Kontrola logu Vyřešeno

[Konogo]

Prosím o kontrolu logu. Jde o starsi PC a je dost pomalý...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:52, on 20.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\DOCUME~1\BETISL~1\LOCALS~1\Temp\ECNX\EasySuite.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\Břetislav Mikulčík\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 10.0.0.138
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.138:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S1B1.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S2B.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

--
End of file - 7910 bytes

[Reklama]

[memphisto]

Máš tam AVG i AVAST. Odinstaluj to AVG a nebo jej aktualizuje na 2013 a odinstaluj AVAST

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Konogo]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Břetislav Mikulčík :: ATHLON [administrátor]

Ochrana: Zakázána

20.4.2013 18:45:27
mbam-log-2013-04-20 (18-45-27).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 189994
Uplynulý čas: 17 minut, 59 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 3
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 10
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Břetislav Mikulčík\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Přesun do karantény a smazání se zdařilo.

(konec)

[Konogo]

# AdwCleaner v2.200 - Log vytvooen 20/04/2013 v 19:10:20
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Břetislav Mikulčík - ATHLON
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Břetislav Mikulčík\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Data aplikací\Mozilla\Firefox\Profiles\x8t6i74s.default\extensions\bbrs_002@blabbers.com
Složka Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Data aplikací\Mozilla\Firefox\Profiles\x8t6i74s.default\extensions\ffxtlbr@babylon.com
Složka Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Data aplikací\Mozilla\Firefox\Profiles\x8t6i74s.default\extensions\toolbar@ask.com
Složka Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Local Settings\Data aplikací\AskToolbar
Složka Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Local Settings\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Složka Nalezeno : C:\Program Files\Ask.com
Složka Nalezeno : C:\Program Files\FunWebProducts
Soubor Nalezeno : C:\DOCUME~1\BETISL~1\LOCALS~1\Temp\Uninstall.exe
Soubor Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Data aplikací\Mozilla\Firefox\Profiles\x8t6i74s.default\searchplugins\Askcom.xml
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\user.js
Soubor Nalezeno : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíe Nalezeno : HKCU\Software\AVG Security Toolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F464A68D-1CF2-4991-93AB-A84351D7F676}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\FunWebProductsInstaller.Start
Klíe Nalezeno : HKLM\SOFTWARE\Classes\FunWebProductsInstaller.Start.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{1D4DB7D0-6EC9-47A3-BD87-1E41684E07BB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D360D8E7-D0AC-4C6E-A7B5-4DB8B4EAFB4E}
Klíe Nalezeno : HKLM\Software\FunWebProducts
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F464A68D-1CF2-4991-93AB-A84351D7F676}
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin
Klíe Nalezeno : HKU\S-1-5-21-527237240-484763869-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v10.0 (cs)

Soubor : C:\Documents and Settings\Břetislav Mikulčík\Data aplikací\Mozilla\Firefox\Profiles\x8t6i74s.default\prefs.js

Nalezeno : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Data aplikací\\AVG S[...]
Nalezeno : user_pref("avg.install.userSPSettings", "Ask.com");
Nalezeno : user_pref("browser.search.defaultengine", "Ask.com");
Nalezeno : user_pref("browser.search.defaultenginename", "Ask.com");
Nalezeno : user_pref("browser.search.order.1", "Ask.com");
Nalezeno : user_pref("extensions.BabylonToolbar.admin", false);
Nalezeno : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Nalezeno : user_pref("extensions.BabylonToolbar.babExt", "");
Nalezeno : user_pref("extensions.BabylonToolbar.babTrack", "affID=101240");
Nalezeno : user_pref("extensions.BabylonToolbar.bbDpng", 13);
Nalezeno : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Nalezeno : user_pref("extensions.BabylonToolbar.hmpg", false);
Nalezeno : user_pref("extensions.BabylonToolbar.id", "dcd51bf600000000000000112ff3d037");
Nalezeno : user_pref("extensions.BabylonToolbar.instlDay", "15372");
Nalezeno : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Nalezeno : user_pref("extensions.BabylonToolbar.lastDP", 13);
Nalezeno : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1712:21:53");
Nalezeno : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "10.0");
Nalezeno : user_pref("extensions.BabylonToolbar.newTab", true);
Nalezeno : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Nalezeno : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Nalezeno : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Nalezeno : user_pref("extensions.BabylonToolbar.propectorlck", 67693620);
Nalezeno : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Nalezeno : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Nalezeno : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Nalezeno : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Nalezeno : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1712:21:53");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babExt", "");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101240");
Nalezeno : user_pref("extensions.BabylonToolbar_i.hardId", "dcd51bf600000000000000112ff3d037");
Nalezeno : user_pref("extensions.BabylonToolbar_i.id", "dcd51bf600000000000000112ff3d037");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlDay", "15372");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", false);
Nalezeno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Nalezeno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Nalezeno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Nalezeno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Nalezeno : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:21:53");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Nalezeno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Nalezeno : user_pref("extensions.asktb.abar-war-timeout", "4000");
Nalezeno : user_pref("extensions.asktb.apn_dbr", "ff_9.0.1");
Nalezeno : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Nalezeno : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Nalezeno : user_pref("extensions.asktb.cbid", "NY");
Nalezeno : user_pref("extensions.asktb.config-updated", true);
Nalezeno : user_pref("extensions.asktb.crumb", "2012.02.03+03.36.58-toolbar013iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Nalezeno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Nalezeno : user_pref("extensions.asktb.displaybehavior", "");
Nalezeno : user_pref("extensions.asktb.displaytext", "");
Nalezeno : user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
Nalezeno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Nalezeno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Nalezeno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Nalezeno : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.webhledani.cz/results.aspx?i=39&tp[...]
Nalezeno : user_pref("extensions.asktb.first-restart-after-config-update", true);
Nalezeno : user_pref("extensions.asktb.fresh-install", false);
Nalezeno : user_pref("extensions.asktb.guid", "919213CA-54CF-4F9A-96DD-280B3F65086B");
Nalezeno : user_pref("extensions.asktb.hpr", "YES");
Nalezeno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Nalezeno : user_pref("extensions.asktb.if", "first");
Nalezeno : user_pref("extensions.asktb.l", "dis");
Nalezeno : user_pref("extensions.asktb.last-config-req", "1329133613460");
Nalezeno : user_pref("extensions.asktb.last-search-timestamp", "1328799172005");
Nalezeno : user_pref("extensions.asktb.locale", "en_EU");
Nalezeno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Nalezeno : user_pref("extensions.asktb.lstation", "");
Nalezeno : user_pref("extensions.asktb.new-tab-enabled", true);
Nalezeno : user_pref("extensions.asktb.o", "15765");
Nalezeno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Nalezeno : user_pref("extensions.asktb.pstate", "");
Nalezeno : user_pref("extensions.asktb.qsrc", "2871");
Nalezeno : user_pref("extensions.asktb.r", "3");
Nalezeno : user_pref("extensions.asktb.sa", "YES");
Nalezeno : user_pref("extensions.asktb.saguid", "399E6920-7A13-4810-A17E-E6AC05CC332C");
Nalezeno : user_pref("extensions.asktb.search-history-queries", "lánek mn vydsil.U~ nikdy se nesmím ve mst"[...]
Nalezeno : user_pref("extensions.asktb.search-suggestions-enabled", true);
Nalezeno : user_pref("extensions.asktb.silent-upgrade", true);
Nalezeno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Nalezeno : user_pref("extensions.asktb.socialmini-first", true);
Nalezeno : user_pref("extensions.asktb.socialmini-interval", "1200000");
Nalezeno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Nalezeno : user_pref("extensions.asktb.socialmini-max-items", "30");
Nalezeno : user_pref("extensions.asktb.socialmini-native-on", true);
Nalezeno : user_pref("extensions.asktb.socialmini-speed", "10000");
Nalezeno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Nalezeno : user_pref("extensions.asktb.themeid", "");
Nalezeno : user_pref("extensions.asktb.timeinstalled", "3.2.2012 12:37:40");
Nalezeno : user_pref("extensions.asktb.to", "");
Nalezeno : user_pref("extensions.asktb.v", "3.14.1.100010");
Nalezeno : user_pref("extensions.asktb.volume", "");
Nalezeno : user_pref("extensions.enabledAddons", "ffxtlbr%40babylon.com:1.2.0,toolbar%40ask.com:3.14.1.100010,%[...]
Nalezeno : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true);
Nalezeno : user_pref("extensions.toolbar@ask.com.install-event-fired", true);

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Documents and Settings\Břetislav Mikulčík\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [12188 octets] - [20/04/2013 19:10:20]

########## EOF - C:\AdwCleaner[R1].txt - [12249 octets] ##########

[memphisto]

V Mbam a AdwCleaner nech vše smazat a dodej logy

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[Konogo]

Dnes uz to nestihnu ... Ten pocitac je tak zpomaleny, ze snim vubec nejde pracovat

[Orcus]

Až to bude tak to bude. Jak to bude stíhat, tak dodávej logy.

[Konogo]

# AdwCleaner v2.200 - Log vytvooen 21/04/2013 v 10:52:55
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Břetislav Mikulčík - ATHLON
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Břetislav Mikulčík\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Břetislav Mikulčík\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

***** [Registry] *****


***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v10.0 (cs)

Soubor : C:\Documents and Settings\Břetislav Mikulčík\Data aplikací\Mozilla\Firefox\Profiles\x8t6i74s.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Documents and Settings\Břetislav Mikulčík\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [12319 octets] - [20/04/2013 19:10:20]
AdwCleaner[R2].txt - [1169 octets] - [21/04/2013 10:52:55]
AdwCleaner[S1].txt - [12357 octets] - [20/04/2013 19:10:57]
AdwCleaner[S2].txt - [397 octets] - [21/04/2013 10:53:11]

########## EOF - C:\AdwCleaner[R2].txt - [1349 octets] ##########

[Konogo]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows 2000 x86 NTFS
Internet Explorer 8.0.6001.18702
Břetislav Mikulčík :: ATHLON [administrátor]

Ochrana: Povolena

21.4.2013 11:32:37
mbam-log-2013-04-21 (11-32-37).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 189875
Uplynulý čas: 16 minut, 15 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Konogo]

12:10:15.0656 2904 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:10:16.0062 2904 ============================================================
12:10:16.0062 2904 Current date / time: 2013/04/21 12:10:16.0062
12:10:16.0062 2904 SystemInfo:
12:10:16.0062 2904
12:10:16.0062 2904 OS Version: 5.1.2600 ServicePack: 3.0
12:10:16.0062 2904 Product type: Workstation
12:10:16.0062 2904 ComputerName: ATHLON
12:10:16.0062 2904 UserName: Břetislav Mikulčík
12:10:16.0062 2904 Windows directory: C:\WINDOWS
12:10:16.0062 2904 System windows directory: C:\WINDOWS
12:10:16.0062 2904 Processor architecture: Intel x86
12:10:16.0062 2904 Number of processors: 1
12:10:16.0062 2904 Page size: 0x1000
12:10:16.0062 2904 Boot type: Normal boot
12:10:16.0062 2904 ============================================================
12:10:17.0656 2904 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:10:17.0671 2904 Drive \Device\Harddisk1\DR1 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:10:17.0671 2904 ============================================================
12:10:17.0671 2904 \Device\Harddisk0\DR0:
12:10:17.0687 2904 MBR partitions:
12:10:17.0687 2904 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
12:10:17.0687 2904 \Device\Harddisk1\DR1:
12:10:17.0687 2904 MBR partitions:
12:10:17.0687 2904 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A89182
12:10:17.0687 2904 ============================================================
12:10:17.0687 2904 D: <-> \Device\Harddisk1\DR1\Partition1
12:10:17.0718 2904 C: <-> \Device\Harddisk0\DR0\Partition1
12:10:17.0718 2904 ============================================================
12:10:17.0718 2904 Initialize success
12:10:17.0718 2904 ============================================================
12:10:26.0078 3032 ============================================================
12:10:26.0078 3032 Scan started
12:10:26.0078 3032 Mode: Manual;
12:10:26.0078 3032 ============================================================
12:10:26.0296 3032 ================ Scan system memory ========================
12:10:26.0296 3032 System memory - ok
12:10:26.0312 3032 ================ Scan services =============================
12:10:26.0453 3032 Abiosdsk - ok
12:10:26.0484 3032 abp480n5 - ok
12:10:26.0562 3032 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:10:26.0578 3032 ACPI - ok
12:10:26.0640 3032 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:10:26.0640 3032 ACPIEC - ok
12:10:26.0703 3032 [ 6278AB04AAE16C1438F3C4D34706C3B7 ] ADILOADER C:\WINDOWS\system32\Drivers\adildr.sys
12:10:26.0703 3032 ADILOADER - ok
12:10:26.0750 3032 [ 88FA846846E5080FA2D2FBEC1EF2AEAA ] adiusbaw C:\WINDOWS\system32\DRIVERS\adiusbaw.sys
12:10:26.0750 3032 adiusbaw - ok
12:10:26.0890 3032 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:10:26.0953 3032 AdobeFlashPlayerUpdateSvc - ok
12:10:26.0984 3032 adpu160m - ok
12:10:27.0046 3032 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
12:10:27.0046 3032 aeaudio - ok
12:10:27.0109 3032 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:10:27.0109 3032 aec - ok
12:10:27.0187 3032 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:10:27.0187 3032 AFD - ok
12:10:27.0218 3032 Aha154x - ok
12:10:27.0250 3032 aic78u2 - ok
12:10:27.0265 3032 aic78xx - ok
12:10:27.0343 3032 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:10:27.0343 3032 Alerter - ok
12:10:27.0390 3032 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
12:10:27.0406 3032 ALG - ok
12:10:27.0437 3032 AliIde - ok
12:10:27.0500 3032 [ 3980814F8027D27EA003E2E3D9D4F604 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
12:10:27.0500 3032 AmdK7 - ok
12:10:27.0531 3032 amsint - ok
12:10:27.0578 3032 AppMgmt - ok
12:10:27.0609 3032 asc - ok
12:10:27.0640 3032 asc3350p - ok
12:10:27.0671 3032 asc3550 - ok
12:10:27.0765 3032 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:10:27.0781 3032 aswFsBlk - ok
12:10:27.0859 3032 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:10:27.0859 3032 aswMonFlt - ok
12:10:27.0968 3032 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
12:10:27.0968 3032 AswRdr - ok
12:10:28.0031 3032 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
12:10:28.0031 3032 aswRvrt - ok
12:10:28.0140 3032 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
12:10:28.0203 3032 aswSnx - ok
12:10:28.0281 3032 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
12:10:28.0343 3032 aswSP - ok
12:10:28.0437 3032 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
12:10:28.0437 3032 aswTdi - ok
12:10:28.0515 3032 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
12:10:28.0515 3032 aswVmm - ok
12:10:28.0593 3032 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:10:28.0609 3032 AsyncMac - ok
12:10:28.0703 3032 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:10:28.0703 3032 atapi - ok
12:10:28.0734 3032 Atdisk - ok
12:10:28.0781 3032 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:10:28.0781 3032 Atmarpc - ok
12:10:28.0843 3032 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:10:28.0843 3032 AudioSrv - ok
12:10:28.0921 3032 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:10:28.0953 3032 audstub - ok
12:10:29.0109 3032 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:10:29.0140 3032 avast! Antivirus - ok
12:10:29.0234 3032 avgwd - ok
12:10:29.0328 3032 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:10:29.0359 3032 Beep - ok
12:10:29.0453 3032 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
12:10:29.0515 3032 BITS - ok
12:10:29.0593 3032 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
12:10:29.0593 3032 Browser - ok
12:10:29.0656 3032 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:10:29.0656 3032 cbidf2k - ok
12:10:29.0687 3032 cd20xrnt - ok
12:10:29.0750 3032 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:10:29.0750 3032 Cdaudio - ok
12:10:29.0843 3032 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:10:29.0843 3032 Cdfs - ok
12:10:29.0875 3032 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:10:29.0890 3032 Cdrom - ok
12:10:29.0906 3032 Changer - ok
12:10:29.0984 3032 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:10:29.0984 3032 CiSvc - ok
12:10:30.0031 3032 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:10:30.0046 3032 ClipSrv - ok
12:10:30.0062 3032 CmdIde - ok
12:10:30.0093 3032 COMSysApp - ok
12:10:30.0140 3032 Cpqarray - ok
12:10:30.0203 3032 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:10:30.0203 3032 CryptSvc - ok
12:10:30.0234 3032 dac2w2k - ok
12:10:30.0281 3032 dac960nt - ok
12:10:30.0359 3032 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:10:30.0390 3032 DcomLaunch - ok
12:10:30.0468 3032 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:10:30.0468 3032 Dhcp - ok
12:10:30.0546 3032 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:10:30.0546 3032 Disk - ok
12:10:30.0578 3032 dmadmin - ok
12:10:30.0656 3032 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:10:30.0687 3032 dmboot - ok
12:10:30.0734 3032 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:10:30.0734 3032 dmio - ok
12:10:30.0796 3032 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:10:30.0796 3032 dmload - ok
12:10:30.0843 3032 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:10:30.0859 3032 dmserver - ok
12:10:30.0906 3032 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:10:30.0906 3032 DMusic - ok
12:10:30.0968 3032 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:10:30.0968 3032 Dnscache - ok
12:10:31.0093 3032 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:10:31.0109 3032 Dot3svc - ok
12:10:31.0140 3032 dpti2o - ok
12:10:31.0187 3032 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:10:31.0187 3032 drmkaud - ok
12:10:31.0281 3032 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:10:31.0281 3032 EapHost - ok
12:10:31.0343 3032 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:10:31.0343 3032 ERSvc - ok
12:10:31.0406 3032 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
12:10:31.0437 3032 Eventlog - ok
12:10:31.0531 3032 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
12:10:31.0546 3032 EventSystem - ok
12:10:31.0625 3032 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:10:31.0671 3032 Fastfat - ok
12:10:31.0781 3032 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:10:31.0843 3032 FastUserSwitchingCompatibility - ok
12:10:31.0875 3032 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:10:31.0875 3032 Fdc - ok
12:10:31.0953 3032 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
12:10:31.0968 3032 FETNDIS - ok
12:10:32.0046 3032 [ A306E75D699DA98D0F9286B4E268661D ] FETNDISB C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
12:10:32.0046 3032 FETNDISB - ok
12:10:32.0125 3032 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:10:32.0140 3032 Fips - ok
12:10:32.0187 3032 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:10:32.0203 3032 Flpydisk - ok
12:10:32.0281 3032 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:10:32.0281 3032 FltMgr - ok
12:10:32.0312 3032 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:10:32.0312 3032 Fs_Rec - ok
12:10:32.0359 3032 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:10:32.0375 3032 Ftdisk - ok
12:10:32.0421 3032 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:10:32.0453 3032 gameenum - ok
12:10:32.0531 3032 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:10:32.0562 3032 Gpc - ok
12:10:32.0687 3032 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:10:32.0687 3032 gupdate - ok
12:10:32.0734 3032 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:10:32.0734 3032 gupdatem - ok
12:10:32.0843 3032 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:10:32.0859 3032 helpsvc - ok
12:10:32.0921 3032 [ 923EE4EEF2582909A056904CA8026015 ] hidgame C:\WINDOWS\system32\DRIVERS\hidgame.sys
12:10:32.0921 3032 hidgame - ok
12:10:32.0968 3032 HidServ - ok
12:10:33.0015 3032 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:10:33.0031 3032 HidUsb - ok
12:10:33.0093 3032 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:10:33.0109 3032 hkmsvc - ok
12:10:33.0140 3032 hpn - ok
12:10:33.0203 3032 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:10:33.0250 3032 HTTP - ok
12:10:33.0296 3032 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:10:33.0343 3032 HTTPFilter - ok
12:10:33.0421 3032 [ 20330198554B7DDB44403AF21D6AE179 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
12:10:33.0421 3032 hwdatacard - ok
12:10:33.0500 3032 [ 922065957563D851B5A68B95AADAC6AD ] hwusbdev C:\WINDOWS\system32\DRIVERS\ewusbdev.sys
12:10:33.0500 3032 hwusbdev - ok
12:10:33.0546 3032 i2omgmt - ok
12:10:33.0562 3032 i2omp - ok
12:10:33.0625 3032 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:10:33.0625 3032 i8042prt - ok
12:10:33.0656 3032 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:10:33.0671 3032 Imapi - ok
12:10:33.0734 3032 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:10:33.0765 3032 ImapiService - ok
12:10:33.0812 3032 ini910u - ok
12:10:33.0859 3032 IntelIde - ok
12:10:33.0937 3032 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:10:33.0953 3032 Ip6Fw - ok
12:10:34.0000 3032 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:10:34.0015 3032 IpFilterDriver - ok
12:10:34.0062 3032 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:10:34.0062 3032 IpInIp - ok
12:10:34.0125 3032 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:10:34.0125 3032 IpNat - ok
12:10:34.0156 3032 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:10:34.0171 3032 IPSec - ok
12:10:34.0218 3032 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:10:34.0234 3032 IRENUM - ok
12:10:34.0312 3032 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:10:34.0328 3032 isapnp - ok
12:10:34.0484 3032 [ 9AE07549A0D691A103FAF8946554BDB7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
12:10:34.0640 3032 JavaQuickStarterService - ok
12:10:34.0687 3032 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:10:34.0703 3032 Kbdclass - ok
12:10:34.0750 3032 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:10:34.0765 3032 kmixer - ok
12:10:34.0828 3032 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:10:34.0828 3032 KSecDD - ok
12:10:34.0890 3032 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:10:34.0906 3032 lanmanserver - ok
12:10:35.0000 3032 [ 936C1D110232D23B621CB0196E4F80F0 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:10:35.0015 3032 LanmanWorkstation - ok
12:10:35.0062 3032 lbrtfdc - ok
12:10:35.0156 3032 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:10:35.0156 3032 LmHosts - ok
12:10:35.0218 3032 [ B4B8B993A83084CE25DC776965903CE7 ] massfilter C:\WINDOWS\system32\drivers\massfilter.sys
12:10:35.0218 3032 massfilter - ok
12:10:35.0281 3032 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
12:10:35.0281 3032 MBAMProtector - ok
12:10:35.0375 3032 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:10:35.0421 3032 MBAMScheduler - ok
12:10:35.0484 3032 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:10:35.0515 3032 MBAMService - ok
12:10:35.0562 3032 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:10:35.0593 3032 Messenger - ok
12:10:35.0656 3032 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:10:35.0656 3032 mnmdd - ok
12:10:35.0718 3032 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:10:35.0750 3032 mnmsrvc - ok
12:10:35.0812 3032 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:10:35.0828 3032 Modem - ok
12:10:35.0875 3032 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:10:35.0875 3032 Mouclass - ok
12:10:35.0953 3032 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:10:35.0953 3032 mouhid - ok
12:10:36.0078 3032 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:10:36.0078 3032 MountMgr - ok
12:10:36.0109 3032 mraid35x - ok
12:10:36.0140 3032 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:10:36.0156 3032 MRxDAV - ok
12:10:36.0234 3032 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:10:36.0296 3032 MRxSmb - ok
12:10:36.0359 3032 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:10:36.0375 3032 MSDTC - ok
12:10:36.0421 3032 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:10:36.0421 3032 Msfs - ok
12:10:36.0453 3032 MSIServer - ok
12:10:36.0500 3032 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:10:36.0500 3032 MSKSSRV - ok
12:10:36.0546 3032 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:10:36.0546 3032 MSPCLOCK - ok
12:10:36.0578 3032 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:10:36.0593 3032 MSPQM - ok
12:10:36.0640 3032 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:10:36.0640 3032 mssmbios - ok
12:10:36.0718 3032 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:10:36.0734 3032 Mup - ok
12:10:36.0812 3032 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:10:36.0828 3032 napagent - ok
12:10:36.0906 3032 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:10:36.0968 3032 NDIS - ok
12:10:37.0062 3032 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:10:37.0062 3032 NdisTapi - ok
12:10:37.0093 3032 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:10:37.0109 3032 Ndisuio - ok
12:10:37.0171 3032 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:10:37.0187 3032 NdisWan - ok
12:10:37.0250 3032 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:10:37.0265 3032 NDProxy - ok
12:10:37.0328 3032 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:10:37.0328 3032 NetBIOS - ok
12:10:37.0375 3032 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:10:37.0375 3032 NetBT - ok
12:10:37.0421 3032 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
12:10:37.0437 3032 NetDDE - ok
12:10:37.0468 3032 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:10:37.0468 3032 NetDDEdsdm - ok
12:10:37.0531 3032 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:10:37.0531 3032 Netlogon - ok
12:10:37.0609 3032 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
12:10:37.0625 3032 Netman - ok
12:10:37.0703 3032 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
12:10:37.0718 3032 Nla - ok
12:10:37.0796 3032 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:10:37.0812 3032 Npfs - ok
12:10:37.0859 3032 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:10:37.0875 3032 Ntfs - ok
12:10:37.0921 3032 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:10:37.0921 3032 NtLmSsp - ok
12:10:38.0000 3032 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:10:38.0031 3032 NtmsSvc - ok
12:10:38.0109 3032 [ A568B9A9FFE2D9387222A5C90F86D731 ] NTSIM C:\WINDOWS\system32\ntsim.sys
12:10:38.0125 3032 NTSIM - ok
12:10:38.0171 3032 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:10:38.0187 3032 Null - ok
12:10:38.0250 3032 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:10:38.0265 3032 NwlnkFlt - ok
12:10:38.0296 3032 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:10:38.0296 3032 NwlnkFwd - ok
12:10:38.0375 3032 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:10:38.0375 3032 Parport - ok
12:10:38.0406 3032 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:10:38.0406 3032 PartMgr - ok
12:10:38.0468 3032 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:10:38.0484 3032 ParVdm - ok
12:10:38.0546 3032 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:10:38.0546 3032 PCI - ok
12:10:38.0609 3032 PCIDump - ok
12:10:38.0625 3032 PCIIde - ok
12:10:38.0671 3032 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:10:38.0671 3032 Pcmcia - ok
12:10:38.0703 3032 PDCOMP - ok
12:10:38.0734 3032 PDFRAME - ok
12:10:38.0765 3032 PDRELI - ok
12:10:38.0796 3032 PDRFRAME - ok
12:10:38.0828 3032 perc2 - ok
12:10:38.0859 3032 perc2hib - ok
12:10:38.0968 3032 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
12:10:38.0968 3032 PlugPlay - ok
12:10:39.0000 3032 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:10:39.0000 3032 PolicyAgent - ok
12:10:39.0062 3032 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:10:39.0109 3032 PptpMiniport - ok
12:10:39.0140 3032 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:10:39.0156 3032 ProtectedStorage - ok
12:10:39.0234 3032 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:10:39.0234 3032 PSched - ok
12:10:39.0312 3032 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:10:39.0312 3032 Ptilink - ok
12:10:39.0359 3032 ql1080 - ok
12:10:39.0406 3032 Ql10wnt - ok
12:10:39.0437 3032 ql12160 - ok
12:10:39.0453 3032 ql1240 - ok
12:10:39.0484 3032 ql1280 - ok
12:10:39.0562 3032 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:10:39.0562 3032 RasAcd - ok
12:10:39.0640 3032 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:10:39.0640 3032 RasAuto - ok
12:10:39.0687 3032 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:10:39.0687 3032 Rasl2tp - ok
12:10:39.0765 3032 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:10:39.0781 3032 RasMan - ok
12:10:39.0828 3032 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:10:39.0843 3032 RasPppoe - ok
12:10:39.0875 3032 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:10:39.0875 3032 Raspti - ok
12:10:39.0906 3032 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:10:39.0921 3032 Rdbss - ok
12:10:39.0953 3032 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:10:39.0953 3032 RDPCDD - ok
12:10:40.0078 3032 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:10:40.0140 3032 RDPWD - ok
12:10:40.0203 3032 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:10:40.0218 3032 RDSessMgr - ok
12:10:40.0281 3032 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:10:40.0281 3032 redbook - ok
12:10:40.0343 3032 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:10:40.0343 3032 RemoteAccess - ok
12:10:40.0406 3032 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:10:40.0421 3032 RpcLocator - ok
12:10:40.0468 3032 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:10:40.0484 3032 RpcSs - ok
12:10:40.0562 3032 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:10:40.0609 3032 RSVP - ok
12:10:40.0656 3032 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
12:10:40.0656 3032 SamSs - ok
12:10:40.0734 3032 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:10:40.0750 3032 SCardSvr - ok
12:10:40.0796 3032 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:10:40.0812 3032 Schedule - ok
12:10:40.0890 3032 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:10:40.0937 3032 Secdrv - ok
12:10:40.0984 3032 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:10:41.0000 3032 seclogon - ok
12:10:41.0031 3032 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
12:10:41.0062 3032 SENS - ok
12:10:41.0109 3032 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:10:41.0109 3032 serenum - ok
12:10:41.0156 3032 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:10:41.0187 3032 Serial - ok
12:10:41.0218 3032 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:10:41.0218 3032 Sfloppy - ok
12:10:41.0281 3032 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:10:41.0343 3032 SharedAccess - ok
12:10:41.0406 3032 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:10:41.0421 3032 ShellHWDetection - ok
12:10:41.0468 3032 Simbad - ok
12:10:41.0562 3032 [ 1D381A07361E4D6A8BE95026B3EBA47A ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
12:10:41.0625 3032 smwdm - ok
12:10:41.0734 3032 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
12:10:41.0781 3032 SoundMAX Agent Service (default) - ok
12:10:41.0812 3032 Sparrow - ok
12:10:41.0875 3032 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:10:41.0875 3032 splitter - ok
12:10:41.0937 3032 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:10:41.0953 3032 Spooler - ok
12:10:42.0015 3032 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:10:42.0015 3032 sr - ok
12:10:42.0078 3032 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
12:10:42.0125 3032 srservice - ok
12:10:42.0203 3032 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:10:42.0281 3032 Srv - ok
12:10:42.0343 3032 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:10:42.0343 3032 SSDPSRV - ok
12:10:42.0406 3032 [ 06CDA2A5A549BC455D004461E6BC5B33 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
12:10:42.0421 3032 StillCam - ok
12:10:42.0484 3032 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:10:42.0515 3032 stisvc - ok
12:10:42.0562 3032 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:10:42.0609 3032 swenum - ok
12:10:42.0671 3032 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:10:42.0671 3032 swmidi - ok
12:10:42.0703 3032 SwPrv - ok
12:10:42.0734 3032 symc810 - ok
12:10:42.0765 3032 symc8xx - ok
12:10:42.0796 3032 sym_hi - ok
12:10:42.0843 3032 sym_u3 - ok
12:10:42.0875 3032 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:10:42.0890 3032 sysaudio - ok
12:10:42.0937 3032 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:10:42.0953 3032 SysmonLog - ok
12:10:43.0000 3032 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:10:43.0031 3032 TapiSrv - ok
12:10:43.0109 3032 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:10:43.0171 3032 Tcpip - ok
12:10:43.0234 3032 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:10:43.0234 3032 TDPIPE - ok
12:10:43.0265 3032 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:10:43.0281 3032 TDTCP - ok
12:10:43.0328 3032 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:10:43.0328 3032 TermDD - ok
12:10:43.0421 3032 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
12:10:43.0437 3032 TermService - ok
12:10:43.0484 3032 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
12:10:43.0500 3032 Themes - ok
12:10:43.0546 3032 TosIde - ok
12:10:43.0593 3032 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:10:43.0640 3032 TrkWks - ok
12:10:43.0734 3032 [ D85938F272D1BCF3DB3A31FC0A048928 ] uagp35 C:\WINDOWS\system32\DRIVERS\uagp35.sys
12:10:43.0734 3032 uagp35 - ok
12:10:43.0796 3032 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:10:43.0796 3032 Udfs - ok
12:10:43.0828 3032 ultra - ok
12:10:43.0906 3032 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:10:43.0921 3032 Update - ok
12:10:44.0000 3032 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
12:10:44.0015 3032 upnphost - ok
12:10:44.0109 3032 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
12:10:44.0140 3032 UPS - ok
12:10:44.0187 3032 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:10:44.0203 3032 usbccgp - ok
12:10:44.0250 3032 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:10:44.0250 3032 usbehci - ok
12:10:44.0328 3032 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:10:44.0343 3032 usbhub - ok
12:10:44.0406 3032 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:10:44.0421 3032 usbprint - ok
12:10:44.0468 3032 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:10:44.0484 3032 usbscan - ok
12:10:44.0531 3032 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:10:44.0531 3032 USBSTOR - ok
12:10:44.0609 3032 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:10:44.0609 3032 usbuhci - ok
12:10:44.0687 3032 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:10:44.0687 3032 VgaSave - ok
12:10:44.0765 3032 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys
12:10:44.0765 3032 viaagp1 - ok
12:10:44.0828 3032 [ 0CC705DB634A3BC355887E3D478DD386 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
12:10:44.0843 3032 viagfx - ok
12:10:44.0890 3032 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:10:44.0890 3032 ViaIde - ok
12:10:44.0968 3032 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:10:44.0968 3032 VolSnap - ok
12:10:45.0046 3032 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
12:10:45.0062 3032 VSS - ok
12:10:45.0125 3032 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
12:10:45.0140 3032 W32Time - ok
12:10:45.0250 3032 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:10:45.0250 3032 Wanarp - ok
12:10:45.0281 3032 WDICA - ok
12:10:45.0343 3032 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:10:45.0343 3032 wdmaud - ok
12:10:45.0406 3032 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:10:45.0421 3032 WebClient - ok
12:10:45.0531 3032 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:10:45.0531 3032 winmgmt - ok
12:10:45.0625 3032 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:10:45.0640 3032 WmdmPmSN - ok
12:10:45.0718 3032 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:10:45.0718 3032 WmiApSrv - ok
12:10:45.0937 3032 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:10:45.0984 3032 WMPNetworkSvc - ok
12:10:46.0078 3032 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:10:46.0125 3032 wscsvc - ok
12:10:46.0171 3032 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:10:46.0218 3032 wuauserv - ok
12:10:46.0265 3032 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:10:46.0265 3032 WudfPf - ok
12:10:46.0312 3032 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:10:46.0328 3032 WudfRd - ok
12:10:46.0359 3032 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:10:46.0375 3032 WudfSvc - ok
12:10:46.0468 3032 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:10:46.0500 3032 WZCSVC - ok
12:10:46.0562 3032 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:10:46.0578 3032 xmlprov - ok
12:10:46.0625 3032 [ AF57ABA41F62784622DD5C5B8748F137 ] ZTEusbnet C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys
12:10:46.0656 3032 ZTEusbnet - ok
12:10:46.0750 3032 [ 9BDD8C51C56BE88B081E885085BD7286 ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
12:10:46.0750 3032 ZTEusbnmea - ok
12:10:46.0796 3032 [ 9BDD8C51C56BE88B081E885085BD7286 ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
12:10:46.0796 3032 ZTEusbser6k - ok
12:10:46.0843 3032 ================ Scan global ===============================
12:10:46.0937 3032 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
12:10:47.0015 3032 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
12:10:47.0062 3032 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
12:10:47.0093 3032 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
12:10:47.0109 3032 [Global] - ok
12:10:47.0125 3032 ================ Scan MBR ==================================
12:10:47.0156 3032 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
12:10:47.0343 3032 \Device\Harddisk0\DR0 - ok
12:10:47.0359 3032 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
12:10:47.0375 3032 \Device\Harddisk1\DR1 - ok
12:10:47.0375 3032 ================ Scan VBR ==================================
12:10:47.0390 3032 [ 1881A9B92BBD37E435FF33F4BCE46B34 ] \Device\Harddisk0\DR0\Partition1
12:10:47.0390 3032 \Device\Harddisk0\DR0\Partition1 - ok
12:10:47.0437 3032 [ 19CC2902F5DDC880E385BF1C904202E0 ] \Device\Harddisk1\DR1\Partition1
12:10:47.0437 3032 \Device\Harddisk1\DR1\Partition1 - ok
12:10:47.0437 3032 ============================================================
12:10:47.0437 3032 Scan finished
12:10:47.0437 3032 ============================================================
12:10:47.0468 3024 Detected object count: 0
12:10:47.0468 3024 Actual detected object count: 0
12:10:52.0437 1956 Deinitialize success

[Žbeky]

A combofix?

[Konogo]

Combofix zatím běží už hodinu a nic se neději. Napsané tu je, že to může trvat 10min