Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:55:33, on 23.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\AS\Data aplikací\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\AS\Plocha\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll (file missing)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\AS\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\AS\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Documents and Settings\AS\AppData\LocalLow\Microńoft\redir.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Websense CPM Report Scheduler (dgyreeeaeue) - Unknown owner - C:\WINDOWS\system32\boovecessa.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 6378 bytes
Prosím o kontrolu logu + Vyřešeno
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu logu
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.05.23.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
AS :: SATELLITE [administrátor]
Ochrana: Povolena
23.5.2013 16:17:49
MBAM-log-2013-05-23 (17-01-17).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 202298
Uplynulý čas: 41 minut, 45 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|NVIDIA driver monitor (Backdoor.Agent) -> Data: C:\WINDOWS\nvsvc32.exe -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Taskman (Worm.Palevo) -> Data: C:\RECYCLER\S-1-5-21-7089515012-5415661327-435644119-3520\nvapbar.exe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 5
C:\win22.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\AS\Data aplikací\BG0Ai.txt (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\AS\secupdat.dat (Worm.Autorun) -> Nebyla provedena žádná instrukce.
(konec)
# AdwCleaner v2.301 - Log vytvooen 23/05/2013 v 17:04:45
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : AS - SATELLITE
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\AS\Plocha\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\AS\Data aplikací\Ask.com
Složka Nalezeno : C:\Documents and Settings\AS\Data aplikací\searchresultstb
Složka Nalezeno : C:\Program Files\ICQ6Toolbar
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]
Klíe Nalezeno : HKCU\Software\APN DTX
Klíe Nalezeno : HKCU\Software\AppDataLow\AskBarDis
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Klíe Nalezeno : HKLM\Software\FocusInteractive
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v8.0.6001.18702
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.ph ... =skins7&q={searchTerms}
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Documents and Settings\AS\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Documents and Settings\AS\Data aplikací\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13877 octets] - [23/05/2013 17:03:47]
AdwCleaner[R2].txt - [13807 octets] - [23/05/2013 17:04:45]
########## EOF - C:\AdwCleaner[R2].txt - [13868 octets] ##########
www.malwarebytes.org
Verze: v2013.05.23.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
AS :: SATELLITE [administrátor]
Ochrana: Povolena
23.5.2013 16:17:49
MBAM-log-2013-05-23 (17-01-17).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 202298
Uplynulý čas: 41 minut, 45 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|NVIDIA driver monitor (Backdoor.Agent) -> Data: C:\WINDOWS\nvsvc32.exe -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Taskman (Worm.Palevo) -> Data: C:\RECYCLER\S-1-5-21-7089515012-5415661327-435644119-3520\nvapbar.exe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 5
C:\win22.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\AS\Data aplikací\BG0Ai.txt (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\AS\secupdat.dat (Worm.Autorun) -> Nebyla provedena žádná instrukce.
(konec)
# AdwCleaner v2.301 - Log vytvooen 23/05/2013 v 17:04:45
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : AS - SATELLITE
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\AS\Plocha\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\AS\Data aplikací\Ask.com
Složka Nalezeno : C:\Documents and Settings\AS\Data aplikací\searchresultstb
Složka Nalezeno : C:\Program Files\ICQ6Toolbar
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]
Klíe Nalezeno : HKCU\Software\APN DTX
Klíe Nalezeno : HKCU\Software\AppDataLow\AskBarDis
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Klíe Nalezeno : HKLM\Software\FocusInteractive
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKU\S-1-5-21-839522115-2025429265-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v8.0.6001.18702
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.ph ... =skins7&q={searchTerms}
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Documents and Settings\AS\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Documents and Settings\AS\Data aplikací\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13877 octets] - [23/05/2013 17:03:47]
AdwCleaner[R2].txt - [13807 octets] - [23/05/2013 17:04:45]
########## EOF - C:\AdwCleaner[R2].txt - [13868 octets] ##########
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu logu
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.05.23.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
AS :: SATELLITE [administrátor]
Ochrana: Povolena
23.5.2013 18:37:53
mbam-log-2013-05-23 (18-37-53).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 205916
Uplynulý čas: 19 minut, 55 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|NVIDIA driver monitor (Backdoor.Agent) -> Data: C:\WINDOWS\nvsvc32.exe -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Taskman (Worm.Palevo) -> Data: C:\RECYCLER\S-1-5-21-7089515012-5415661327-435644119-3520\nvapbar.exe -> Přesun do karantény a smazání se zdařilo.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 5
C:\win22.exe (Trojan.Agent) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\AS\Data aplikací\BG0Ai.txt (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\AS\secupdat.dat (Worm.Autorun) -> Přesun do karantény a smazání se zdařilo.
(konec)
www.malwarebytes.org
Verze: v2013.05.23.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
AS :: SATELLITE [administrátor]
Ochrana: Povolena
23.5.2013 18:37:53
mbam-log-2013-05-23 (18-37-53).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 205916
Uplynulý čas: 19 minut, 55 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|NVIDIA driver monitor (Backdoor.Agent) -> Data: C:\WINDOWS\nvsvc32.exe -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Taskman (Worm.Palevo) -> Data: C:\RECYCLER\S-1-5-21-7089515012-5415661327-435644119-3520\nvapbar.exe -> Přesun do karantény a smazání se zdařilo.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 5
C:\win22.exe (Trojan.Agent) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\AS\Data aplikací\BG0Ai.txt (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\AS\secupdat.dat (Worm.Autorun) -> Přesun do karantény a smazání se zdařilo.
(konec)
Re: Prosím o kontrolu logu
# AdwCleaner v2.301 - Log vytvooen 23/05/2013 v 19:08:49
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : AS - SATELLITE
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\AS\Plocha\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Documents and Settings\AS\Data aplikací\Ask.com
Složka Vymazáno : C:\Documents and Settings\AS\Data aplikací\searchresultstb
Složka Vymazáno : C:\Program Files\ICQ6Toolbar
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]
Klíe Vymazáno : HKCU\Software\APN DTX
Klíe Vymazáno : HKCU\Software\AppDataLow\AskBarDis
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Klíe Vymazáno : HKLM\Software\FocusInteractive
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v8.0.6001.18702
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.ph ... =skins7&q={searchTerms} --> hxxp://www.google.com
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Documents and Settings\AS\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Documents and Settings\AS\Data aplikací\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13877 octets] - [23/05/2013 17:03:47]
AdwCleaner[R2].txt - [13938 octets] - [23/05/2013 17:04:45]
AdwCleaner[S1].txt - [12906 octets] - [23/05/2013 19:08:49]
########## EOF - C:\AdwCleaner[S1].txt - [12967 octets] ##########
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : AS - SATELLITE
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\AS\Plocha\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Documents and Settings\AS\Data aplikací\Ask.com
Složka Vymazáno : C:\Documents and Settings\AS\Data aplikací\searchresultstb
Složka Vymazáno : C:\Program Files\ICQ6Toolbar
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]
Klíe Vymazáno : HKCU\Software\APN DTX
Klíe Vymazáno : HKCU\Software\AppDataLow\AskBarDis
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Klíe Vymazáno : HKLM\Software\FocusInteractive
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v8.0.6001.18702
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.ph ... =skins7&q={searchTerms} --> hxxp://www.google.com
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Documents and Settings\AS\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Documents and Settings\AS\Data aplikací\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13877 octets] - [23/05/2013 17:03:47]
AdwCleaner[R2].txt - [13938 octets] - [23/05/2013 17:04:45]
AdwCleaner[S1].txt - [12906 octets] - [23/05/2013 19:08:49]
########## EOF - C:\AdwCleaner[S1].txt - [12967 octets] ##########
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu logu
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : AS [Práva správce]
Mód : Kontrola -- Datum : 05/24/2013 07:59:37
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\szninstall.exe" -c) [7] -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-839522115-2025429265-682003330-1003[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\szninstall.exe" -c) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-839522115-2025429265-682003330-1003[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK6032GSX +++++
--- User ---
[MBR] 6daac32b66c6a1878a546e79edfe3710
[BSP] 64a841b53d94422c55c2b3fd4f98b52f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 30000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61440120 | Size: 27231 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_05242013_02d0759.txt >>
RKreport[1]_S_05242013_02d0759.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : AS [Práva správce]
Mód : Kontrola -- Datum : 05/24/2013 07:59:37
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\szninstall.exe" -c) [7] -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-839522115-2025429265-682003330-1003[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\szninstall.exe" -c) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-839522115-2025429265-682003330-1003[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK6032GSX +++++
--- User ---
[MBR] 6daac32b66c6a1878a546e79edfe3710
[BSP] 64a841b53d94422c55c2b3fd4f98b52f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 30000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61440120 | Size: 27231 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_05242013_02d0759.txt >>
RKreport[1]_S_05242013_02d0759.txt
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu logu
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : AS [Práva správce]
Mód : Odebrat -- Datum : 05/24/2013 09:20:38
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\szninstall.exe" -c) [7] -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK6032GSX +++++
--- User ---
[MBR] 6daac32b66c6a1878a546e79edfe3710
[BSP] 64a841b53d94422c55c2b3fd4f98b52f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 30000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61440120 | Size: 27231 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[4]_D_05242013_02d0920.txt >>
RKreport[1]_S_05242013_02d0759.txt ; RKreport[2]_S_05242013_02d0803.txt ; RKreport[3]_S_05242013_02d0919.txt ; RKreport[4]_D_05242013_02d0920.txt
09:22:30.0218 2356 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:22:30.0468 2356 ============================================================
09:22:30.0468 2356 Current date / time: 2013/05/24 09:22:30.0468
09:22:30.0468 2356 SystemInfo:
09:22:30.0468 2356
09:22:30.0468 2356 OS Version: 5.1.2600 ServicePack: 3.0
09:22:30.0468 2356 Product type: Workstation
09:22:30.0468 2356 ComputerName: SATELLITE
09:22:30.0468 2356 UserName: AS
09:22:30.0468 2356 Windows directory: C:\WINDOWS
09:22:30.0468 2356 System windows directory: C:\WINDOWS
09:22:30.0468 2356 Processor architecture: Intel x86
09:22:30.0468 2356 Number of processors: 1
09:22:30.0468 2356 Page size: 0x1000
09:22:30.0468 2356 Boot type: Normal boot
09:22:30.0468 2356 ============================================================
09:22:32.0656 2356 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1E480, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF, Type 'K0', Flags 0x00000054
09:22:32.0656 2356 ============================================================
09:22:32.0656 2356 \Device\Harddisk0\DR0:
09:22:32.0656 2356 MBR partitions:
09:22:32.0656 2356 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A98039
09:22:32.0687 2356 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A980B7, BlocksNum 0x352F818
09:22:32.0687 2356 ============================================================
09:22:32.0718 2356 C: <-> \Device\Harddisk0\DR0\Partition1
09:22:32.0734 2356 D: <-> \Device\Harddisk0\DR0\Partition2
09:22:32.0750 2356 ============================================================
09:22:32.0750 2356 Initialize success
09:22:32.0750 2356 ============================================================
09:22:38.0187 1316 ============================================================
09:22:38.0187 1316 Scan started
09:22:38.0187 1316 Mode: Manual;
09:22:38.0187 1316 ============================================================
09:22:38.0609 1316 ================ Scan system memory ========================
09:22:38.0640 1316 System memory - ok
09:22:38.0656 1316 ================ Scan services =============================
09:22:38.0875 1316 Abiosdsk - ok
09:22:38.0921 1316 abp480n5 - ok
09:22:39.0000 1316 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:22:39.0000 1316 ACPI - ok
09:22:39.0062 1316 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:22:39.0062 1316 ACPIEC - ok
09:22:39.0125 1316 [ 552CF8B82150C0E70D5B017F32EFA067 ] ACS C:\WINDOWS\system32\acs.exe
09:22:39.0156 1316 ACS - ok
09:22:39.0281 1316 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:22:39.0281 1316 AdobeFlashPlayerUpdateSvc - ok
09:22:39.0312 1316 adpu160m - ok
09:22:39.0406 1316 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:22:39.0406 1316 aec - ok
09:22:39.0453 1316 [ ACCD563BF09C4659B54143FDE633B57D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:22:39.0453 1316 AegisP - ok
09:22:39.0531 1316 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:22:39.0531 1316 AFD - ok
09:22:39.0562 1316 Aha154x - ok
09:22:39.0609 1316 aic78u2 - ok
09:22:39.0640 1316 aic78xx - ok
09:22:39.0703 1316 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:22:39.0703 1316 Alerter - ok
09:22:39.0750 1316 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
09:22:39.0750 1316 ALG - ok
09:22:39.0796 1316 AliIde - ok
09:22:39.0828 1316 amsint - ok
09:22:39.0890 1316 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:22:39.0906 1316 AppMgmt - ok
09:22:39.0937 1316 asc - ok
09:22:39.0984 1316 asc3350p - ok
09:22:40.0015 1316 asc3550 - ok
09:22:40.0203 1316 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:22:40.0265 1316 aspnet_state - ok
09:22:40.0343 1316 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:22:40.0343 1316 aswFsBlk - ok
09:22:40.0421 1316 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
09:22:40.0421 1316 aswMonFlt - ok
09:22:40.0500 1316 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
09:22:40.0500 1316 AswRdr - ok
09:22:40.0546 1316 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
09:22:40.0562 1316 aswRvrt - ok
09:22:40.0640 1316 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
09:22:40.0656 1316 aswSnx - ok
09:22:40.0718 1316 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
09:22:40.0750 1316 aswSP - ok
09:22:40.0781 1316 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
09:22:40.0781 1316 aswTdi - ok
09:22:40.0843 1316 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
09:22:40.0843 1316 aswVmm - ok
09:22:40.0906 1316 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:22:40.0906 1316 AsyncMac - ok
09:22:40.0953 1316 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:22:40.0953 1316 atapi - ok
09:22:40.0984 1316 Atdisk - ok
09:22:41.0046 1316 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:22:41.0046 1316 Atmarpc - ok
09:22:41.0109 1316 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:22:41.0109 1316 AudioSrv - ok
09:22:41.0171 1316 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:22:41.0171 1316 audstub - ok
09:22:41.0328 1316 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:22:41.0328 1316 avast! Antivirus - ok
09:22:41.0421 1316 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:22:41.0421 1316 Beep - ok
09:22:41.0500 1316 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
09:22:41.0562 1316 BITS - ok
09:22:41.0625 1316 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
09:22:41.0625 1316 Browser - ok
09:22:41.0687 1316 [ CCE1F3C7C8E7383B90372229454999CF ] CAMCAUD C:\WINDOWS\system32\drivers\camc6aud.sys
09:22:41.0687 1316 CAMCAUD - ok
09:22:41.0750 1316 [ 9A3BBDE74DAB737EFA82DE7EF4B40BEA ] CAMCHALA C:\WINDOWS\system32\drivers\camc6hal.sys
09:22:41.0750 1316 CAMCHALA - ok
09:22:41.0828 1316 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:22:41.0828 1316 cbidf2k - ok
09:22:41.0890 1316 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:22:41.0890 1316 CCDECODE - ok
09:22:41.0921 1316 cd20xrnt - ok
09:22:41.0968 1316 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:22:41.0984 1316 Cdaudio - ok
09:22:42.0062 1316 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:22:42.0062 1316 Cdfs - ok
09:22:42.0125 1316 [ 1F4260CC5B42272D71F79E570A27A4FE ] cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:22:42.0140 1316 cdrom - ok
09:22:42.0171 1316 Changer - ok
09:22:42.0234 1316 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:22:42.0234 1316 CiSvc - ok
09:22:42.0281 1316 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:22:42.0281 1316 ClipSrv - ok
09:22:42.0359 1316 [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:22:42.0453 1316 clr_optimization_v2.0.50727_32 - ok
09:22:42.0515 1316 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:22:42.0515 1316 CmBatt - ok
09:22:42.0546 1316 CmdIde - ok
09:22:42.0593 1316 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:22:42.0609 1316 Compbatt - ok
09:22:42.0640 1316 COMSysApp - ok
09:22:42.0703 1316 Cpqarray - ok
09:22:42.0781 1316 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:22:42.0781 1316 CryptSvc - ok
09:22:42.0812 1316 dac2w2k - ok
09:22:42.0875 1316 dac960nt - ok
09:22:42.0968 1316 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:22:43.0015 1316 DcomLaunch - ok
09:22:43.0046 1316 dgyreeeaeue - ok
09:22:43.0125 1316 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:22:43.0125 1316 Dhcp - ok
09:22:43.0218 1316 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:22:43.0218 1316 Disk - ok
09:22:43.0250 1316 dmadmin - ok
09:22:43.0328 1316 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:22:43.0343 1316 dmboot - ok
09:22:43.0406 1316 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:22:43.0406 1316 dmio - ok
09:22:43.0453 1316 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:22:43.0453 1316 dmload - ok
09:22:43.0531 1316 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:22:43.0531 1316 dmserver - ok
09:22:43.0593 1316 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:22:43.0593 1316 DMusic - ok
09:22:43.0671 1316 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:22:43.0671 1316 Dnscache - ok
09:22:43.0718 1316 dogmidnr - ok
09:22:43.0781 1316 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:22:43.0781 1316 Dot3svc - ok
09:22:43.0812 1316 dpti2o - ok
09:22:43.0859 1316 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:22:43.0859 1316 drmkaud - ok
09:22:43.0921 1316 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
09:22:43.0921 1316 DrvAgent32 - ok
09:22:43.0984 1316 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:22:43.0984 1316 EapHost - ok
09:22:44.0046 1316 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:22:44.0046 1316 ERSvc - ok
09:22:44.0140 1316 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
09:22:44.0171 1316 Eventlog - ok
09:22:44.0250 1316 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
09:22:44.0265 1316 EventSystem - ok
09:22:44.0312 1316 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:22:44.0312 1316 Fastfat - ok
09:22:44.0406 1316 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:22:44.0437 1316 FastUserSwitchingCompatibility - ok
09:22:44.0500 1316 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:22:44.0500 1316 Fdc - ok
09:22:44.0578 1316 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:22:44.0578 1316 Fips - ok
09:22:44.0609 1316 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:22:44.0625 1316 Flpydisk - ok
09:22:44.0718 1316 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:22:44.0718 1316 FltMgr - ok
09:22:44.0796 1316 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:22:44.0796 1316 FontCache3.0.0.0 - ok
09:22:44.0843 1316 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:22:44.0843 1316 Fs_Rec - ok
09:22:44.0937 1316 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:22:44.0937 1316 Ftdisk - ok
09:22:44.0984 1316 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:22:44.0984 1316 Gpc - ok
09:22:45.0078 1316 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:22:45.0078 1316 gupdate - ok
09:22:45.0125 1316 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:22:45.0125 1316 gupdatem - ok
09:22:45.0234 1316 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:22:45.0234 1316 helpsvc - ok
09:22:45.0296 1316 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:22:45.0296 1316 HidServ - ok
09:22:45.0343 1316 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:22:45.0343 1316 hidusb - ok
09:22:45.0468 1316 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:22:45.0468 1316 hkmsvc - ok
09:22:45.0500 1316 hpn - ok
09:22:45.0578 1316 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:22:45.0578 1316 HTTP - ok
09:22:45.0640 1316 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:22:45.0687 1316 HTTPFilter - ok
09:22:45.0718 1316 i2omgmt - ok
09:22:45.0750 1316 i2omp - ok
09:22:45.0812 1316 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:22:45.0812 1316 i8042prt - ok
09:22:45.0937 1316 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:22:45.0968 1316 idsvc - ok
09:22:46.0031 1316 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:22:46.0031 1316 Imapi - ok
09:22:46.0109 1316 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\System32\imapi.exe
09:22:46.0109 1316 ImapiService - ok
09:22:46.0156 1316 ini910u - ok
09:22:46.0234 1316 IntelIde - ok
09:22:46.0296 1316 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:22:46.0296 1316 intelppm - ok
09:22:46.0375 1316 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:22:46.0375 1316 ip6fw - ok
09:22:46.0468 1316 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:22:46.0468 1316 IpFilterDriver - ok
09:22:46.0531 1316 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:22:46.0531 1316 IpInIp - ok
09:22:46.0578 1316 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:22:46.0578 1316 IpNat - ok
09:22:46.0656 1316 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:22:46.0656 1316 IPSec - ok
09:22:46.0703 1316 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:22:46.0718 1316 IRENUM - ok
09:22:46.0781 1316 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:22:46.0781 1316 isapnp - ok
09:22:46.0843 1316 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:22:46.0859 1316 Kbdclass - ok
09:22:46.0890 1316 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:22:46.0906 1316 kbdhid - ok
09:22:46.0953 1316 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:22:46.0953 1316 kmixer - ok
09:22:47.0015 1316 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:22:47.0015 1316 KSecDD - ok
09:22:47.0109 1316 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:22:47.0125 1316 lanmanserver - ok
09:22:47.0203 1316 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:22:47.0281 1316 lanmanworkstation - ok
09:22:47.0312 1316 lbrtfdc - ok
09:22:47.0406 1316 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:22:47.0406 1316 LmHosts - ok
09:22:47.0515 1316 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
09:22:47.0515 1316 MBAMProtector - ok
09:22:47.0625 1316 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:22:47.0625 1316 MBAMScheduler - ok
09:22:47.0703 1316 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:22:47.0718 1316 MBAMService - ok
09:22:47.0765 1316 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:22:47.0765 1316 Messenger - ok
09:22:47.0843 1316 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:22:47.0843 1316 mnmdd - ok
09:22:47.0921 1316 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
09:22:47.0921 1316 mnmsrvc - ok
09:22:48.0000 1316 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:22:48.0000 1316 Modem - ok
09:22:48.0046 1316 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:22:48.0046 1316 Mouclass - ok
09:22:48.0093 1316 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:22:48.0093 1316 mouhid - ok
09:22:48.0140 1316 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:22:48.0140 1316 MountMgr - ok
09:22:48.0171 1316 mraid35x - ok
09:22:48.0218 1316 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:22:48.0218 1316 MRxDAV - ok
09:22:48.0296 1316 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:22:48.0312 1316 MRxSmb - ok
09:22:48.0359 1316 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:22:48.0359 1316 MSDTC - ok
09:22:48.0421 1316 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:22:48.0421 1316 Msfs - ok
09:22:48.0453 1316 MSIServer - ok
09:22:48.0531 1316 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:22:48.0531 1316 MSKSSRV - ok
09:22:48.0593 1316 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:22:48.0593 1316 MSPCLOCK - ok
09:22:48.0625 1316 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:22:48.0640 1316 MSPQM - ok
09:22:48.0703 1316 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:22:48.0703 1316 mssmbios - ok
09:22:48.0750 1316 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:22:48.0750 1316 MSTEE - ok
09:22:48.0812 1316 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:22:48.0812 1316 Mup - ok
09:22:48.0875 1316 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:22:48.0875 1316 NABTSFEC - ok
09:22:48.0968 1316 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:22:48.0984 1316 napagent - ok
09:22:49.0078 1316 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:22:49.0078 1316 NDIS - ok
09:22:49.0140 1316 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:22:49.0140 1316 NdisIP - ok
09:22:49.0218 1316 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:22:49.0218 1316 NdisTapi - ok
09:22:49.0281 1316 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:22:49.0281 1316 Ndisuio - ok
09:22:49.0343 1316 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:22:49.0343 1316 NdisWan - ok
09:22:49.0421 1316 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:22:49.0421 1316 NDProxy - ok
09:22:49.0468 1316 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:22:49.0468 1316 NetBIOS - ok
09:22:49.0515 1316 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:22:49.0531 1316 NetBT - ok
09:22:49.0609 1316 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
09:22:49.0625 1316 NetDDE - ok
09:22:49.0656 1316 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:22:49.0671 1316 NetDDEdsdm - ok
09:22:49.0734 1316 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\System32\lsass.exe
09:22:49.0750 1316 Netlogon - ok
09:22:49.0796 1316 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
09:22:49.0796 1316 Netman - ok
09:22:49.0890 1316 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:22:49.0890 1316 NetTcpPortSharing - ok
09:22:49.0968 1316 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
09:22:49.0984 1316 Nla - ok
09:22:50.0031 1316 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:22:50.0031 1316 Npfs - ok
09:22:50.0109 1316 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:22:50.0109 1316 Ntfs - ok
09:22:50.0140 1316 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
09:22:50.0156 1316 NtLmSsp - ok
09:22:50.0250 1316 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:22:50.0265 1316 NtmsSvc - ok
09:22:50.0312 1316 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:22:50.0312 1316 Null - ok
09:22:50.0406 1316 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:22:50.0406 1316 NwlnkFlt - ok
09:22:50.0484 1316 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:22:50.0484 1316 NwlnkFwd - ok
09:22:50.0609 1316 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:22:50.0609 1316 odserv - ok
09:22:50.0671 1316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:22:50.0671 1316 ose - ok
09:22:50.0750 1316 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
09:22:50.0750 1316 Parport - ok
09:22:50.0812 1316 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:22:50.0812 1316 PartMgr - ok
09:22:50.0859 1316 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:22:50.0875 1316 ParVdm - ok
09:22:50.0921 1316 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:22:50.0921 1316 PCI - ok
09:22:50.0953 1316 PCIDump - ok
09:22:51.0015 1316 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:22:51.0015 1316 PCIIde - ok
09:22:51.0046 1316 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:22:51.0046 1316 Pcmcia - ok
09:22:51.0093 1316 PDCOMP - ok
09:22:51.0125 1316 PDFRAME - ok
09:22:51.0171 1316 PDRELI - ok
09:22:51.0203 1316 PDRFRAME - ok
09:22:51.0250 1316 perc2 - ok
09:22:51.0281 1316 perc2hib - ok
09:22:51.0421 1316 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
09:22:51.0437 1316 PlugPlay - ok
09:22:51.0484 1316 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
09:22:51.0484 1316 PolicyAgent - ok
09:22:51.0531 1316 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:22:51.0531 1316 PptpMiniport - ok
09:22:51.0578 1316 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
09:22:51.0578 1316 Processor - ok
09:22:51.0609 1316 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:22:51.0640 1316 ProtectedStorage - ok
09:22:51.0671 1316 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:22:51.0687 1316 PSched - ok
09:22:51.0765 1316 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:22:51.0765 1316 Ptilink - ok
09:22:51.0796 1316 ql1080 - ok
09:22:51.0828 1316 Ql10wnt - ok
09:22:51.0859 1316 ql12160 - ok
09:22:51.0921 1316 ql1240 - ok
09:22:51.0953 1316 ql1280 - ok
09:22:51.0984 1316 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:22:51.0984 1316 RasAcd - ok
09:22:52.0046 1316 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:22:52.0062 1316 RasAuto - ok
09:22:52.0093 1316 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:22:52.0093 1316 Rasl2tp - ok
09:22:52.0171 1316 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:22:52.0187 1316 RasMan - ok
09:22:52.0218 1316 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:22:52.0218 1316 RasPppoe - ok
09:22:52.0250 1316 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:22:52.0265 1316 Raspti - ok
09:22:52.0312 1316 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:22:52.0328 1316 Rdbss - ok
09:22:52.0359 1316 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:22:52.0359 1316 RDPCDD - ok
09:22:52.0468 1316 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:22:52.0468 1316 rdpdr - ok
09:22:52.0562 1316 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:22:52.0562 1316 RDPWD - ok
09:22:52.0625 1316 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:22:52.0640 1316 RDSessMgr - ok
09:22:52.0687 1316 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:22:52.0703 1316 redbook - ok
09:22:52.0765 1316 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:22:52.0765 1316 RemoteAccess - ok
09:22:52.0843 1316 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:22:52.0859 1316 RemoteRegistry - ok
09:22:52.0906 1316 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
09:22:52.0906 1316 RpcLocator - ok
09:22:52.0984 1316 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:22:53.0000 1316 RpcSs - ok
09:22:53.0062 1316 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
09:22:53.0078 1316 RSVP - ok
09:22:53.0156 1316 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
09:22:53.0156 1316 rtl8139 - ok
09:22:53.0203 1316 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
09:22:53.0203 1316 SamSs - ok
09:22:53.0296 1316 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:22:53.0296 1316 SCardSvr - ok
09:22:53.0375 1316 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:22:53.0390 1316 Schedule - ok
09:22:53.0437 1316 sdyueodb - ok
09:22:53.0515 1316 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:22:53.0515 1316 Secdrv - ok
09:22:53.0578 1316 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:22:53.0578 1316 seclogon - ok
09:22:53.0625 1316 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
09:22:53.0640 1316 SENS - ok
09:22:53.0687 1316 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
09:22:53.0687 1316 Serial - ok
09:22:53.0796 1316 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:22:53.0796 1316 Sfloppy - ok
09:22:53.0875 1316 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:22:53.0890 1316 SharedAccess - ok
09:22:53.0937 1316 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:22:53.0953 1316 ShellHWDetection - ok
09:22:53.0984 1316 Simbad - ok
09:22:54.0046 1316 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:22:54.0046 1316 SLIP - ok
09:22:54.0093 1316 Sparrow - ok
09:22:54.0156 1316 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:22:54.0171 1316 splitter - ok
09:22:54.0234 1316 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:22:54.0250 1316 Spooler - ok
09:22:54.0312 1316 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:22:54.0312 1316 sr - ok
09:22:54.0390 1316 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\System32\srsvc.dll
09:22:54.0406 1316 srservice - ok
09:22:54.0453 1316 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:22:54.0468 1316 SSDPSRV - ok
09:22:54.0562 1316 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:22:54.0593 1316 stisvc - ok
09:22:54.0656 1316 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:22:54.0656 1316 streamip - ok
09:22:54.0718 1316 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:22:54.0734 1316 swenum - ok
09:22:54.0796 1316 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:22:54.0812 1316 swmidi - ok
09:22:54.0859 1316 SwPrv - ok
09:22:54.0906 1316 symc810 - ok
09:22:54.0937 1316 symc8xx - ok
09:22:54.0984 1316 sym_hi - ok
09:22:55.0015 1316 sym_u3 - ok
09:22:55.0062 1316 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:22:55.0062 1316 sysaudio - ok
09:22:55.0140 1316 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:22:55.0140 1316 SysmonLog - ok
09:22:55.0203 1316 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:22:55.0218 1316 TapiSrv - ok
09:22:55.0296 1316 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:22:55.0312 1316 Tcpip - ok
09:22:55.0359 1316 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:22:55.0375 1316 TDPIPE - ok
09:22:55.0421 1316 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:22:55.0421 1316 TDTCP - ok
09:22:55.0484 1316 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:22:55.0484 1316 TermDD - ok
09:22:55.0562 1316 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
09:22:55.0578 1316 TermService - ok
09:22:55.0656 1316 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
09:22:55.0671 1316 Themes - ok
09:22:55.0734 1316 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
09:22:55.0750 1316 TlntSvr - ok
09:22:55.0781 1316 TosIde - ok
09:22:55.0859 1316 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:22:55.0875 1316 TrkWks - ok
09:22:55.0921 1316 tvmgeorz - ok
09:22:55.0984 1316 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:22:55.0984 1316 Udfs - ok
09:22:56.0015 1316 UIUSys - ok
09:22:56.0046 1316 ultra - ok
09:22:56.0109 1316 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
09:22:56.0140 1316 upnphost - ok
09:22:56.0187 1316 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
09:22:56.0203 1316 UPS - ok
09:22:56.0265 1316 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:22:56.0265 1316 usbaudio - ok
09:22:56.0328 1316 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:22:56.0328 1316 usbccgp - ok
09:22:56.0406 1316 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:22:56.0406 1316 usbehci - ok
09:22:56.0484 1316 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:22:56.0484 1316 usbhub - ok
09:22:56.0515 1316 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:22:56.0531 1316 usbohci - ok
09:22:56.0593 1316 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:22:56.0593 1316 usbprint - ok
09:22:56.0671 1316 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:22:56.0671 1316 usbscan - ok
09:22:56.0718 1316 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:22:56.0718 1316 USBSTOR - ok
09:22:56.0750 1316 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
09:22:56.0765 1316 usbvideo - ok
09:22:56.0828 1316 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:22:56.0828 1316 VgaSave - ok
09:22:56.0859 1316 ViaIde - ok
09:22:56.0906 1316 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:22:56.0921 1316 VolSnap - ok
09:22:57.0000 1316 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
09:22:57.0015 1316 VSS - ok
09:22:57.0078 1316 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\System32\w32time.dll
09:22:57.0093 1316 W32Time - ok
09:22:57.0125 1316 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:22:57.0140 1316 Wanarp - ok
09:22:57.0218 1316 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:22:57.0234 1316 Wdf01000 - ok
09:22:57.0265 1316 WDICA - ok
09:22:57.0343 1316 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:22:57.0343 1316 wdmaud - ok
09:22:57.0390 1316 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:22:57.0390 1316 WebClient - ok
09:22:57.0531 1316 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:22:57.0531 1316 winmgmt - ok
09:22:57.0734 1316 [ F23615D2E51E56DC89D73DCA16143FCB ] WinPhlash C:\DOCUME~1\AS\LOCALS~1\Temp\WZSE2.TMP\PHLASHNT.SYS
09:22:57.0734 1316 WinPhlash - ok
09:22:57.0843 1316 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:22:57.0859 1316 WmdmPmSN - ok
09:22:57.0953 1316 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:22:57.0968 1316 Wmi - ok
09:22:58.0031 1316 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
09:22:58.0046 1316 WmiApSrv - ok
09:22:58.0093 1316 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:22:58.0093 1316 WpdUsb - ok
09:22:58.0187 1316 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:22:58.0203 1316 wscsvc - ok
09:22:58.0281 1316 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:22:58.0281 1316 WSTCODEC - ok
09:22:58.0328 1316 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:22:58.0343 1316 wuauserv - ok
09:22:58.0406 1316 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:22:58.0421 1316 WudfPf - ok
09:22:58.0484 1316 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:22:58.0484 1316 WudfRd - ok
09:22:58.0531 1316 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:22:58.0546 1316 WudfSvc - ok
09:22:58.0640 1316 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:22:58.0656 1316 WZCSVC - ok
09:22:58.0718 1316 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:22:58.0734 1316 xmlprov - ok
09:22:58.0781 1316 zbrxkymm - ok
09:22:58.0828 1316 ================ Scan global ===============================
09:22:58.0875 1316 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
09:22:58.0953 1316 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
09:22:59.0000 1316 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
09:22:59.0046 1316 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
09:22:59.0046 1316 [Global] - ok
09:22:59.0062 1316 ================ Scan MBR ==================================
09:22:59.0093 1316 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
09:22:59.0312 1316 \Device\Harddisk0\DR0 - ok
09:22:59.0328 1316 ================ Scan VBR ==================================
09:22:59.0343 1316 [ EFB49022F2A3E8EA70F711E9D4A8C7B8 ] \Device\Harddisk0\DR0\Partition1
09:22:59.0343 1316 \Device\Harddisk0\DR0\Partition1 - ok
09:22:59.0390 1316 [ 5E2401308D2AA52A5C0B5A4F163475B7 ] \Device\Harddisk0\DR0\Partition2
09:22:59.0390 1316 \Device\Harddisk0\DR0\Partition2 - ok
09:22:59.0406 1316 ============================================================
09:22:59.0406 1316 Scan finished
09:22:59.0406 1316 ============================================================
09:22:59.0468 4020 Detected object count: 0
09:22:59.0468 4020 Actual detected object count: 0
09:23:17.0390 1424 Deinitialize success
ComboFix 13-05-23.02 - AS 24.05.2013 9:49.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.446.140 [GMT 2:00]
Spuštěný z: c:\documents and settings\AS\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\AS\Recent\Thumbs.db
c:\windows\IsUn0405.exe
c:\windows\msmqinst.log
c:\windows\system32\ctfmon(2).exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\SET68.tmp
c:\windows\system32\SET6D.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SETBC.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-24 do 2013-05-24 )))))))))))))))))))))))))))))))
.
.
2013-05-23 13:42 . 2013-05-23 13:42 -------- d-----w- c:\documents and settings\AS\Data aplikací\Malwarebytes
2013-05-23 13:42 . 2013-05-23 13:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-05-23 13:42 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-23 13:42 . 2013-05-23 13:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-22 18:07 . 2013-05-22 18:07 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-15 07:43 . 2013-05-15 07:43 -------- d-----w- c:\documents and settings\NetworkService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-16 22:26 . 2002-09-20 16:05 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2002-09-20 16:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2002-09-20 16:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2010-03-20 13:54 385024 ----a-w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2002-09-20 15:41 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-12 23:06 . 2012-04-03 17:59 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-12 23:06 . 2012-02-14 17:03 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-08 08:36 . 2002-09-20 16:05 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2002-09-20 17:12 2072192 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-07 15:56 . 2002-09-20 15:12 2195584 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-06 23:33 . 2013-03-18 12:59 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-18 12:59 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2012-11-20 15:58 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-11-20 15:57 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2012-11-20 15:57 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-11-20 15:57 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-03-18 12:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2012-11-20 15:58 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2012-11-20 15:56 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-11-20 15:56 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-02 02:08 . 2002-09-20 16:05 916480 ----a-w- c:\windows\system32\wininet(5).dll
2013-03-02 02:08 . 2002-09-20 16:04 1212928 ----a-w- c:\windows\system32\urlmon(5).dll
2013-03-02 02:08 . 2002-09-20 16:04 105984 ----a-w- c:\windows\system32\url(3).dll
2013-02-27 07:58 . 2010-03-20 13:31 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2004-12-29 65536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ACU"="c:\program files\Atheros\ACU.exe" [2005-12-08 323584]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-02 2508104]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [18.3.2013 14:59 49248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20.11.2012 17:57 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.11.2012 17:58 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.11.2012 17:58 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [18.3.2013 14:59 66336]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [23.5.2013 15:42 701512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [23.5.2013 15:42 22856]
S2 dgyreeeaeue;Websense CPM Report Scheduler;c:\windows\system32\boovecessa.exe --> c:\windows\system32\boovecessa.exe [?]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [18.3.2013 14:59 164736]
S3 dogmidnr;dogmidnr;\??\c:\windows\System32\Drivers\dogmidnr.sys --> c:\windows\System32\Drivers\dogmidnr.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [25.3.2010 8:34 23456]
S3 sdyueodb;sdyueodb;\??\c:\windows\System32\Drivers\sdyueodb.sys --> c:\windows\System32\Drivers\sdyueodb.sys [?]
S3 tvmgeorz;tvmgeorz;\??\c:\windows\System32\Drivers\tvmgeorz.sys --> c:\windows\System32\Drivers\tvmgeorz.sys [?]
S3 WinPhlash;WinPhlash;\??\c:\docume~1\AS\LOCALS~1\Temp\WZSE2.TMP\PHLASHNT.SYS --> c:\docume~1\AS\LOCALS~1\Temp\WZSE2.TMP\PHLASHNT.SYS [?]
S3 zbrxkymm;zbrxkymm;\??\c:\windows\System32\Drivers\zbrxkymm.sys --> c:\windows\System32\Drivers\zbrxkymm.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 11:51 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 23:06]
.
2013-05-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-11-20 23:32]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-10 15:40]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-10 15:40]
.
2013-05-24 c:\windows\Tasks\User_Feed_Synchronization-{BD32C459-F16F-4B4E-AAE1-EA1EB173B4C4}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12454
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.34.27 79.98.152.2
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-avgrsstarter - avgrsstx.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-24 10:04
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-05-24 10:07:43
ComboFix-quarantined-files.txt 2013-05-24 08:07
.
Před spuštěním: Volných bajtů: 11 834 433 536
Po spuštění: Volných bajtů: 16 000 466 944
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 151D760BB93A978669AD74F3131B7216
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : AS [Práva správce]
Mód : Odebrat -- Datum : 05/24/2013 09:20:38
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\szninstall.exe" -c) [7] -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\AS\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK6032GSX +++++
--- User ---
[MBR] 6daac32b66c6a1878a546e79edfe3710
[BSP] 64a841b53d94422c55c2b3fd4f98b52f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 30000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61440120 | Size: 27231 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[4]_D_05242013_02d0920.txt >>
RKreport[1]_S_05242013_02d0759.txt ; RKreport[2]_S_05242013_02d0803.txt ; RKreport[3]_S_05242013_02d0919.txt ; RKreport[4]_D_05242013_02d0920.txt
09:22:30.0218 2356 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:22:30.0468 2356 ============================================================
09:22:30.0468 2356 Current date / time: 2013/05/24 09:22:30.0468
09:22:30.0468 2356 SystemInfo:
09:22:30.0468 2356
09:22:30.0468 2356 OS Version: 5.1.2600 ServicePack: 3.0
09:22:30.0468 2356 Product type: Workstation
09:22:30.0468 2356 ComputerName: SATELLITE
09:22:30.0468 2356 UserName: AS
09:22:30.0468 2356 Windows directory: C:\WINDOWS
09:22:30.0468 2356 System windows directory: C:\WINDOWS
09:22:30.0468 2356 Processor architecture: Intel x86
09:22:30.0468 2356 Number of processors: 1
09:22:30.0468 2356 Page size: 0x1000
09:22:30.0468 2356 Boot type: Normal boot
09:22:30.0468 2356 ============================================================
09:22:32.0656 2356 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1E480, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF, Type 'K0', Flags 0x00000054
09:22:32.0656 2356 ============================================================
09:22:32.0656 2356 \Device\Harddisk0\DR0:
09:22:32.0656 2356 MBR partitions:
09:22:32.0656 2356 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A98039
09:22:32.0687 2356 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A980B7, BlocksNum 0x352F818
09:22:32.0687 2356 ============================================================
09:22:32.0718 2356 C: <-> \Device\Harddisk0\DR0\Partition1
09:22:32.0734 2356 D: <-> \Device\Harddisk0\DR0\Partition2
09:22:32.0750 2356 ============================================================
09:22:32.0750 2356 Initialize success
09:22:32.0750 2356 ============================================================
09:22:38.0187 1316 ============================================================
09:22:38.0187 1316 Scan started
09:22:38.0187 1316 Mode: Manual;
09:22:38.0187 1316 ============================================================
09:22:38.0609 1316 ================ Scan system memory ========================
09:22:38.0640 1316 System memory - ok
09:22:38.0656 1316 ================ Scan services =============================
09:22:38.0875 1316 Abiosdsk - ok
09:22:38.0921 1316 abp480n5 - ok
09:22:39.0000 1316 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:22:39.0000 1316 ACPI - ok
09:22:39.0062 1316 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:22:39.0062 1316 ACPIEC - ok
09:22:39.0125 1316 [ 552CF8B82150C0E70D5B017F32EFA067 ] ACS C:\WINDOWS\system32\acs.exe
09:22:39.0156 1316 ACS - ok
09:22:39.0281 1316 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:22:39.0281 1316 AdobeFlashPlayerUpdateSvc - ok
09:22:39.0312 1316 adpu160m - ok
09:22:39.0406 1316 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:22:39.0406 1316 aec - ok
09:22:39.0453 1316 [ ACCD563BF09C4659B54143FDE633B57D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:22:39.0453 1316 AegisP - ok
09:22:39.0531 1316 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:22:39.0531 1316 AFD - ok
09:22:39.0562 1316 Aha154x - ok
09:22:39.0609 1316 aic78u2 - ok
09:22:39.0640 1316 aic78xx - ok
09:22:39.0703 1316 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:22:39.0703 1316 Alerter - ok
09:22:39.0750 1316 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
09:22:39.0750 1316 ALG - ok
09:22:39.0796 1316 AliIde - ok
09:22:39.0828 1316 amsint - ok
09:22:39.0890 1316 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:22:39.0906 1316 AppMgmt - ok
09:22:39.0937 1316 asc - ok
09:22:39.0984 1316 asc3350p - ok
09:22:40.0015 1316 asc3550 - ok
09:22:40.0203 1316 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:22:40.0265 1316 aspnet_state - ok
09:22:40.0343 1316 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:22:40.0343 1316 aswFsBlk - ok
09:22:40.0421 1316 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
09:22:40.0421 1316 aswMonFlt - ok
09:22:40.0500 1316 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
09:22:40.0500 1316 AswRdr - ok
09:22:40.0546 1316 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
09:22:40.0562 1316 aswRvrt - ok
09:22:40.0640 1316 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
09:22:40.0656 1316 aswSnx - ok
09:22:40.0718 1316 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
09:22:40.0750 1316 aswSP - ok
09:22:40.0781 1316 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
09:22:40.0781 1316 aswTdi - ok
09:22:40.0843 1316 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
09:22:40.0843 1316 aswVmm - ok
09:22:40.0906 1316 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:22:40.0906 1316 AsyncMac - ok
09:22:40.0953 1316 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:22:40.0953 1316 atapi - ok
09:22:40.0984 1316 Atdisk - ok
09:22:41.0046 1316 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:22:41.0046 1316 Atmarpc - ok
09:22:41.0109 1316 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:22:41.0109 1316 AudioSrv - ok
09:22:41.0171 1316 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:22:41.0171 1316 audstub - ok
09:22:41.0328 1316 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:22:41.0328 1316 avast! Antivirus - ok
09:22:41.0421 1316 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:22:41.0421 1316 Beep - ok
09:22:41.0500 1316 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
09:22:41.0562 1316 BITS - ok
09:22:41.0625 1316 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
09:22:41.0625 1316 Browser - ok
09:22:41.0687 1316 [ CCE1F3C7C8E7383B90372229454999CF ] CAMCAUD C:\WINDOWS\system32\drivers\camc6aud.sys
09:22:41.0687 1316 CAMCAUD - ok
09:22:41.0750 1316 [ 9A3BBDE74DAB737EFA82DE7EF4B40BEA ] CAMCHALA C:\WINDOWS\system32\drivers\camc6hal.sys
09:22:41.0750 1316 CAMCHALA - ok
09:22:41.0828 1316 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:22:41.0828 1316 cbidf2k - ok
09:22:41.0890 1316 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:22:41.0890 1316 CCDECODE - ok
09:22:41.0921 1316 cd20xrnt - ok
09:22:41.0968 1316 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:22:41.0984 1316 Cdaudio - ok
09:22:42.0062 1316 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:22:42.0062 1316 Cdfs - ok
09:22:42.0125 1316 [ 1F4260CC5B42272D71F79E570A27A4FE ] cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:22:42.0140 1316 cdrom - ok
09:22:42.0171 1316 Changer - ok
09:22:42.0234 1316 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:22:42.0234 1316 CiSvc - ok
09:22:42.0281 1316 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:22:42.0281 1316 ClipSrv - ok
09:22:42.0359 1316 [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:22:42.0453 1316 clr_optimization_v2.0.50727_32 - ok
09:22:42.0515 1316 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:22:42.0515 1316 CmBatt - ok
09:22:42.0546 1316 CmdIde - ok
09:22:42.0593 1316 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:22:42.0609 1316 Compbatt - ok
09:22:42.0640 1316 COMSysApp - ok
09:22:42.0703 1316 Cpqarray - ok
09:22:42.0781 1316 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:22:42.0781 1316 CryptSvc - ok
09:22:42.0812 1316 dac2w2k - ok
09:22:42.0875 1316 dac960nt - ok
09:22:42.0968 1316 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:22:43.0015 1316 DcomLaunch - ok
09:22:43.0046 1316 dgyreeeaeue - ok
09:22:43.0125 1316 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:22:43.0125 1316 Dhcp - ok
09:22:43.0218 1316 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:22:43.0218 1316 Disk - ok
09:22:43.0250 1316 dmadmin - ok
09:22:43.0328 1316 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:22:43.0343 1316 dmboot - ok
09:22:43.0406 1316 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:22:43.0406 1316 dmio - ok
09:22:43.0453 1316 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:22:43.0453 1316 dmload - ok
09:22:43.0531 1316 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:22:43.0531 1316 dmserver - ok
09:22:43.0593 1316 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:22:43.0593 1316 DMusic - ok
09:22:43.0671 1316 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:22:43.0671 1316 Dnscache - ok
09:22:43.0718 1316 dogmidnr - ok
09:22:43.0781 1316 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:22:43.0781 1316 Dot3svc - ok
09:22:43.0812 1316 dpti2o - ok
09:22:43.0859 1316 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:22:43.0859 1316 drmkaud - ok
09:22:43.0921 1316 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
09:22:43.0921 1316 DrvAgent32 - ok
09:22:43.0984 1316 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:22:43.0984 1316 EapHost - ok
09:22:44.0046 1316 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:22:44.0046 1316 ERSvc - ok
09:22:44.0140 1316 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
09:22:44.0171 1316 Eventlog - ok
09:22:44.0250 1316 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
09:22:44.0265 1316 EventSystem - ok
09:22:44.0312 1316 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:22:44.0312 1316 Fastfat - ok
09:22:44.0406 1316 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:22:44.0437 1316 FastUserSwitchingCompatibility - ok
09:22:44.0500 1316 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:22:44.0500 1316 Fdc - ok
09:22:44.0578 1316 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:22:44.0578 1316 Fips - ok
09:22:44.0609 1316 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:22:44.0625 1316 Flpydisk - ok
09:22:44.0718 1316 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:22:44.0718 1316 FltMgr - ok
09:22:44.0796 1316 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:22:44.0796 1316 FontCache3.0.0.0 - ok
09:22:44.0843 1316 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:22:44.0843 1316 Fs_Rec - ok
09:22:44.0937 1316 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:22:44.0937 1316 Ftdisk - ok
09:22:44.0984 1316 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:22:44.0984 1316 Gpc - ok
09:22:45.0078 1316 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:22:45.0078 1316 gupdate - ok
09:22:45.0125 1316 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:22:45.0125 1316 gupdatem - ok
09:22:45.0234 1316 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:22:45.0234 1316 helpsvc - ok
09:22:45.0296 1316 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:22:45.0296 1316 HidServ - ok
09:22:45.0343 1316 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:22:45.0343 1316 hidusb - ok
09:22:45.0468 1316 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:22:45.0468 1316 hkmsvc - ok
09:22:45.0500 1316 hpn - ok
09:22:45.0578 1316 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:22:45.0578 1316 HTTP - ok
09:22:45.0640 1316 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:22:45.0687 1316 HTTPFilter - ok
09:22:45.0718 1316 i2omgmt - ok
09:22:45.0750 1316 i2omp - ok
09:22:45.0812 1316 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:22:45.0812 1316 i8042prt - ok
09:22:45.0937 1316 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:22:45.0968 1316 idsvc - ok
09:22:46.0031 1316 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:22:46.0031 1316 Imapi - ok
09:22:46.0109 1316 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\System32\imapi.exe
09:22:46.0109 1316 ImapiService - ok
09:22:46.0156 1316 ini910u - ok
09:22:46.0234 1316 IntelIde - ok
09:22:46.0296 1316 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:22:46.0296 1316 intelppm - ok
09:22:46.0375 1316 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:22:46.0375 1316 ip6fw - ok
09:22:46.0468 1316 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:22:46.0468 1316 IpFilterDriver - ok
09:22:46.0531 1316 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:22:46.0531 1316 IpInIp - ok
09:22:46.0578 1316 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:22:46.0578 1316 IpNat - ok
09:22:46.0656 1316 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:22:46.0656 1316 IPSec - ok
09:22:46.0703 1316 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:22:46.0718 1316 IRENUM - ok
09:22:46.0781 1316 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:22:46.0781 1316 isapnp - ok
09:22:46.0843 1316 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:22:46.0859 1316 Kbdclass - ok
09:22:46.0890 1316 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:22:46.0906 1316 kbdhid - ok
09:22:46.0953 1316 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:22:46.0953 1316 kmixer - ok
09:22:47.0015 1316 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:22:47.0015 1316 KSecDD - ok
09:22:47.0109 1316 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:22:47.0125 1316 lanmanserver - ok
09:22:47.0203 1316 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:22:47.0281 1316 lanmanworkstation - ok
09:22:47.0312 1316 lbrtfdc - ok
09:22:47.0406 1316 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:22:47.0406 1316 LmHosts - ok
09:22:47.0515 1316 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
09:22:47.0515 1316 MBAMProtector - ok
09:22:47.0625 1316 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:22:47.0625 1316 MBAMScheduler - ok
09:22:47.0703 1316 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:22:47.0718 1316 MBAMService - ok
09:22:47.0765 1316 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:22:47.0765 1316 Messenger - ok
09:22:47.0843 1316 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:22:47.0843 1316 mnmdd - ok
09:22:47.0921 1316 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
09:22:47.0921 1316 mnmsrvc - ok
09:22:48.0000 1316 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:22:48.0000 1316 Modem - ok
09:22:48.0046 1316 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:22:48.0046 1316 Mouclass - ok
09:22:48.0093 1316 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:22:48.0093 1316 mouhid - ok
09:22:48.0140 1316 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:22:48.0140 1316 MountMgr - ok
09:22:48.0171 1316 mraid35x - ok
09:22:48.0218 1316 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:22:48.0218 1316 MRxDAV - ok
09:22:48.0296 1316 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:22:48.0312 1316 MRxSmb - ok
09:22:48.0359 1316 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:22:48.0359 1316 MSDTC - ok
09:22:48.0421 1316 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:22:48.0421 1316 Msfs - ok
09:22:48.0453 1316 MSIServer - ok
09:22:48.0531 1316 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:22:48.0531 1316 MSKSSRV - ok
09:22:48.0593 1316 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:22:48.0593 1316 MSPCLOCK - ok
09:22:48.0625 1316 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:22:48.0640 1316 MSPQM - ok
09:22:48.0703 1316 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:22:48.0703 1316 mssmbios - ok
09:22:48.0750 1316 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:22:48.0750 1316 MSTEE - ok
09:22:48.0812 1316 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:22:48.0812 1316 Mup - ok
09:22:48.0875 1316 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:22:48.0875 1316 NABTSFEC - ok
09:22:48.0968 1316 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:22:48.0984 1316 napagent - ok
09:22:49.0078 1316 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:22:49.0078 1316 NDIS - ok
09:22:49.0140 1316 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:22:49.0140 1316 NdisIP - ok
09:22:49.0218 1316 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:22:49.0218 1316 NdisTapi - ok
09:22:49.0281 1316 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:22:49.0281 1316 Ndisuio - ok
09:22:49.0343 1316 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:22:49.0343 1316 NdisWan - ok
09:22:49.0421 1316 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:22:49.0421 1316 NDProxy - ok
09:22:49.0468 1316 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:22:49.0468 1316 NetBIOS - ok
09:22:49.0515 1316 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:22:49.0531 1316 NetBT - ok
09:22:49.0609 1316 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
09:22:49.0625 1316 NetDDE - ok
09:22:49.0656 1316 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:22:49.0671 1316 NetDDEdsdm - ok
09:22:49.0734 1316 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\System32\lsass.exe
09:22:49.0750 1316 Netlogon - ok
09:22:49.0796 1316 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
09:22:49.0796 1316 Netman - ok
09:22:49.0890 1316 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:22:49.0890 1316 NetTcpPortSharing - ok
09:22:49.0968 1316 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
09:22:49.0984 1316 Nla - ok
09:22:50.0031 1316 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:22:50.0031 1316 Npfs - ok
09:22:50.0109 1316 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:22:50.0109 1316 Ntfs - ok
09:22:50.0140 1316 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
09:22:50.0156 1316 NtLmSsp - ok
09:22:50.0250 1316 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:22:50.0265 1316 NtmsSvc - ok
09:22:50.0312 1316 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:22:50.0312 1316 Null - ok
09:22:50.0406 1316 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:22:50.0406 1316 NwlnkFlt - ok
09:22:50.0484 1316 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:22:50.0484 1316 NwlnkFwd - ok
09:22:50.0609 1316 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:22:50.0609 1316 odserv - ok
09:22:50.0671 1316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:22:50.0671 1316 ose - ok
09:22:50.0750 1316 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
09:22:50.0750 1316 Parport - ok
09:22:50.0812 1316 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:22:50.0812 1316 PartMgr - ok
09:22:50.0859 1316 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:22:50.0875 1316 ParVdm - ok
09:22:50.0921 1316 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:22:50.0921 1316 PCI - ok
09:22:50.0953 1316 PCIDump - ok
09:22:51.0015 1316 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:22:51.0015 1316 PCIIde - ok
09:22:51.0046 1316 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:22:51.0046 1316 Pcmcia - ok
09:22:51.0093 1316 PDCOMP - ok
09:22:51.0125 1316 PDFRAME - ok
09:22:51.0171 1316 PDRELI - ok
09:22:51.0203 1316 PDRFRAME - ok
09:22:51.0250 1316 perc2 - ok
09:22:51.0281 1316 perc2hib - ok
09:22:51.0421 1316 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
09:22:51.0437 1316 PlugPlay - ok
09:22:51.0484 1316 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
09:22:51.0484 1316 PolicyAgent - ok
09:22:51.0531 1316 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:22:51.0531 1316 PptpMiniport - ok
09:22:51.0578 1316 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
09:22:51.0578 1316 Processor - ok
09:22:51.0609 1316 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:22:51.0640 1316 ProtectedStorage - ok
09:22:51.0671 1316 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:22:51.0687 1316 PSched - ok
09:22:51.0765 1316 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:22:51.0765 1316 Ptilink - ok
09:22:51.0796 1316 ql1080 - ok
09:22:51.0828 1316 Ql10wnt - ok
09:22:51.0859 1316 ql12160 - ok
09:22:51.0921 1316 ql1240 - ok
09:22:51.0953 1316 ql1280 - ok
09:22:51.0984 1316 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:22:51.0984 1316 RasAcd - ok
09:22:52.0046 1316 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:22:52.0062 1316 RasAuto - ok
09:22:52.0093 1316 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:22:52.0093 1316 Rasl2tp - ok
09:22:52.0171 1316 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:22:52.0187 1316 RasMan - ok
09:22:52.0218 1316 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:22:52.0218 1316 RasPppoe - ok
09:22:52.0250 1316 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:22:52.0265 1316 Raspti - ok
09:22:52.0312 1316 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:22:52.0328 1316 Rdbss - ok
09:22:52.0359 1316 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:22:52.0359 1316 RDPCDD - ok
09:22:52.0468 1316 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:22:52.0468 1316 rdpdr - ok
09:22:52.0562 1316 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:22:52.0562 1316 RDPWD - ok
09:22:52.0625 1316 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:22:52.0640 1316 RDSessMgr - ok
09:22:52.0687 1316 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:22:52.0703 1316 redbook - ok
09:22:52.0765 1316 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:22:52.0765 1316 RemoteAccess - ok
09:22:52.0843 1316 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:22:52.0859 1316 RemoteRegistry - ok
09:22:52.0906 1316 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
09:22:52.0906 1316 RpcLocator - ok
09:22:52.0984 1316 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:22:53.0000 1316 RpcSs - ok
09:22:53.0062 1316 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
09:22:53.0078 1316 RSVP - ok
09:22:53.0156 1316 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
09:22:53.0156 1316 rtl8139 - ok
09:22:53.0203 1316 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
09:22:53.0203 1316 SamSs - ok
09:22:53.0296 1316 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:22:53.0296 1316 SCardSvr - ok
09:22:53.0375 1316 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:22:53.0390 1316 Schedule - ok
09:22:53.0437 1316 sdyueodb - ok
09:22:53.0515 1316 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:22:53.0515 1316 Secdrv - ok
09:22:53.0578 1316 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:22:53.0578 1316 seclogon - ok
09:22:53.0625 1316 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
09:22:53.0640 1316 SENS - ok
09:22:53.0687 1316 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
09:22:53.0687 1316 Serial - ok
09:22:53.0796 1316 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:22:53.0796 1316 Sfloppy - ok
09:22:53.0875 1316 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:22:53.0890 1316 SharedAccess - ok
09:22:53.0937 1316 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:22:53.0953 1316 ShellHWDetection - ok
09:22:53.0984 1316 Simbad - ok
09:22:54.0046 1316 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:22:54.0046 1316 SLIP - ok
09:22:54.0093 1316 Sparrow - ok
09:22:54.0156 1316 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:22:54.0171 1316 splitter - ok
09:22:54.0234 1316 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:22:54.0250 1316 Spooler - ok
09:22:54.0312 1316 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:22:54.0312 1316 sr - ok
09:22:54.0390 1316 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\System32\srsvc.dll
09:22:54.0406 1316 srservice - ok
09:22:54.0453 1316 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:22:54.0468 1316 SSDPSRV - ok
09:22:54.0562 1316 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:22:54.0593 1316 stisvc - ok
09:22:54.0656 1316 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:22:54.0656 1316 streamip - ok
09:22:54.0718 1316 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:22:54.0734 1316 swenum - ok
09:22:54.0796 1316 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:22:54.0812 1316 swmidi - ok
09:22:54.0859 1316 SwPrv - ok
09:22:54.0906 1316 symc810 - ok
09:22:54.0937 1316 symc8xx - ok
09:22:54.0984 1316 sym_hi - ok
09:22:55.0015 1316 sym_u3 - ok
09:22:55.0062 1316 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:22:55.0062 1316 sysaudio - ok
09:22:55.0140 1316 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:22:55.0140 1316 SysmonLog - ok
09:22:55.0203 1316 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:22:55.0218 1316 TapiSrv - ok
09:22:55.0296 1316 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:22:55.0312 1316 Tcpip - ok
09:22:55.0359 1316 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:22:55.0375 1316 TDPIPE - ok
09:22:55.0421 1316 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:22:55.0421 1316 TDTCP - ok
09:22:55.0484 1316 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:22:55.0484 1316 TermDD - ok
09:22:55.0562 1316 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
09:22:55.0578 1316 TermService - ok
09:22:55.0656 1316 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
09:22:55.0671 1316 Themes - ok
09:22:55.0734 1316 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
09:22:55.0750 1316 TlntSvr - ok
09:22:55.0781 1316 TosIde - ok
09:22:55.0859 1316 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:22:55.0875 1316 TrkWks - ok
09:22:55.0921 1316 tvmgeorz - ok
09:22:55.0984 1316 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:22:55.0984 1316 Udfs - ok
09:22:56.0015 1316 UIUSys - ok
09:22:56.0046 1316 ultra - ok
09:22:56.0109 1316 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
09:22:56.0140 1316 upnphost - ok
09:22:56.0187 1316 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
09:22:56.0203 1316 UPS - ok
09:22:56.0265 1316 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:22:56.0265 1316 usbaudio - ok
09:22:56.0328 1316 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:22:56.0328 1316 usbccgp - ok
09:22:56.0406 1316 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:22:56.0406 1316 usbehci - ok
09:22:56.0484 1316 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:22:56.0484 1316 usbhub - ok
09:22:56.0515 1316 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:22:56.0531 1316 usbohci - ok
09:22:56.0593 1316 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:22:56.0593 1316 usbprint - ok
09:22:56.0671 1316 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:22:56.0671 1316 usbscan - ok
09:22:56.0718 1316 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:22:56.0718 1316 USBSTOR - ok
09:22:56.0750 1316 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
09:22:56.0765 1316 usbvideo - ok
09:22:56.0828 1316 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:22:56.0828 1316 VgaSave - ok
09:22:56.0859 1316 ViaIde - ok
09:22:56.0906 1316 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:22:56.0921 1316 VolSnap - ok
09:22:57.0000 1316 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
09:22:57.0015 1316 VSS - ok
09:22:57.0078 1316 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\System32\w32time.dll
09:22:57.0093 1316 W32Time - ok
09:22:57.0125 1316 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:22:57.0140 1316 Wanarp - ok
09:22:57.0218 1316 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:22:57.0234 1316 Wdf01000 - ok
09:22:57.0265 1316 WDICA - ok
09:22:57.0343 1316 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:22:57.0343 1316 wdmaud - ok
09:22:57.0390 1316 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:22:57.0390 1316 WebClient - ok
09:22:57.0531 1316 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:22:57.0531 1316 winmgmt - ok
09:22:57.0734 1316 [ F23615D2E51E56DC89D73DCA16143FCB ] WinPhlash C:\DOCUME~1\AS\LOCALS~1\Temp\WZSE2.TMP\PHLASHNT.SYS
09:22:57.0734 1316 WinPhlash - ok
09:22:57.0843 1316 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:22:57.0859 1316 WmdmPmSN - ok
09:22:57.0953 1316 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:22:57.0968 1316 Wmi - ok
09:22:58.0031 1316 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
09:22:58.0046 1316 WmiApSrv - ok
09:22:58.0093 1316 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:22:58.0093 1316 WpdUsb - ok
09:22:58.0187 1316 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:22:58.0203 1316 wscsvc - ok
09:22:58.0281 1316 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:22:58.0281 1316 WSTCODEC - ok
09:22:58.0328 1316 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:22:58.0343 1316 wuauserv - ok
09:22:58.0406 1316 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:22:58.0421 1316 WudfPf - ok
09:22:58.0484 1316 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:22:58.0484 1316 WudfRd - ok
09:22:58.0531 1316 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:22:58.0546 1316 WudfSvc - ok
09:22:58.0640 1316 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:22:58.0656 1316 WZCSVC - ok
09:22:58.0718 1316 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:22:58.0734 1316 xmlprov - ok
09:22:58.0781 1316 zbrxkymm - ok
09:22:58.0828 1316 ================ Scan global ===============================
09:22:58.0875 1316 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
09:22:58.0953 1316 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
09:22:59.0000 1316 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
09:22:59.0046 1316 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
09:22:59.0046 1316 [Global] - ok
09:22:59.0062 1316 ================ Scan MBR ==================================
09:22:59.0093 1316 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
09:22:59.0312 1316 \Device\Harddisk0\DR0 - ok
09:22:59.0328 1316 ================ Scan VBR ==================================
09:22:59.0343 1316 [ EFB49022F2A3E8EA70F711E9D4A8C7B8 ] \Device\Harddisk0\DR0\Partition1
09:22:59.0343 1316 \Device\Harddisk0\DR0\Partition1 - ok
09:22:59.0390 1316 [ 5E2401308D2AA52A5C0B5A4F163475B7 ] \Device\Harddisk0\DR0\Partition2
09:22:59.0390 1316 \Device\Harddisk0\DR0\Partition2 - ok
09:22:59.0406 1316 ============================================================
09:22:59.0406 1316 Scan finished
09:22:59.0406 1316 ============================================================
09:22:59.0468 4020 Detected object count: 0
09:22:59.0468 4020 Actual detected object count: 0
09:23:17.0390 1424 Deinitialize success
ComboFix 13-05-23.02 - AS 24.05.2013 9:49.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.446.140 [GMT 2:00]
Spuštěný z: c:\documents and settings\AS\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\AS\Recent\Thumbs.db
c:\windows\IsUn0405.exe
c:\windows\msmqinst.log
c:\windows\system32\ctfmon(2).exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\SET68.tmp
c:\windows\system32\SET6D.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SETBC.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-24 do 2013-05-24 )))))))))))))))))))))))))))))))
.
.
2013-05-23 13:42 . 2013-05-23 13:42 -------- d-----w- c:\documents and settings\AS\Data aplikací\Malwarebytes
2013-05-23 13:42 . 2013-05-23 13:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-05-23 13:42 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-23 13:42 . 2013-05-23 13:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-22 18:07 . 2013-05-22 18:07 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-15 07:43 . 2013-05-15 07:43 -------- d-----w- c:\documents and settings\NetworkService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-16 22:26 . 2002-09-20 16:05 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2002-09-20 16:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2002-09-20 16:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2010-03-20 13:54 385024 ----a-w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2002-09-20 15:41 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-12 23:06 . 2012-04-03 17:59 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-12 23:06 . 2012-02-14 17:03 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-08 08:36 . 2002-09-20 16:05 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2002-09-20 17:12 2072192 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-07 15:56 . 2002-09-20 15:12 2195584 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-06 23:33 . 2013-03-18 12:59 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-18 12:59 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2012-11-20 15:58 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-11-20 15:57 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2012-11-20 15:57 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-11-20 15:57 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-03-18 12:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2012-11-20 15:58 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2012-11-20 15:56 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-11-20 15:56 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-02 02:08 . 2002-09-20 16:05 916480 ----a-w- c:\windows\system32\wininet(5).dll
2013-03-02 02:08 . 2002-09-20 16:04 1212928 ----a-w- c:\windows\system32\urlmon(5).dll
2013-03-02 02:08 . 2002-09-20 16:04 105984 ----a-w- c:\windows\system32\url(3).dll
2013-02-27 07:58 . 2010-03-20 13:31 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2004-12-29 65536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ACU"="c:\program files\Atheros\ACU.exe" [2005-12-08 323584]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-02 2508104]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [18.3.2013 14:59 49248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20.11.2012 17:57 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.11.2012 17:58 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.11.2012 17:58 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [18.3.2013 14:59 66336]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [23.5.2013 15:42 701512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [23.5.2013 15:42 22856]
S2 dgyreeeaeue;Websense CPM Report Scheduler;c:\windows\system32\boovecessa.exe --> c:\windows\system32\boovecessa.exe [?]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [18.3.2013 14:59 164736]
S3 dogmidnr;dogmidnr;\??\c:\windows\System32\Drivers\dogmidnr.sys --> c:\windows\System32\Drivers\dogmidnr.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [25.3.2010 8:34 23456]
S3 sdyueodb;sdyueodb;\??\c:\windows\System32\Drivers\sdyueodb.sys --> c:\windows\System32\Drivers\sdyueodb.sys [?]
S3 tvmgeorz;tvmgeorz;\??\c:\windows\System32\Drivers\tvmgeorz.sys --> c:\windows\System32\Drivers\tvmgeorz.sys [?]
S3 WinPhlash;WinPhlash;\??\c:\docume~1\AS\LOCALS~1\Temp\WZSE2.TMP\PHLASHNT.SYS --> c:\docume~1\AS\LOCALS~1\Temp\WZSE2.TMP\PHLASHNT.SYS [?]
S3 zbrxkymm;zbrxkymm;\??\c:\windows\System32\Drivers\zbrxkymm.sys --> c:\windows\System32\Drivers\zbrxkymm.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 11:51 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 23:06]
.
2013-05-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-11-20 23:32]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-10 15:40]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-10 15:40]
.
2013-05-24 c:\windows\Tasks\User_Feed_Synchronization-{BD32C459-F16F-4B4E-AAE1-EA1EB173B4C4}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12454
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.34.27 79.98.152.2
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-avgrsstarter - avgrsstx.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-24 10:04
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-05-24 10:07:43
ComboFix-quarantined-files.txt 2013-05-24 08:07
.
Před spuštěním: Volných bajtů: 11 834 433 536
Po spuštění: Volných bajtů: 16 000 466 944
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 151D760BB93A978669AD74F3131B7216
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Toto otestuj na Virustotal
c:\windows\system32\wininet.dll
c:\windows\system32\wininet(5).dll
c:\windows\system32\urlmon(5).dll
c:\windows\system32\url(3).dll
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť?.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
c:\windows\system32\wininet.dll
c:\windows\system32\wininet(5).dll
c:\windows\system32\urlmon(5).dll
c:\windows\system32\url(3).dll
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
Driver::
dgyreeeaeue
dogmidnr
sdyueodb
tvmgeorz
WinPhlash
zbrxkymm
File::
c:\windows\system32\boovecessa.exe
c:\windows\System32\Drivers\dogmidnr.sys
c:\windows\System32\Drivers\sdyueodb.sys
c:\windows\System32\Drivers\tvmgeorz.sys
c:\docume~1\AS\LOCALS~1\Temp\WZSE2.TMP\PHLASHNT.SYS
c:\windows\System32\Drivers\zbrxkymm.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť?.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 101 hostů