kontrola logu NB Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

kontrola logu NB

Příspěvekod sanko33 » 23 srp 2014 07:53

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:49:26, on 23.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\HP\AppData\Local\Akamai\netsession_win.exe
C:\Users\HP\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\HP\Desktop\Čištění\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... 5WC123T&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... 5WC123T&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54137;https=127.0.0.1:54137
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\HP\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SmdmF Service (SmdmFService) - Aztec Media Inc - C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 19058 bytes

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod jaro3 » 23 srp 2014 10:30

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod sanko33 » 23 srp 2014 20:03

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.05.17.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17239
HP :: HP-HP [administrátor]

23.8.2014 19:55:24
mbam-log-2014-08-23 (19-55-24).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 245110
Uplynulý čas: 5 minut, 44 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod sanko33 » 24 srp 2014 04:33

# AdwCleaner v3.211 - Report created 15/07/2014 at 06:14:17
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : HP - HP-HP
# Running from : C:\Users\HP\Desktop\adwcleaner_3.211.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ikgojpdbiniccokkgadmdheobjfdbbcg
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\no6auk6b.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

*************************

AdwCleaner[R0].txt - [6788 octets] - [19/01/2014 20:20:43]
AdwCleaner[R10].txt - [1094 octets] - [15/07/2014 06:14:17]
AdwCleaner[R1].txt - [960 octets] - [07/02/2014 23:49:06]
AdwCleaner[R2].txt - [3855 octets] - [09/03/2014 13:56:51]
AdwCleaner[R3].txt - [2376 octets] - [14/03/2014 20:47:20]
AdwCleaner[R4].txt - [1917 octets] - [29/03/2014 16:44:44]
AdwCleaner[R5].txt - [1379 octets] - [20/04/2014 09:36:17]
AdwCleaner[R6].txt - [2147 octets] - [17/05/2014 15:50:28]
AdwCleaner[R7].txt - [1982 octets] - [17/05/2014 15:52:43]
AdwCleaner[R8].txt - [2042 octets] - [20/05/2014 08:37:43]
AdwCleaner[R9].txt - [2076 octets] - [14/07/2014 06:29:23]
AdwCleaner[S0].txt - [6743 octets] - [19/01/2014 20:21:16]
AdwCleaner[S1].txt - [981 octets] - [07/02/2014 23:49:45]
AdwCleaner[S2].txt - [2438 octets] - [14/03/2014 20:48:31]
AdwCleaner[S3].txt - [1951 octets] - [29/03/2014 16:45:26]
AdwCleaner[S4].txt - [1402 octets] - [20/04/2014 09:36:52]
AdwCleaner[S5].txt - [2074 octets] - [20/05/2014 08:38:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [2053 octets] ##########
# AdwCleaner v3.211 - Report created 24/08/2014 at 04:32:05
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : HP - HP-HP
# Running from : C:\Users\HP\Desktop\adwcleaner_3.211.exe
# Option : Scan

***** [ Services ] *****

Service Found : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : IePluginServices

***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-5_user
File Found : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Found : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Found : C:\Windows\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-5_user.job
File Found : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Found : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\Settings Manager
Folder Found : C:\ProgramData\IePluginServices
Folder Found : C:\Users\HP\AppData\Local\globalUpdate
Folder Found : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\no6auk6b.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )
Shortcut Found : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk ( _?=C:\Users\HP\AppData\Local\WebPlayer\AppsHat )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )
Shortcut Found : C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )
Shortcut Found : C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )
Shortcut Found : C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.istartsurf.com/?type=sc&ts=1 ... X835WC123T
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Found : HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Linkey
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ikgojpdbiniccokkgadmdheobjfdbbcg
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\Software\SupTab
Key Found : HKLM\Software\supWPM
Key Found : [x64] HKLM\SOFTWARE\installedbrowserextensions
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411851159}
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds& ... 5WC123T&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds& ... 5WC123T&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds& ... 5WC123T&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=1 ... X835WC123T
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds& ... 5WC123T&q={searchTerms}

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\no6auk6b.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "istartsurf");
Line Found : user_pref("browser.search.selectedEngine", "istartsurf");
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.value", "%7B%2219x19.png%22%3A%7B%22id%22%3A485550%2C%22ver%22%3A5%2C%22[...]
Line Found : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Found : user_pref("extensions.crossrider.bic", "147e88cd47b6b2d7608d5b65722a2fa0");

-\\ Google Chrome v36.0.1985.143

*************************

AdwCleaner[R0].txt - [6788 octets] - [19/01/2014 20:20:43]
AdwCleaner[R10].txt - [13535 octets] - [15/07/2014 06:14:17]
AdwCleaner[R1].txt - [960 octets] - [07/02/2014 23:49:06]
AdwCleaner[R2].txt - [3855 octets] - [09/03/2014 13:56:51]
AdwCleaner[R3].txt - [2376 octets] - [14/03/2014 20:47:20]
AdwCleaner[R4].txt - [1917 octets] - [29/03/2014 16:44:44]
AdwCleaner[R5].txt - [1379 octets] - [20/04/2014 09:36:17]
AdwCleaner[R6].txt - [2147 octets] - [17/05/2014 15:50:28]
AdwCleaner[R7].txt - [1982 octets] - [17/05/2014 15:52:43]
AdwCleaner[R8].txt - [2042 octets] - [20/05/2014 08:37:43]
AdwCleaner[R9].txt - [2076 octets] - [14/07/2014 06:29:23]
AdwCleaner[S0].txt - [6743 octets] - [19/01/2014 20:21:16]
AdwCleaner[S1].txt - [981 octets] - [07/02/2014 23:49:45]
AdwCleaner[S2].txt - [2438 octets] - [14/03/2014 20:48:31]
AdwCleaner[S3].txt - [1951 octets] - [29/03/2014 16:45:26]
AdwCleaner[S4].txt - [1402 octets] - [20/04/2014 09:36:52]
AdwCleaner[S5].txt - [2074 octets] - [20/05/2014 08:38:09]
AdwCleaner[S6].txt - [2167 octets] - [15/07/2014 06:14:47]

########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [14555 octets] ##########

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod jaro3 » 24 srp 2014 10:10

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod sanko33 » 25 srp 2014 07:33

...
Naposledy upravil(a) sanko33 dne 25 srp 2014 07:33, celkem upraveno 1 x.

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod sanko33 » 25 srp 2014 07:33

# AdwCleaner v3.211 - Report created 15/07/2014 at 06:14:47
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : HP - HP-HP
# Running from : C:\Users\HP\Desktop\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ikgojpdbiniccokkgadmdheobjfdbbcg
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\no6auk6b.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

*************************

AdwCleaner[R0].txt - [6788 octets] - [19/01/2014 20:20:43]
AdwCleaner[R10].txt - [2138 octets] - [15/07/2014 06:14:17]
AdwCleaner[R1].txt - [960 octets] - [07/02/2014 23:49:06]
AdwCleaner[R2].txt - [3855 octets] - [09/03/2014 13:56:51]
AdwCleaner[R3].txt - [2376 octets] - [14/03/2014 20:47:20]
AdwCleaner[R4].txt - [1917 octets] - [29/03/2014 16:44:44]
AdwCleaner[R5].txt - [1379 octets] - [20/04/2014 09:36:17]
AdwCleaner[R6].txt - [2147 octets] - [17/05/2014 15:50:28]
AdwCleaner[R7].txt - [1982 octets] - [17/05/2014 15:52:43]
AdwCleaner[R8].txt - [2042 octets] - [20/05/2014 08:37:43]
AdwCleaner[R9].txt - [2076 octets] - [14/07/2014 06:29:23]
AdwCleaner[S0].txt - [6743 octets] - [19/01/2014 20:21:16]
AdwCleaner[S1].txt - [981 octets] - [07/02/2014 23:49:45]
AdwCleaner[S2].txt - [2438 octets] - [14/03/2014 20:48:31]
AdwCleaner[S3].txt - [1951 octets] - [29/03/2014 16:45:26]
AdwCleaner[S4].txt - [1402 octets] - [20/04/2014 09:36:52]
AdwCleaner[S5].txt - [2074 octets] - [20/05/2014 08:38:09]
AdwCleaner[S6].txt - [2027 octets] - [15/07/2014 06:14:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2087 octets] ##########
# AdwCleaner v3.211 - Report created 25/08/2014 at 07:25:30
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : HP - HP-HP
# Running from : C:\Users\HP\Desktop\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\Program Files (x86)\globalUpdate
[!] Folder Deleted : C:\Program Files (x86)\Settings Manager
Folder Deleted : C:\Users\HP\AppData\Local\globalUpdate
Folder Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\no6auk6b.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Deleted : C:\Windows\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-5_user.job
File Deleted : C:\Windows\System32\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-5_user

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ikgojpdbiniccokkgadmdheobjfdbbcg
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411851159}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\no6auk6b.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "istartsurf");
Line Deleted : user_pref("browser.search.selectedEngine", "istartsurf");
Line Deleted : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.value", "%7B%2219x19.png%22%3A%7B%22id%22%3A485550%2C%22ver%22%3A5%2C%22[...]
Line Deleted : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.crossrider.bic", "147e88cd47b6b2d7608d5b65722a2fa0");

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Deleted [Search Provider] : hxxp://slirsredirect.search.aol.com/red ... 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120119120813669&tb_oid=19-01-2012&tb_mrud=19-01-2012
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=5N&apn_dtid=YYYYYYYYCZ&apn_uid=43BC7C12-04F4-4070-B40C-69A046C9ABFB&apn_sauid=8E110570-7CF6-4718-A567-585207C75F36&
Deleted [Search Provider] : hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN35655641971215287&ctid=CT3288691&UM=2
Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&search={searchTerms}&a=6R8sbpjINc&i=26
Deleted [Search Provider] : hxxp://startsear.ch/?aff=1&src=sp&cf=b6 ... f808f2f&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.searchdwebs.info/?l=1&q={searchTerms}&pid=576&r=2013/06/24&hid=507711994&lg=EN&cc=CZ&unqvl=22
Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
Deleted [Search Provider] : hxxp://asksearch.ask.com/redirect?clien ... 650.57&&q={searchTerms}
Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100888&babsrc=SP_ss&mntrId=14b3e3270000000000004c8093213622
Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... YYYYYCZ&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... YYYYYCZ&q={searchTerms}
Deleted [Search Provider] : hxxp://start.funmoods.com/results.php?f=4&a=make&q={searchTerms}
Deleted [Startup_urls] : hxxp://search.babylon.com/?affID=111813 ... 8093213622
Deleted [Startup_urls] : hxxp://websearch.mocaflix.com/
Deleted [Startup_urls] : hxxp://websearch.searchdwebs.info/?pid= ... Z&unqvl=22
Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=CT32886 ... 15287&UM=2
Deleted [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn

*************************

AdwCleaner[R0].txt - [6788 octets] - [19/01/2014 20:20:43]
AdwCleaner[R10].txt - [14673 octets] - [15/07/2014 06:14:17]
AdwCleaner[R11].txt - [14942 octets] - [25/08/2014 07:22:47]
AdwCleaner[R1].txt - [960 octets] - [07/02/2014 23:49:06]
AdwCleaner[R2].txt - [3855 octets] - [09/03/2014 13:56:51]
AdwCleaner[R3].txt - [2376 octets] - [14/03/2014 20:47:20]
AdwCleaner[R4].txt - [1917 octets] - [29/03/2014 16:44:44]
AdwCleaner[R5].txt - [1379 octets] - [20/04/2014 09:36:17]
AdwCleaner[R6].txt - [2147 octets] - [17/05/2014 15:50:28]
AdwCleaner[R7].txt - [1982 octets] - [17/05/2014 15:52:43]
AdwCleaner[R8].txt - [2042 octets] - [20/05/2014 08:37:43]
AdwCleaner[R9].txt - [2076 octets] - [14/07/2014 06:29:23]
AdwCleaner[S0].txt - [6743 octets] - [19/01/2014 20:21:16]
AdwCleaner[S1].txt - [981 octets] - [07/02/2014 23:49:45]
AdwCleaner[S2].txt - [2438 octets] - [14/03/2014 20:48:31]
AdwCleaner[S3].txt - [1951 octets] - [29/03/2014 16:45:26]
AdwCleaner[S4].txt - [1402 octets] - [20/04/2014 09:36:52]
AdwCleaner[S5].txt - [2074 octets] - [20/05/2014 08:38:09]
AdwCleaner[S6].txt - [14427 octets] - [15/07/2014 06:14:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [14488 octets] ##########

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod sanko33 » 25 srp 2014 07:44

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by HP on po 25.08.2014 at 7:35:30,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\apps hat"



~~~ FireFox

Successfully deleted the following from C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\no6auk6b.default\prefs.js

user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.value", "%22data%3Aimage/png%3Bbase6



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 25.08.2014 at 7:42:32,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod sanko33 » 25 srp 2014 08:06

RogueKiller V9.2.8.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : HP [Práva správce]
Mód : Kontrola -- Datum : 08/25/2014 08:05:36

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 35 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NALEZENO
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NALEZENO
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NALEZENO
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NALEZENO
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> NALEZENO
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> NALEZENO
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> NALEZENO
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> NALEZENO
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> NALEZENO
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5DA6A399-6E26-453B-9EBA-8D71FCF327B6} | DhcpNameServer : 172.20.10.1 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5DA6A399-6E26-453B-9EBA-8D71FCF327B6} | DhcpNameServer : 172.20.10.1 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{5DA6A399-6E26-453B-9EBA-8D71FCF327B6} | DhcpNameServer : 172.20.10.1 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NALEZENO
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NALEZENO
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NALEZENO
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NALEZENO
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NALEZENO
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NALEZENO
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NALEZENO
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NALEZENO

¤¤¤ naplánované úlohy : 2 ¤¤¤
[Suspicious.Path] temp_Torntv V9.0-enabler.job -- C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe (/enablebho /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=A2FA998445BD4DBABDD2217EECB6A49CIE /verifier=7bd32a26a85e4290cffd71113c33bd2e /installerversion=1_34_2_13 /installationtime=1394184353 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511131190 /defbro=ch /allusers /autoupdateulr='http://update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.json' /runfrom='installer' /externallog='C:\Users\HP\AppData\Local\Temp\Torntv V9.0Installer_1394184353.log') -> NALEZENO
[Suspicious.Path] \\temp_Torntv V9.0-enabler -- C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe (/enablebho /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=A2FA998445BD4DBABDD2217EECB6A49CIE /verifier=7bd32a26a85e4290cffd71113c33bd2e /installerversion=1_34_2_13 /installationtime=1394184353 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511131190 /defbro=ch /allusers /autoupdateulr='http://update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.json' /runfrom='installer' /externallog='C:\Users\HP\AppData\Local\Temp\Torntv V9.0Installer_1394184353.log') -> NALEZENO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: NAHRÁNO) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] no6auk6b.default : user_pref("browser.startup.homepage", "http://www.gamepark.cz/space/signup.asp?$SPACE_STARTUP=app;b88e3c2cf89c684a134d5fe718204be9;{%22start%22:72}"); -> NALEZENO

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABD100 +++++
--- User ---
[MBR] 3237d5e8e38ccbccbdeb614e11316e4c
[BSP] 189360286f423c0477f2691e0b2973d0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 935440 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1916190720 | Size: 18126 MB
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1953312768 | Size: 102 MB
User = LL1 ... OK
User != LL2 ... KO!
--- LL2 ---
[MBR] 44fdb0ea6a819e28097acd04dca2c903
[BSP] 189360286f423c0477f2691e0b2973d0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 77823 MB
1 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 159791104 | Size: 400 MB

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod jaro3 » 25 srp 2014 10:05

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:


- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod sanko33 » 26 srp 2014 10:17

RogueKiller V9.2.8.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : HP [Práva správce]
Mód : Odebrat -- Datum : 08/26/2014 10:16:09

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 35 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NAHRAZENO (0)
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NAHRAZENO (0)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NAHRAZENO (0)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NAHRAZENO (0)
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> VYMAZÁNO
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> ERROR [2]
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> VYMAZÁNO
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> ERROR [2]
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> ERROR [2]
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:54137;https=127.0.0.1:54137 -> ERROR [2]
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5DA6A399-6E26-453B-9EBA-8D71FCF327B6} | DhcpNameServer : 172.20.10.1 -> NAHRAZENO ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5DA6A399-6E26-453B-9EBA-8D71FCF327B6} | DhcpNameServer : 172.20.10.1 -> NAHRAZENO ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{5DA6A399-6E26-453B-9EBA-8D71FCF327B6} | DhcpNameServer : 172.20.10.1 -> NAHRAZENO ()
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3770716552-4132988004-3469520250-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NAHRAZENO (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NAHRAZENO (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NAHRAZENO (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NAHRAZENO (http://go.microsoft.com/fwlink/?LinkId=54896)

¤¤¤ naplánované úlohy : 2 ¤¤¤
[Suspicious.Path] temp_Torntv V9.0-enabler.job -- C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe (/enablebho /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=A2FA998445BD4DBABDD2217EECB6A49CIE /verifier=7bd32a26a85e4290cffd71113c33bd2e /installerversion=1_34_2_13 /installationtime=1394184353 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511131190 /defbro=ch /allusers /autoupdateulr='http://update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.json' /runfrom='installer' /externallog='C:\Users\HP\AppData\Local\Temp\Torntv V9.0Installer_1394184353.log') -> VYMAZÁNO
[Suspicious.Path] \\temp_Torntv V9.0-enabler -- C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe (/enablebho /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=A2FA998445BD4DBABDD2217EECB6A49CIE /verifier=7bd32a26a85e4290cffd71113c33bd2e /installerversion=1_34_2_13 /installationtime=1394184353 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511131190 /defbro=ch /allusers /autoupdateulr='http://update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.json' /runfrom='installer' /externallog='C:\Users\HP\AppData\Local\Temp\Torntv V9.0Installer_1394184353.log') -> VYMAZÁNO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 3 (Driver: NAHRÁNO) ¤¤¤
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass3 : \Driver\SynTP @ \Device\0000009c (\SystemRoot\system32\DRIVERS\nusb3xhc.sys)
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass2 : \Driver\SynTP @ \Device\00000093 (\SystemRoot\system32\DRIVERS\nusb3xhc.sys)
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass0 : \Driver\SynTP @ \Device\00000086 (\SystemRoot\system32\DRIVERS\nusb3xhc.sys)

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] no6auk6b.default : user_pref("browser.startup.homepage", "http://www.gamepark.cz/space/signup.asp?$SPACE_STARTUP=app;b88e3c2cf89c684a134d5fe718204be9;{%22start%22:72}"); -> NEVYBRÁNO

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABD100 +++++
--- User ---
[MBR] 3237d5e8e38ccbccbdeb614e11316e4c
[BSP] 189360286f423c0477f2691e0b2973d0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 935440 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1916190720 | Size: 18126 MB
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1953312768 | Size: 102 MB
User = LL1 ... OK
User != LL2 ... KO!
--- LL2 ---
[MBR] 44fdb0ea6a819e28097acd04dca2c903
[BSP] 189360286f423c0477f2691e0b2973d0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 77823 MB
1 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 159791104 | Size: 400 MB


============================================
RKreport_SCN_08252014_080536.log - RKreport_SCN_08262014_100742.log

sanko33
Level 3.5
Level 3.5
Příspěvky: 742
Registrován: březen 10
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu NB

Příspěvekod sanko33 » 26 srp 2014 10:24

10:18:29.0136 2184 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:18:32.0786 2184 ============================================================
10:18:32.0786 2184 Current date / time: 2014/08/26 10:18:32.0786
10:18:32.0786 2184 SystemInfo:
10:18:32.0786 2184
10:18:32.0786 2184 OS Version: 6.1.7601 ServicePack: 1.0
10:18:32.0786 2184 Product type: Workstation
10:18:32.0786 2184 ComputerName: HP-HP
10:18:32.0786 2184 UserName: HP
10:18:32.0786 2184 Windows directory: C:\Windows
10:18:32.0786 2184 System windows directory: C:\Windows
10:18:32.0786 2184 Running under WOW64
10:18:32.0786 2184 Processor architecture: Intel x64
10:18:32.0786 2184 Number of processors: 8
10:18:32.0786 2184 Page size: 0x1000
10:18:32.0786 2184 Boot type: Normal boot
10:18:32.0786 2184 ============================================================
10:18:33.0364 2184 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:18:33.0364 2184 ============================================================
10:18:33.0364 2184 \Device\Harddisk0\DR0:
10:18:33.0364 2184 MBR partitions:
10:18:33.0364 2184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
10:18:33.0364 2184 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x72308000
10:18:33.0364 2184 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7236C000, BlocksNum 0x2367000
10:18:33.0364 2184 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x746D3000, BlocksNum 0x335B0
10:18:33.0364 2184 ============================================================
10:18:33.0410 2184 C: <-> \Device\Harddisk0\DR0\Partition2
10:18:33.0457 2184 D: <-> \Device\Harddisk0\DR0\Partition3
10:18:33.0457 2184 ============================================================
10:18:33.0457 2184 Initialize success
10:18:33.0457 2184 ============================================================
10:18:34.0471 8608 ============================================================
10:18:34.0471 8608 Scan started
10:18:34.0471 8608 Mode: Manual;
10:18:34.0471 8608 ============================================================
10:18:34.0939 8608 ================ Scan system memory ========================
10:18:34.0939 8608 System memory - ok
10:18:34.0939 8608 ================ Scan services =============================
10:18:35.0532 8608 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:18:35.0548 8608 1394ohci - ok
10:18:35.0626 8608 [ 733CA4DF8BE48A1009B86FA442551CA4 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
10:18:35.0626 8608 Accelerometer - ok
10:18:35.0672 8608 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:18:35.0672 8608 ACPI - ok
10:18:35.0735 8608 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:18:35.0735 8608 AcpiPmi - ok
10:18:35.0938 8608 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:18:35.0938 8608 AdobeARMservice - ok
10:18:36.0530 8608 [ A6B6AB9502B63F43A9A56AE6AFB22078 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:18:36.0530 8608 AdobeFlashPlayerUpdateSvc - ok
10:18:36.0640 8608 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:18:36.0655 8608 adp94xx - ok
10:18:36.0702 8608 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:18:36.0702 8608 adpahci - ok
10:18:36.0733 8608 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:18:36.0733 8608 adpu320 - ok
10:18:36.0764 8608 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:18:36.0764 8608 AeLookupSvc - ok
10:18:36.0889 8608 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
10:18:36.0889 8608 AESTFilters - ok
10:18:36.0952 8608 [ FA886682CFC5D36718D3E436AACF10B9 ] AFD C:\Windows\system32\drivers\afd.sys
10:18:36.0952 8608 AFD - ok
10:18:37.0030 8608 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:18:37.0030 8608 agp440 - ok
10:18:37.0061 8608 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:18:37.0061 8608 ALG - ok
10:18:37.0139 8608 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:18:37.0139 8608 aliide - ok
10:18:37.0201 8608 [ 46052887A640397A834CFA61D607BFC5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:18:37.0201 8608 AMD External Events Utility - ok
10:18:37.0232 8608 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:18:37.0232 8608 amdide - ok
10:18:37.0310 8608 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:18:37.0310 8608 AmdK8 - ok
10:18:37.0498 8608 [ F419E5CC07DECDAB85E4E6ADAB1DBB49 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:18:37.0544 8608 amdkmdag - ok
10:18:37.0591 8608 [ A2F3F99349169D53E91A953A6F539635 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:18:37.0591 8608 amdkmdap - ok
10:18:37.0607 8608 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:18:37.0607 8608 AmdPPM - ok
10:18:37.0669 8608 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:18:37.0669 8608 amdsata - ok
10:18:37.0685 8608 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:18:37.0685 8608 amdsbs - ok
10:18:37.0716 8608 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:18:37.0716 8608 amdxata - ok
10:18:37.0763 8608 [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
10:18:37.0763 8608 AMPPAL - ok
10:18:37.0794 8608 [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
10:18:37.0794 8608 AMPPALP - ok
10:18:37.0856 8608 [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
10:18:37.0856 8608 AMPPALR3 - ok
10:18:37.0903 8608 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:18:37.0903 8608 AppID - ok
10:18:37.0919 8608 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:18:37.0919 8608 AppIDSvc - ok
10:18:37.0997 8608 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
10:18:37.0997 8608 Appinfo - ok
10:18:38.0122 8608 [ 221564CC7BE37611FE15EACF443E1BF6 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:18:38.0122 8608 Apple Mobile Device - ok
10:18:38.0215 8608 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:18:38.0215 8608 arc - ok
10:18:38.0231 8608 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:18:38.0231 8608 arcsas - ok
10:18:38.0387 8608 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:18:38.0387 8608 aspnet_state - ok
10:18:38.0480 8608 [ D95E64416A4A3ED6986E0F474DA934BD ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
10:18:38.0480 8608 aswHwid - ok
10:18:38.0527 8608 [ FF1E537A3632CBB9A0BF72B9FD0878D5 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:18:38.0527 8608 aswMonFlt - ok
10:18:38.0574 8608 [ A5757DE5F9C83AB40667A53D5126EA40 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
10:18:38.0574 8608 aswRdr - ok
10:18:38.0668 8608 [ 645D97385F3F284FB5604F9B970F4D24 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
10:18:38.0668 8608 aswRvrt - ok
10:18:38.0730 8608 [ B8FDEDE963B82CFD23B3A53A3084666D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:18:38.0730 8608 aswSnx - ok
10:18:38.0792 8608 [ 0DEDC041DF594AEC2C3BD00417CFAF60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:18:38.0808 8608 aswSP - ok
10:18:38.0870 8608 [ 48DED912CDE54FC0923B9858512366E1 ] aswStm C:\Windows\system32\drivers\aswStm.sys
10:18:38.0870 8608 aswStm - ok
10:18:38.0948 8608 [ 471A311745848B80339436688A8286E6 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
10:18:38.0948 8608 aswVmm - ok
10:18:39.0011 8608 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:18:39.0011 8608 AsyncMac - ok
10:18:39.0073 8608 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:18:39.0073 8608 atapi - ok
10:18:39.0136 8608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:18:39.0167 8608 AudioEndpointBuilder - ok
10:18:39.0167 8608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:18:39.0182 8608 AudioSrv - ok
10:18:39.0385 8608 [ 3817558D8D5BBC8B0F190CF0D7C4720F ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
10:18:39.0385 8608 Autodesk Content Service - ok
10:18:39.0619 8608 [ 73F5C13B431915BAE35254B4E95DFB71 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:18:39.0619 8608 avast! Antivirus - ok
10:18:39.0728 8608 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:18:39.0728 8608 AxInstSV - ok
10:18:39.0822 8608 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:18:39.0822 8608 b06bdrv - ok
10:18:39.0869 8608 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:18:39.0869 8608 b57nd60a - ok
10:18:39.0931 8608 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:18:39.0947 8608 BBSvc - ok
10:18:40.0040 8608 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
10:18:40.0040 8608 BCM43XX - ok
10:18:40.0103 8608 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:18:40.0103 8608 BDESVC - ok
10:18:40.0165 8608 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:18:40.0165 8608 Beep - ok
10:18:40.0228 8608 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:18:40.0243 8608 BFE - ok
10:18:40.0274 8608 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:18:40.0306 8608 BITS - ok
10:18:40.0368 8608 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:18:40.0368 8608 blbdrive - ok
10:18:40.0477 8608 [ C440483A5CE0E0AB03A79A33ACE35D91 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
10:18:40.0493 8608 Bluetooth Device Monitor - ok
10:18:40.0524 8608 [ C8AB8CA3557CCE041AC4C88E76AFBAD0 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
10:18:40.0540 8608 Bluetooth Media Service - ok
10:18:40.0633 8608 [ DF83FB0EB35C91339F1C84C6CF426100 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
10:18:40.0633 8608 Bluetooth OBEX Service - ok
10:18:40.0727 8608 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:18:40.0727 8608 Bonjour Service - ok
10:18:40.0774 8608 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:18:40.0774 8608 bowser - ok
10:18:40.0852 8608 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:18:40.0852 8608 BrFiltLo - ok
10:18:40.0867 8608 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:18:40.0867 8608 BrFiltUp - ok
10:18:40.0930 8608 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:18:40.0930 8608 BridgeMP - ok
10:18:41.0008 8608 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:18:41.0008 8608 Browser - ok
10:18:41.0039 8608 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:18:41.0039 8608 Brserid - ok
10:18:41.0070 8608 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:18:41.0070 8608 BrSerWdm - ok
10:18:41.0086 8608 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:18:41.0086 8608 BrUsbMdm - ok
10:18:41.0101 8608 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:18:41.0101 8608 BrUsbSer - ok
10:18:41.0179 8608 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:18:41.0179 8608 BthEnum - ok
10:18:41.0226 8608 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:18:41.0226 8608 BTHMODEM - ok
10:18:41.0257 8608 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:18:41.0257 8608 BthPan - ok
10:18:41.0320 8608 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:18:41.0320 8608 BTHPORT - ok
10:18:41.0398 8608 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:18:41.0398 8608 bthserv - ok
10:18:41.0476 8608 [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
10:18:41.0476 8608 BTHSSecurityMgr - ok
10:18:41.0538 8608 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:18:41.0538 8608 BTHUSB - ok
10:18:41.0585 8608 [ BA554BFCBF21201D310738A42C9C19E1 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
10:18:41.0585 8608 btmaux - ok
10:18:41.0647 8608 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
10:18:41.0647 8608 btmhsf - ok
10:18:41.0772 8608 [ 1F79342D9EB530A48742F651E570983A ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
10:18:41.0788 8608 c2cautoupdatesvc - ok
10:18:41.0897 8608 [ E4938E0A376CF0B9D989EE5C0A146891 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
10:18:41.0912 8608 c2cpnrsvc - ok
10:18:41.0959 8608 catchme - ok
10:18:42.0006 8608 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:18:42.0006 8608 cdfs - ok
10:18:42.0068 8608 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:18:42.0068 8608 cdrom - ok
10:18:42.0131 8608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:18:42.0131 8608 CertPropSvc - ok
10:18:42.0178 8608 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:18:42.0178 8608 circlass - ok
10:18:42.0209 8608 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:18:42.0209 8608 CLFS - ok
10:18:42.0318 8608 [ F13EC8A783E0CB0D6DC26A3CA848B7B8 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:18:42.0318 8608 clr_optimization_v2.0.50727_32 - ok
10:18:42.0349 8608 [ B4D73F04E9BC076F7CDAC4327DF636BB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:18:42.0349 8608 clr_optimization_v2.0.50727_64 - ok
10:18:42.0443 8608 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:18:42.0443 8608 clr_optimization_v4.0.30319_32 - ok
10:18:42.0458 8608 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:18:42.0458 8608 clr_optimization_v4.0.30319_64 - ok
10:18:42.0536 8608 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
10:18:42.0536 8608 clwvd - ok
10:18:42.0599 8608 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:18:42.0599 8608 CmBatt - ok
10:18:42.0614 8608 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:18:42.0614 8608 cmdide - ok
10:18:42.0692 8608 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
10:18:42.0692 8608 CNG - ok
10:18:42.0755 8608 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:18:42.0755 8608 Compbatt - ok
10:18:42.0817 8608 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:18:42.0817 8608 CompositeBus - ok
10:18:42.0833 8608 COMSysApp - ok
10:18:42.0864 8608 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:18:42.0864 8608 crcdisk - ok
10:18:42.0942 8608 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:18:42.0942 8608 CryptSvc - ok
10:18:42.0973 8608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:18:42.0973 8608 DcomLaunch - ok
10:18:43.0004 8608 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:18:43.0004 8608 defragsvc - ok
10:18:43.0051 8608 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:18:43.0051 8608 DfsC - ok
10:18:43.0114 8608 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:18:43.0114 8608 Dhcp - ok
10:18:43.0129 8608 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:18:43.0129 8608 discache - ok
10:18:43.0207 8608 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:18:43.0223 8608 Disk - ok
10:18:43.0238 8608 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:18:43.0238 8608 Dnscache - ok
10:18:43.0254 8608 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:18:43.0254 8608 dot3svc - ok
10:18:43.0270 8608 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:18:43.0270 8608 DPS - ok
10:18:43.0332 8608 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:18:43.0332 8608 drmkaud - ok
10:18:43.0410 8608 [ 6A0E850DDCB136AA3D2FB7234382DF12 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:18:43.0410 8608 dtsoftbus01 - ok
10:18:43.0535 8608 [ 87CE5C8965E101CCCED1F4675557E868 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:18:43.0535 8608 DXGKrnl - ok
10:18:43.0597 8608 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:18:43.0597 8608 EapHost - ok
10:18:43.0675 8608 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:18:43.0691 8608 ebdrv - ok
10:18:43.0769 8608 [ 204F3F58212B3E422C90BD9691A2DF28 ] EFS C:\Windows\System32\lsass.exe
10:18:43.0769 8608 EFS - ok
10:18:43.0878 8608 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:18:43.0878 8608 ehRecvr - ok
10:18:43.0894 8608 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:18:43.0894 8608 ehSched - ok
10:18:43.0956 8608 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:18:43.0956 8608 elxstor - ok
10:18:43.0972 8608 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:18:43.0972 8608 ErrDev - ok
10:18:44.0034 8608 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:18:44.0034 8608 EventSystem - ok
10:18:44.0143 8608 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:18:44.0159 8608 EvtEng - ok
10:18:44.0190 8608 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:18:44.0190 8608 exfat - ok
10:18:44.0237 8608 ezSharedSvc - ok
10:18:44.0268 8608 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:18:44.0268 8608 fastfat - ok
10:18:44.0346 8608 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:18:44.0362 8608 Fax - ok
10:18:44.0393 8608 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:18:44.0393 8608 fdc - ok
10:18:44.0455 8608 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:18:44.0455 8608 fdPHost - ok
10:18:44.0471 8608 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:18:44.0471 8608 FDResPub - ok
10:18:44.0518 8608 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:18:44.0518 8608 FileInfo - ok
10:18:44.0533 8608 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:18:44.0533 8608 Filetrace - ok
10:18:44.0674 8608 [ ECC329F6104EE208C24C4A8C1B4A9D14 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
10:18:44.0674 8608 FLEXnet Licensing Service 64 - ok
10:18:44.0783 8608 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:18:44.0783 8608 flpydisk - ok
10:18:44.0798 8608 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:18:44.0798 8608 FltMgr - ok
10:18:44.0861 8608 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
10:18:44.0876 8608 FontCache - ok
10:18:44.0970 8608 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:18:44.0970 8608 FontCache3.0.0.0 - ok
10:18:45.0048 8608 [ 2074A85A6B8F84A5A9C60B915B465FAF ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
10:18:45.0048 8608 FPLService - ok
10:18:45.0079 8608 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:18:45.0079 8608 FsDepends - ok
10:18:45.0142 8608 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:18:45.0142 8608 Fs_Rec - ok
10:18:45.0220 8608 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:18:45.0220 8608 fvevol - ok
10:18:45.0282 8608 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:18:45.0282 8608 gagp30kx - ok
10:18:45.0376 8608 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:18:45.0376 8608 GamesAppService - ok
10:18:45.0438 8608 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:18:45.0438 8608 GEARAspiWDM - ok
10:18:45.0516 8608 [ D59B2EDB6B79F37282E1C9A274240369 ] gHidPnp C:\Windows\system32\Drivers\gHidPnp.Sys
10:18:45.0516 8608 gHidPnp - ok
10:18:45.0547 8608 [ CEF3C6D5ADD2DACD90602858FD59C041 ] gMouUsb C:\Windows\system32\DRIVERS\gMouUsb.sys
10:18:45.0547 8608 gMouUsb - ok
10:18:45.0610 8608 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:18:45.0625 8608 gpsvc - ok
10:18:45.0734 8608 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:18:45.0734 8608 gupdate - ok
10:18:45.0750 8608 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:18:45.0750 8608 gupdatem - ok
10:18:45.0797 8608 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
10:18:45.0797 8608 hamachi - ok
10:18:45.0968 8608 [ EE54F8C7DA3C4B2D2077EA811980F6FC ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
10:18:45.0968 8608 Hamachi2Svc - ok
10:18:46.0062 8608 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:18:46.0062 8608 hcw85cir - ok
10:18:46.0124 8608 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:18:46.0124 8608 HdAudAddService - ok
10:18:46.0171 8608 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:18:46.0171 8608 HDAudBus - ok
10:18:46.0202 8608 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:18:46.0202 8608 HidBatt - ok
10:18:46.0234 8608 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:18:46.0234 8608 HidBth - ok
10:18:46.0296 8608 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:18:46.0296 8608 HidIr - ok
10:18:46.0312 8608 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:18:46.0327 8608 hidserv - ok
10:18:46.0390 8608 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:18:46.0390 8608 HidUsb - ok
10:18:46.0436 8608 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:18:46.0436 8608 hkmsvc - ok
10:18:46.0499 8608 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:18:46.0499 8608 HomeGroupListener - ok
10:18:46.0530 8608 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:18:46.0530 8608 HomeGroupProvider - ok
10:18:46.0655 8608 [ 2A8B93A01621E100A578E83C768AFA2C ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:18:46.0655 8608 HP Support Assistant Service - ok
10:18:46.0702 8608 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:18:46.0717 8608 HPClientSvc - ok
10:18:46.0811 8608 [ 8F123D1FA65ADECEA0244C615EA95DFA ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
10:18:46.0826 8608 hpCMSrv - ok
10:18:46.0889 8608 [ BDFE112FA2F3422842E83DA631065B37 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
10:18:46.0889 8608 hpdskflt - ok
10:18:46.0998 8608 [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:18:46.0998 8608 hpqwmiex - ok
10:18:47.0060 8608 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:18:47.0060 8608 HpSAMD - ok
10:18:47.0092 8608 [ A92D6DE158BC0671D9336580F6414044 ] hpsrv C:\Windows\system32\Hpservice.exe
10:18:47.0092 8608 hpsrv - ok
10:18:47.0154 8608 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:18:47.0154 8608 HPWMISVC - ok
10:18:47.0216 8608 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:18:47.0232 8608 HTTP - ok
10:18:47.0279 8608 [ CF0AD2F002AFB65460FEC4699F90BA10 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:18:47.0279 8608 hwdatacard - ok
10:18:47.0294 8608 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:18:47.0310 8608 hwpolicy - ok
10:18:47.0357 8608 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:18:47.0357 8608 i8042prt - ok
10:18:47.0404 8608 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:18:47.0404 8608 iaStor - ok
10:18:47.0513 8608 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:18:47.0513 8608 IAStorDataMgrSvc - ok
10:18:47.0575 8608 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:18:47.0575 8608 iaStorV - ok
10:18:47.0622 8608 [ 50B8AB6013EF9970AC85FDBA0F622300 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
10:18:47.0622 8608 iBtFltCoex - ok
10:18:47.0762 8608 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:18:47.0762 8608 IconMan_R - ok
10:18:47.0856 8608 [ C98A5B9D932430AD8EEBD3EF73756EF7 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:18:47.0856 8608 idsvc - ok
10:18:47.0887 8608 IEEtwCollectorService - ok
10:18:47.0950 8608 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:18:47.0950 8608 iirsp - ok
10:18:47.0996 8608 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
10:18:48.0012 8608 IKEEXT - ok
10:18:48.0043 8608 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
10:18:48.0043 8608 intaud_WaveExtensible - ok
10:18:48.0121 8608 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:18:48.0121 8608 IntcDAud - ok
10:18:48.0199 8608 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:18:48.0199 8608 intelide - ok
10:18:48.0418 8608 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
10:18:48.0464 8608 intelkmd - ok
10:18:48.0511 8608 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:18:48.0511 8608 intelppm - ok
10:18:48.0574 8608 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:18:48.0574 8608 IPBusEnum - ok
10:18:48.0605 8608 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:18:48.0605 8608 IpFilterDriver - ok
10:18:48.0667 8608 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:18:48.0698 8608 iphlpsvc - ok
10:18:48.0698 8608 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:18:48.0698 8608 IPMIDRV - ok
10:18:48.0730 8608 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:18:48.0730 8608 IPNAT - ok
10:18:48.0823 8608 [ 835FC2EA0631B734BB06C12B0665F01D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:18:48.0839 8608 iPod Service - ok
10:18:48.0870 8608 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:18:48.0886 8608 IRENUM - ok
10:18:48.0964 8608 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:18:48.0964 8608 isapnp - ok
10:18:48.0995 8608 [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:18:48.0995 8608 iScsiPrt - ok
10:18:49.0010 8608 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
10:18:49.0010 8608 iwdbus - ok
10:18:49.0057 8608 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:18:49.0057 8608 kbdclass - ok
10:18:49.0120 8608 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:18:49.0120 8608 kbdhid - ok
10:18:49.0182 8608 [ 204F3F58212B3E422C90BD9691A2DF28 ] KeyIso C:\Windows\system32\lsass.exe
10:18:49.0182 8608 KeyIso - ok
10:18:49.0213 8608 [ 353009DEDF918B2A51414F330CF72DEC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:18:49.0213 8608 KSecDD - ok
10:18:49.0244 8608 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:18:49.0244 8608 KSecPkg - ok
10:18:49.0260 8608 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:18:49.0260 8608 ksthunk - ok
10:18:49.0291 8608 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:18:49.0291 8608 KtmRm - ok
10:18:49.0322 8608 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:18:49.0322 8608 LanmanServer - ok
10:18:49.0385 8608 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 121 hostů