Prosím o preventivní kontrolu logu Vyřešeno

[Adam15]

Dobrý den chtěl bych toho kdo bude mít čas aby mi zkontroloval log jen tak preventivně. Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:00:22, on 17.8.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
D:\Program Files (Programy)\HAMACHI\hamachi-2-ui.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Adam\Data aplikací\uTorrent\uTorrent.exe
D:\Program Files (Programy)\Steam\steam.exe
C:\FRAPS\FRAPS.EXE
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
D:\Program Files (Programy)\HAMACHI\hamachi-2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Adam\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=119816 ... 19E00E5CFE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (Programy)\HAMACHI\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Adam\Data aplikací\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Adam\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "D:\Program Files (Programy)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1454471165-688789844-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1796303750
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (Programy)\HAMACHI\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

--
End of file - 9707 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Adam15]

ATF cleaner sem použil na mozzilu ale chrome jak tu vidím tak není podporovaný nemáte nejaký program i na chrome ?

MBMA log:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.16.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Adam :: ADAM-A11F605792 [administrátor]

17.8.2013 13:22:29
MBAM-log-2013-08-17 (13-30-17).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228822
Uplynulý čas: 5 minut, 40 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Documents and Settings\Adam\Data aplikací\Babylon (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 5
C:\Documents and Settings\Adam\Data aplikací\File Scout\filescout.exe (Trojan.PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Adam\Data aplikací\uTorrent\ism.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Adam\Local Settings\Temp\56E.tmp (Trojan.PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Adam\Data aplikací\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Tasks\EPUpdater.job (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.

(konec)

[Adam15]

ADW log
# AdwCleaner v2.306 - Log vytvooen 17/08/2013 v 13:33:02
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Adam - ADAM-A11F605792
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Adam\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Adam\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\Adam\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\Adam\Data aplikací\file scout
Složka Nalezeno : C:\Documents and Settings\Adam\Local Settings\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Babylon
Složka Nalezeno : C:\Program Files\AVG Secure Search
Složka Nalezeno : C:\Program Files\Common Files\AVG Secure Search
Složka Nalezeno : C:\Program Files\DAEMON Tools Toolbar
Soubor Nalezeno : C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\zdel6b2l.default\searchplugins\Babylon.xml
Soubor Nalezeno : C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\zdel6b2l.default\searchplugins\BrowserProtect.xml
Soubor Nalezeno : C:\WINDOWS\Tasks\EPUpdater.job

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AVG Secure Search
Klíe Nalezeno : HKCU\Software\BabSolution
Klíe Nalezeno : HKCU\Software\BI
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\d68fd1bc3eba44
Klíe Nalezeno : HKCU\Software\DataMngr
Klíe Nalezeno : HKCU\Software\filescout
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\AVG Security Toolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKU\S-1-5-21-1454471165-688789844-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=119816 ... 19E00E5CFE
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.delta-search.com/?affID=1198 ... 19E00E5CFE
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www.delta-search.com/?affID=1198 ... 19E00E5CFE

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\zdel6b2l.default\prefs.js

Nalezeno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntr[...]
Nalezeno : user_pref("avg.install.userSPSettings", "Delta Search");
Nalezeno : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119816&tt=gc_&babsrc=NT_ss&mntrI[...]
Nalezeno : user_pref("browser.search.order.1", "Delta Search");
Nalezeno : user_pref("browser.search.selectedEngine", "Delta Search");
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119816&babsrc[...]

-\\ Google Chrome v28.0.1500.95

Soubor : C:\Documents and Settings\Adam\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

Soubor : C:\Documents and Settings\UpdatusUser\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [7885 octets] - [17/08/2013 13:33:02]

########## EOF - C:\AdwCleaner[R1].txt - [7945 octets] ##########

[memphisto]

V Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[Adam15]

MBAM log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.16.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Adam :: ADAM-A11F605792 [administrátor]

17.8.2013 14:04:47
mbam-log-2013-08-17 (14-04-47).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228905
Uplynulý čas: 4 minut, 56 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Documents and Settings\Adam\Data aplikací\Babylon (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 5
C:\Documents and Settings\Adam\Data aplikací\File Scout\filescout.exe (Trojan.PUP.Optional.FileScout.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Adam\Data aplikací\uTorrent\ism.exe (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Adam\Local Settings\Temp\56E.tmp (Trojan.PUP.Optional.FileScout.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Adam\Data aplikací\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\Tasks\EPUpdater.job (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.

(konec)

[Adam15]

ADW log :

# AdwCleaner v2.306 - Log vytvooen 17/08/2013 v 14:17:08
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Adam - ADAM-A11F605792
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Adam\Plocha\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\Adam\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\Adam\Data aplikací\file scout
Složka Vymazáno : C:\Documents and Settings\Adam\Local Settings\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\Babylon
Složka Vymazáno : C:\Program Files\AVG Secure Search
Složka Vymazáno : C:\Program Files\DAEMON Tools Toolbar
Soubor Vymazáno : C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\zdel6b2l.default\searchplugins\Babylon.xml
Soubor Vymazáno : C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\zdel6b2l.default\searchplugins\BrowserProtect.xml
Vymazáno poi restartu : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\AVG Secure Search
Klíe Vymazáno : HKCU\Software\BabSolution
Klíe Vymazáno : HKCU\Software\BI
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\d68fd1bc3eba44
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\filescout
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKLM\Software\AVG Secure Search
Klíe Vymazáno : HKLM\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=119816 ... 19E00E5CFE --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.delta-search.com/?affID=1198 ... 19E00E5CFE --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www.delta-search.com/?affID=1198 ... 19E00E5CFE --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\zdel6b2l.default\prefs.js

Vymazáno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntr[...]
Vymazáno : user_pref("avg.install.userSPSettings", "Delta Search");
Vymazáno : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119816&tt=gc_&babsrc=NT_ss&mntrI[...]
Vymazáno : user_pref("browser.search.order.1", "Delta Search");
Vymazáno : user_pref("browser.search.selectedEngine", "Delta Search");
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119816&babsrc[...]

-\\ Google Chrome v28.0.1500.95

Soubor : C:\Documents and Settings\Adam\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

Soubor : C:\Documents and Settings\UpdatusUser\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [8014 octets] - [17/08/2013 13:33:02]
AdwCleaner[S1].txt - [7783 octets] - [17/08/2013 14:17:08]

########## EOF - C:\AdwCleaner[S1].txt - [7843 octets] ##########

[Adam15]

JRT log :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.7 (08.17.2013:1)
OS: Microsoft Windows XP x86
Ran by Adam on so 17.08.2013 at 14:31:26,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 17.08.2013 at 14:37:27,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Adam15]

RK :

RogueKiller V8.6.5 [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Adam [Práva správce]
Mód : Kontrola -- Datum : 08/17/2013 14:28:12
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] Adobe Gamma Loader.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk @C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [-][-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([Address] sfsync02.sys @ 0xB8338D60)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD403LJ +++++
--- User ---
[MBR] 762a103dc176ffd376e9d2386f70a0a6
[BSP] d7ba74b7f09f179dbeb2d59a0783b7ff : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 40962 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 83891430 | Size: 340581 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD403LJ +++++
--- User ---
[MBR] 83c32e9ef02d7784009fb0ba5a355eab
[BSP] 4fc941a99fd609e5576901d35befa098 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_08172013_142812.txt >>

[memphisto]

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[Adam15]

RK:

RogueKiller V8.6.5 [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Adam [Práva správce]
Mód : Kontrola -- Datum : 08/17/2013 17:04:55
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] Adobe Gamma Loader.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk @C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [-][-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([Address] sfsync02.sys @ 0xB8338D60)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD403LJ +++++
--- User ---
[MBR] 762a103dc176ffd376e9d2386f70a0a6
[BSP] d7ba74b7f09f179dbeb2d59a0783b7ff : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 40962 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 83891430 | Size: 340581 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD403LJ +++++
--- User ---
[MBR] 83c32e9ef02d7784009fb0ba5a355eab
[BSP] 4fc941a99fd609e5576901d35befa098 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_08172013_170455.txt >>
RKreport[0]_S_08172013_142812.txt

[Adam15]

TDSS killer :

17:08:29.0218 1108 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:08:29.0484 1108 ============================================================
17:08:29.0484 1108 Current date / time: 2013/08/17 17:08:29.0484
17:08:29.0484 1108 SystemInfo:
17:08:29.0484 1108
17:08:29.0484 1108 OS Version: 5.1.2600 ServicePack: 3.0
17:08:29.0484 1108 Product type: Workstation
17:08:29.0484 1108 ComputerName: ADAM-A11F605792
17:08:29.0484 1108 UserName: Adam
17:08:29.0484 1108 Windows directory: C:\WINDOWS
17:08:29.0484 1108 System windows directory: C:\WINDOWS
17:08:29.0484 1108 Processor architecture: Intel x86
17:08:29.0484 1108 Number of processors: 1
17:08:29.0484 1108 Page size: 0x1000
17:08:29.0484 1108 Boot type: Normal boot
17:08:29.0484 1108 ============================================================
17:08:31.0078 1108 Drive \Device\Harddisk0\DR0 - Size: 0x5D2710DE00 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:08:31.0078 1108 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:08:31.0093 1108 ============================================================
17:08:31.0093 1108 \Device\Harddisk0\DR0:
17:08:31.0093 1108 MBR partitions:
17:08:31.0093 1108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x50014A7
17:08:31.0109 1108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5001525, BlocksNum 0x299328DB
17:08:31.0109 1108 \Device\Harddisk1\DR3:
17:08:31.0109 1108 MBR partitions:
17:08:31.0109 1108 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
17:08:31.0109 1108 ============================================================
17:08:31.0171 1108 C: <-> \Device\Harddisk0\DR0\Partition1
17:08:31.0312 1108 D: <-> \Device\Harddisk0\DR0\Partition2
17:08:31.0312 1108 F: <-> \Device\Harddisk1\DR3\Partition1
17:08:31.0312 1108 ============================================================
17:08:31.0312 1108 Initialize success
17:08:31.0312 1108 ============================================================
17:08:32.0343 1508 ============================================================
17:08:32.0343 1508 Scan started
17:08:32.0343 1508 Mode: Manual;
17:08:32.0343 1508 ============================================================
17:08:34.0125 1508 ================ Scan system memory ========================
17:08:34.0125 1508 System memory - ok
17:08:34.0140 1508 ================ Scan services =============================
17:08:34.0265 1508 [ D76E9F5A991458A9F7E28395479B3150 ] 6to4 C:\WINDOWS\System32\6to4svc.dll
17:08:34.0265 1508 6to4 - ok
17:08:34.0281 1508 Abiosdsk - ok
17:08:34.0281 1508 abp480n5 - ok
17:08:34.0296 1508 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:08:34.0296 1508 ACPI - ok
17:08:34.0328 1508 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:08:34.0328 1508 ACPIEC - ok
17:08:34.0359 1508 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:08:34.0375 1508 AdobeFlashPlayerUpdateSvc - ok
17:08:34.0375 1508 adpu160m - ok
17:08:34.0390 1508 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:08:34.0390 1508 aec - ok
17:08:34.0421 1508 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:08:34.0421 1508 AFD - ok
17:08:34.0421 1508 Aha154x - ok
17:08:34.0421 1508 aic78u2 - ok
17:08:34.0437 1508 aic78xx - ok
17:08:34.0468 1508 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:08:34.0468 1508 Alerter - ok
17:08:34.0484 1508 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
17:08:34.0484 1508 ALG - ok
17:08:34.0484 1508 AliIde - ok
17:08:34.0515 1508 [ F6F5E047369784E607F3A636AC576148 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:08:34.0515 1508 AmdK8 - ok
17:08:34.0515 1508 amsint - ok
17:08:34.0531 1508 AppMgmt - ok
17:08:34.0531 1508 asc - ok
17:08:34.0531 1508 asc3350p - ok
17:08:34.0546 1508 asc3550 - ok
17:08:34.0625 1508 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:08:34.0625 1508 aspnet_state - ok
17:08:34.0625 1508 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:08:34.0625 1508 AsyncMac - ok
17:08:34.0640 1508 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:08:34.0640 1508 atapi - ok
17:08:34.0640 1508 Atdisk - ok
17:08:34.0656 1508 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:08:34.0656 1508 Atmarpc - ok
17:08:34.0671 1508 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:08:34.0671 1508 AudioSrv - ok
17:08:34.0703 1508 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:08:34.0703 1508 audstub - ok
17:08:34.0875 1508 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
17:08:34.0906 1508 AVGIDSAgent - ok
17:08:34.0906 1508 [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
17:08:34.0906 1508 AVGIDSDriver - ok
17:08:34.0921 1508 [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
17:08:34.0921 1508 AVGIDSHX - ok
17:08:34.0937 1508 [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
17:08:34.0937 1508 AVGIDSShim - ok
17:08:34.0953 1508 [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
17:08:34.0953 1508 Avgldx86 - ok
17:08:34.0968 1508 [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
17:08:34.0968 1508 Avglogx - ok
17:08:34.0968 1508 [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
17:08:34.0968 1508 Avgmfx86 - ok
17:08:34.0984 1508 [ EDDE28E993496EE1DC3F0937DFF7BF28 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
17:08:34.0984 1508 Avgrkx86 - ok
17:08:35.0015 1508 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
17:08:35.0015 1508 Avgtdix - ok
17:08:35.0046 1508 [ 311C5A8D894563CD2712CD297A34FAFB ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
17:08:35.0046 1508 avgtp - ok
17:08:35.0062 1508 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
17:08:35.0078 1508 avgwd - ok
17:08:35.0093 1508 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:08:35.0093 1508 Beep - ok
17:08:35.0109 1508 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
17:08:35.0125 1508 BITS - ok
17:08:35.0140 1508 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
17:08:35.0140 1508 Browser - ok
17:08:35.0156 1508 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:08:35.0156 1508 cbidf2k - ok
17:08:35.0171 1508 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:08:35.0171 1508 CCDECODE - ok
17:08:35.0171 1508 cd20xrnt - ok
17:08:35.0203 1508 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:08:35.0203 1508 Cdaudio - ok
17:08:35.0203 1508 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:08:35.0203 1508 Cdfs - ok
17:08:35.0218 1508 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:08:35.0218 1508 Cdrom - ok
17:08:35.0218 1508 Changer - ok
17:08:35.0250 1508 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:08:35.0250 1508 CiSvc - ok
17:08:35.0265 1508 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:08:35.0265 1508 ClipSrv - ok
17:08:35.0296 1508 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:08:35.0296 1508 clr_optimization_v2.0.50727_32 - ok
17:08:35.0328 1508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:08:35.0328 1508 clr_optimization_v4.0.30319_32 - ok
17:08:35.0328 1508 CmdIde - ok
17:08:35.0328 1508 COMSysApp - ok
17:08:35.0343 1508 Cpqarray - ok
17:08:35.0359 1508 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:08:35.0359 1508 CryptSvc - ok
17:08:35.0359 1508 dac2w2k - ok
17:08:35.0359 1508 dac960nt - ok
17:08:35.0390 1508 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:08:35.0406 1508 DcomLaunch - ok
17:08:35.0421 1508 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:08:35.0421 1508 Dhcp - ok
17:08:35.0421 1508 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:08:35.0421 1508 Disk - ok
17:08:35.0421 1508 dmadmin - ok
17:08:35.0468 1508 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:08:35.0468 1508 dmboot - ok
17:08:35.0484 1508 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:08:35.0484 1508 dmio - ok
17:08:35.0500 1508 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:08:35.0500 1508 dmload - ok
17:08:35.0515 1508 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:08:35.0515 1508 dmserver - ok
17:08:35.0531 1508 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:08:35.0531 1508 DMusic - ok
17:08:35.0562 1508 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:08:35.0562 1508 Dnscache - ok
17:08:35.0593 1508 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:08:35.0593 1508 Dot3svc - ok
17:08:35.0593 1508 dpti2o - ok
17:08:35.0609 1508 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:08:35.0609 1508 drmkaud - ok
17:08:35.0640 1508 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:08:35.0640 1508 dtsoftbus01 - ok
17:08:35.0656 1508 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:08:35.0656 1508 EapHost - ok
17:08:35.0671 1508 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:08:35.0671 1508 ERSvc - ok
17:08:35.0687 1508 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
17:08:35.0687 1508 Eventlog - ok
17:08:35.0734 1508 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
17:08:35.0734 1508 EventSystem - ok
17:08:35.0734 1508 ew_hwusbdev - ok
17:08:35.0750 1508 ew_usbenumfilter - ok
17:08:35.0750 1508 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:08:35.0750 1508 Fastfat - ok
17:08:35.0781 1508 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:08:35.0781 1508 FastUserSwitchingCompatibility - ok
17:08:35.0796 1508 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
17:08:35.0796 1508 Fdc - ok
17:08:35.0796 1508 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:08:35.0796 1508 Fips - ok
17:08:35.0812 1508 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:08:35.0812 1508 Flpydisk - ok
17:08:35.0828 1508 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:08:35.0828 1508 FltMgr - ok
17:08:35.0875 1508 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:08:35.0875 1508 FontCache3.0.0.0 - ok
17:08:35.0890 1508 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:08:35.0890 1508 Fs_Rec - ok
17:08:35.0906 1508 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:08:35.0906 1508 Ftdisk - ok
17:08:35.0937 1508 [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv C:\WINDOWS\gdrv.sys
17:08:35.0937 1508 gdrv - ok
17:08:35.0953 1508 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:08:35.0953 1508 Gpc - ok
17:08:35.0984 1508 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:08:35.0984 1508 gupdate - ok
17:08:36.0000 1508 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:08:36.0000 1508 gupdatem - ok
17:08:36.0015 1508 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
17:08:36.0015 1508 hamachi - ok
17:08:36.0093 1508 [ 176825151F2F93415BCB37C29AF11A3D ] Hamachi2Svc D:\Program Files (Programy)\HAMACHI\hamachi-2.exe
17:08:36.0109 1508 Hamachi2Svc - ok
17:08:36.0140 1508 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:08:36.0140 1508 HDAudBus - ok
17:08:36.0187 1508 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:08:36.0187 1508 helpsvc - ok
17:08:36.0187 1508 HidServ - ok
17:08:36.0203 1508 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:08:36.0203 1508 hidusb - ok
17:08:36.0218 1508 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:08:36.0218 1508 hkmsvc - ok
17:08:36.0234 1508 hpn - ok
17:08:36.0265 1508 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:08:36.0265 1508 HTTP - ok
17:08:36.0281 1508 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:08:36.0296 1508 HTTPFilter - ok
17:08:36.0296 1508 huawei_cdcacm - ok
17:08:36.0296 1508 huawei_cdcecm - ok
17:08:36.0312 1508 huawei_enumerator - ok
17:08:36.0312 1508 huawei_ext_ctrl - ok
17:08:36.0343 1508 [ DE3FF0AB0C551D7E00E250E81169996A ] HWiNFO32 C:\WINDOWS\system32\drivers\HWiNFO32.SYS
17:08:36.0343 1508 HWiNFO32 - ok
17:08:36.0343 1508 i2omgmt - ok
17:08:36.0359 1508 i2omp - ok
17:08:36.0359 1508 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:08:36.0375 1508 i8042prt - ok
17:08:36.0421 1508 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:08:36.0421 1508 idsvc - ok
17:08:36.0437 1508 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:08:36.0437 1508 Imapi - ok
17:08:36.0468 1508 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:08:36.0468 1508 ImapiService - ok
17:08:36.0468 1508 ini910u - ok
17:08:36.0609 1508 [ C4006AF18682FCA0D8A011A0A21070F8 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:08:36.0625 1508 IntcAzAudAddService - ok
17:08:36.0640 1508 IntelIde - ok
17:08:36.0656 1508 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:08:36.0656 1508 Ip6Fw - ok
17:08:36.0687 1508 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:08:36.0687 1508 IpFilterDriver - ok
17:08:36.0687 1508 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:08:36.0687 1508 IpInIp - ok
17:08:36.0703 1508 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:08:36.0703 1508 IpNat - ok
17:08:36.0718 1508 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:08:36.0718 1508 IPSec - ok
17:08:36.0734 1508 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:08:36.0734 1508 IRENUM - ok
17:08:36.0750 1508 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:08:36.0750 1508 isapnp - ok
17:08:36.0812 1508 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
17:08:36.0812 1508 JavaQuickStarterService - ok
17:08:36.0828 1508 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:08:36.0828 1508 Kbdclass - ok
17:08:36.0843 1508 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:08:36.0843 1508 kmixer - ok
17:08:36.0859 1508 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:08:36.0859 1508 KSecDD - ok
17:08:36.0890 1508 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:08:36.0890 1508 lanmanserver - ok
17:08:36.0921 1508 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:08:36.0921 1508 lanmanworkstation - ok
17:08:36.0921 1508 lbrtfdc - ok
17:08:36.0953 1508 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:08:36.0953 1508 LmHosts - ok
17:08:36.0968 1508 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
17:08:36.0968 1508 MBAMProtector - ok
17:08:37.0015 1508 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:08:37.0015 1508 MBAMScheduler - ok
17:08:37.0031 1508 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:08:37.0046 1508 MBAMService - ok
17:08:37.0062 1508 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:08:37.0062 1508 Messenger - ok
17:08:37.0093 1508 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
17:08:37.0093 1508 Microsoft Office Groove Audit Service - ok
17:08:37.0125 1508 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:08:37.0125 1508 mnmdd - ok
17:08:37.0140 1508 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:08:37.0156 1508 mnmsrvc - ok
17:08:37.0171 1508 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:08:37.0171 1508 Modem - ok
17:08:37.0187 1508 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:08:37.0187 1508 Mouclass - ok
17:08:37.0187 1508 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:08:37.0187 1508 mouhid - ok
17:08:37.0203 1508 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:08:37.0203 1508 MountMgr - ok
17:08:37.0234 1508 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:08:37.0234 1508 MozillaMaintenance - ok
17:08:37.0234 1508 mraid35x - ok
17:08:37.0250 1508 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:08:37.0250 1508 MRxDAV - ok
17:08:37.0281 1508 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:08:37.0281 1508 MRxSmb - ok
17:08:37.0296 1508 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:08:37.0296 1508 MSDTC - ok
17:08:37.0312 1508 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:08:37.0312 1508 Msfs - ok
17:08:37.0312 1508 MSIServer - ok
17:08:37.0328 1508 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:08:37.0328 1508 MSKSSRV - ok
17:08:37.0328 1508 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:08:37.0328 1508 MSPCLOCK - ok
17:08:37.0343 1508 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:08:37.0343 1508 MSPQM - ok
17:08:37.0375 1508 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:08:37.0375 1508 mssmbios - ok
17:08:37.0390 1508 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:08:37.0390 1508 MSTEE - ok
17:08:37.0406 1508 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:08:37.0406 1508 Mup - ok
17:08:37.0406 1508 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:08:37.0421 1508 NABTSFEC - ok
17:08:37.0453 1508 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:08:37.0453 1508 napagent - ok
17:08:37.0453 1508 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:08:37.0453 1508 NDIS - ok
17:08:37.0484 1508 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:08:37.0484 1508 NdisIP - ok
17:08:37.0500 1508 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:08:37.0500 1508 NdisTapi - ok
17:08:37.0515 1508 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:08:37.0515 1508 Ndisuio - ok
17:08:37.0515 1508 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:08:37.0515 1508 NdisWan - ok
17:08:37.0531 1508 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:08:37.0531 1508 NDProxy - ok
17:08:37.0546 1508 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:08:37.0546 1508 NetBIOS - ok
17:08:37.0562 1508 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:08:37.0562 1508 NetBT - ok
17:08:37.0578 1508 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
17:08:37.0578 1508 NetDDE - ok
17:08:37.0578 1508 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:08:37.0578 1508 NetDDEdsdm - ok
17:08:37.0609 1508 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:08:37.0609 1508 Netlogon - ok
17:08:37.0625 1508 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
17:08:37.0625 1508 Netman - ok
17:08:37.0656 1508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:37.0656 1508 NetTcpPortSharing - ok
17:08:37.0671 1508 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
17:08:37.0687 1508 Nla - ok
17:08:37.0687 1508 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:08:37.0687 1508 Npfs - ok
17:08:37.0703 1508 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:08:37.0718 1508 Ntfs - ok
17:08:37.0718 1508 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:08:37.0718 1508 NtLmSsp - ok
17:08:37.0750 1508 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:08:37.0750 1508 NtmsSvc - ok
17:08:37.0765 1508 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:08:37.0765 1508 Null - ok
17:08:38.0015 1508 [ A613A14FB4D9117F42A3A280F64E9EC4 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:08:38.0078 1508 nv - ok
17:08:38.0109 1508 [ F1AE0BC50661BE09E7BC5919F4C05505 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
17:08:38.0109 1508 NVSvc - ok
17:08:38.0187 1508 [ 056EF5C4AF4BD002AEAE417412C8EB71 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:08:38.0203 1508 nvUpdatusService - ok
17:08:38.0218 1508 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:08:38.0218 1508 NwlnkFlt - ok
17:08:38.0234 1508 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:08:38.0234 1508 NwlnkFwd - ok
17:08:38.0296 1508 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:08:38.0296 1508 odserv - ok
17:08:38.0328 1508 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:08:38.0328 1508 ose - ok
17:08:38.0328 1508 PAC7302 - ok
17:08:38.0359 1508 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:08:38.0359 1508 Parport - ok
17:08:38.0375 1508 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:08:38.0375 1508 PartMgr - ok
17:08:38.0390 1508 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:08:38.0390 1508 ParVdm - ok
17:08:38.0406 1508 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:08:38.0406 1508 PCI - ok
17:08:38.0406 1508 PCIDump - ok
17:08:38.0421 1508 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:08:38.0421 1508 PCIIde - ok
17:08:38.0437 1508 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:08:38.0437 1508 Pcmcia - ok
17:08:38.0437 1508 PDCOMP - ok
17:08:38.0453 1508 PDFRAME - ok
17:08:38.0453 1508 PDRELI - ok
17:08:38.0468 1508 PDRFRAME - ok
17:08:38.0468 1508 perc2 - ok
17:08:38.0468 1508 perc2hib - ok
17:08:38.0500 1508 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
17:08:38.0500 1508 PlugPlay - ok
17:08:38.0531 1508 [ 831883B107684301F48ACE752C963984 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
17:08:38.0546 1508 PnkBstrA - ok
17:08:38.0546 1508 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:08:38.0546 1508 PolicyAgent - ok
17:08:38.0562 1508 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:08:38.0562 1508 PptpMiniport - ok
17:08:38.0578 1508 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:08:38.0578 1508 Processor - ok
17:08:38.0578 1508 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:08:38.0578 1508 ProtectedStorage - ok
17:08:38.0578 1508 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:08:38.0578 1508 PSched - ok
17:08:38.0593 1508 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:08:38.0593 1508 Ptilink - ok
17:08:38.0593 1508 ql1080 - ok
17:08:38.0609 1508 Ql10wnt - ok
17:08:38.0609 1508 ql12160 - ok
17:08:38.0609 1508 ql1240 - ok
17:08:38.0625 1508 ql1280 - ok
17:08:38.0625 1508 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:08:38.0640 1508 RasAcd - ok
17:08:38.0656 1508 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:08:38.0656 1508 RasAuto - ok
17:08:38.0671 1508 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:08:38.0671 1508 Rasl2tp - ok
17:08:38.0703 1508 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:08:38.0703 1508 RasMan - ok
17:08:38.0703 1508 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:08:38.0703 1508 RasPppoe - ok
17:08:38.0718 1508 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:08:38.0718 1508 Raspti - ok
17:08:38.0734 1508 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:08:38.0734 1508 Rdbss - ok
17:08:38.0750 1508 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:08:38.0750 1508 RDPCDD - ok
17:08:38.0781 1508 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:08:38.0781 1508 RDPWD - ok
17:08:38.0796 1508 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:08:38.0796 1508 RDSessMgr - ok
17:08:38.0828 1508 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:08:38.0828 1508 redbook - ok
17:08:38.0843 1508 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:08:38.0859 1508 RemoteAccess - ok
17:08:38.0875 1508 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:08:38.0875 1508 RpcLocator - ok
17:08:38.0890 1508 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:08:38.0906 1508 RpcSs - ok
17:08:38.0921 1508 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:08:38.0921 1508 RSVP - ok
17:08:38.0953 1508 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
17:08:38.0968 1508 RTL8023xp - ok
17:08:38.0984 1508 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
17:08:38.0984 1508 rtl8139 - ok
17:08:39.0015 1508 [ 20EB79FD0A13A18B70B6731A1285CA94 ] s1039bus C:\WINDOWS\system32\DRIVERS\s1039bus.sys
17:08:39.0015 1508 s1039bus - ok
17:08:39.0031 1508 [ 58780C6C3AD51DA84B57D6AE42DC49CA ] s1039mdfl C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys
17:08:39.0031 1508 s1039mdfl - ok
17:08:39.0031 1508 [ 1FF8B42D1346133A945B52876376ED40 ] s1039mdm C:\WINDOWS\system32\DRIVERS\s1039mdm.sys
17:08:39.0031 1508 s1039mdm - ok
17:08:39.0046 1508 [ F64C13C549CB4732FE99C771FA35D038 ] s1039mgmt C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys
17:08:39.0062 1508 s1039mgmt - ok
17:08:39.0062 1508 [ EC22D9BAA464A892C0637982B67292E6 ] s1039nd5 C:\WINDOWS\system32\DRIVERS\s1039nd5.sys
17:08:39.0062 1508 s1039nd5 - ok
17:08:39.0078 1508 [ 69E9CE002E7249E61FF2EA1336C71D89 ] s1039obex C:\WINDOWS\system32\DRIVERS\s1039obex.sys
17:08:39.0078 1508 s1039obex - ok
17:08:39.0093 1508 [ 482DFB3721A0DE11CC22B439D17C348C ] s1039unic C:\WINDOWS\system32\DRIVERS\s1039unic.sys
17:08:39.0093 1508 s1039unic - ok
17:08:39.0109 1508 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
17:08:39.0109 1508 SamSs - ok
17:08:39.0125 1508 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:08:39.0125 1508 SCardSvr - ok
17:08:39.0140 1508 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:08:39.0156 1508 Schedule - ok
17:08:39.0187 1508 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:08:39.0187 1508 Secdrv - ok
17:08:39.0203 1508 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:08:39.0203 1508 seclogon - ok
17:08:39.0203 1508 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
17:08:39.0203 1508 SENS - ok
17:08:39.0218 1508 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:08:39.0218 1508 serenum - ok
17:08:39.0234 1508 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:08:39.0234 1508 Serial - ok
17:08:39.0281 1508 [ 00DE597B81B381053CB5B21A7F20E365 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
17:08:39.0281 1508 sfdrv01 - ok
17:08:39.0281 1508 [ 64B9AB76F1B16EB059CB6CDD906C067A ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
17:08:39.0281 1508 sfhlp02 - ok
17:08:39.0296 1508 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:08:39.0296 1508 Sfloppy - ok
17:08:39.0296 1508 [ 798D918D8F20380008277CE3CE5319D1 ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
17:08:39.0296 1508 sfsync02 - ok
17:08:39.0328 1508 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:08:39.0328 1508 SharedAccess - ok
17:08:39.0343 1508 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:08:39.0343 1508 ShellHWDetection - ok
17:08:39.0343 1508 Simbad - ok
17:08:39.0390 1508 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:08:39.0390 1508 SkypeUpdate - ok
17:08:39.0406 1508 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:08:39.0406 1508 SLIP - ok
17:08:39.0406 1508 Sparrow - ok
17:08:39.0421 1508 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:08:39.0421 1508 splitter - ok
17:08:39.0453 1508 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:08:39.0453 1508 Spooler - ok
17:08:39.0468 1508 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:08:39.0468 1508 sr - ok
17:08:39.0484 1508 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
17:08:39.0484 1508 srservice - ok
17:08:39.0500 1508 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:08:39.0500 1508 Srv - ok
17:08:39.0515 1508 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:08:39.0515 1508 SSDPSRV - ok
17:08:39.0531 1508 Steam Client Service - ok
17:08:39.0546 1508 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:08:39.0546 1508 stisvc - ok
17:08:39.0562 1508 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:08:39.0562 1508 streamip - ok
17:08:39.0578 1508 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:08:39.0578 1508 swenum - ok
17:08:39.0593 1508 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:08:39.0593 1508 swmidi - ok
17:08:39.0609 1508 SwPrv - ok
17:08:39.0609 1508 symc810 - ok
17:08:39.0625 1508 symc8xx - ok
17:08:39.0625 1508 sym_hi - ok
17:08:39.0625 1508 sym_u3 - ok
17:08:39.0656 1508 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:08:39.0656 1508 sysaudio - ok
17:08:39.0656 1508 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:08:39.0671 1508 SysmonLog - ok
17:08:39.0687 1508 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:08:39.0687 1508 TapiSrv - ok
17:08:39.0703 1508 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:08:39.0703 1508 Tcpip - ok
17:08:39.0718 1508 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
17:08:39.0718 1508 Tcpip6 - ok
17:08:39.0734 1508 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:08:39.0734 1508 TDPIPE - ok
17:08:39.0750 1508 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:08:39.0750 1508 TDTCP - ok
17:08:39.0750 1508 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:08:39.0750 1508 TermDD - ok
17:08:39.0781 1508 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
17:08:39.0781 1508 TermService - ok
17:08:39.0796 1508 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:08:39.0796 1508 Themes - ok
17:08:39.0796 1508 TosIde - ok
17:08:39.0812 1508 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:08:39.0812 1508 TrkWks - ok
17:08:39.0828 1508 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
17:08:39.0828 1508 tunmp - ok
17:08:39.0843 1508 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:08:39.0843 1508 Udfs - ok
17:08:39.0859 1508 ultra - ok
17:08:39.0890 1508 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:08:39.0890 1508 Update - ok
17:08:39.0906 1508 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
17:08:39.0906 1508 upnphost - ok
17:08:39.0921 1508 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
17:08:39.0921 1508 UPS - ok
17:08:39.0937 1508 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
17:08:39.0937 1508 usbaudio - ok
17:08:39.0953 1508 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:08:39.0953 1508 usbccgp - ok
17:08:39.0968 1508 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:08:39.0968 1508 usbehci - ok
17:08:39.0984 1508 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:08:39.0984 1508 usbhub - ok
17:08:39.0984 1508 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:08:39.0984 1508 usbohci - ok
17:08:40.0015 1508 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:08:40.0015 1508 usbprint - ok
17:08:40.0015 1508 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:08:40.0015 1508 USBSTOR - ok
17:08:40.0031 1508 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:08:40.0031 1508 VgaSave - ok
17:08:40.0031 1508 ViaIde - ok
17:08:40.0046 1508 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:08:40.0046 1508 VolSnap - ok
17:08:40.0062 1508 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
17:08:40.0062 1508 VSS - ok
17:08:40.0078 1508 vToolbarUpdater15.5.0 - ok
17:08:40.0093 1508 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
17:08:40.0093 1508 W32Time - ok
17:08:40.0109 1508 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:08:40.0109 1508 Wanarp - ok
17:08:40.0140 1508 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
17:08:40.0140 1508 Wdf01000 - ok
17:08:40.0140 1508 WDICA - ok
17:08:40.0171 1508 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:08:40.0171 1508 wdmaud - ok
17:08:40.0187 1508 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:08:40.0187 1508 WebClient - ok
17:08:40.0250 1508 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:08:40.0250 1508 winmgmt - ok
17:08:40.0296 1508 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:08:40.0296 1508 WmdmPmSN - ok
17:08:40.0312 1508 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:08:40.0328 1508 WmiApSrv - ok
17:08:40.0390 1508 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:08:40.0390 1508 WMPNetworkSvc - ok
17:08:40.0437 1508 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:08:40.0437 1508 WpdUsb - ok
17:08:40.0734 1508 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:08:40.0734 1508 WPFFontCache_v0400 - ok
17:08:40.0765 1508 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:08:40.0765 1508 wscsvc - ok
17:08:40.0781 1508 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:08:40.0781 1508 WSTCODEC - ok
17:08:40.0812 1508 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:08:40.0812 1508 wuauserv - ok
17:08:40.0828 1508 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:08:40.0843 1508 WudfPf - ok
17:08:40.0859 1508 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:08:40.0859 1508 WudfRd - ok
17:08:40.0875 1508 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:08:40.0875 1508 WudfSvc - ok
17:08:40.0906 1508 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:08:40.0921 1508 WZCSVC - ok
17:08:40.0937 1508 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:08:40.0937 1508 xmlprov - ok
17:08:40.0953 1508 ================ Scan global ===============================
17:08:40.0984 1508 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
17:08:41.0015 1508 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
17:08:41.0015 1508 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
17:08:41.0046 1508 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
17:08:41.0046 1508 [Global] - ok
17:08:41.0046 1508 ================ Scan MBR ==================================
17:08:41.0062 1508 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
17:08:41.0203 1508 \Device\Harddisk0\DR0 - ok
17:08:41.0203 1508 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
17:08:41.0218 1508 \Device\Harddisk1\DR3 - ok
17:08:41.0218 1508 ================ Scan VBR ==================================
17:08:41.0218 1508 [ 6B961E836A8EF53448D688C0F74B68B8 ] \Device\Harddisk0\DR0\Partition1
17:08:41.0218 1508 \Device\Harddisk0\DR0\Partition1 - ok
17:08:41.0234 1508 [ A30A700CE83CFC3C70B140317A9CB99D ] \Device\Harddisk0\DR0\Partition2
17:08:41.0234 1508 \Device\Harddisk0\DR0\Partition2 - ok
17:08:41.0234 1508 [ EA5BEA503EEC4B3EC0CF7DDDFFE35CCB ] \Device\Harddisk1\DR3\Partition1
17:08:41.0234 1508 \Device\Harddisk1\DR3\Partition1 - ok
17:08:41.0234 1508 ============================================================
17:08:41.0234 1508 Scan finished
17:08:41.0234 1508 ============================================================
17:08:41.0250 0208 Detected object count: 0
17:08:41.0250 0208 Actual detected object count: 0
17:08:43.0921 0716 Deinitialize success