prosím o kontrolu logu (pomalý start PC)

Kotik · Příspěvekod **Kotik** » 13 zář 2013 14:07

Zdravim,

chtěl bych požádat o kontrolu PC, pomalu nabíhají Winy, nevím, jestli to přisuzovat jejich stáří (cca 6 let) nebo používání pubertálního bratra a nebo dokonce Avastu, protože na svém notebooku také pociťuji pomalejší start a to je před cca půl rokem přeinstalovaný (zde na fóru jsem zaznamenal jednoho uživatele, který při přechodu na Avast měl pomalejší PC). A hlavně teď je "v klidu" 40 procesů, po posledním čištění bylo 34. Ccleaner používám pravidelně, MBAM čístý.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:17:11, on 10.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATITool\ATITool.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\System32\ssins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12902
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATITool] "C:\Program Files\ATITool\ATITool.exe" -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\X\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\X\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\X\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7047 bytes

Díky moc!

Reklama

Příspěvekod **memphisto** » 13 zář 2013 18:14

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Kotik · Příspěvekod **Kotik** » 17 zář 2013 09:49

AFT proveden, Malwarebytes' Anti-Malware jsem již psal, že je čistý.

# AdwCleaner v3.004 - Report created 17/09/2013 at 09:47:02
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : X - PENTIUM
# Running from : C:\Documents and Settings\X\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found C:\Documents and Settings\All Users\Data aplikací\apn
Folder Found C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
Folder Found C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found C:\Documents and Settings\X\Data aplikací\OpenCandy
Folder Found C:\Documents and Settings\X\Data aplikací\searchquband
Folder Found C:\Documents and Settings\X\Data aplikací\searchresultstb
Folder Found C:\Documents and Settings\X\Local Settings\Data aplikací\Conduit
Folder Found C:\Documents and Settings\X\Local Settings\Data aplikací\Ilivid Player
Folder Found C:\Documents and Settings\X\Local Settings\Data aplikací\PackageAware

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\CToolbar
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\ICQToolbar
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2304157
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2704262
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\CToolbar
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\Software\iLividSRTB
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SweetIM Bundle by SweetPacks
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Product Found : SweetIM for Messenger 3.7
Product Found : Update Manager for SweetPacks 1.1
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Google Chrome v

[ File : C:\Documents and Settings\X\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8040 octets] - [17/09/2013 09:47:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8100 octets] ##########

Příspěvekod **jaro3** » 17 zář 2013 10:52

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Kotik · Příspěvekod **Kotik** » 19 zář 2013 09:48

Awcleaner:

# AdwCleaner v3.004 - Report created 19/09/2013 at 09:41:53
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : X - PENTIUM
# Running from : C:\Documents and Settings\X\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\X\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\X\Local Settings\Data aplikací\Ilivid Player
Folder Deleted : C:\Documents and Settings\X\Local Settings\Data aplikací\PackageAware
Folder Deleted : C:\Documents and Settings\X\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\X\Data aplikací\searchquband
Folder Deleted : C:\Documents and Settings\X\Data aplikací\searchresultstb

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2304157
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2704262
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SweetIM Bundle by SweetPacks
Product Deleted : SweetIM for Messenger 3.7
Product Deleted : Update Manager for SweetPacks 1.1

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Google Chrome v

[ File : C:\Documents and Settings\X\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8180 octets] - [17/09/2013 09:47:02]
AdwCleaner[R1].txt - [7919 octets] - [19/09/2013 09:41:15]
AdwCleaner[S0].txt - [7944 octets] - [19/09/2013 09:41:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8004 octets] ##########
____________________________________________________________________________________________________________________________________

JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Microsoft Windows XP x86
Ran by X on čt 19.09.2013 at 9:48:44,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\X\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on čt 19.09.2013 at 9:51:10,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Kotik · Příspěvekod **Kotik** » 19 zář 2013 09:57

RogueKiller:

RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : X [Práva správce]
Mód : Kontrola -- Datum : 09/19/2013 09:55:39
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\X\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\X\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-1897051121-839522115-1003\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\X\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-1897051121-839522115-1003\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\X\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ][PUM] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO
[HJ SECU][PUM] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([Address] prosync1.sys @ 0xF798F6C1)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST3160815AS +++++
--- User ---
[MBR] b6080909c602796de10276d075d40eba
[BSP] a9b57793dc67373748f0ca1f9cdadb44 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_09192013_095539.txt >>

Příspěvekod **jaro3** » 19 zář 2013 11:05

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Spusť znovu RogueKiller
Pokud používáš Win Vista či W7, klikni na RogueKiller pravým a dej spustit jako správce.
Pak klikni na Oprava Host a Zpráva - otevře se log, ten sem vlož.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Kotik · Příspěvekod **Kotik** » 19 zář 2013 12:14

Odstranění nálezů:

RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : X [Práva správce]
Mód : Odebrat -- Datum : 09/19/2013 12:05:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\X\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\X\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-1897051121-839522115-1003\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\X\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-1897051121-839522115-1003\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\X\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ][PUM] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ SECU][PUM] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([Address] prosync1.sys @ 0xF798F6C1)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 http://www.100sexlinks.com
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST3160815AS +++++
--- User ---
[MBR] b6080909c602796de10276d075d40eba
[BSP] a9b57793dc67373748f0ca1f9cdadb44 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_09192013_120554.txt >>
RKreport[0]_S_09192013_095539.txt;RKreport[0]_S_09192013_120535.txt
____________________________________________________________________________________________________________________________________

a oprava hosts:

RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : X [Práva správce]
Mód : Oprava HOSTS -- Datum : 09/19/2013 12:09:17
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 http://www.100sexlinks.com
[...]

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_09192013_120917.txt >>
RKreport[0]_D_09192013_120554.txt;RKreport[0]_S_09192013_095539.txt;RKreport[0]_S_09192013_120535.txt
RKreport[0]_S_09192013_120902.txt

P.S.: doufám, že jsem dal správné logy, vytvořilo mi jich to celkem 5. :lol:

(Vzal jsem to tak, že po každém prohledání to vytvoří log, takže jsem vzal ten následující.)

Kotik · Příspěvekod **Kotik** » 19 zář 2013 12:23

TDSSKiller:

12:16:15.0187 2732 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:16:15.0328 2732 ============================================================
12:16:15.0328 2732 Current date / time: 2013/09/19 12:16:15.0328
12:16:15.0328 2732 SystemInfo:
12:16:15.0328 2732
12:16:15.0328 2732 OS Version: 5.1.2600 ServicePack: 3.0
12:16:15.0328 2732 Product type: Workstation
12:16:15.0328 2732 ComputerName: PENTIUM
12:16:15.0328 2732 UserName: X
12:16:15.0328 2732 Windows directory: C:\WINDOWS
12:16:15.0328 2732 System windows directory: C:\WINDOWS
12:16:15.0328 2732 Processor architecture: Intel x86
12:16:15.0328 2732 Number of processors: 2
12:16:15.0328 2732 Page size: 0x1000
12:16:15.0328 2732 Boot type: Normal boot
12:16:15.0328 2732 ============================================================
12:16:15.0953 2732 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:16:15.0953 2732 ============================================================
12:16:15.0953 2732 \Device\Harddisk0\DR0:
12:16:15.0953 2732 MBR partitions:
12:16:15.0953 2732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
12:16:15.0953 2732 ============================================================
12:16:15.0984 2732 C: <-> \Device\Harddisk0\DR0\Partition1
12:16:15.0984 2732 ============================================================
12:16:15.0984 2732 Initialize success
12:16:15.0984 2732 ============================================================
12:16:21.0562 1660 ============================================================
12:16:21.0562 1660 Scan started
12:16:21.0562 1660 Mode: Manual;
12:16:21.0562 1660 ============================================================
12:16:21.0984 1660 ================ Scan system memory ========================
12:16:21.0984 1660 System memory - ok
12:16:21.0984 1660 ================ Scan services =============================
12:16:22.0062 1660 Abiosdsk - ok
12:16:22.0062 1660 abp480n5 - ok
12:16:22.0093 1660 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:16:22.0093 1660 ACPI - ok
12:16:22.0140 1660 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:16:22.0140 1660 ACPIEC - ok
12:16:22.0203 1660 [ 3109B16A0939BA11696EEB04F345D099 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:16:22.0218 1660 AdobeFlashPlayerUpdateSvc - ok
12:16:22.0218 1660 adpu160m - ok
12:16:22.0234 1660 [ 2F6EBF8EA760FDEE8326DFAB18AE45C4 ] adusbmdm6501 C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys
12:16:22.0234 1660 adusbmdm6501 - ok
12:16:22.0265 1660 [ 2F6EBF8EA760FDEE8326DFAB18AE45C4 ] adusbser6501 C:\WINDOWS\system32\DRIVERS\adusbser65.sys
12:16:22.0265 1660 adusbser6501 - ok
12:16:22.0281 1660 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:16:22.0281 1660 aec - ok
12:16:22.0312 1660 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:16:22.0312 1660 AFD - ok
12:16:22.0312 1660 Aha154x - ok
12:16:22.0312 1660 aic78u2 - ok
12:16:22.0328 1660 aic78xx - ok
12:16:22.0359 1660 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:16:22.0359 1660 Alerter - ok
12:16:22.0390 1660 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
12:16:22.0390 1660 ALG - ok
12:16:22.0390 1660 AliIde - ok
12:16:22.0390 1660 amsint - ok
12:16:22.0437 1660 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:16:22.0437 1660 AppMgmt - ok
12:16:22.0468 1660 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:16:22.0468 1660 Arp1394 - ok
12:16:22.0468 1660 asc - ok
12:16:22.0468 1660 asc3350p - ok
12:16:22.0484 1660 asc3550 - ok
12:16:22.0578 1660 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:16:22.0609 1660 aspnet_state - ok
12:16:22.0640 1660 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:16:22.0640 1660 aswFsBlk - ok
12:16:22.0656 1660 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:16:22.0656 1660 aswMonFlt - ok
12:16:22.0671 1660 [ C1A411B7CCD604554D96EFDAC2F83617 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
12:16:22.0687 1660 aswRdr - ok
12:16:22.0703 1660 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
12:16:22.0703 1660 aswRvrt - ok
12:16:22.0734 1660 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
12:16:22.0750 1660 aswSnx - ok
12:16:22.0765 1660 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
12:16:22.0781 1660 aswSP - ok
12:16:22.0781 1660 aswTdi - ok
12:16:22.0828 1660 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
12:16:22.0828 1660 aswVmm - ok
12:16:22.0859 1660 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:16:22.0859 1660 AsyncMac - ok
12:16:22.0859 1660 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:16:22.0859 1660 atapi - ok
12:16:22.0890 1660 [ 4D689ED3049947F311330488E1C055C9 ] AtcL001 C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
12:16:22.0890 1660 AtcL001 - ok
12:16:22.0890 1660 Atdisk - ok
12:16:22.0921 1660 [ 2911A46A482F1BBE39F47BAC4CF6F609 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
12:16:22.0937 1660 Ati HotKey Poller - ok
12:16:22.0984 1660 [ 2B2CC2C47F5DE490F27D4292F0EDC034 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
12:16:22.0984 1660 ATI Smart - ok
12:16:23.0109 1660 [ E9375396F55B58C2042C7C9844D297E3 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:16:23.0140 1660 ati2mtag - ok
12:16:23.0171 1660 [ 0E4BB35C5305099AC82053AC992E3E0E ] ATITool C:\WINDOWS\system32\DRIVERS\ATITool.sys
12:16:23.0171 1660 ATITool - ok
12:16:23.0187 1660 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:16:23.0187 1660 Atmarpc - ok
12:16:23.0218 1660 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:16:23.0218 1660 AudioSrv - ok
12:16:23.0265 1660 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:16:23.0265 1660 audstub - ok
12:16:23.0390 1660 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
12:16:23.0390 1660 avast! Antivirus - ok
12:16:23.0421 1660 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:16:23.0421 1660 Beep - ok
12:16:23.0468 1660 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
12:16:23.0468 1660 BITS - ok
12:16:23.0515 1660 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
12:16:23.0515 1660 Browser - ok
12:16:23.0656 1660 catchme - ok
12:16:23.0703 1660 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:16:23.0703 1660 cbidf2k - ok
12:16:23.0703 1660 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:16:23.0703 1660 CCDECODE - ok
12:16:23.0718 1660 cd20xrnt - ok
12:16:23.0765 1660 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:16:23.0765 1660 Cdaudio - ok
12:16:23.0781 1660 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:16:23.0781 1660 Cdfs - ok
12:16:23.0796 1660 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:16:23.0796 1660 Cdrom - ok
12:16:23.0796 1660 Changer - ok
12:16:23.0843 1660 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:16:23.0843 1660 CiSvc - ok
12:16:23.0859 1660 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:16:23.0859 1660 ClipSrv - ok
12:16:23.0890 1660 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:16:23.0937 1660 clr_optimization_v2.0.50727_32 - ok
12:16:23.0937 1660 CmdIde - ok
12:16:23.0937 1660 COMSysApp - ok
12:16:23.0953 1660 Cpqarray - ok
12:16:23.0953 1660 cpuz130 - ok
12:16:23.0984 1660 [ 097A0A4899B759A4F032BD464963B4BE ] cpuz132 C:\WINDOWS\system32\drivers\cpuz132_x32.sys
12:16:23.0984 1660 cpuz132 - ok
12:16:24.0000 1660 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135 C:\WINDOWS\system32\drivers\cpuz135_x32.sys
12:16:24.0000 1660 cpuz135 - ok
12:16:24.0031 1660 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:16:24.0031 1660 CryptSvc - ok
12:16:24.0031 1660 CrystalSysInfo - ok
12:16:24.0031 1660 dac2w2k - ok
12:16:24.0046 1660 dac960nt - ok
12:16:24.0093 1660 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:16:24.0109 1660 DcomLaunch - ok
12:16:24.0140 1660 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:16:24.0140 1660 Dhcp - ok
12:16:24.0156 1660 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:16:24.0156 1660 Disk - ok
12:16:24.0171 1660 dmadmin - ok
12:16:24.0203 1660 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:16:24.0218 1660 dmboot - ok
12:16:24.0218 1660 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:16:24.0218 1660 dmio - ok
12:16:24.0234 1660 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:16:24.0234 1660 dmload - ok
12:16:24.0250 1660 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:16:24.0250 1660 dmserver - ok
12:16:24.0265 1660 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:16:24.0265 1660 DMusic - ok
12:16:24.0281 1660 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:16:24.0281 1660 Dnscache - ok
12:16:24.0328 1660 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:16:24.0328 1660 Dot3svc - ok
12:16:24.0328 1660 dpti2o - ok
12:16:24.0359 1660 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:16:24.0359 1660 drmkaud - ok
12:16:24.0375 1660 [ 2F127A9C1DB12799F56BD0231327D182 ] DynCal C:\WINDOWS\system32\drivers\Dyncal.sys
12:16:24.0375 1660 DynCal - ok
12:16:24.0390 1660 EagleNT - ok
12:16:24.0390 1660 EagleXNt - ok
12:16:24.0437 1660 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:16:24.0437 1660 EapHost - ok
12:16:24.0468 1660 [ FD9FC82F134B1C91004FFC76A5AE494B ] ENTECH C:\WINDOWS\system32\DRIVERS\ENTECH.SYS
12:16:24.0468 1660 ENTECH - ok
12:16:24.0500 1660 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:16:24.0515 1660 ERSvc - ok
12:16:24.0546 1660 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
12:16:24.0562 1660 Eventlog - ok
12:16:24.0593 1660 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
12:16:24.0593 1660 EventSystem - ok
12:16:24.0625 1660 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:16:24.0625 1660 Fastfat - ok
12:16:24.0671 1660 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:16:24.0671 1660 FastUserSwitchingCompatibility - ok
12:16:24.0687 1660 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:16:24.0687 1660 Fdc - ok
12:16:24.0718 1660 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:16:24.0718 1660 Fips - ok
12:16:24.0718 1660 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:16:24.0734 1660 Flpydisk - ok
12:16:24.0765 1660 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:16:24.0765 1660 FltMgr - ok
12:16:24.0859 1660 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:16:24.0859 1660 FontCache3.0.0.0 - ok
12:16:24.0859 1660 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:16:24.0875 1660 Fs_Rec - ok
12:16:24.0906 1660 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:16:24.0906 1660 Ftdisk - ok
12:16:24.0921 1660 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:16:24.0921 1660 Gpc - ok
12:16:24.0984 1660 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:16:24.0984 1660 gupdate - ok
12:16:24.0984 1660 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:16:24.0984 1660 gupdatem - ok
12:16:25.0031 1660 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
12:16:25.0031 1660 hamachi - ok
12:16:25.0109 1660 [ 176825151F2F93415BCB37C29AF11A3D ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
12:16:25.0125 1660 Hamachi2Svc - ok
12:16:25.0156 1660 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:16:25.0156 1660 HDAudBus - ok
12:16:25.0234 1660 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:16:25.0234 1660 helpsvc - ok
12:16:25.0265 1660 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
12:16:25.0281 1660 HidServ - ok
12:16:25.0281 1660 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:16:25.0281 1660 HidUsb - ok
12:16:25.0328 1660 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:16:25.0328 1660 hkmsvc - ok
12:16:25.0328 1660 hpn - ok
12:16:25.0375 1660 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:16:25.0375 1660 HTTP - ok
12:16:25.0421 1660 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:16:25.0421 1660 HTTPFilter - ok
12:16:25.0421 1660 i2omgmt - ok
12:16:25.0437 1660 i2omp - ok
12:16:25.0453 1660 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:16:25.0468 1660 i8042prt - ok
12:16:25.0546 1660 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:16:25.0546 1660 IDriverT - ok
12:16:25.0640 1660 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:16:25.0671 1660 idsvc - ok
12:16:25.0671 1660 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:16:25.0671 1660 Imapi - ok
12:16:25.0703 1660 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:16:25.0703 1660 ImapiService - ok
12:16:25.0718 1660 ini910u - ok
12:16:25.0859 1660 [ 60D7460B07012D364CED11DD9FD83E1F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:16:25.0890 1660 IntcAzAudAddService - ok
12:16:25.0906 1660 IntelIde - ok
12:16:25.0937 1660 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:16:25.0937 1660 intelppm - ok
12:16:25.0937 1660 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:16:25.0937 1660 Ip6Fw - ok
12:16:25.0984 1660 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:16:25.0984 1660 IpFilterDriver - ok
12:16:26.0000 1660 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:16:26.0000 1660 IpInIp - ok
12:16:26.0015 1660 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:16:26.0015 1660 IpNat - ok
12:16:26.0031 1660 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:16:26.0031 1660 IPSec - ok
12:16:26.0046 1660 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:16:26.0046 1660 IRENUM - ok
12:16:26.0046 1660 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:16:26.0046 1660 isapnp - ok
12:16:26.0171 1660 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:16:26.0171 1660 JavaQuickStarterService - ok
12:16:26.0171 1660 k750bus - ok
12:16:26.0171 1660 k750mdfl - ok
12:16:26.0171 1660 k750mdm - ok
12:16:26.0187 1660 k750mgmt - ok
12:16:26.0187 1660 k750obex - ok
12:16:26.0203 1660 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:16:26.0203 1660 Kbdclass - ok
12:16:26.0203 1660 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:16:26.0203 1660 kbdhid - ok
12:16:26.0218 1660 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:16:26.0218 1660 kmixer - ok
12:16:26.0234 1660 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:16:26.0234 1660 KSecDD - ok
12:16:26.0265 1660 [ 21920AC69594AB021237054FA728FE46 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:16:26.0265 1660 lanmanserver - ok
12:16:26.0281 1660 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:16:26.0296 1660 lanmanworkstation - ok
12:16:26.0296 1660 lbrtfdc - ok
12:16:26.0312 1660 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:16:26.0312 1660 LmHosts - ok
12:16:26.0328 1660 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:16:26.0343 1660 Messenger - ok
12:16:26.0375 1660 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:16:26.0375 1660 mnmdd - ok
12:16:26.0406 1660 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:16:26.0406 1660 mnmsrvc - ok
12:16:26.0437 1660 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:16:26.0437 1660 Modem - ok
12:16:26.0453 1660 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:16:26.0453 1660 Mouclass - ok
12:16:26.0468 1660 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:16:26.0468 1660 mouhid - ok
12:16:26.0484 1660 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:16:26.0484 1660 MountMgr - ok
12:16:26.0500 1660 mraid35x - ok
12:16:26.0500 1660 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:16:26.0500 1660 MRxDAV - ok
12:16:26.0515 1660 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:16:26.0515 1660 MRxSmb - ok
12:16:26.0546 1660 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:16:26.0546 1660 MSDTC - ok
12:16:26.0546 1660 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:16:26.0546 1660 Msfs - ok
12:16:26.0546 1660 MSIServer - ok
12:16:26.0578 1660 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:16:26.0578 1660 MSKSSRV - ok
12:16:26.0593 1660 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:16:26.0593 1660 MSPCLOCK - ok
12:16:26.0593 1660 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:16:26.0609 1660 MSPQM - ok
12:16:26.0625 1660 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:16:26.0625 1660 mssmbios - ok
12:16:26.0640 1660 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:16:26.0640 1660 MSTEE - ok
12:16:26.0671 1660 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
12:16:26.0671 1660 MTsensor - ok
12:16:26.0687 1660 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:16:26.0687 1660 Mup - ok
12:16:26.0718 1660 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:16:26.0718 1660 NABTSFEC - ok
12:16:26.0765 1660 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:16:26.0765 1660 napagent - ok
12:16:26.0812 1660 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:16:26.0812 1660 NDIS - ok
12:16:26.0828 1660 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:16:26.0828 1660 NdisIP - ok
12:16:26.0859 1660 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:16:26.0859 1660 NdisTapi - ok
12:16:26.0875 1660 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:16:26.0875 1660 Ndisuio - ok
12:16:26.0875 1660 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:16:26.0875 1660 NdisWan - ok
12:16:26.0937 1660 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:16:26.0937 1660 NDProxy - ok
12:16:26.0953 1660 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:16:26.0953 1660 NetBIOS - ok
12:16:26.0968 1660 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:16:26.0968 1660 NetBT - ok
12:16:27.0000 1660 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
12:16:27.0015 1660 NetDDE - ok
12:16:27.0015 1660 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:16:27.0015 1660 NetDDEdsdm - ok
12:16:27.0062 1660 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:16:27.0062 1660 Netlogon - ok
12:16:27.0078 1660 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
12:16:27.0093 1660 Netman - ok
12:16:27.0125 1660 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:16:27.0125 1660 NetTcpPortSharing - ok
12:16:27.0156 1660 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:16:27.0156 1660 NIC1394 - ok
12:16:27.0171 1660 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
12:16:27.0187 1660 Nla - ok
12:16:27.0203 1660 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:16:27.0218 1660 Npfs - ok
12:16:27.0218 1660 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:16:27.0234 1660 Ntfs - ok
12:16:27.0234 1660 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:16:27.0234 1660 NtLmSsp - ok
12:16:27.0281 1660 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:16:27.0281 1660 NtmsSvc - ok
12:16:27.0312 1660 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:16:27.0312 1660 Null - ok
12:16:27.0343 1660 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:16:27.0343 1660 NwlnkFlt - ok
12:16:27.0359 1660 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:16:27.0359 1660 NwlnkFwd - ok
12:16:27.0359 1660 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:16:27.0359 1660 ohci1394 - ok
12:16:27.0406 1660 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:16:27.0406 1660 ose - ok
12:16:27.0437 1660 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:16:27.0437 1660 Parport - ok
12:16:27.0453 1660 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:16:27.0453 1660 PartMgr - ok
12:16:27.0484 1660 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:16:27.0484 1660 ParVdm - ok
12:16:27.0484 1660 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:16:27.0500 1660 PCI - ok
12:16:27.0500 1660 PCIDump - ok
12:16:27.0515 1660 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:16:27.0515 1660 PCIIde - ok
12:16:27.0546 1660 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:16:27.0546 1660 Pcmcia - ok
12:16:27.0546 1660 PDCOMP - ok
12:16:27.0546 1660 PDFRAME - ok
12:16:27.0562 1660 PDRELI - ok
12:16:27.0562 1660 PDRFRAME - ok
12:16:27.0562 1660 perc2 - ok
12:16:27.0562 1660 perc2hib - ok
12:16:27.0609 1660 [ ED2E7F396B4098608C95BC3806BDF6FC ] pfc C:\WINDOWS\system32\drivers\pfc.sys
12:16:27.0609 1660 pfc - ok
12:16:27.0625 1660 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
12:16:27.0625 1660 PlugPlay - ok
12:16:27.0671 1660 [ A1DD33D16F277CE34124EE52AB2C0F14 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
12:16:27.0671 1660 PnkBstrA - ok
12:16:27.0687 1660 [ 7C01817ADF3207FB65A4B56E6D5AD833 ] PnkBstrB C:\WINDOWS\system32\PnkBstrB.exe
12:16:27.0687 1660 PnkBstrB - ok
12:16:27.0687 1660 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:16:27.0703 1660 PolicyAgent - ok
12:16:27.0734 1660 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:16:27.0734 1660 PptpMiniport - ok
12:16:27.0765 1660 [ 09921A58B4278BC16EFA91A8FE480C50 ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
12:16:27.0765 1660 prodrv06 - ok
12:16:27.0781 1660 [ 97184F49AA0733F6EEA28ADA265BA8DA ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
12:16:27.0781 1660 prohlp02 - ok
12:16:27.0796 1660 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
12:16:27.0796 1660 prosync1 - ok
12:16:27.0796 1660 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:16:27.0796 1660 ProtectedStorage - ok
12:16:27.0796 1660 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:16:27.0812 1660 PSched - ok
12:16:27.0843 1660 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:16:27.0843 1660 Ptilink - ok
12:16:27.0843 1660 ql1080 - ok
12:16:27.0843 1660 Ql10wnt - ok
12:16:27.0859 1660 ql12160 - ok
12:16:27.0859 1660 ql1240 - ok
12:16:27.0859 1660 ql1280 - ok
12:16:27.0890 1660 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:16:27.0890 1660 RasAcd - ok
12:16:27.0921 1660 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:16:27.0937 1660 RasAuto - ok
12:16:27.0953 1660 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:16:27.0968 1660 Rasl2tp - ok
12:16:28.0000 1660 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:16:28.0000 1660 RasMan - ok
12:16:28.0000 1660 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:16:28.0000 1660 RasPppoe - ok
12:16:28.0031 1660 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:16:28.0031 1660 Raspti - ok
12:16:28.0046 1660 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:16:28.0046 1660 Rdbss - ok
12:16:28.0062 1660 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:16:28.0062 1660 RDPCDD - ok
12:16:28.0078 1660 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:16:28.0078 1660 rdpdr - ok
12:16:28.0109 1660 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:16:28.0109 1660 RDPWD - ok
12:16:28.0125 1660 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:16:28.0125 1660 RDSessMgr - ok
12:16:28.0140 1660 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:16:28.0140 1660 redbook - ok
12:16:28.0171 1660 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:16:28.0171 1660 RemoteAccess - ok
12:16:28.0203 1660 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:16:28.0218 1660 RemoteRegistry - ok
12:16:28.0234 1660 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:16:28.0250 1660 RpcLocator - ok
12:16:28.0281 1660 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
12:16:28.0281 1660 RpcSs - ok
12:16:28.0312 1660 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:16:28.0328 1660 RSVP - ok
12:16:28.0343 1660 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
12:16:28.0343 1660 SamSs - ok
12:16:28.0375 1660 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:16:28.0375 1660 SCardSvr - ok
12:16:28.0406 1660 [ 20B2751CD4C8F3FD989739CA661B9F30 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
12:16:28.0406 1660 SCDEmu - ok
12:16:28.0421 1660 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:16:28.0437 1660 Schedule - ok
12:16:28.0468 1660 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:16:28.0468 1660 Secdrv - ok
12:16:28.0468 1660 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:16:28.0484 1660 seclogon - ok
12:16:28.0484 1660 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
12:16:28.0500 1660 SENS - ok
12:16:28.0500 1660 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:16:28.0500 1660 Serenum - ok
12:16:28.0515 1660 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:16:28.0515 1660 Serial - ok
12:16:28.0578 1660 [ 019AB047B932AD277A4DA2673E5CC19C ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:16:28.0578 1660 ServiceLayer - ok
12:16:28.0625 1660 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
12:16:28.0625 1660 sfhlp01 - ok
12:16:28.0640 1660 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:16:28.0640 1660 Sfloppy - ok
12:16:28.0671 1660 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:16:28.0687 1660 SharedAccess - ok
12:16:28.0718 1660 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:16:28.0718 1660 ShellHWDetection - ok
12:16:28.0718 1660 Simbad - ok
12:16:28.0953 1660 [ D0776778A9FC5E37F2E9EB21FC8A9709 ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:16:28.0968 1660 Skype C2C Service - ok
12:16:29.0015 1660 [ 004179B6C039D39B71FBE3D07C5DFE79 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:16:29.0015 1660 SkypeUpdate - ok
12:16:29.0046 1660 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:16:29.0046 1660 SLIP - ok
12:16:29.0046 1660 Sparrow - ok
12:16:29.0078 1660 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:16:29.0078 1660 splitter - ok
12:16:29.0109 1660 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:16:29.0109 1660 Spooler - ok
12:16:29.0140 1660 [ E3879C514F59402E1A7CE58A5511816F ] SQTECH905C C:\WINDOWS\system32\Drivers\Capt905c.sys
12:16:29.0140 1660 SQTECH905C - ok
12:16:29.0171 1660 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:16:29.0171 1660 sr - ok
12:16:29.0203 1660 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
12:16:29.0203 1660 srservice - ok
12:16:29.0250 1660 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:16:29.0250 1660 Srv - ok
12:16:29.0281 1660 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:16:29.0281 1660 SSDPSRV - ok
12:16:29.0375 1660 [ F3FDA3DB4F3D77C8285F3E307F886DE8 ] ssinstall C:\WINDOWS\System32\ssins.exe
12:16:29.0406 1660 ssinstall - ok
12:16:29.0437 1660 [ 3DBF9D2E5DE3A72B37AB27ABB79FEE69 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
12:16:29.0453 1660 Steam Client Service - ok
12:16:29.0484 1660 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:16:29.0484 1660 stisvc - ok
12:16:29.0515 1660 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:16:29.0515 1660 streamip - ok
12:16:29.0546 1660 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:16:29.0546 1660 swenum - ok
12:16:29.0562 1660 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:16:29.0562 1660 swmidi - ok
12:16:29.0562 1660 SwPrv - ok
12:16:29.0578 1660 symc810 - ok
12:16:29.0578 1660 symc8xx - ok
12:16:29.0578 1660 sym_hi - ok
12:16:29.0578 1660 sym_u3 - ok
12:16:29.0593 1660 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:16:29.0593 1660 sysaudio - ok
12:16:29.0625 1660 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:16:29.0625 1660 SysmonLog - ok
12:16:29.0640 1660 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:16:29.0656 1660 TapiSrv - ok
12:16:29.0703 1660 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:16:29.0703 1660 Tcpip - ok
12:16:29.0734 1660 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:16:29.0734 1660 TDPIPE - ok
12:16:29.0734 1660 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:16:29.0734 1660 TDTCP - ok
12:16:29.0765 1660 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:16:29.0765 1660 TermDD - ok
12:16:29.0796 1660 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
12:16:29.0796 1660 TermService - ok
12:16:29.0828 1660 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
12:16:29.0828 1660 Themes - ok
12:16:29.0890 1660 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
12:16:29.0906 1660 TlntSvr - ok
12:16:29.0906 1660 TosIde - ok
12:16:29.0921 1660 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:16:29.0937 1660 TrkWks - ok
12:16:29.0953 1660 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:16:29.0953 1660 Udfs - ok
12:16:29.0953 1660 ultra - ok
12:16:30.0000 1660 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:16:30.0000 1660 Update - ok
12:16:30.0031 1660 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
12:16:30.0031 1660 upnphost - ok
12:16:30.0046 1660 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
12:16:30.0046 1660 UPS - ok
12:16:30.0093 1660 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:16:30.0093 1660 usbaudio - ok
12:16:30.0109 1660 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:16:30.0109 1660 usbccgp - ok
12:16:30.0109 1660 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:16:30.0109 1660 usbehci - ok
12:16:30.0140 1660 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:16:30.0140 1660 usbhub - ok
12:16:30.0171 1660 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:16:30.0171 1660 usbprint - ok
12:16:30.0187 1660 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:16:30.0187 1660 usbscan - ok
12:16:30.0187 1660 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:16:30.0187 1660 USBSTOR - ok
12:16:30.0218 1660 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:16:30.0218 1660 usbuhci - ok
12:16:30.0234 1660 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
12:16:30.0234 1660 usbvideo - ok
12:16:30.0250 1660 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:16:30.0250 1660 VgaSave - ok
12:16:30.0250 1660 ViaIde - ok
12:16:30.0281 1660 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:16:30.0281 1660 VolSnap - ok
12:16:30.0328 1660 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
12:16:30.0328 1660 VSS - ok
12:16:30.0359 1660 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
12:16:30.0375 1660 W32Time - ok
12:16:30.0390 1660 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:16:30.0390 1660 Wanarp - ok
12:16:30.0390 1660 WDICA - ok
12:16:30.0390 1660 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:16:30.0390 1660 wdmaud - ok
12:16:30.0406 1660 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:16:30.0406 1660 WebClient - ok
12:16:30.0500 1660 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:16:30.0500 1660 winmgmt - ok
12:16:30.0609 1660 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:16:30.0609 1660 wlidsvc - ok
12:16:30.0656 1660 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:16:30.0656 1660 WmdmPmSN - ok
12:16:30.0703 1660 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
12:16:30.0750 1660 Wmi - ok
12:16:30.0765 1660 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:16:30.0781 1660 WmiApSrv - ok
12:16:30.0859 1660 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:16:30.0890 1660 WMPNetworkSvc - ok
12:16:30.0906 1660 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:16:30.0906 1660 WpdUsb - ok
12:16:30.0937 1660 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:16:30.0953 1660 wscsvc - ok
12:16:30.0968 1660 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:16:30.0968 1660 WSTCODEC - ok
12:16:31.0000 1660 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:16:31.0015 1660 wuauserv - ok
12:16:31.0046 1660 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:16:31.0046 1660 WudfPf - ok
12:16:31.0078 1660 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:16:31.0078 1660 WudfRd - ok
12:16:31.0109 1660 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:16:31.0109 1660 WudfSvc - ok
12:16:31.0156 1660 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:16:31.0156 1660 WZCSVC - ok
12:16:31.0187 1660 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:16:31.0203 1660 xmlprov - ok
12:16:31.0203 1660 ================ Scan global ===============================
12:16:31.0234 1660 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
12:16:31.0265 1660 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
12:16:31.0281 1660 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
12:16:31.0296 1660 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
12:16:31.0296 1660 [Global] - ok
12:16:31.0296 1660 ================ Scan MBR ==================================
12:16:31.0312 1660 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
12:16:31.0468 1660 \Device\Harddisk0\DR0 - ok
12:16:31.0484 1660 ================ Scan VBR ==================================
12:16:31.0484 1660 [ EA267217617127B4606516D3CDCD3769 ] \Device\Harddisk0\DR0\Partition1
12:16:31.0484 1660 \Device\Harddisk0\DR0\Partition1 - ok
12:16:31.0484 1660 ============================================================
12:16:31.0484 1660 Scan finished
12:16:31.0484 1660 ============================================================
12:16:31.0500 3592 Detected object count: 0
12:16:31.0500 3592 Actual detected object count: 0

Příspěvekod **jaro3** » 19 zář 2013 15:40

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Kotik · Příspěvekod **Kotik** » 19 zář 2013 20:04

ComboFix 13-09-19.01 - X 19.09.2013 19:52:10.15.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1575 [GMT 2:00]
Spuštěný z: c:\documents and settings\X\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\X\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
c:\documents and settings\X\sqlite3.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\tmp64.tmp
c:\windows\system32\tmp65.tmp
c:\windows\system32\TZLog.log
c:\windows\wininit.ini
.
Nakažená kopie c:\windows\system32\kernel32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\kernel32.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-19 do 2013-09-19 )))))))))))))))))))))))))))))))
.
.
2013-09-19 07:48 . 2013-09-19 07:48 -------- d-----w- c:\windows\ERUNT
2013-09-17 07:46 . 2013-09-19 07:42 -------- d-----w- C:\AdwCleaner
2013-09-13 14:52 . 2013-09-13 14:52 -------- d-----w- C:\Riot Games
2013-09-09 16:51 . 2013-09-17 15:58 -------- d-----w- c:\documents and settings\X\Data aplikací\.minecraft
2013-09-09 16:49 . 2013-09-09 16:51 -------- d-----w- c:\program files\Minecraft.1.2.6.131.&.SMP.LAN.SERVER.&.NAME.SPOOFER.(NanoEntity)
2013-09-09 16:14 . 2013-09-09 16:14 -------- d-----w- c:\documents and settings\X\NabÝdka Start
2013-09-09 16:14 . 2013-09-09 16:14 -------- d-----w- c:\documents and settings\X\Data aplikacÝ
2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-09-03 08:33 . 2013-09-03 08:33 388096 ----a-r- c:\documents and settings\X\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-30 10:21 . 2013-08-30 10:21 -------- d-----w- c:\documents and settings\X\Local Settings\Data aplikací\PCHealth
2013-08-30 10:12 . 2013-08-30 10:12 -------- d-----w- C:\b0fb3e264dc00a013c
2013-08-30 08:05 . 2013-08-30 08:05 -------- d-----w- c:\windows\ie8updates
2013-08-30 08:01 . 2013-08-30 08:01 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2013-08-29 14:58 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2013-08-29 14:48 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2013-08-29 14:45 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2013-08-29 14:45 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2013-08-29 14:43 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2013-08-29 14:43 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2013-08-29 14:43 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2013-08-29 14:43 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2013-08-29 14:43 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2013-08-29 14:43 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2013-08-29 14:43 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2013-08-29 14:41 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2013-08-29 14:37 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-08-29 14:37 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-08-29 14:37 . 2012-12-16 12:23 290560 -c----w- c:\windows\system32\dllcache\atmfd.dll
2013-08-29 14:35 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2013-08-29 14:33 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2013-08-29 14:33 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2013-08-29 14:28 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2013-08-29 14:28 . 2012-05-28 18:16 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2013-08-29 14:24 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2013-08-29 14:20 . 2013-07-04 07:34 2195712 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2013-08-29 14:20 . 2013-07-04 07:34 2151936 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2013-08-29 14:20 . 2010-12-09 15:15 713216 -c----w- c:\windows\system32\dllcache\ntdll.dll
2013-08-29 14:20 . 2013-07-04 07:33 2030592 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2013-08-29 14:20 . 2013-07-04 07:34 2072320 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2013-08-29 14:18 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2013-08-29 14:18 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2013-08-29 14:18 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-08-29 14:18 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2013-08-29 14:15 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2013-08-29 14:08 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 12:59 . 2012-04-05 09:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 12:59 . 2011-09-20 20:54 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-09 17:14 . 2008-05-10 15:22 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-09-09 17:14 . 2009-03-03 15:27 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-09-09 17:14 . 2008-05-10 15:22 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-08-19 12:26 . 2013-08-12 15:04 2322560 ----a-w- c:\windows\system32\ssins.exe
2013-08-12 15:04 . 2013-08-12 15:04 79 ----a-w- c:\windows\system32\ssinstall-uninstall.bat
2013-08-02 23:48 . 2006-10-18 20:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-16 10:37 . 2013-07-16 10:38 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-16 10:37 . 2013-07-16 10:38 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-16 10:37 . 2013-03-25 08:50 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-07-16 10:37 . 2010-06-27 13:22 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-12 16:33 . 2013-07-12 16:33 1409 ----a-w- c:\windows\QTFont.for
2013-07-10 10:37 . 2004-08-17 13:49 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:34 . 2004-08-17 13:45 2151936 ------w- c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33 . 2004-08-17 15:45 2030592 ------w- c:\windows\system32\ntkrnlpa.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2013-02-12 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-15 16270848]
"ATITool"="c:\program files\ATITool\ATITool.exe" [2007-06-21 3119616]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-09-08 155648]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^X^Nabídka Start^Programy^Po spuštění^Adobe Media Player.lnk]
path=c:\documents and settings\X\Nabídka Start\Programy\Po spuštění\Adobe Media Player.lnk
backup=c:\windows\pss\Adobe Media Player.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMISR]
2008-08-19 14:00 208896 ----a-w- c:\program files\KYE\WebMate\BM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-17 02:04 2879488 ------r- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-01-18 19:07 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\PCGAME\\CALL OF DUTY WORLD AT WAR\\CoDWaW.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\Program Files\\Metin2\\metin2client.bin"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Metin2\\metin2.bin"=
"c:\\Program Files\\Metin2\\metin2.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Documents and Settings\\X\\Dokumenty\\Downloads\\Blacknight-2011\\metin2Client.dll"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\dota 2 beta\\dota.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8287:TCP"= 8287:TCP:BitComet 8287 TCP
"8287:UDP"= 8287:UDP:BitComet 8287 UDP
"56256:TCP"= 56256:TCP:Pando Media Booster
"56256:UDP"= 56256:UDP:Pando Media Booster
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3.3.2013 12:01 49248]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3.3.2013 12:01 164736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.2.2011 7:47 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18.1.2009 19:55 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18.1.2009 19:55 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.3.2013 12:01 66336]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [24.4.2012 17:58 21992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.6.2013 14:02 1440080]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [14.8.2013 11:10 3291008]
R2 ssinstall;SInstalátor;c:\windows\system32\ssins.exe [12.8.2013 17:04 2322560]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [5.9.2007 13:36 35840]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [25.7.2013 9:10 162672]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [7.10.2007 14:50 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [7.10.2007 14:23 64896]
S3 cpuz130;cpuz130;\??\c:\docume~1\X\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\X\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\Dyncal.sys [22.4.2006 16:08 8704]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 12:59]
.
2013-09-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-09-02 23:32]
.
2013-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-26 16:32]
.
2013-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-26 16:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12902
mStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-19 20:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-73586283-1897051121-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1852)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2013-09-19 20:02:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-19 18:02
.
Před spuštěním: Volných bajtů: 64 605 388 800
Po spuštění: Volných bajtů: 64 822 218 752
.
- - End Of File - - 9421538E742E7F234A934F6463C2B3A3
413FC2A0C716421B3158746D63736515

Příspěvekod **jaro3** » 20 zář 2013 09:48

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\kernel32.dll
c:\windows\system32\ssins.exe
c:\windows\system32\ssinstall-uninstall.bat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Avast5---zaktualizuj na verzi Avast8.

prosím o kontrolu logu (pomalý start PC) Vyřešeno

prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Re: prosím o kontrolu logu (pomalý start PC)

Kdo je online