Kontrola logu Hjt

Monda · Příspěvekod **Monda** » 03 lis 2013 11:46

Dobry den,prosim o kontrolu logu

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:34, on 3.11.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHKE.EXE
C:\Users\Miroslav\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\Energie pod palcem\Hlidac.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Users\Miroslav\Desktop\hijackthis.exe

O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Miroslav\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Miroslav\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files\SearchProtect\bin\CltMngSvc.exe
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Protect your browser's extensions (srvPlgProtect) - Unknown owner - C:\Users\Miroslav\AppData\Roaming\okitspace\protect\PluginProtect.exe
O23 - Service: Software Updater (SrvUpdater) - Unknown owner - C:\Program Files\SoftwareUpdater\UpdaterService.exe

--
End of file - 5578 bytes

Reklama

Příspěvekod **memphisto** » 03 lis 2013 13:56

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Monda · Příspěvekod **Monda** » 03 lis 2013 16:33

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.03.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
Miroslav :: MIROSLAV-PC [administrátor]

Ochrana: Povolena

3.11.2013 16:02:14
MBAM-log-2013-11-03 (16-33-18).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 222173
Uplynulý čas: 29 minut, 17 sekund

Nalezené procesy v paměti: 4
C:\Program Files\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> 1700 -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> 3376 -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\UpdaterService.exe (PUP.Optional.SoftwareUpdater.A) -> 2400 -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\PluginProtect.exe (PUP.Optional.OKitSpace.A) -> 2348 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 7
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\Interop.Shell32.dll (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\utilsDll.dll (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 15
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{3543619C-D563-43f7-95EA-4DA7E1CC396A} (PUP.Optional.OfferBox.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3543619C-D563-43F7-95EA-4DA7E1CC396A} (PUP.Optional.OfferBox.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3543619C-D563-43F7-95EA-4DA7E1CC396A} (PUP.Optional.OfferBox.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3543619C-D563-43F7-95EA-4DA7E1CC396A} (PUP.Optional.OfferBox.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\SrvUpdater (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SOFTWAREUPDATER (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\srvPlgProtect (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3288691 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.Conduit.A) -> Data: C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\cltmng.exe -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtectAll (PUP.Optional.Conduit.A) -> Data: C:\Program Files\SearchProtect\bin\cltmng.exe -> Nebyla provedena žádná instrukce.
HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: http://search.conduit.com?SearchSource= ... =CT3288691 -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SoftwareUpdater|partner_keyword (PUP.Optional.SoftwareUpdater.A) -> Data: EAZELEN -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\SrvUpdater|ImagePath (PUP.Optional.SoftwareUpdater.A) -> Data: C:\Program Files\SoftwareUpdater\UpdaterService.exe -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Špatný: (http://www.delta-search.com/?babsrc=HP_ ... 1&tsp=5037) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 39
C:\Users\Miroslav\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\OpenCandy\393FF9DC1E9D403E84000231B093D76D (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Chrome (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\content (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\content\icons (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\skin (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\IE (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\files (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\updateSrv (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Conduit\IE\CT3288691 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 121
C:\Program Files\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\IE\OkitSpace.dll (PUP.Optional.OfferBox.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\SPHook64.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\Babylon\SUDump.dmp (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\KeyGen.dll (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\AppsUpdater.exe (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\AppsUpdater.exe.config (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\config.xml (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\Interop.Shell32.dll (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\translations.xml (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\uninstall.exe (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SoftwareUpdater\UpdaterService.exe (PUP.Optional.SoftwareUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\SPHook64.dll (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\searchProtectorData (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\OpenCandy\393FF9DC1E9D403E84000231B093D76D\RealPlayer.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\uninstall.exe (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Chrome\OKitSpace.crx (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome.manifest (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\install.rdf (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\content\background.html (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\content\content.xul (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\content\main.js (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\content\icons\okitspace-19x19.png (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\content\icons\okitspace-48x48.png (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\Firefox\chrome\skin\overlay.css (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\IE\config (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\config.xml (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\Interop.Shell32.dll (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\PluginProtect.exe (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\PluginProtect.exe_old (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\sqlite3.exe (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\utilsDll.dll (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\versionPPSrv (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\files\crxID (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\files\OkitSpace.crx (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\files\OkitSpace.dll (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\files\OkitSpace.xpi (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\Users\Miroslav\AppData\Roaming\okitspace\protect\files\version (PUP.Optional.OKitSpace.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Conduit\IE\CT3288691\configutaion.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Conduit\IE\CT3288691\SetupIcon.ico (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Conduit\IE\CT3288691\UninstallerUI.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

(konec)

Monda · Příspěvekod **Monda** » 03 lis 2013 16:39

# AdwCleaner v3.010 - Report created 03/11/2013 at 16:37:36
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Miroslav - MIROSLAV-PC
# Running from : C:\Users\Miroslav\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc
Service Found : srvPlgProtect
Service Found : SrvUpdater

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\invalidprefs.js
File Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\searchplugins\Babylon.xml
File Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\searchplugins\bingp.xml
File Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\searchplugins\Conduit.xml
File Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\searchplugins\icqplugin.xml
File Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\searchplugins\Surf-canyon.xml
File Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\searchplugins\SweetIm.xml
File Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\user.js
File Found : C:\Windows\System32\Tasks\DSite
File Found : C:\Windows\Tasks\DSite.job
Folder Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\Extensions\{77E8143B-6759-416E-B521-82CFED75150B}
Folder Found : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\Extensions\{77e8143b-6759-416e-b521-82cfed75150b}
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\DivX_Browser_Bar
Folder Found C:\Program Files\Searchprotect
Folder Found C:\Program Files\SoftwareUpdater
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\DSearchLink
Folder Found C:\Searchprotect
Folder Found C:\Users\Miroslav\AppData\LocalLow\boost_interprocess
Folder Found C:\Users\Miroslav\AppData\LocalLow\Conduit
Folder Found C:\Users\Miroslav\AppData\LocalLow\DivX_Browser_Bar
Folder Found C:\Users\Miroslav\AppData\Roaming\Babylon
Folder Found C:\Users\Miroslav\AppData\Roaming\DSite
Folder Found C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\CT3288691
Folder Found C:\Users\Miroslav\AppData\Roaming\okitspace
Folder Found C:\Users\Miroslav\AppData\Roaming\OpenCandy
Folder Found C:\Users\Miroslav\AppData\Roaming\pdfforge
Folder Found C:\Users\Miroslav\AppData\Roaming\Searchprotect

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77E8143B-6759-416E-B521-82CFED75150B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77E8143B-6759-416E-B521-82CFED75150B}
Key Found : HKCU\Software\SearchProtect
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{77E8143B-6759-416E-B521-82CFED75150B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3288691
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DivX_Browser_Bar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{634F9512-0095-476A-8487-956BE22E486B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D93FF6B1-335B-4E67-BB58-F2405D3E91EC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77E8143B-6759-416E-B521-82CFED75150B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\SoftwareUpdater
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Vittalia
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtect]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-search.com/?babsrc=HP_ ... 1&tsp=5037

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\prefs.js ]

Line Found : user_pref("CT3288691.FF19Solved", "true");
Line Found : user_pref("CT3288691.UserID", "UN30611900603085031");
Line Found : user_pref("CT3288691.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3288691.fullUserID", "UN30611900603085031.IN.20130927235802");
Line Found : user_pref("CT3288691.installDate", "27/09/2013 23:58:10");
Line Found : user_pref("CT3288691.installSessionId", "{DD8F366B-2DEA-41E8-9594-CB003E20807A}");
Line Found : user_pref("CT3288691.installSp", "true");
Line Found : user_pref("CT3288691.installerVersion", "1.7.1.4");
Line Found : user_pref("CT3288691.keyword", "true");
Line Found : user_pref("CT3288691.originalHomepage", "hxxp://www.seznam.cz/");
Line Found : user_pref("CT3288691.originalSearchAddressUrl", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Line Found : user_pref("CT3288691.originalSearchEngine", "");
Line Found : user_pref("CT3288691.originalSearchEngineName", "");
Line Found : user_pref("CT3288691.searchRevert", "false");
Line Found : user_pref("CT3288691.searchUserMode", "2");
Line Found : user_pref("CT3288691.smartbar.homepage", "true");
Line Found : user_pref("CT3288691.versionFromInstaller", "10.20.1.8");
Line Found : user_pref("CT3288691.xpeMode", "0");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Line Found : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=FCBB0014C2C696A3&affID=119391&tsp=5037");
Line Found : user_pref("browser.search.defaultthis.engineName", "DivX Browser Bar Customized Web Search");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&CUI=UN30611900603085031&UM=2&SearchSource=3&q={searchTerms}");
Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN30611900603085031&UM=2&q=");
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3288691");
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN30611900603085031&UM=2&SearchSource=13");
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN30611900603085031&UM=2&q=");
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3288691");
Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3288691");
Line Found : user_pref("smartbar.machineId", "5E9RS/AEGCVEGJYYMIFUBRXFQE7EP2M8+/YOCL6FNDIV2MTSSWXVTWB1F/0JAFU4BDTOEKFK7QYWWQXQXA+MHA");

*************************

AdwCleaner[R0].txt - [10044 octets] - [03/11/2013 16:37:36]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10105 octets] ##########

Příspěvekod **jaro3** » 04 lis 2013 09:44

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Monda · Příspěvekod **Monda** » 04 lis 2013 17:00

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Ultimate x86
Ran by Miroslav on po 04.11.2013 at 16:52:04,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotect
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotectall
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3688081923-1990370972-2290267237-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softwareupdater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3288691
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3A945276-545C-4B81-8B0C-BF273ECB7EA2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77e8143b-6759-416e-b521-82cfed75150b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{77e8143b-6759-416e-b521-82cfed75150b}

~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\dsite
Successfully deleted: [File] C:\Windows\Tasks\dsite.job
Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\Users\Miroslav\AppData\Roaming\babylon"
Failed to delete: [Folder] "C:\Users\Miroslav\AppData\Roaming\dsite"
Successfully deleted: [Folder] "C:\Users\Miroslav\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Miroslav\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\Miroslav\AppData\Roaming\searchprotect"
Successfully deleted: [Folder] "C:\Users\Miroslav\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Miroslav\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\searchprotect"

~~~ FireFox

Successfully deleted: [File] C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\user.js
Successfully deleted: [File] C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\invalidprefs.js
Successfully deleted: [File] C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\searchplugins\surf-canyon.xml
Successfully deleted: [File] C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\extensions\{77e8143b-6759-416e-b521-82cfed75150b}
Successfully deleted the following from C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\prefs.js

user_pref("CT3288691.FF19Solved", "true");
user_pref("CT3288691.UserID", "UN30611900603085031");
user_pref("CT3288691.browser.search.defaultthis.engineName", "true");
user_pref("CT3288691.fullUserID", "UN30611900603085031.IN.20130927235802");
user_pref("CT3288691.installDate", "27/09/2013 23:58:10");
user_pref("CT3288691.installSessionId", "{DD8F366B-2DEA-41E8-9594-CB003E20807A}");
user_pref("CT3288691.installSp", "true");
user_pref("CT3288691.installerVersion", "1.7.1.4");
user_pref("CT3288691.keyword", "true");
user_pref("CT3288691.originalHomepage", "hxxp://www.seznam.cz/");
user_pref("CT3288691.originalSearchAddressUrl", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
user_pref("CT3288691.originalSearchEngine", "");
user_pref("CT3288691.originalSearchEngineName", "");
user_pref("CT3288691.searchRevert", "false");
user_pref("CT3288691.searchUserMode", "2");
user_pref("CT3288691.smartbar.homepage", "true");
user_pref("CT3288691.versionFromInstaller", "10.20.1.8");
user_pref("CT3288691.xpeMode", "0");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=FCBB0014C2C696A3&affID=119391&tsp=5037");
user_pref("browser.search.defaultthis.engineName", "DivX Browser Bar Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&CUI=UN30611900603085031&UM=2&SearchSource=3&q={searchTerms}");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN30611900603085031&UM=2&q=");
user_pref("smartbar.addressBarOwnerCTID", "CT3288691");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN30611900603085031&UM=2&SearchSource=13");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN30611900603085031&UM=2&q=");
user_pref("smartbar.defaultSearchOwnerCTID", "CT3288691");
user_pref("smartbar.homePageOwnerCTID", "CT3288691");
user_pref("smartbar.machineId", "5E9RS/AEGCVEGJYYMIFUBRXFQE7EP2M8+/YOCL6FNDIV2MTSSWXVTWB1F/0JAFU4BDTOEKFK7QYWWQXQXA+MHA");
Emptied folder: C:\Users\Miroslav\AppData\Roaming\mozilla\firefox\profiles\vh1ihku5.default\minidumps [176 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 04.11.2013 at 16:59:56,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Monda · Příspěvekod **Monda** » 04 lis 2013 17:10

# AdwCleaner v3.010 - Report created 04/11/2013 at 17:05:22
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Miroslav - MIROSLAV-PC
# Running from : C:\Users\Miroslav\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CltMngSvc
Service Deleted : srvPlgProtect
[#] Service Deleted : SrvUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\Searchprotect
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\Program Files\SoftwareUpdater
Folder Deleted : C:\Program Files\DivX_Browser_Bar
Folder Deleted : C:\Users\Miroslav\AppData\LocalLow\DivX_Browser_Bar
Folder Deleted : C:\Users\Miroslav\AppData\Roaming\DSite
Folder Deleted : C:\Users\Miroslav\AppData\Roaming\okitspace
File Deleted : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\searchplugins\bingp.xml
File Deleted : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\searchplugins\icqplugin.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77E8143B-6759-416E-B521-82CFED75150B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77E8143B-6759-416E-B521-82CFED75150B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D93FF6B1-335B-4E67-BB58-F2405D3E91EC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{634F9512-0095-476A-8487-956BE22E486B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
Key Deleted : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar
Key Deleted : HKLM\Software\SoftwareUpdater
Key Deleted : HKLM\Software\Vittalia
Key Deleted : HKLM\Software\DivX_Browser_Bar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\vh1ihku5.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [10186 octets] - [03/11/2013 16:37:36]
AdwCleaner[R1].txt - [3955 octets] - [04/11/2013 17:04:06]
AdwCleaner[S0].txt - [3974 octets] - [04/11/2013 17:05:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4034 octets] ##########

Monda · Příspěvekod **Monda** » 04 lis 2013 17:36

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.03.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
Miroslav :: MIROSLAV-PC [administrátor]

Ochrana: Povolena

4.11.2013 17:12:55
mbam-log-2013-11-04 (17-12-55).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 224078
Uplynulý čas: 20 minut, 18 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Monda · Příspěvekod **Monda** » 04 lis 2013 17:44

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Miroslav [Práva správce]
Mód : Kontrola -- Datum : 11/04/2013 17:42:58
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Miroslav\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-3688081923-1990370972-2290267237-1000\[...]\Run : icq (C:\Users\Miroslav\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xCFD8333C)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST380815AS ATA Device +++++
--- User ---
[MBR] 7787809cd412903f8471dfce4e816603
[BSP] 83b377601eaac67d9ecb2247aef77ca8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST380815AS ATA Device +++++
--- User ---
[MBR] fba3a90479889c71f095247ff824db02
[BSP] a440528cbd2dc7330d9a169efdc17473 : Legit.C MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 76317 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11042013_174258.txt >>

Příspěvekod **jaro3** » 05 lis 2013 09:36

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Monda · Příspěvekod **Monda** » 05 lis 2013 17:29

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Miroslav [Práva správce]
Mód : Odebrat -- Datum : 11/05/2013 17:21:14
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Miroslav\AppData\Roaming\ICQM\icq.exe -CU [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-3688081923-1990370972-2290267237-1000\[...]\Run : icq (C:\Users\Miroslav\AppData\Roaming\ICQM\icq.exe -CU [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xCFD8333C)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST380815AS ATA Device +++++
--- User ---
[MBR] 7787809cd412903f8471dfce4e816603
[BSP] 83b377601eaac67d9ecb2247aef77ca8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST380815AS ATA Device +++++
--- User ---
[MBR] fba3a90479889c71f095247ff824db02
[BSP] a440528cbd2dc7330d9a169efdc17473 : Legit.C MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 76317 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_11052013_172114.txt >>
RKreport[0]_S_11042013_174258.txt;RKreport[0]_S_11052013_172022.txt

Monda · Příspěvekod **Monda** » 05 lis 2013 17:34

17:24:26.0582 4372 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:24:28.0582 4372 ============================================================
17:24:28.0582 4372 Current date / time: 2013/11/05 17:24:28.0582
17:24:28.0582 4372 SystemInfo:
17:24:28.0582 4372
17:24:28.0582 4372 OS Version: 6.1.7601 ServicePack: 1.0
17:24:28.0582 4372 Product type: Workstation
17:24:28.0582 4372 ComputerName: MIROSLAV-PC
17:24:28.0582 4372 UserName: Miroslav
17:24:28.0582 4372 Windows directory: C:\Windows
17:24:28.0582 4372 System windows directory: C:\Windows
17:24:28.0582 4372 Processor architecture: Intel x86
17:24:28.0582 4372 Number of processors: 2
17:24:28.0582 4372 Page size: 0x1000
17:24:28.0582 4372 Boot type: Normal boot
17:24:28.0582 4372 ============================================================
17:24:29.0769 4372 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:24:29.0785 4372 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:24:29.0816 4372 ============================================================
17:24:29.0816 4372 \Device\Harddisk0\DR0:
17:24:29.0816 4372 MBR partitions:
17:24:29.0816 4372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E5C1
17:24:29.0816 4372 \Device\Harddisk1\DR1:
17:24:29.0816 4372 MBR partitions:
17:24:29.0816 4372 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E800
17:24:29.0816 4372 ============================================================
17:24:29.0832 4372 C: <-> \Device\Harddisk0\DR0\Partition1
17:24:29.0863 4372 D: <-> \Device\Harddisk1\DR1\Partition1
17:24:29.0863 4372 ============================================================
17:24:29.0863 4372 Initialize success
17:24:29.0863 4372 ============================================================
17:24:41.0050 1120 ============================================================
17:24:41.0050 1120 Scan started
17:24:41.0050 1120 Mode: Manual;
17:24:41.0050 1120 ============================================================
17:24:41.0769 1120 ================ Scan system memory ========================
17:24:41.0769 1120 System memory - ok
17:24:41.0769 1120 ================ Scan services =============================
17:24:41.0925 1120 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:24:41.0925 1120 1394ohci - ok
17:24:42.0003 1120 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
17:24:42.0003 1120 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
17:24:42.0035 1120 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:24:42.0050 1120 ACPI - ok
17:24:42.0066 1120 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:24:42.0066 1120 AcpiPmi - ok
17:24:42.0160 1120 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:24:42.0160 1120 AdobeARMservice - ok
17:24:42.0253 1120 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:24:42.0253 1120 AdobeFlashPlayerUpdateSvc - ok
17:24:42.0300 1120 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:24:42.0300 1120 adp94xx - ok
17:24:42.0332 1120 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:24:42.0332 1120 adpahci - ok
17:24:42.0363 1120 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:24:42.0363 1120 adpu320 - ok
17:24:42.0425 1120 [ 3CB6AE5435987B1F8C83FD2730479878 ] aeaudio C:\Windows\system32\drivers\aeaudio.sys
17:24:42.0425 1120 aeaudio - ok
17:24:42.0441 1120 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:24:42.0441 1120 AeLookupSvc - ok
17:24:42.0503 1120 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
17:24:42.0503 1120 AFD - ok
17:24:42.0535 1120 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:24:42.0535 1120 agp440 - ok
17:24:42.0582 1120 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:24:42.0582 1120 aic78xx - ok
17:24:42.0613 1120 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:24:42.0613 1120 ALG - ok
17:24:42.0660 1120 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:24:42.0660 1120 aliide - ok
17:24:42.0722 1120 [ F9491B157A8CD70557745FA0312C1EEE ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:24:42.0722 1120 AMD External Events Utility - ok
17:24:42.0753 1120 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:24:42.0753 1120 amdagp - ok
17:24:42.0800 1120 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:24:42.0800 1120 amdide - ok
17:24:42.0816 1120 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:24:42.0816 1120 AmdK8 - ok
17:24:43.0082 1120 [ F53B89A4B976B534DAA8AEDAFEAF8EA3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:24:43.0160 1120 amdkmdag - ok
17:24:43.0207 1120 [ 3DEA9B1D1B274C739C9367FB1E56185F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:24:43.0207 1120 amdkmdap - ok
17:24:43.0222 1120 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:24:43.0222 1120 AmdPPM - ok
17:24:43.0269 1120 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:24:43.0269 1120 amdsata - ok
17:24:43.0316 1120 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:24:43.0316 1120 amdsbs - ok
17:24:43.0332 1120 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:24:43.0332 1120 amdxata - ok
17:24:43.0363 1120 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:24:43.0363 1120 AppID - ok
17:24:43.0394 1120 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:24:43.0394 1120 AppIDSvc - ok
17:24:43.0457 1120 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
17:24:43.0457 1120 Appinfo - ok
17:24:43.0488 1120 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:24:43.0488 1120 AppMgmt - ok
17:24:43.0519 1120 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
17:24:43.0535 1120 arc - ok
17:24:43.0550 1120 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:24:43.0550 1120 arcsas - ok
17:24:43.0660 1120 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:24:43.0660 1120 aspnet_state - ok
17:24:43.0691 1120 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:24:43.0691 1120 AsyncMac - ok
17:24:43.0738 1120 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:24:43.0738 1120 atapi - ok
17:24:43.0785 1120 [ 9E65DC266E8289116790599DD7D69087 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:24:43.0785 1120 AtiHDAudioService - ok
17:24:44.0019 1120 [ F53B89A4B976B534DAA8AEDAFEAF8EA3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:24:44.0113 1120 atikmdag - ok
17:24:44.0175 1120 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:24:44.0191 1120 AudioEndpointBuilder - ok
17:24:44.0207 1120 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:24:44.0222 1120 Audiosrv - ok
17:24:44.0269 1120 [ F972125992BCEF024E73CEDC69B7017E ] AVEO C:\Windows\system32\DRIVERS\AVEOdcnt.sys
17:24:44.0269 1120 AVEO - ok
17:24:44.0300 1120 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:24:44.0300 1120 AxInstSV - ok
17:24:44.0347 1120 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
17:24:44.0347 1120 b06bdrv - ok
17:24:44.0378 1120 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:24:44.0378 1120 b57nd60x - ok
17:24:44.0410 1120 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:24:44.0410 1120 BDESVC - ok
17:24:44.0441 1120 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:24:44.0441 1120 Beep - ok
17:24:44.0472 1120 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
17:24:44.0488 1120 BFE - ok
17:24:44.0535 1120 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
17:24:44.0550 1120 BITS - ok
17:24:44.0566 1120 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:24:44.0566 1120 blbdrive - ok
17:24:44.0628 1120 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:24:44.0628 1120 bowser - ok
17:24:44.0644 1120 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:24:44.0644 1120 BrFiltLo - ok
17:24:44.0660 1120 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:24:44.0660 1120 BrFiltUp - ok
17:24:44.0707 1120 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
17:24:44.0707 1120 Browser - ok
17:24:44.0738 1120 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:24:44.0738 1120 Brserid - ok
17:24:44.0753 1120 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:24:44.0753 1120 BrSerWdm - ok
17:24:44.0769 1120 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:24:44.0769 1120 BrUsbMdm - ok
17:24:44.0769 1120 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:24:44.0769 1120 BrUsbSer - ok
17:24:44.0832 1120 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:24:44.0832 1120 BthEnum - ok
17:24:44.0832 1120 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:24:44.0832 1120 BTHMODEM - ok
17:24:44.0878 1120 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:24:44.0878 1120 BthPan - ok
17:24:44.0910 1120 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:24:44.0910 1120 BTHPORT - ok
17:24:44.0957 1120 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:24:44.0957 1120 bthserv - ok
17:24:44.0972 1120 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:24:44.0972 1120 BTHUSB - ok
17:24:45.0003 1120 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:24:45.0003 1120 cdfs - ok
17:24:45.0050 1120 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:24:45.0050 1120 cdrom - ok
17:24:45.0097 1120 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:24:45.0097 1120 CertPropSvc - ok
17:24:45.0113 1120 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
17:24:45.0113 1120 circlass - ok
17:24:45.0144 1120 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:24:45.0144 1120 CLFS - ok
17:24:45.0222 1120 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:24:45.0222 1120 clr_optimization_v2.0.50727_32 - ok
17:24:45.0285 1120 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:24:45.0285 1120 clr_optimization_v4.0.30319_32 - ok
17:24:45.0347 1120 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:24:45.0347 1120 CmBatt - ok
17:24:45.0488 1120 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:24:45.0488 1120 cmdide - ok
17:24:45.0566 1120 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
17:24:45.0566 1120 CNG - ok
17:24:45.0582 1120 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:24:45.0582 1120 Compbatt - ok
17:24:45.0613 1120 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:24:45.0613 1120 CompositeBus - ok
17:24:45.0628 1120 COMSysApp - ok
17:24:45.0644 1120 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:24:45.0644 1120 crcdisk - ok
17:24:45.0707 1120 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:24:45.0707 1120 CryptSvc - ok
17:24:45.0753 1120 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:24:45.0753 1120 CSC - ok
17:24:45.0800 1120 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:24:45.0800 1120 CscService - ok
17:24:45.0847 1120 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:24:45.0863 1120 DcomLaunch - ok
17:24:45.0894 1120 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:24:45.0894 1120 defragsvc - ok
17:24:45.0925 1120 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:24:45.0925 1120 DfsC - ok
17:24:45.0972 1120 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:24:45.0972 1120 Dhcp - ok
17:24:45.0988 1120 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:24:45.0988 1120 discache - ok
17:24:46.0019 1120 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
17:24:46.0019 1120 Disk - ok
17:24:46.0050 1120 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:24:46.0050 1120 dmvsc - ok
17:24:46.0113 1120 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:24:46.0113 1120 Dnscache - ok
17:24:46.0144 1120 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:24:46.0144 1120 dot3svc - ok
17:24:46.0160 1120 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:24:46.0175 1120 DPS - ok
17:24:46.0207 1120 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:24:46.0207 1120 drmkaud - ok
17:24:46.0269 1120 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:24:46.0269 1120 DXGKrnl - ok
17:24:46.0300 1120 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:24:46.0300 1120 EapHost - ok
17:24:46.0410 1120 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
17:24:46.0425 1120 ebdrv - ok
17:24:46.0488 1120 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:24:46.0488 1120 EFS - ok
17:24:46.0550 1120 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:24:46.0550 1120 ehRecvr - ok
17:24:46.0582 1120 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:24:46.0582 1120 ehSched - ok
17:24:46.0613 1120 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:24:46.0628 1120 elxstor - ok
17:24:46.0675 1120 [ A2349A0013832F58260FC0C95914AA22 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
17:24:46.0675 1120 EPSON_PM_RPCV4_04 - ok
17:24:46.0691 1120 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:24:46.0691 1120 ErrDev - ok
17:24:46.0753 1120 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:24:46.0753 1120 EventSystem - ok
17:24:46.0785 1120 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:24:46.0785 1120 exfat - ok
17:24:46.0800 1120 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:24:46.0800 1120 fastfat - ok
17:24:46.0832 1120 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:24:46.0847 1120 Fax - ok
17:24:46.0863 1120 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:24:46.0863 1120 fdc - ok
17:24:46.0878 1120 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:24:46.0878 1120 fdPHost - ok
17:24:46.0894 1120 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:24:46.0894 1120 FDResPub - ok
17:24:46.0910 1120 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:24:46.0910 1120 FileInfo - ok
17:24:46.0925 1120 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:24:46.0925 1120 Filetrace - ok
17:24:46.0957 1120 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:24:46.0957 1120 flpydisk - ok
17:24:46.0988 1120 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:24:46.0988 1120 FltMgr - ok
17:24:47.0066 1120 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
17:24:47.0082 1120 FontCache - ok
17:24:47.0144 1120 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:24:47.0144 1120 FontCache3.0.0.0 - ok
17:24:47.0175 1120 FreshIO - ok
17:24:47.0207 1120 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:24:47.0207 1120 FsDepends - ok
17:24:47.0238 1120 [ 2ED0BABD4CD98ED820FD0D0BCBE96721 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:24:47.0238 1120 fssfltr - ok
17:24:47.0347 1120 [ B6AB40819ECEC4BA07266EC0EBBC85A7 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:24:47.0394 1120 fsssvc - ok
17:24:47.0425 1120 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:24:47.0425 1120 Fs_Rec - ok
17:24:47.0488 1120 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:24:47.0488 1120 fvevol - ok
17:24:47.0519 1120 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:24:47.0519 1120 gagp30kx - ok
17:24:47.0566 1120 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:24:47.0582 1120 gpsvc - ok
17:24:47.0707 1120 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:24:47.0707 1120 gupdate - ok
17:24:47.0722 1120 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:24:47.0722 1120 gupdatem - ok
17:24:47.0800 1120 [ EE271C6C56955C42297CD4D524E6FDA5 ] gwiopm C:\Windows\system32\drivers\gwiopm.sys
17:24:47.0800 1120 gwiopm - ok
17:24:47.0878 1120 [ D95554949082FD29A04D351B58396718 ] Hardlock C:\Windows\system32\drivers\hardlock.sys
17:24:47.0878 1120 Hardlock - ok
17:24:47.0910 1120 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:24:47.0925 1120 hcw85cir - ok
17:24:47.0941 1120 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:24:47.0957 1120 HdAudAddService - ok
17:24:47.0972 1120 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:24:47.0972 1120 HDAudBus - ok
17:24:47.0988 1120 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:24:47.0988 1120 HidBatt - ok
17:24:48.0003 1120 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:24:48.0003 1120 HidBth - ok
17:24:48.0035 1120 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:24:48.0035 1120 HidIr - ok
17:24:48.0066 1120 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
17:24:48.0066 1120 hidserv - ok
17:24:48.0144 1120 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:24:48.0144 1120 HidUsb - ok
17:24:48.0160 1120 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:24:48.0175 1120 hkmsvc - ok
17:24:48.0191 1120 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:24:48.0191 1120 HomeGroupListener - ok
17:24:48.0222 1120 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:24:48.0238 1120 HomeGroupProvider - ok
17:24:48.0285 1120 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:24:48.0285 1120 HpSAMD - ok
17:24:48.0347 1120 [ 950CC1E6AE3A6CD23E0945CDE089B02C ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:24:48.0347 1120 HTCAND32 - ok
17:24:48.0394 1120 [ 339ADEFAD60353F960E3CA67CE468C24 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
17:24:48.0394 1120 htcnprot - ok
17:24:48.0425 1120 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:24:48.0425 1120 HTTP - ok
17:24:48.0441 1120 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:24:48.0457 1120 hwpolicy - ok
17:24:48.0472 1120 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:24:48.0472 1120 i8042prt - ok
17:24:48.0519 1120 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:24:48.0519 1120 iaStorV - ok
17:24:48.0582 1120 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:24:48.0597 1120 idsvc - ok
17:24:48.0628 1120 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:24:48.0628 1120 iirsp - ok
17:24:48.0675 1120 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:24:48.0691 1120 IKEEXT - ok
17:24:48.0753 1120 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:24:48.0753 1120 intelide - ok
17:24:48.0785 1120 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:24:48.0785 1120 intelppm - ok
17:24:48.0816 1120 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:24:48.0816 1120 IPBusEnum - ok
17:24:48.0832 1120 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:24:48.0832 1120 IpFilterDriver - ok
17:24:48.0894 1120 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:24:48.0910 1120 iphlpsvc - ok
17:24:48.0925 1120 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:24:48.0925 1120 IPMIDRV - ok
17:24:48.0941 1120 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:24:48.0941 1120 IPNAT - ok
17:24:48.0972 1120 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:24:48.0972 1120 IRENUM - ok
17:24:48.0988 1120 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:24:48.0988 1120 isapnp - ok
17:24:49.0019 1120 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:24:49.0019 1120 iScsiPrt - ok
17:24:49.0066 1120 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:24:49.0066 1120 kbdclass - ok
17:24:49.0097 1120 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:24:49.0097 1120 kbdhid - ok
17:24:49.0113 1120 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:24:49.0113 1120 KeyIso - ok
17:24:49.0160 1120 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:24:49.0160 1120 KSecDD - ok
17:24:49.0175 1120 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:24:49.0175 1120 KSecPkg - ok
17:24:49.0207 1120 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:24:49.0238 1120 KtmRm - ok
17:24:49.0285 1120 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
17:24:49.0285 1120 LanmanServer - ok
17:24:49.0332 1120 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:24:49.0332 1120 LanmanWorkstation - ok
17:24:49.0378 1120 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:24:49.0378 1120 lltdio - ok
17:24:49.0410 1120 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:24:49.0425 1120 lltdsvc - ok
17:24:49.0441 1120 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:24:49.0441 1120 lmhosts - ok
17:24:49.0472 1120 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:24:49.0472 1120 LSI_FC - ok
17:24:49.0488 1120 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:24:49.0488 1120 LSI_SAS - ok
17:24:49.0519 1120 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:24:49.0519 1120 LSI_SAS2 - ok
17:24:49.0535 1120 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:24:49.0535 1120 LSI_SCSI - ok
17:24:49.0566 1120 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:24:49.0566 1120 luafv - ok
17:24:49.0597 1120 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:24:49.0597 1120 MBAMProtector - ok
17:24:49.0660 1120 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:24:49.0675 1120 MBAMScheduler - ok
17:24:49.0691 1120 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:24:49.0707 1120 MBAMService - ok
17:24:49.0738 1120 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:24:49.0753 1120 Mcx2Svc - ok
17:24:49.0785 1120 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
17:24:49.0785 1120 megasas - ok
17:24:49.0816 1120 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:24:49.0816 1120 MegaSR - ok
17:24:49.0878 1120 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
17:24:49.0878 1120 Microsoft Office Groove Audit Service - ok
17:24:49.0910 1120 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:24:49.0910 1120 MMCSS - ok
17:24:49.0925 1120 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:24:49.0925 1120 Modem - ok
17:24:50.0003 1120 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:24:50.0003 1120 monitor - ok
17:24:50.0019 1120 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:24:50.0019 1120 mouclass - ok
17:24:50.0050 1120 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:24:50.0050 1120 mouhid - ok
17:24:50.0082 1120 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:24:50.0082 1120 mountmgr - ok
17:24:50.0113 1120 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:24:50.0128 1120 MozillaMaintenance - ok
17:24:50.0175 1120 [ 24406D75B40F0F6B3C1AC7031D734565 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:24:50.0175 1120 MpFilter - ok
17:24:50.0207 1120 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:24:50.0207 1120 mpio - ok
17:24:50.0238 1120 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:24:50.0238 1120 mpsdrv - ok
17:24:50.0269 1120 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:24:50.0300 1120 MpsSvc - ok
17:24:50.0347 1120 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:24:50.0347 1120 MRxDAV - ok
17:24:50.0410 1120 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:24:50.0410 1120 mrxsmb - ok
17:24:50.0425 1120 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:24:50.0425 1120 mrxsmb10 - ok
17:24:50.0441 1120 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:24:50.0441 1120 mrxsmb20 - ok
17:24:50.0488 1120 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:24:50.0488 1120 msahci - ok
17:24:50.0535 1120 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:24:50.0535 1120 msdsm - ok
17:24:50.0582 1120 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:24:50.0613 1120 MSDTC - ok
17:24:50.0769 1120 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:24:50.0769 1120 Msfs - ok
17:24:50.0832 1120 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:24:50.0832 1120 mshidkmdf - ok
17:24:50.0847 1120 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:24:50.0847 1120 msisadrv - ok
17:24:50.0894 1120 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:24:50.0894 1120 MSiSCSI - ok
17:24:50.0910 1120 msiserver - ok
17:24:50.0941 1120 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:24:50.0941 1120 MSKSSRV - ok
17:24:51.0066 1120 [ 3EA6A1A744D79328AE7E2C6FAE4C4420 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:24:51.0066 1120 MsMpSvc - ok
17:24:51.0082 1120 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:24:51.0082 1120 MSPCLOCK - ok
17:24:51.0113 1120 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:24:51.0113 1120 MSPQM - ok
17:24:51.0144 1120 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:24:51.0144 1120 MsRPC - ok
17:24:51.0160 1120 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:24:51.0160 1120 mssmbios - ok
17:24:51.0160 1120 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:24:51.0160 1120 MSTEE - ok
17:24:51.0191 1120 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:24:51.0191 1120 MTConfig - ok
17:24:51.0207 1120 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:24:51.0207 1120 Mup - ok
17:24:51.0238 1120 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:24:51.0253 1120 napagent - ok
17:24:51.0285 1120 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:24:51.0285 1120 NativeWifiP - ok
17:24:51.0378 1120 [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
17:24:51.0410 1120 NBService - ok
17:24:51.0472 1120 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:24:51.0472 1120 NDIS - ok
17:24:51.0488 1120 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:24:51.0488 1120 NdisCap - ok
17:24:51.0519 1120 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:24:51.0519 1120 NdisTapi - ok
17:24:51.0535 1120 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:24:51.0535 1120 Ndisuio - ok
17:24:51.0566 1120 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:24:51.0566 1120 NdisWan - ok
17:24:51.0582 1120 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:24:51.0582 1120 NDProxy - ok
17:24:51.0613 1120 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:24:51.0613 1120 NetBIOS - ok
17:24:51.0628 1120 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:24:51.0628 1120 NetBT - ok
17:24:51.0660 1120 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:24:51.0660 1120 Netlogon - ok
17:24:51.0691 1120 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:24:51.0707 1120 Netman - ok
17:24:51.0738 1120 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:51.0738 1120 NetMsmqActivator - ok
17:24:51.0769 1120 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:51.0769 1120 NetPipeActivator - ok
17:24:51.0816 1120 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:24:51.0832 1120 netprofm - ok
17:24:51.0863 1120 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:51.0863 1120 NetTcpActivator - ok
17:24:51.0863 1120 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:24:51.0863 1120 NetTcpPortSharing - ok
17:24:51.0925 1120 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:24:51.0925 1120 nfrd960 - ok
17:24:51.0988 1120 [ C58DB40E4C95BE8EE727BE872BE6383F ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:24:51.0988 1120 NisDrv - ok
17:24:52.0050 1120 [ C5BC0144F8FF164425B197CB78620B5F ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:24:52.0050 1120 NisSrv - ok
17:24:52.0113 1120 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:24:52.0113 1120 NlaSvc - ok
17:24:52.0175 1120 [ E32686B4E27D11F83E3F2844E104C66C ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
17:24:52.0175 1120 NMIndexingService - ok
17:24:52.0207 1120 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:24:52.0207 1120 Npfs - ok
17:24:52.0269 1120 [ F55A4363F92FCD55D71508C73D7DF422 ] NSHE C:\Windows\system32\Drivers\NSHE.SYS
17:24:52.0269 1120 NSHE - ok
17:24:52.0285 1120 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:24:52.0300 1120 nsi - ok
17:24:52.0316 1120 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:24:52.0332 1120 nsiproxy - ok
17:24:52.0363 1120 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:24:52.0378 1120 Ntfs - ok
17:24:52.0394 1120 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:24:52.0394 1120 Null - ok
17:24:52.0425 1120 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:24:52.0425 1120 nvraid - ok
17:24:52.0441 1120 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:24:52.0441 1120 nvstor - ok
17:24:52.0457 1120 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:24:52.0472 1120 nv_agp - ok
17:24:52.0550 1120 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:24:52.0550 1120 odserv - ok
17:24:52.0582 1120 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:24:52.0582 1120 ohci1394 - ok
17:24:52.0613 1120 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

Kontrola logu Hjt Vyřešeno

Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Re: Kontrola logu Hjt

Kdo je online