21:56.0449 5744 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
19:21:56.0465 5744 p2psvc - ok
19:21:56.0480 5744 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:21:56.0496 5744 Parport - ok
19:21:56.0527 5744 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:21:56.0527 5744 partmgr - ok
19:21:56.0543 5744 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:21:56.0543 5744 Parvdm - ok
19:21:56.0590 5744 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:21:56.0590 5744 PcaSvc - ok
19:21:56.0621 5744 [ 5BEDD5E1416DA009C4F24ADF8DA13773 ] pci C:\Windows\system32\drivers\pci.sys
19:21:56.0621 5744 pci - ok
19:21:56.0636 5744 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
19:21:56.0652 5744 pciide - ok
19:21:56.0683 5744 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:21:56.0683 5744 pcmcia - ok
19:21:56.0746 5744 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:21:56.0761 5744 PEAUTH - ok
19:21:56.0855 5744 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
19:21:56.0870 5744 pla - ok
19:21:56.0917 5744 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:21:56.0933 5744 PlugPlay - ok
19:21:56.0980 5744 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:21:56.0980 5744 PNRPAutoReg - ok
19:21:57.0011 5744 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:21:57.0011 5744 PNRPsvc - ok
19:21:57.0058 5744 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:21:57.0073 5744 PolicyAgent - ok
19:21:57.0104 5744 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:21:57.0104 5744 PptpMiniport - ok
19:21:57.0120 5744 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
19:21:57.0120 5744 Processor - ok
19:21:57.0151 5744 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
19:21:57.0151 5744 ProfSvc - ok
19:21:57.0167 5744 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:21:57.0167 5744 ProtectedStorage - ok
19:21:57.0182 5744 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:21:57.0182 5744 PSched - ok
19:21:57.0245 5744 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:21:57.0260 5744 ql2300 - ok
19:21:57.0276 5744 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:21:57.0276 5744 ql40xx - ok
19:21:57.0494 5744 [ 599FF0B96561CA4F0899FE7F1C4CCE9A ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
19:21:57.0494 5744 QPCapSvc - ok
19:21:57.0510 5744 [ 8FF5CAD74C3C5E692E1610E861609A3B ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
19:21:57.0510 5744 QPSched - ok
19:21:57.0572 5744 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
19:21:57.0572 5744 QWAVE - ok
19:21:57.0604 5744 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:21:57.0604 5744 QWAVEdrv - ok
19:21:57.0666 5744 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:21:57.0666 5744 RasAcd - ok
19:21:57.0697 5744 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
19:21:57.0697 5744 RasAuto - ok
19:21:57.0713 5744 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:21:57.0713 5744 Rasl2tp - ok
19:21:57.0728 5744 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
19:21:57.0728 5744 RasMan - ok
19:21:57.0744 5744 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:21:57.0744 5744 RasPppoe - ok
19:21:57.0775 5744 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:21:57.0775 5744 rdbss - ok
19:21:57.0791 5744 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:21:57.0791 5744 RDPCDD - ok
19:21:57.0822 5744 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:21:57.0822 5744 rdpdr - ok
19:21:57.0838 5744 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:21:57.0838 5744 RDPENCDD - ok
19:21:57.0869 5744 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:21:57.0869 5744 RDPWD - ok
19:21:57.0916 5744 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
19:21:57.0916 5744 RemoteAccess - ok
19:21:57.0947 5744 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:21:57.0978 5744 RemoteRegistry - ok
19:21:58.0009 5744 [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:21:58.0009 5744 RFCOMM - ok
19:21:58.0259 5744 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
19:21:58.0290 5744 RichVideo - ok
19:21:58.0337 5744 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
19:21:58.0337 5744 rimmptsk - ok
19:21:58.0337 5744 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
19:21:58.0337 5744 rimsptsk - ok
19:21:58.0368 5744 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
19:21:58.0368 5744 rismxdp - ok
19:21:58.0384 5744 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:21:58.0384 5744 RpcLocator - ok
19:21:58.0430 5744 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
19:21:58.0430 5744 RpcSs - ok
19:21:58.0477 5744 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:21:58.0524 5744 rspndr - ok
19:21:58.0555 5744 [ 9A929308A64183D3D9DCCBB6DF4BADAE ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
19:21:58.0555 5744 RTL8169 - ok
19:21:58.0571 5744 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
19:21:58.0571 5744 SamSs - ok
19:21:58.0602 5744 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:21:58.0602 5744 sbp2port - ok
19:21:58.0633 5744 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:21:58.0649 5744 SCardSvr - ok
19:21:58.0820 5744 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
19:21:58.0836 5744 Schedule - ok
19:21:58.0852 5744 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:21:58.0852 5744 SCPolicySvc - ok
19:21:58.0867 5744 [ 7B3973CC28B8AA3E9E2E5D53E720E2C9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:21:58.0883 5744 sdbus - ok
19:21:58.0914 5744 [ 56AA904311B3BACC67DBA8679AFF73D4 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:21:58.0914 5744 SDRSVC - ok
19:21:58.0914 5744 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:21:58.0914 5744 secdrv - ok
19:21:58.0930 5744 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
19:21:58.0945 5744 seclogon - ok
19:21:58.0961 5744 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\system32\sens.dll
19:21:58.0961 5744 SENS - ok
19:21:58.0992 5744 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:21:58.0992 5744 Serenum - ok
19:21:59.0008 5744 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:21:59.0008 5744 Serial - ok
19:21:59.0039 5744 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:21:59.0039 5744 sermouse - ok
19:21:59.0070 5744 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
19:21:59.0070 5744 SessionEnv - ok
19:21:59.0086 5744 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:21:59.0101 5744 sffdisk - ok

Tom10 · Příspěvekod **Tom10** » 28 úno 2013 19:58

19:21:59.0117 5744 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:21:59.0117 5744 sffp_mmc - ok
19:21:59.0132 5744 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:21:59.0132 5744 sffp_sd - ok
19:21:59.0148 5744 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:21:59.0148 5744 sfloppy - ok
19:21:59.0210 5744 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:21:59.0210 5744 SharedAccess - ok
19:21:59.0273 5744 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:21:59.0273 5744 ShellHWDetection - ok
19:21:59.0304 5744 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:21:59.0304 5744 sisagp - ok
19:21:59.0351 5744 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:21:59.0382 5744 SiSRaid2 - ok
19:21:59.0398 5744 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:21:59.0398 5744 SiSRaid4 - ok
19:21:59.0569 5744 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
19:21:59.0663 5744 slsvc - ok
19:21:59.0710 5744 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:21:59.0710 5744 SLUINotify - ok
19:21:59.0741 5744 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:21:59.0741 5744 Smb - ok
19:21:59.0881 5744 [ 7E6628D18D30F14A56C0D9116310AB8A ] smserial C:\Windows\system32\DRIVERS\smserial.sys
19:21:59.0912 5744 smserial - ok
19:21:59.0944 5744 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:21:59.0959 5744 SNMPTRAP - ok
19:21:59.0959 5744 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
19:21:59.0959 5744 spldr - ok
19:21:59.0990 5744 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
19:21:59.0990 5744 Spooler - ok
19:22:00.0037 5744 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
19:22:00.0037 5744 srv - ok
19:22:00.0084 5744 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:22:00.0100 5744 srv2 - ok
19:22:00.0115 5744 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:22:00.0115 5744 srvnet - ok
19:22:00.0131 5744 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:22:00.0146 5744 SSDPSRV - ok
19:22:00.0178 5744 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
19:22:00.0193 5744 stisvc - ok
19:22:00.0224 5744 [ 92894DD7FDD62AF808B1409B73AF9C73 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:22:00.0240 5744 swenum - ok
19:22:00.0271 5744 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
19:22:00.0287 5744 swprv - ok
19:22:00.0302 5744 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:22:00.0302 5744 Symc8xx - ok
19:22:00.0318 5744 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:22:00.0318 5744 Sym_hi - ok
19:22:00.0318 5744 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:22:00.0334 5744 Sym_u3 - ok
19:22:00.0380 5744 [ F5D926807BD9BC0AF68F9376144DE425 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:22:00.0396 5744 SynTP - ok
19:22:00.0443 5744 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
19:22:00.0458 5744 SysMain - ok
19:22:00.0490 5744 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:22:00.0490 5744 TabletInputService - ok
19:22:00.0505 5744 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:22:00.0521 5744 TapiSrv - ok
19:22:00.0536 5744 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
19:22:00.0536 5744 TBS - ok
19:22:00.0599 5744 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:22:00.0630 5744 Tcpip - ok
19:22:00.0646 5744 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:22:00.0646 5744 Tcpip6 - ok
19:22:00.0724 5744 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:22:00.0739 5744 tcpipreg - ok
19:22:00.0770 5744 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:22:00.0770 5744 TDPIPE - ok
19:22:00.0786 5744 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:22:00.0786 5744 TDTCP - ok
19:22:00.0817 5744 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:22:00.0833 5744 tdx - ok
19:22:00.0848 5744 [ 85908DA29AF0AB835048107AD2AD07D1 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:22:00.0848 5744 TermDD - ok
19:22:00.0942 5744 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
19:22:00.0973 5744 TermService - ok
19:22:00.0989 5744 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
19:22:00.0989 5744 Themes - ok
19:22:01.0004 5744 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
19:22:01.0004 5744 THREADORDER - ok
19:22:01.0036 5744 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
19:22:01.0036 5744 TrkWks - ok
19:22:01.0067 5744 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:22:01.0067 5744 TrustedInstaller - ok
19:22:01.0098 5744 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:22:01.0098 5744 tssecsrv - ok
19:22:01.0145 5744 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:22:01.0145 5744 tunmp - ok
19:22:01.0160 5744 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:22:01.0160 5744 tunnel - ok
19:22:01.0192 5744 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:22:01.0192 5744 uagp35 - ok
19:22:01.0223 5744 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:22:01.0223 5744 udfs - ok
19:22:01.0270 5744 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:22:01.0285 5744 UI0Detect - ok
19:22:01.0316 5744 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:22:01.0316 5744 uliagpkx - ok
19:22:01.0363 5744 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:22:01.0363 5744 uliahci - ok
19:22:01.0379 5744 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:22:01.0379 5744 UlSata - ok
19:22:01.0410 5744 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:22:01.0410 5744 ulsata2 - ok
19:22:01.0426 5744 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:22:01.0426 5744 umbus - ok
19:22:01.0472 5744 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
19:22:01.0472 5744 upnphost - ok
19:22:01.0504 5744 [ 51480458E6E9863F856EBF35AAE801B4 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:22:01.0519 5744 usbccgp - ok
19:22:01.0535 5744 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:22:01.0550 5744 usbcir - ok
19:22:01.0566 5744 [ 11FA3ACBF0DE0286829C69E01FE705E4 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:22:01.0582 5744 usbehci - ok
19:22:01.0613 5744 [ 6A7858A38B5105731E219E7C6A238730 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:22:01.0613 5744 usbhub - ok
19:22:01.0628 5744 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:22:01.0628 5744 usbohci - ok
19:22:01.0644 5744 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:22:01.0644 5744 usbprint - ok
19:22:01.0706 5744 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:22:01.0706 5744 USBSTOR - ok
19:22:01.0753 5744 [ 4013315FED70A2D293B998CBBA4022EE ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:22:01.0753 5744 usbuhci - ok
19:22:01.0784 5744 [ 46F3A2912EF88CD8E87D4F9B304CD949 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:22:01.0800 5744 usbvideo - ok
19:22:01.0816 5744 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
19:22:01.0816 5744 UxSms - ok
19:22:01.0847 5744 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
19:22:01.0847 5744 vds - ok
19:22:01.0894 5744 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:22:01.0909 5744 vga - ok
19:22:01.0940 5744 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:22:01.0940 5744 VgaSave - ok
19:22:01.0972 5744 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:22:01.0987 5744 viaagp - ok
19:22:02.0018 5744 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:22:02.0018 5744 ViaC7 - ok
19:22:02.0018 5744 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
19:22:02.0018 5744 viaide - ok
19:22:02.0050 5744 [ D9E9490C960624C416FBDE080DEEB7FE ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:22:02.0050 5744 volmgr - ok
19:22:02.0081 5744 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:22:02.0081 5744 volmgrx - ok
19:22:02.0112 5744 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:22:02.0128 5744 volsnap - ok
19:22:02.0143 5744 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:22:02.0159 5744 vsmraid - ok
19:22:02.0206 5744 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
19:22:02.0221 5744 VSS - ok
19:22:02.0252 5744 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
19:22:02.0252 5744 W32Time - ok
19:22:02.0299 5744 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:22:02.0299 5744 WacomPen - ok
19:22:02.0330 5744 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:22:02.0330 5744 Wanarp - ok
19:22:02.0330 5744 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:22:02.0330 5744 Wanarpv6 - ok
19:22:02.0362 5744 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:22:02.0362 5744 wcncsvc - ok
19:22:02.0393 5744 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:22:02.0393 5744 WcsPlugInService - ok
19:22:02.0424 5744 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
19:22:02.0440 5744 Wd - ok
19:22:02.0533 5744 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:22:02.0549 5744 Wdf01000 - ok
19:22:02.0580 5744 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:22:02.0580 5744 WdiServiceHost - ok
19:22:02.0580 5744 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:22:02.0596 5744 WdiSystemHost - ok
19:22:02.0627 5744 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
19:22:02.0627 5744 WebClient - ok
19:22:02.0642 5744 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
19:22:02.0642 5744 Wecsvc - ok
19:22:02.0658 5744 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:22:02.0674 5744 wercplsupport - ok
19:22:02.0736 5744 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
19:22:02.0752 5744 WerSvc - ok
19:22:02.0861 5744 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:22:02.0861 5744 winachsf - ok
19:22:02.0939 5744 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:22:02.0939 5744 WinDefend - ok
19:22:02.0954 5744 WinHttpAutoProxySvc - ok
19:22:03.0048 5744 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:22:03.0064 5744 Winmgmt - ok
19:22:03.0110 5744 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
19:22:03.0110 5744 WinRM - ok
19:22:03.0157 5744 [ B410476A00961BF3FC368A346D8EA6A7 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:22:03.0173 5744 Wlansvc - ok
19:22:03.0204 5744 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:22:03.0204 5744 WmiAcpi - ok
19:22:03.0235 5744 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:22:03.0235 5744 wmiApSrv - ok
19:22:03.0407 5744 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:22:03.0438 5744 WMPNetworkSvc - ok
19:22:03.0469 5744 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:22:03.0469 5744 WPCSvc - ok
19:22:03.0500 5744 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:22:03.0500 5744 WPDBusEnum - ok
19:22:03.0578 5744 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:22:03.0578 5744 WPFFontCache_v0400 - ok
19:22:03.0625 5744 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:22:03.0625 5744 ws2ifsl - ok
19:22:03.0641 5744 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\system32\wscsvc.dll
19:22:03.0641 5744 wscsvc - ok
19:22:03.0641 5744 WSearch - ok
19:22:03.0781 5744 [ 9397D21939A25DA1BD0ED8DB5BB3C853 ] wuauserv C:\Windows\system32\wuaueng.dll
19:22:03.0859 5744 wuauserv - ok
19:22:03.0875 5744 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:22:03.0890 5744 wudfsvc - ok
19:22:03.0890 5744 ================ Scan global ===============================
19:22:03.0937 5744 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
19:22:04.0031 5744 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
19:22:04.0046 5744 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
19:22:04.0093 5744 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
19:22:04.0109 5744 [Global] - ok
19:22:04.0109 5744 ================ Scan MBR ==================================
19:22:04.0124 5744 [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
19:22:05.0123 5744 \Device\Harddisk0\DR0 - ok
19:22:05.0123 5744 ================ Scan VBR ==================================
19:22:05.0154 5744 [ 9F6BFBD032F1E5F34D1D3F3D3C0976E9 ] \Device\Harddisk0\DR0\Partition1
19:22:05.0154 5744 \Device\Harddisk0\DR0\Partition1 - ok
19:22:05.0170 5744 [ 6B10A7DB6E198B99F2DC5630DC178835 ] \Device\Harddisk0\DR0\Partition2
19:22:05.0185 5744 \Device\Harddisk0\DR0\Partition2 - ok
19:22:05.0216 5744 [ 7C777113BC0F4C96201C80DF35235CE2 ] \Device\Harddisk0\DR0\Partition3
19:22:05.0216 5744 \Device\Harddisk0\DR0\Partition3 - ok
19:22:05.0216 5744 ============================================================
19:22:05.0216 5744 Scan finished
19:22:05.0216 5744 ============================================================
19:22:05.0232 5732 Detected object count: 0
19:22:05.0232 5732 Actual detected object count: 0
19:22:17.0291 5500 Deinitialize success

Tom10 · Příspěvekod **Tom10** » 28 úno 2013 19:59

3.Log z ComboFix

ComboFix 13-02-26.01 - Tomas 28.02.2013 19:34:44.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.2046.1276 [GMT 1:00]
Spuštěný z: c:\users\Tomas\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-28 do 2013-02-28 )))))))))))))))))))))))))))))))
.
.
2013-02-28 18:43 . 2013-02-28 18:43 -------- d-----w- c:\users\Tomas\AppData\Local\temp
2013-02-28 18:43 . 2013-02-28 18:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-27 20:36 . 2013-02-27 20:36 -------- d-----w- c:\users\Tomas\AppData\Roaming\Malwarebytes
2013-02-27 20:35 . 2013-02-27 20:35 -------- d-----w- c:\programdata\Malwarebytes
2013-02-27 20:35 . 2013-02-27 20:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-27 20:35 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-27 15:12 . 2013-02-27 15:12 388096 ----a-r- c:\users\Tomas\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-26 22:25 . 2013-02-26 22:25 -------- d-----w- c:\programdata\LightScribe
2013-02-26 19:51 . 2013-02-26 19:51 -------- d-----w- c:\users\Default\AppData\Roaming\hpqLog
2013-02-26 19:51 . 2013-02-26 19:51 -------- d-----w- c:\users\Tomas\AppData\Roaming\hpqLog
2013-02-26 19:50 . 2013-02-26 19:51 -------- d-----w- c:\windows\QLB
2013-02-26 17:29 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BA0643C1-EBDC-4F1E-9FA5-9BCA800AC5E3}\mpengine.dll
2013-02-22 22:06 . 2013-02-22 22:11 -------- d-----w- c:\users\Tomas\AppData\Roaming\Realore All My Gods
2013-02-04 20:41 . 2013-02-04 20:41 -------- d-----w- c:\programdata\FLEXnet
2013-02-04 19:58 . 2013-02-04 19:58 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-02-04 19:47 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2013-02-04 19:47 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2013-02-04 19:47 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-02-04 19:47 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2013-02-04 19:06 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-02-04 19:06 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-02-04 19:06 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-02-04 19:06 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-02-04 19:06 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-02-04 18:43 . 2013-02-04 18:43 -------- d-----w- C:\Autodesk
2013-02-03 20:51 . 2013-02-03 20:51 -------- d-----w- c:\users\Tomas\AppData\Roaming\ExpressFiles
2013-02-02 13:24 . 2013-02-02 13:23 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-02 13:24 . 2013-02-02 13:23 473520 ----a-w- c:\windows\system32\deployJava1.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:58 . 2013-01-13 22:05 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-26 21:58 . 2013-01-13 22:05 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28 . 2013-01-14 22:17 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-16 16:25 . 2013-01-16 16:25 378368 ----a-w- c:\windows\system32\winhttp.dll
2013-01-15 19:44 . 2013-01-15 19:44 268800 ----a-w- c:\windows\system32\es.dll
2013-01-15 19:43 . 2013-01-15 19:43 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2013-01-14 03:46 . 2013-01-14 03:46 216576 ----a-w- c:\windows\system32\msv1_0.dll
2013-01-14 03:45 . 2013-01-14 03:45 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-01-14 03:45 . 2013-01-14 03:45 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2013-01-14 03:45 . 2013-01-14 03:45 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-01-14 03:43 . 2013-01-14 03:43 98816 ----a-w- c:\windows\system32\mfps.dll
2013-01-14 03:43 . 2013-01-14 03:43 2855424 ----a-w- c:\windows\system32\mf.dll
2013-01-14 03:43 . 2013-01-14 03:43 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2013-01-14 03:43 . 2013-01-14 03:43 24576 ----a-w- c:\windows\system32\mfpmp.exe
2013-01-14 03:43 . 2013-01-14 03:43 2048 ----a-w- c:\windows\system32\mferror.dll
2013-01-14 03:42 . 2013-01-14 03:42 3502480 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-14 03:42 . 2013-01-14 03:42 3468168 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-14 03:39 . 2013-01-14 03:39 434176 ----a-w- c:\windows\system32\vbscript.dll
2013-01-14 03:38 . 2013-01-14 03:38 71680 ----a-w- c:\windows\system32\atl.dll
2013-01-14 03:37 . 2013-01-14 03:37 297472 ----a-w- c:\windows\system32\gdi32.dll
2013-01-14 03:35 . 2013-01-14 03:35 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-01-14 03:35 . 2013-01-14 03:35 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2013-01-14 03:30 . 2013-01-14 03:30 156160 ----a-w- c:\windows\system32\wkssvc.dll
2013-01-14 03:29 . 2013-01-14 03:29 36352 ----a-w- c:\windows\system32\tsgqec.dll
2013-01-14 03:29 . 2013-01-14 03:29 116736 ----a-w- c:\windows\system32\aaclient.dll
2013-01-14 03:29 . 2013-01-14 03:29 1871872 ----a-w- c:\windows\system32\mstscax.dll
2013-01-14 03:27 . 2013-01-14 03:27 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2013-01-14 03:25 . 2013-01-14 03:25 713728 ----a-w- c:\windows\system32\timedate.cpl
2013-01-14 03:23 . 2013-01-14 03:23 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2013-01-14 03:18 . 2013-01-14 03:18 428032 ----a-w- c:\windows\system32\EncDec.dll
2013-01-14 03:18 . 2013-01-14 03:18 177152 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-14 03:18 . 2013-01-14 03:18 1244672 ----a-w- c:\windows\system32\mcmde.dll
2013-01-14 03:18 . 2013-01-14 03:18 80896 ----a-w- c:\windows\system32\MSNP.ax
2013-01-14 03:18 . 2013-01-14 03:18 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax
2013-01-14 03:18 . 2013-01-14 03:18 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2013-01-14 03:18 . 2013-01-14 03:18 292352 ----a-w- c:\windows\system32\psisdecd.dll
2013-01-14 03:18 . 2013-01-14 03:18 217088 ----a-w- c:\windows\system32\psisrndr.ax
2013-01-14 03:14 . 2013-01-14 03:14 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-14 03:13 . 2013-01-14 03:13 696832 ----a-w- c:\windows\system32\localspl.dll
2013-01-14 03:11 . 2013-01-14 03:11 45112 ----a-w- c:\windows\system32\drivers\pciidex.sys
2013-01-14 03:11 . 2013-01-14 03:11 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2013-01-14 03:11 . 2013-01-14 03:11 17464 ----a-w- c:\windows\system32\drivers\intelide.sys
2013-01-14 03:11 . 2013-01-14 03:11 109624 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-01-14 03:11 . 2013-01-14 03:11 211000 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-01-14 03:11 . 2013-01-14 03:11 154624 ----a-w- c:\windows\system32\drivers\nwifi.sys
2013-01-14 03:10 . 2013-01-14 03:10 2923520 ----a-w- c:\windows\explorer.exe
2013-01-14 03:09 . 2013-01-14 03:09 494592 ----a-w- c:\windows\system32\kerberos.dll
2013-01-14 03:09 . 2013-01-14 03:09 175104 ----a-w- c:\windows\system32\wdigest.dll
2013-01-14 03:09 . 2013-01-14 03:09 7680 ----a-w- c:\windows\system32\lsass.exe
2013-01-14 03:09 . 2013-01-14 03:09 72704 ----a-w- c:\windows\system32\secur32.dll
2013-01-14 03:09 . 2013-01-14 03:09 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-01-14 03:09 . 2013-01-14 03:09 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-14 03:09 . 2013-01-14 03:09 272384 ----a-w- c:\windows\system32\schannel.dll
2013-01-14 03:08 . 2013-01-14 03:08 24064 ----a-w- c:\windows\system32\netcfg.exe
2013-01-14 03:07 . 2013-01-14 03:07 29184 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2013-01-14 03:07 . 2013-01-14 03:07 220160 ----a-w- c:\windows\system32\drivers\bthport.sys
2013-01-14 03:07 . 2013-01-14 03:07 19456 ----a-w- c:\windows\system32\drivers\bthenum.sys
2013-01-14 03:07 . 2013-01-14 03:07 181760 ----a-w- c:\windows\system32\fsquirt.exe
2013-01-14 03:05 . 2013-01-14 03:05 1585664 ----a-w- c:\windows\system32\setupapi.dll
2013-01-14 03:05 . 2013-01-14 03:05 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\mouhid.sys.mui
2013-01-14 03:05 . 2013-01-14 03:05 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\sermouse.sys.mui
2013-01-14 03:05 . 2013-01-14 03:05 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\mouclass.sys.mui
2013-01-14 03:05 . 2013-01-14 03:05 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2013-01-14 03:05 . 2013-01-14 03:05 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdhid.sys.mui
2013-01-14 03:05 . 2013-01-14 03:05 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\i8042prt.sys.mui
2013-01-14 03:05 . 2013-01-14 03:05 613888 ----a-w- c:\windows\system32\wpd_ci.dll
2013-01-14 03:05 . 2013-01-14 03:05 40960 ----a-w- c:\windows\system32\srclient.dll
2013-01-14 03:05 . 2013-01-14 03:05 371712 ----a-w- c:\windows\system32\srcore.dll
2013-01-14 03:05 . 2013-01-14 03:05 313856 ----a-w- c:\windows\system32\rstrui.exe
2013-01-14 03:05 . 2013-01-14 03:05 16384 ----a-w- c:\windows\system32\srdelayed.exe
2013-01-14 03:04 . 2013-01-14 03:04 944184 ----a-w- c:\windows\system32\winload.exe
2013-01-14 03:04 . 2013-01-14 03:04 905400 ----a-w- c:\windows\system32\winresume.exe
2013-01-14 03:04 . 2013-01-14 03:04 19000 ----a-w- c:\windows\system32\kd1394.dll
2013-01-14 03:04 . 2013-01-14 03:04 620088 ----a-w- c:\windows\system32\ci.dll
2013-01-14 03:04 . 2013-01-14 03:04 224824 ----a-w- c:\windows\system32\clfs.sys
2013-01-14 03:04 . 2013-01-14 03:04 260096 ----a-w- c:\windows\system32\dpx.dll
2013-01-14 03:04 . 2013-01-14 03:04 221696 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-01-14 03:04 . 2013-01-14 03:04 19456 ----a-w- c:\windows\system32\cfgmgr32.dll
2013-01-14 03:04 . 2013-01-14 03:04 101888 ----a-w- c:\windows\system32\drvinst.exe
2013-01-14 03:04 . 2013-01-14 03:04 6656 ----a-w- c:\windows\system32\kbd106n.dll
2013-01-14 03:04 . 2013-01-14 03:04 558080 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-14 03:04 . 2013-01-14 03:04 39424 ----a-w- c:\windows\system32\lodctr.exe
2013-01-14 03:04 . 2013-01-14 03:04 32256 ----a-w- c:\windows\system32\unlodctr.exe
2013-01-14 03:04 . 2013-01-14 03:04 17408 ----a-w- c:\windows\system32\prflbmsg.dll
2013-01-14 03:04 . 2013-01-14 03:04 115200 ----a-w- c:\windows\system32\loadperf.dll
2013-01-14 03:04 . 2013-01-14 03:04 595456 ----a-w- c:\windows\system32\schedsvc.dll
2013-01-14 03:04 . 2013-01-14 03:04 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2013-01-14 03:04 . 2013-01-14 03:04 495160 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-01-14 03:04 . 2013-01-14 03:04 35384 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-01-14 03:04 . 2013-01-14 03:04 35328 ----a-w- c:\windows\system32\dispci.dll
2013-01-14 03:04 . 2013-01-14 03:04 12800 ----a-w- c:\windows\system32\batt.dll
2013-01-14 03:04 . 2013-01-14 03:04 54784 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2013-01-14 03:04 . 2013-01-14 03:04 35384 ----a-w- c:\windows\system32\drivers\kbdclass.sys
2013-01-14 03:04 . 2013-01-14 03:04 34360 ----a-w- c:\windows\system32\drivers\mouclass.sys
2013-01-14 03:04 . 2013-01-14 03:04 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys
2013-01-14 03:04 . 2013-01-14 03:04 15872 ----a-w- c:\windows\system32\drivers\mouhid.sys
2013-01-14 03:04 . 2013-01-14 03:04 15872 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2013-01-14 03:03 . 2013-01-14 03:03 549888 ----a-w- c:\windows\system32\rpcss.dll
2013-01-14 03:03 . 2013-01-14 03:03 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2013-01-14 03:03 . 2013-01-14 03:03 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2013-02-19 20:29 . 2013-02-19 20:28 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2013-01-14 1232896]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-05-05 1466368]
"RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-09-30 181544]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2007-09-20 671744]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 16:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-13 21:58]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-01-21 22:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-02-02 14:24; {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF - ExtSQL: 2013-02-03 21:08; torntv@torntv.com; c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\iwaa4zhf.default\extensions\torntv@torntv.com.xpi
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-28 19:43
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(708)
c:\windows\system32\DPPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(2924)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
.
Celkový čas: 2013-02-28 19:44:47
ComboFix-quarantined-files.txt 2013-02-28 18:44
.
Před spuštěním: Volných bajtů: 12 653 334 528
Po spuštění: Volných bajtů: 12 634 333 184
.
- - End Of File - - 71839506790AEF259C03FF5A42702522

Příspěvekod **Žbeky** » 28 úno 2013 20:49

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000

DDS::
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
Obrázek

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Tom10 · Příspěvekod **Tom10** » 28 úno 2013 23:23

Tak jsem zkusil postupovat i dalším případě podle návodu. Po přesunutí vytvořeného souboru nad program ComboFix.exe se program automaticky spustil, jak píšeš. Jako, když jsem ho pouštěl poprvé, bjevilo se zobrazené modré okno, kde psal, že scan může tvat déle než 10min. Čekal jsem téměř hodinu,ale nic se nědělo. Po pokusu zavřít okno se pc kousl,takže jsem ho musel vypnout natrvdo tlačítkem a znova zapnout.
Tak nevím, jestli jsem někde neudělal chybu....

Příspěvekod **Žbeky** » 01 bře 2013 00:12

Někdy se to stane, zkus to v nouzovém režimu

Tom10 · Příspěvekod **Tom10** » 02 bře 2013 17:49

Tak jsem se zkusil přepnout do nouzového režimu, jenže zas heslo,které potřebuji propřihlášení mi nefunguje. Respektivě po naformátování před tím cca 1,5 měsícem jsi neuvědomuji, jaké jsem si tam zadal. Všechny, co mě napadli prostě nefungují. Už nevím jak dál.... :-(

Nemohu nainstalovat Norton internet security

Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Re: Nemohu nainstalovat Norton internet security

Kdo je online