Prosím o kontrolu logu, děkuji.

[SPI]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:37:51, on 30.1.2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Mobogenie\DaemonProcess.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\AVG\AVG2014\avgfws.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mobogenie\MgAssist.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\Spike\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spike\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spike\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spike\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spike\Plocha\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\msiexec.exe
D:\Staženo z NETu\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Spike\Data aplikací\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registrace FIFA 10.lnk = C:\Program Files\EA Sports\FIFA 10\Support\EAregister.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files\Mobogenie\MgAssist.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe

--
End of file - 8031 bytes

[Reklama]

[SPI]

+ ADWCLEANER:


# AdwCleaner v3.007 - Report created 30/01/2014 at 16:49:50
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Spike - SPI
# Running from : C:\Documents and Settings\Spike\Plocha\adwcleaner (1).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\WINDOWS\Tasks\AmiUpdXp.job
Folder Found : C:\Documents and Settings\Spike\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Folder Found C:\Documents and Settings\Spike\Data aplikací\AVG Secure Search
Folder Found C:\Documents and Settings\Spike\Data aplikací\SwvUpdater
Folder Found C:\Documents and Settings\Spike\Local Settings\Data aplikací\AVG Secure Search
Folder Found C:\Program Files\AVG Secure Search
Folder Found C:\Program Files\Common Files\AVG Secure Search

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\wscontb
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\PIP
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\update\sweetimsetup.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://isearch.avg.com/tab?cid={AE808009-1E88-407F-8A5D-7B30FAEA880B}&mid=dd9ff09e800947d1aa1441affccab05f-5f93bbcb289f7a956eb24eeb1dc70a92470ac3a2&lang=en&ds=hk011&coid=&cmpid=&pr=sa&d=2012-07-08 09:14:09&v=17.3.0.49&pid=avg&sg=22&sap=nt

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Spike\Data aplikací\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Found : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={AE808009-1E88-407F-8A5D-7B30FAEA880B}&mid=dd9ff09e800947d1aa1441affccab05f-5f93bbcb289f7a956eb24eeb1dc70a92470ac3a2&lang=en&ds=hk011[...]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Spike\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7058 octets] - [30/01/2014 16:49:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7118 octets] ##########

[SPI]

+ Malwarebytes Anti-Malware:


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.30.05

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Spike :: SPI [administrátor]

30.1.2014 16:55:43
MBAM-log-2014-01-30 (17-17-11).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 194149
Uplynulý čas: 3 minut, 41 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 7
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Spike\Data aplikací\newnext.me\nengine.dll",EntryPoint -m l -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 20
C:\Documents and Settings\Spike\Data aplikací\SWVUPDATER (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Spike\Data aplikací\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Spike\Data aplikací\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1\WebexpEnhancedV1alpha8827 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ch (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff\chrome (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff\chrome\content (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff\chrome\content\icons (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ie (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129 (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ch (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff\chrome (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff\chrome\content (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff\chrome\content\icons (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff\chrome\content\icons\default (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ie (Adware.VPlayer) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 5
C:\Documents and Settings\Spike\Plocha\cesta.exe (PUP.Optional.MusicToolbar.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Spike\Data aplikací\SWVUPDATER\Updater.xml (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Spike\Data aplikací\SWVUPDATER\status.cfg (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Spike\Local Settings\TempDIR\BETTERINSTALLER.EXE (PUP.Optional.BundleInstaller) -> Nebyla provedena žádná instrukce.

(konec)

[Orcus]

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[SPI]

MBAM podruhé:


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.30.05

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Spike :: SPI [administrátor]

30.1.2014 21:42:14
mbam-log-2014-01-30 (21-42-14).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 194008
Uplynulý čas: 3 minut, 30 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 7
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Přesun do karantény a smazání se zdařilo.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Přesun do karantény a smazání se zdařilo.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Spike\Data aplikací\newnext.me\nengine.dll",EntryPoint -m l -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 20
C:\Documents and Settings\Spike\Data aplikací\SWVUPDATER (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Spike\Data aplikací\newnext.me (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Spike\Data aplikací\newnext.me\cache (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1 (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1\WebexpEnhancedV1alpha8827 (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ch (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff\chrome (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff\chrome\content (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff\chrome\content\icons (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA8827\ie (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129 (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ch (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff\chrome (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff\chrome\content (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff\chrome\content\icons (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ff\chrome\content\icons\default (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\VIDEOPLAYERV3\VIDEOPLAYERV3BETA129\ie (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 5
C:\Documents and Settings\Spike\Plocha\cesta.exe (PUP.Optional.MusicToolbar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Spike\Data aplikací\SWVUPDATER\Updater.xml (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Spike\Data aplikací\SWVUPDATER\status.cfg (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Spike\Local Settings\TempDIR\BETTERINSTALLER.EXE (PUP.Optional.BundleInstaller) -> Přesun do karantény a smazání se zdařilo.

(konec)

[SPI]

AdwCleaner 2:


# AdwCleaner v3.007 - Report created 30/01/2014 at 21:57:39
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Spike - SPI
# Running from : C:\Documents and Settings\Spike\Plocha\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Spike\Local Settings\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Spike\Data aplikací\AVG Secure Search
[!] Folder Deleted : C:\Documents and Settings\Spike\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\update\sweetimsetup.exe]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Spike\Data aplikací\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={AE808009-1E88-407F-8A5D-7B30FAEA880B}&mid=dd9ff09e800947d1aa1441affccab05f-5f93bbcb289f7a956eb24eeb1dc70a92470ac3a2&lang=en&ds=hk011[...]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Spike\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7198 octets] - [30/01/2014 16:49:50]
AdwCleaner[R1].txt - [6577 octets] - [30/01/2014 21:55:03]
AdwCleaner[S0].txt - [6404 octets] - [30/01/2014 21:57:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6464 octets] ##########

[SPI]

JRT:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by Spike on źt 30.01.2014 at 22:15:41,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 30.01.2014 at 22:18:24,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[SPI]

RogueKiller:


RogueKiller V8.8.4 [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : Spike [Práva správce]
Mód : Kontrola -- Datum : 01/30/2014 22:27:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-507921405-527237240-839522115-1003\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-507921405-527237240-839522115-1003\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 2 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\WINDOWS\TEMP\{6BDA9195-FAA2-4057-9B29-4CAF10FAD089}.exe - --uninstall=1 [x] -> NALEZENO
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\WINDOWS\TEMP\{D443FCD7-94DA-4789-9280-7A7640FD43A9}.exe - --uninstall=1 [x] -> NALEZENO

¤¤¤ spuštění položky : 2 ¤¤¤
[All Users][SUSP UNIC] WinZip Quick Pick.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk [-] -> NALEZENO
[Spike][SUSP UNIC] Registrace FIFA 10.lnk : C:\Documents and Settings\Spike\Nabídka Start\Programy\Po spuštění\Registrace FIFA 10.lnk [-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6401AALS-00L3B2 +++++
--- User ---
[MBR] 046d487971de4ebe8412c77460a4f724
[BSP] 591e8b1f7a8e85aab67819d81b988f33 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 29996 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61432560 | Size: 580473 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_01302014_222757.txt >>



...neměl jsem dávat smazat nebo opravovat že? :)

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[SPI]

RogueKille:


RogueKiller V8.8.4 [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : Spike [Práva správce]
Mód : Odebrat -- Datum : 01/31/2014 14:51:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-507921405-527237240-839522115-1003\[...]\Run : cz.seznam.software.autoupdate ("C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-507921405-527237240-839522115-1003\[...]\Run : cz.seznam.software.szndesktop ("C:\Documents and Settings\Spike\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 2 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\WINDOWS\TEMP\{6BDA9195-FAA2-4057-9B29-4CAF10FAD089}.exe - --uninstall=1 [x] -> VYMAZÁNO
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\WINDOWS\TEMP\{D443FCD7-94DA-4789-9280-7A7640FD43A9}.exe - --uninstall=1 [x] -> VYMAZÁNO

¤¤¤ spuštění položky : 2 ¤¤¤
[All Users][SUSP UNIC] WinZip Quick Pick.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk [-] -> VYMAZÁNO
[Spike][SUSP UNIC] Registrace FIFA 10.lnk : C:\Documents and Settings\Spike\Nabídka Start\Programy\Po spuštění\Registrace FIFA 10.lnk [-] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6401AALS-00L3B2 +++++
--- User ---
[MBR] 046d487971de4ebe8412c77460a4f724
[BSP] 591e8b1f7a8e85aab67819d81b988f33 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 29996 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61432560 | Size: 580473 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01312014_145125.txt >>
RKreport[0]_S_01302014_222757.txt;RKreport[0]_S_01312014_145102.txt

[SPI]

TDSSKiller:


15:01:01.0781 2912 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:01:14.0796 2912 ============================================================
15:01:14.0796 2912 Current date / time: 2014/01/31 15:01:14.0796
15:01:14.0796 2912 SystemInfo:
15:01:14.0796 2912
15:01:14.0796 2912 OS Version: 5.1.2600 ServicePack: 2.0
15:01:14.0796 2912 Product type: Workstation
15:01:14.0796 2912 ComputerName: SPI
15:01:14.0796 2912 UserName: Spike
15:01:14.0796 2912 Windows directory: C:\WINDOWS
15:01:14.0796 2912 System windows directory: C:\WINDOWS
15:01:14.0796 2912 Processor architecture: Intel x86
15:01:14.0796 2912 Number of processors: 2
15:01:14.0796 2912 Page size: 0x1000
15:01:14.0796 2912 Boot type: Normal boot
15:01:14.0796 2912 ============================================================
15:01:15.0593 2912 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:01:15.0593 2912 ============================================================
15:01:15.0593 2912 \Device\Harddisk0\DR0:
15:01:15.0593 2912 MBR partitions:
15:01:15.0593 2912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A962B1
15:01:15.0609 2912 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0x46DBCCD1
15:01:15.0609 2912 ============================================================
15:01:15.0609 2912 C: <-> \Device\Harddisk0\DR0\Partition1
15:01:15.0687 2912 D: <-> \Device\Harddisk0\DR0\Partition2
15:01:15.0687 2912 ============================================================
15:01:15.0687 2912 Initialize success
15:01:15.0687 2912 ============================================================
15:01:22.0562 1440 ============================================================
15:01:22.0562 1440 Scan started
15:01:22.0562 1440 Mode: Manual;
15:01:22.0562 1440 ============================================================
15:01:22.0796 1440 ================ Scan system memory ========================
15:01:22.0796 1440 System memory - ok
15:01:22.0796 1440 ================ Scan services =============================
15:01:22.0843 1440 Abiosdsk - ok
15:01:22.0859 1440 abp480n5 - ok
15:01:22.0859 1440 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:01:22.0875 1440 ACPI - ok
15:01:22.0890 1440 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:01:22.0890 1440 ACPIEC - ok
15:01:22.0890 1440 adpu160m - ok
15:01:22.0906 1440 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:01:22.0906 1440 aec - ok
15:01:22.0921 1440 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:01:22.0921 1440 AFD - ok
15:01:22.0921 1440 Aha154x - ok
15:01:22.0921 1440 aic78u2 - ok
15:01:22.0921 1440 aic78xx - ok
15:01:22.0953 1440 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:01:22.0953 1440 Alerter - ok
15:01:22.0968 1440 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
15:01:22.0968 1440 ALG - ok
15:01:22.0968 1440 AliIde - ok
15:01:22.0984 1440 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
15:01:22.0984 1440 AmdPPM - ok
15:01:23.0000 1440 amsint - ok
15:01:23.0000 1440 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:01:23.0015 1440 AppMgmt - ok
15:01:23.0015 1440 asc - ok
15:01:23.0015 1440 asc3350p - ok
15:01:23.0015 1440 asc3550 - ok
15:01:23.0031 1440 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
15:01:23.0031 1440 AsIO - ok
15:01:23.0062 1440 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:01:23.0078 1440 aspnet_state - ok
15:01:23.0078 1440 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:01:23.0078 1440 AsyncMac - ok
15:01:23.0125 1440 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:01:23.0125 1440 atapi - ok
15:01:23.0125 1440 Atdisk - ok
15:01:23.0156 1440 [ 4AA5E604DD22E4D3BD63CA73ACD6FE2E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
15:01:23.0156 1440 Ati HotKey Poller - ok
15:01:23.0234 1440 [ 6CEE7E709A82B0AE2AFD28A52C22CADC ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:01:23.0250 1440 ati2mtag - ok
15:01:23.0265 1440 [ F661F01E990B84C58519C1FF43C2108F ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
15:01:23.0265 1440 AtiHdmiService - ok
15:01:23.0281 1440 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:01:23.0281 1440 Atmarpc - ok
15:01:23.0296 1440 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:01:23.0296 1440 AudioSrv - ok
15:01:23.0312 1440 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:01:23.0312 1440 audstub - ok
15:01:23.0312 1440 Avgfwdx - ok
15:01:23.0312 1440 AVGIDSDriver - ok
15:01:23.0312 1440 AVGIDSHX - ok
15:01:23.0328 1440 AVGIDSShim - ok
15:01:23.0328 1440 Avgrkx86 - ok
15:01:23.0328 1440 Avgtdix - ok
15:01:23.0343 1440 [ 15ACA2AD17ACECA4814F249783E63AD3 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
15:01:23.0343 1440 avgtp - ok
15:01:23.0359 1440 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:01:23.0359 1440 Beep - ok
15:01:23.0390 1440 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
15:01:23.0390 1440 BITS - ok
15:01:23.0406 1440 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
15:01:23.0406 1440 Browser - ok
15:01:23.0421 1440 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:01:23.0421 1440 cbidf2k - ok
15:01:23.0421 1440 cd20xrnt - ok
15:01:23.0421 1440 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:01:23.0421 1440 Cdaudio - ok
15:01:23.0437 1440 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:01:23.0437 1440 Cdfs - ok
15:01:23.0453 1440 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:01:23.0453 1440 Cdrom - ok
15:01:23.0453 1440 Changer - ok
15:01:23.0453 1440 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:01:23.0453 1440 CiSvc - ok
15:01:23.0468 1440 [ AF806EFC0290164B0CE111E9E065E6EF ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:01:23.0468 1440 ClipSrv - ok
15:01:23.0500 1440 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:01:23.0500 1440 clr_optimization_v2.0.50727_32 - ok
15:01:23.0500 1440 CmdIde - ok
15:01:23.0500 1440 COMSysApp - ok
15:01:23.0515 1440 Cpqarray - ok
15:01:23.0515 1440 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:01:23.0515 1440 CryptSvc - ok
15:01:23.0531 1440 dac2w2k - ok
15:01:23.0531 1440 dac960nt - ok
15:01:23.0531 1440 [ C72C15EE57E248C66E57C76CAB086CF2 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:01:23.0546 1440 DcomLaunch - ok
15:01:23.0562 1440 [ 562830EFB7CF367FB773FEA5256E67C8 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:01:23.0562 1440 Dhcp - ok
15:01:23.0562 1440 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:01:23.0562 1440 Disk - ok
15:01:23.0562 1440 dmadmin - ok
15:01:23.0593 1440 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:01:23.0593 1440 dmboot - ok
15:01:23.0593 1440 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\DRIVERS\dmio.sys
15:01:23.0593 1440 dmio - ok
15:01:23.0609 1440 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:01:23.0609 1440 dmload - ok
15:01:23.0625 1440 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:01:23.0625 1440 dmserver - ok
15:01:23.0640 1440 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:01:23.0640 1440 DMusic - ok
15:01:23.0656 1440 [ F605B3F5674D67587C4B6C9E92A3E025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:01:23.0656 1440 Dnscache - ok
15:01:23.0671 1440 dpti2o - ok
15:01:23.0671 1440 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:01:23.0671 1440 drmkaud - ok
15:01:23.0687 1440 [ FB38473835476A6FB272215A1D972AF9 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
15:01:23.0687 1440 dtsoftbus01 - ok
15:01:23.0703 1440 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:01:23.0703 1440 ERSvc - ok
15:01:23.0734 1440 esgiguard - ok
15:01:23.0750 1440 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] Eventlog C:\WINDOWS\system32\services.exe
15:01:23.0750 1440 Eventlog - ok
15:01:23.0765 1440 [ 972378B907070F64932A87C90A035487 ] EventSystem C:\WINDOWS\system32\es.dll
15:01:23.0765 1440 EventSystem - ok
15:01:23.0781 1440 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:01:23.0781 1440 Fastfat - ok
15:01:23.0781 1440 [ 8BA76BD2A943F642F267A296A15776D2 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:01:23.0781 1440 FastUserSwitchingCompatibility - ok
15:01:23.0796 1440 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:01:23.0796 1440 Fdc - ok
15:01:23.0812 1440 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:01:23.0812 1440 Fips - ok
15:01:23.0812 1440 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:01:23.0812 1440 Flpydisk - ok
15:01:23.0828 1440 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:01:23.0828 1440 FltMgr - ok
15:01:23.0843 1440 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:01:23.0843 1440 FontCache3.0.0.0 - ok
15:01:23.0859 1440 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:01:23.0859 1440 Fs_Rec - ok
15:01:23.0859 1440 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:01:23.0859 1440 Ftdisk - ok
15:01:23.0875 1440 [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv C:\WINDOWS\gdrv.sys
15:01:23.0875 1440 gdrv - ok
15:01:23.0875 1440 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:01:23.0875 1440 Gpc - ok
15:01:23.0890 1440 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:01:23.0890 1440 HDAudBus - ok
15:01:23.0906 1440 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:01:23.0906 1440 helpsvc - ok
15:01:23.0921 1440 [ D2DCF769E5A70027058AD5BE1F9B55BF ] HidServ C:\WINDOWS\System32\hidserv.dll
15:01:23.0921 1440 HidServ - ok
15:01:23.0937 1440 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:01:23.0937 1440 hidusb - ok
15:01:23.0937 1440 hpn - ok
15:01:23.0953 1440 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
15:01:23.0953 1440 HTCAND32 - ok
15:01:23.0968 1440 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
15:01:23.0968 1440 htcnprot - ok
15:01:23.0984 1440 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:01:23.0984 1440 HTTP - ok
15:01:24.0000 1440 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:01:24.0000 1440 HTTPFilter - ok
15:01:24.0000 1440 i2omgmt - ok
15:01:24.0000 1440 i2omp - ok
15:01:24.0015 1440 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:01:24.0031 1440 i8042prt - ok
15:01:24.0062 1440 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:01:24.0062 1440 IDriverT - ok
15:01:24.0109 1440 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:01:24.0125 1440 idsvc - ok
15:01:24.0140 1440 [ E73EF658B5B60ABB8A159947212F29D8 ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe
15:01:24.0140 1440 IISADMIN - ok
15:01:24.0156 1440 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:01:24.0156 1440 Imapi - ok
15:01:24.0156 1440 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:01:24.0156 1440 ImapiService - ok
15:01:24.0156 1440 ini910u - ok
15:01:24.0171 1440 IntelIde - ok
15:01:24.0171 1440 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:01:24.0171 1440 Ip6Fw - ok
15:01:24.0187 1440 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:01:24.0187 1440 IpFilterDriver - ok
15:01:24.0187 1440 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:01:24.0187 1440 IpInIp - ok
15:01:24.0203 1440 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:01:24.0203 1440 IpNat - ok
15:01:24.0218 1440 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:01:24.0218 1440 IPSec - ok
15:01:24.0234 1440 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:01:24.0234 1440 IRENUM - ok
15:01:24.0250 1440 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:01:24.0250 1440 isapnp - ok
15:01:24.0281 1440 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:01:24.0281 1440 JavaQuickStarterService - ok
15:01:24.0281 1440 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:01:24.0281 1440 Kbdclass - ok
15:01:24.0296 1440 [ 065B5A83AA78C0C7047BF22E0AB5C821 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:01:24.0296 1440 kbdhid - ok
15:01:24.0312 1440 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:01:24.0312 1440 kmixer - ok
15:01:24.0312 1440 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:01:24.0312 1440 KSecDD - ok
15:01:24.0328 1440 [ 58759156A6918913EDD368F995BE3E53 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
15:01:24.0328 1440 L8042Kbd - ok
15:01:24.0343 1440 [ 6D6BDD68B775986577C48A8DF961A05C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:01:24.0343 1440 lanmanserver - ok
15:01:24.0343 1440 [ 69B0569AAE33F0D5057CA0E8577AAF07 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:01:24.0359 1440 lanmanworkstation - ok
15:01:24.0359 1440 lbrtfdc - ok
15:01:24.0359 1440 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:01:24.0359 1440 LmHosts - ok
15:01:24.0375 1440 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:01:24.0375 1440 Messenger - ok
15:01:24.0406 1440 [ A98854730F001559A1E391DB9F726A34 ] MgAssistService C:\Program Files\Mobogenie\MgAssist.exe
15:01:24.0406 1440 MgAssistService - ok
15:01:24.0421 1440 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:01:24.0421 1440 mnmdd - ok
15:01:24.0437 1440 [ 86BF8FE56E888856E085CB1E49CE7CB4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:01:24.0437 1440 mnmsrvc - ok
15:01:24.0453 1440 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:01:24.0453 1440 Modem - ok
15:01:24.0484 1440 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] monfilt C:\WINDOWS\system32\drivers\monfilt.sys
15:01:24.0500 1440 monfilt - ok
15:01:24.0500 1440 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:01:24.0500 1440 Mouclass - ok
15:01:24.0515 1440 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:01:24.0515 1440 mouhid - ok
15:01:24.0515 1440 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:01:24.0515 1440 MountMgr - ok
15:01:24.0515 1440 mraid35x - ok
15:01:24.0531 1440 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:01:24.0531 1440 MRxDAV - ok
15:01:24.0546 1440 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:01:24.0546 1440 MRxSmb - ok
15:01:24.0578 1440 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:01:24.0578 1440 MSDTC - ok
15:01:24.0593 1440 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:01:24.0593 1440 Msfs - ok
15:01:24.0593 1440 MSIServer - ok
15:01:24.0609 1440 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:01:24.0609 1440 MSKSSRV - ok
15:01:24.0625 1440 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:01:24.0625 1440 MSPCLOCK - ok
15:01:24.0625 1440 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:01:24.0625 1440 MSPQM - ok
15:01:24.0640 1440 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:01:24.0640 1440 mssmbios - ok
15:01:24.0656 1440 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
15:01:24.0656 1440 MTsensor - ok
15:01:24.0656 1440 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:01:24.0656 1440 Mup - ok
15:01:24.0671 1440 NAVENG - ok
15:01:24.0671 1440 NAVEX15 - ok
15:01:24.0687 1440 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:01:24.0687 1440 NDIS - ok
15:01:24.0687 1440 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:01:24.0687 1440 NdisTapi - ok
15:01:24.0703 1440 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:01:24.0703 1440 Ndisuio - ok
15:01:24.0718 1440 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:01:24.0718 1440 NdisWan - ok
15:01:24.0718 1440 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:01:24.0718 1440 NDProxy - ok
15:01:24.0734 1440 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:01:24.0734 1440 NetBIOS - ok
15:01:24.0750 1440 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:01:24.0750 1440 NetBT - ok
15:01:24.0750 1440 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
15:01:24.0765 1440 NetDDE - ok
15:01:24.0765 1440 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:01:24.0765 1440 NetDDEdsdm - ok
15:01:24.0781 1440 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:01:24.0781 1440 Netlogon - ok
15:01:24.0781 1440 [ AF342D2781225A8769686E0D47E3123E ] Netman C:\WINDOWS\System32\netman.dll
15:01:24.0796 1440 Netman - ok
15:01:24.0812 1440 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:01:24.0812 1440 NetTcpPortSharing - ok
15:01:24.0828 1440 [ 64C078BD4EFD441C3F159EDC5EA4420A ] Nla C:\WINDOWS\System32\mswsock.dll
15:01:24.0828 1440 Nla - ok
15:01:24.0843 1440 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:01:24.0843 1440 Npfs - ok
15:01:24.0859 1440 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:01:24.0859 1440 Ntfs - ok
15:01:24.0859 1440 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:01:24.0859 1440 NtLmSsp - ok
15:01:24.0890 1440 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:01:24.0890 1440 NtmsSvc - ok
15:01:24.0890 1440 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:01:24.0890 1440 Null - ok
15:01:24.0906 1440 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:01:24.0906 1440 NwlnkFlt - ok
15:01:24.0921 1440 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:01:24.0921 1440 NwlnkFwd - ok
15:01:24.0937 1440 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\drivers\Parport.sys
15:01:24.0937 1440 Parport - ok
15:01:24.0937 1440 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:01:24.0937 1440 PartMgr - ok
15:01:24.0953 1440 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:01:24.0953 1440 ParVdm - ok
15:01:24.0968 1440 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
15:01:24.0968 1440 PassThru Service - ok
15:01:24.0984 1440 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:01:24.0984 1440 PCI - ok
15:01:24.0984 1440 PCIDump - ok
15:01:24.0984 1440 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:01:24.0984 1440 PCIIde - ok
15:01:25.0000 1440 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:01:25.0000 1440 Pcmcia - ok
15:01:25.0000 1440 PDCOMP - ok
15:01:25.0000 1440 PDFRAME - ok
15:01:25.0000 1440 PDRELI - ok
15:01:25.0015 1440 PDRFRAME - ok
15:01:25.0015 1440 perc2 - ok
15:01:25.0015 1440 perc2hib - ok
15:01:25.0031 1440 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] PlugPlay C:\WINDOWS\system32\services.exe
15:01:25.0031 1440 PlugPlay - ok
15:01:25.0062 1440 [ 831883B107684301F48ACE752C963984 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
15:01:25.0062 1440 PnkBstrA - ok
15:01:25.0062 1440 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:01:25.0062 1440 PolicyAgent - ok
15:01:25.0062 1440 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:01:25.0062 1440 PptpMiniport - ok
15:01:25.0062 1440 [ 9A10E4FD13824823DA50D4758BD0A645 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:01:25.0062 1440 Processor - ok
15:01:25.0078 1440 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:01:25.0078 1440 ProtectedStorage - ok
15:01:25.0078 1440 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:01:25.0078 1440 PSched - ok
15:01:25.0078 1440 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:01:25.0078 1440 Ptilink - ok
15:01:25.0078 1440 ql1080 - ok
15:01:25.0078 1440 Ql10wnt - ok
15:01:25.0093 1440 ql12160 - ok
15:01:25.0093 1440 ql1240 - ok
15:01:25.0093 1440 ql1280 - ok
15:01:25.0093 1440 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:01:25.0093 1440 RasAcd - ok
15:01:25.0109 1440 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:01:25.0109 1440 RasAuto - ok
15:01:25.0125 1440 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:01:25.0125 1440 Rasl2tp - ok
15:01:25.0140 1440 [ 6E519D777C91E90592403C9F981FDF03 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:01:25.0140 1440 RasMan - ok
15:01:25.0140 1440 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:01:25.0140 1440 RasPppoe - ok
15:01:25.0156 1440 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:01:25.0156 1440 Raspti - ok
15:01:25.0156 1440 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:01:25.0156 1440 Rdbss - ok
15:01:25.0156 1440 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:01:25.0156 1440 RDPCDD - ok
15:01:25.0171 1440 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:01:25.0171 1440 rdpdr - ok
15:01:25.0187 1440 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:01:25.0187 1440 RDPWD - ok
15:01:25.0203 1440 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:01:25.0203 1440 RDSessMgr - ok
15:01:25.0218 1440 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:01:25.0218 1440 redbook - ok
15:01:25.0234 1440 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:01:25.0234 1440 RemoteAccess - ok
15:01:25.0250 1440 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:01:25.0250 1440 RemoteRegistry - ok
15:01:25.0265 1440 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:01:25.0265 1440 RpcLocator - ok
15:01:25.0281 1440 [ C72C15EE57E248C66E57C76CAB086CF2 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:01:25.0281 1440 RpcSs - ok
15:01:25.0296 1440 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:01:25.0296 1440 RSVP - ok
15:01:25.0312 1440 [ 39C5C2FBF652C9F8C194873D5C8A1F58 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMIV.sys
15:01:25.0312 1440 RTHDMIAzAudService - ok
15:01:25.0312 1440 [ B0E1648AAE1E59BDD0854AF07A605399 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
15:01:25.0312 1440 RTLE8023xp - ok
15:01:25.0328 1440 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
15:01:25.0328 1440 SamSs - ok
15:01:25.0328 1440 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:01:25.0328 1440 SCardSvr - ok
15:01:25.0343 1440 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:01:25.0343 1440 Schedule - ok
15:01:25.0359 1440 [ 07F7F501AD50DE2BA2D5842D9B6D6155 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:01:25.0359 1440 Secdrv - ok
15:01:25.0359 1440 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:01:25.0359 1440 seclogon - ok
15:01:25.0375 1440 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
15:01:25.0375 1440 SENS - ok
15:01:25.0375 1440 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:01:25.0375 1440 Serial - ok
15:01:25.0390 1440 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:01:25.0390 1440 Sfloppy - ok
15:01:25.0406 1440 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:01:25.0406 1440 SharedAccess - ok
15:01:25.0421 1440 [ 8BA76BD2A943F642F267A296A15776D2 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:01:25.0421 1440 ShellHWDetection - ok
15:01:25.0421 1440 Simbad - ok
15:01:25.0484 1440 [ 9F712B26EE3B0242DE997A42FD302E2C ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:01:25.0500 1440 Skype C2C Service - ok
15:01:25.0531 1440 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:01:25.0531 1440 SkypeUpdate - ok
15:01:25.0531 1440 [ E73EF658B5B60ABB8A159947212F29D8 ] SMTPSVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
15:01:25.0531 1440 SMTPSVC - ok
15:01:25.0546 1440 [ AE64796BE5DF924FCADD04532951AB21 ] SNMP C:\WINDOWS\System32\snmp.exe
15:01:25.0546 1440 SNMP - ok
15:01:25.0562 1440 [ 3907F97D8583368473C5253CBD3BE3F2 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
15:01:25.0562 1440 SNMPTRAP - ok
15:01:25.0593 1440 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
15:01:25.0593 1440 Sony PC Companion - ok
15:01:25.0593 1440 Sparrow - ok
15:01:25.0593 1440 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:01:25.0593 1440 splitter - ok
15:01:25.0609 1440 [ 21B6FAA88044A41640E03EBB68BE93E8 ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:01:25.0609 1440 Spooler - ok
15:01:25.0609 1440 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:01:25.0609 1440 sr - ok
15:01:25.0609 1440 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
15:01:25.0625 1440 srservice - ok
15:01:25.0625 1440 SRTSP - ok
15:01:25.0625 1440 SRTSPX - ok
15:01:25.0640 1440 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:01:25.0640 1440 Srv - ok
15:01:25.0640 1440 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:01:25.0640 1440 SSDPSRV - ok
15:01:25.0656 1440 [ 0645CCDDDD27F96EEA3534C1DEF736D9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:01:25.0656 1440 stisvc - ok
15:01:25.0656 1440 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:01:25.0671 1440 swenum - ok
15:01:25.0671 1440 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:01:25.0671 1440 swmidi - ok
15:01:25.0671 1440 SwPrv - ok
15:01:25.0687 1440 symc810 - ok
15:01:25.0687 1440 symc8xx - ok
15:01:25.0687 1440 sym_hi - ok
15:01:25.0687 1440 sym_u3 - ok
15:01:25.0703 1440 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:01:25.0703 1440 sysaudio - ok
15:01:25.0718 1440 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:01:25.0718 1440 SysmonLog - ok
15:01:25.0734 1440 [ 37162D29CD61519E6F5EA0DE99786FF6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:01:25.0734 1440 TapiSrv - ok
15:01:25.0750 1440 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:01:25.0750 1440 Tcpip - ok
15:01:25.0750 1440 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:01:25.0765 1440 TDPIPE - ok
15:01:25.0765 1440 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:01:25.0765 1440 TDTCP - ok
15:01:25.0781 1440 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:01:25.0781 1440 TermDD - ok
15:01:25.0796 1440 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
15:01:25.0796 1440 TermService - ok
15:01:25.0796 1440 [ 8BA76BD2A943F642F267A296A15776D2 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:01:25.0796 1440 Themes - ok
15:01:25.0812 1440 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:01:25.0812 1440 TlntSvr - ok
15:01:25.0812 1440 TosIde - ok
15:01:25.0828 1440 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:01:25.0828 1440 TrkWks - ok
15:01:25.0828 1440 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:01:25.0828 1440 Udfs - ok
15:01:25.0843 1440 ultra - ok
15:01:25.0859 1440 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:01:25.0859 1440 Update - ok
15:01:25.0875 1440 [ 984FC1518B0D5B31D76F0E63608E0500 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:01:25.0875 1440 upnphost - ok
15:01:25.0875 1440 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
15:01:25.0875 1440 UPS - ok
15:01:25.0906 1440 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:01:25.0906 1440 usbccgp - ok
15:01:25.0921 1440 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:01:25.0921 1440 usbehci - ok
15:01:25.0921 1440 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:01:25.0921 1440 usbhub - ok
15:01:25.0937 1440 [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:01:25.0937 1440 usbohci - ok
15:01:25.0953 1440 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:01:25.0953 1440 usbscan - ok
15:01:25.0968 1440 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:01:25.0968 1440 USBSTOR - ok
15:01:25.0968 1440 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:01:25.0968 1440 VgaSave - ok
15:01:26.0015 1440 [ 29CC58050804DE6C3A900045EA2DD564 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
15:01:26.0015 1440 VIAHdAudAddService - ok
15:01:26.0015 1440 ViaIde - ok
15:01:26.0031 1440 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:01:26.0031 1440 VolSnap - ok
15:01:26.0046 1440 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
15:01:26.0046 1440 VSS - ok
15:01:26.0046 1440 vToolbarUpdater17.3.0 - ok
15:01:26.0109 1440 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
15:01:26.0125 1440 W32Time - ok
15:01:26.0156 1440 [ E73EF658B5B60ABB8A159947212F29D8 ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
15:01:26.0156 1440 W3SVC - ok
15:01:26.0171 1440 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:01:26.0171 1440 Wanarp - ok
15:01:26.0250 1440 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
15:01:26.0250 1440 Wdf01000 - ok
15:01:26.0250 1440 WDICA - ok
15:01:26.0281 1440 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:01:26.0281 1440 wdmaud - ok
15:01:26.0312 1440 [ 3791ADF1D3466AC6B4B662D3F79CBFEC ] WebClient C:\WINDOWS\System32\webclnt.dll
15:01:26.0312 1440 WebClient - ok
15:01:26.0468 1440 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:01:26.0468 1440 winmgmt - ok
15:01:26.0500 1440 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:01:26.0500 1440 WmdmPmSN - ok
15:01:26.0531 1440 [ 0CDC4A0C6B820FAD99FB4CA74CD0C476 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:01:26.0531 1440 Wmi - ok
15:01:26.0546 1440 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:01:26.0546 1440 WmiAcpi - ok
15:01:26.0546 1440 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:01:26.0562 1440 WmiApSrv - ok
15:01:26.0578 1440 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:01:26.0578 1440 WpdUsb - ok
15:01:26.0593 1440 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:01:26.0593 1440 wscsvc - ok
15:01:26.0593 1440 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:01:26.0593 1440 wuauserv - ok
15:01:26.0609 1440 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:01:26.0609 1440 WudfPf - ok
15:01:26.0625 1440 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:01:26.0625 1440 WudfRd - ok
15:01:26.0640 1440 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:01:26.0640 1440 WudfSvc - ok
15:01:26.0656 1440 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:01:26.0656 1440 WZCSVC - ok
15:01:26.0687 1440 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:01:26.0687 1440 xmlprov - ok
15:01:26.0687 1440 ================ Scan global ===============================
15:01:26.0687 1440 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
15:01:26.0718 1440 [ B4A699CB1251D35EA078F09FA701D389 ] C:\WINDOWS\system32\winsrv.dll
15:01:26.0734 1440 [ B4A699CB1251D35EA078F09FA701D389 ] C:\WINDOWS\system32\winsrv.dll
15:01:26.0750 1440 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] C:\WINDOWS\system32\services.exe
15:01:26.0750 1440 [Global] - ok
15:01:26.0750 1440 ================ Scan MBR ==================================
15:01:26.0750 1440 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
15:01:26.0921 1440 \Device\Harddisk0\DR0 - ok
15:01:26.0921 1440 ================ Scan VBR ==================================
15:01:26.0921 1440 [ C86DB68A961D89840272494623229C80 ] \Device\Harddisk0\DR0\Partition1
15:01:26.0921 1440 \Device\Harddisk0\DR0\Partition1 - ok
15:01:26.0937 1440 [ 5A819239D0D3F819FC3D525B6E20020B ] \Device\Harddisk0\DR0\Partition2
15:01:26.0937 1440 \Device\Harddisk0\DR0\Partition2 - ok
15:01:26.0937 1440 ============================================================
15:01:26.0937 1440 Scan finished
15:01:26.0937 1440 ============================================================
15:01:26.0937 2560 Detected object count: 0
15:01:26.0937 2560 Actual detected object count: 0

[memphisto]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.