Prosím o kontrolu logu Vyřešeno

[nuggy]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:43:10, on 17.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\FISCHER\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\STORMWARE\POHODA\Pohoda.exe
C:\Program Files\STORMWARE\POHODA\StwPh.exe
C:\Documents and Settings\FISCHER\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\FISCHER\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\FISCHER\Dokumenty\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mojebanka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\FISCHER\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5597 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[nuggy]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.18.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
FISCHER :: FISCHER [administrátor]

Ochrana: Povolena

18.7.2013 19:01:37
mbam-log-2013-07-18 (19-01-37).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 200772
Uplynulý čas: 13 minut, 12 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[nuggy]

# AdwCleaner v2.305 - Log vytvooen 19/07/2013 v 15:26:36
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : FISCHER - FISCHER
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\FISCHER\Dokumenty\Downloads\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Ask

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Documents and Settings\FISCHER\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.44] : icon_url = "hxxp://www.ask.com/favicon.ico",
Nalezeno [l.47] : keyword = "ask.com",
Nalezeno [l.51] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=C52E44DC-2EA2-4377-B8B2-C875E2A4E40E&apn_ptnrs=U3&apn_sauid=D19AA519-998E-4822-AA0E-C034AD5019A3&apn_dtid=OSJ000YYCZ&q={searchTerms}",
Nalezeno [l.52] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"

-\\ Opera v12.0.1467.0

Soubor : C:\Documents and Settings\FISCHER\Data aplikací\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [3552 octets] - [19/07/2013 15:26:36]

########## EOF - C:\AdwCleaner[R1].txt - [3612 octets] ##########

[memphisto]

V adw nech vše smazat a dodej log po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[nuggy]

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : FISCHER [Práva správce]
Mód : Kontrola -- Datum : 07/19/2013 18:26:55
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD400UE-07HCT0 +++++
--- User ---
[MBR] 2438b68eb5ad97ddc42f15eeba7216d3
[BSP] 8ac7d6896798ddf8695f8e89d7656522 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38146 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_07192013_182655.txt >>

[nuggy]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Microsoft Windows XP x86
Ran by FISCHER on p  19.07.2013 at 18:29:43,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BEE711BB-A169-4073-B470-9976DDFDD655}
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0e12f736682067fde4d1158d5940a82e"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\2b0d56c4f4c46d844a57ffed6f0d2852"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\49d4375fe41653242aea4c969e4e65e0"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6f7467af8f29c134cbbab394eccfde96"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\bcda179d619b91648538e3394cac94cc"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\d677b1a9671d4d4004f6f2a4469e86ea"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\dd1402a9dd4215a43abde169a41afa0e"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\e36e114a0ead2ad46b381d23ad69cddf"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\ef8e618db3aedfbb384561b5c548f65e"



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  19.07.2013 at 18:35:17,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[memphisto]

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[nuggy]

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : FISCHER [Práva správce]
Mód : Odebrat -- Datum : 07/20/2013 11:08:00
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD400UE-07HCT0 +++++
--- User ---
[MBR] 2438b68eb5ad97ddc42f15eeba7216d3
[BSP] 8ac7d6896798ddf8695f8e89d7656522 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38146 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07202013_110800.txt >>
RKreport[0]_S_07192013_182655.txt;RKreport[0]_S_07202013_110557.txt

[nuggy]

11:15:31.0078 3300 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:15:31.0328 3300 ============================================================
11:15:31.0328 3300 Current date / time: 2013/07/20 11:15:31.0328
11:15:31.0328 3300 SystemInfo:
11:15:31.0328 3300
11:15:31.0328 3300 OS Version: 5.1.2600 ServicePack: 3.0
11:15:31.0328 3300 Product type: Workstation
11:15:31.0328 3300 ComputerName: FISCHER
11:15:31.0328 3300 UserName: FISCHER
11:15:31.0328 3300 Windows directory: C:\WINDOWS
11:15:31.0328 3300 System windows directory: C:\WINDOWS
11:15:31.0328 3300 Processor architecture: Intel x86
11:15:31.0328 3300 Number of processors: 1
11:15:31.0328 3300 Page size: 0x1000
11:15:31.0328 3300 Boot type: Normal boot
11:15:31.0328 3300 ============================================================
11:15:32.0984 3300 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:15:32.0984 3300 ============================================================
11:15:32.0984 3300 \Device\Harddisk0\DR0:
11:15:32.0984 3300 MBR partitions:
11:15:32.0984 3300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A81400
11:15:32.0984 3300 ============================================================
11:15:33.0015 3300 C: <-> \Device\Harddisk0\DR0\Partition1
11:15:33.0015 3300 ============================================================
11:15:33.0015 3300 Initialize success
11:15:33.0015 3300 ============================================================
11:15:34.0687 1164 ============================================================
11:15:34.0687 1164 Scan started
11:15:34.0687 1164 Mode: Manual;
11:15:34.0687 1164 ============================================================
11:15:36.0000 1164 ================ Scan system memory ========================
11:15:36.0000 1164 System memory - ok
11:15:36.0000 1164 ================ Scan services =============================
11:15:36.0187 1164 Abiosdsk - ok
11:15:36.0218 1164 abp480n5 - ok
11:15:36.0281 1164 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:15:36.0296 1164 ACPI - ok
11:15:36.0328 1164 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:15:36.0328 1164 ACPIEC - ok
11:15:36.0437 1164 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:15:36.0453 1164 AdobeFlashPlayerUpdateSvc - ok
11:15:36.0468 1164 adpu160m - ok
11:15:36.0500 1164 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:15:36.0515 1164 aec - ok
11:15:36.0578 1164 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:15:36.0578 1164 AFD - ok
11:15:36.0609 1164 Aha154x - ok
11:15:36.0625 1164 aic78u2 - ok
11:15:36.0656 1164 aic78xx - ok
11:15:36.0890 1164 [ 92AE420BE14B0D97D14DAC4ABA22A702 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
11:15:36.0937 1164 ALCXWDM - ok
11:15:37.0015 1164 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:15:37.0015 1164 Alerter - ok
11:15:37.0046 1164 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
11:15:37.0046 1164 ALG - ok
11:15:37.0078 1164 AliIde - ok
11:15:37.0093 1164 amsint - ok
11:15:37.0109 1164 AppMgmt - ok
11:15:37.0187 1164 [ D4E7ED3AE224C851B08F3A3A85C37E88 ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys
11:15:37.0203 1164 AR5211 - ok
11:15:37.0218 1164 asc - ok
11:15:37.0250 1164 asc3350p - ok
11:15:37.0265 1164 asc3550 - ok
11:15:37.0375 1164 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
11:15:37.0375 1164 aspnet_state - ok
11:15:37.0421 1164 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:15:37.0421 1164 AsyncMac - ok
11:15:37.0484 1164 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:15:37.0484 1164 atapi - ok
11:15:37.0500 1164 Atdisk - ok
11:15:37.0546 1164 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:15:37.0546 1164 Atmarpc - ok
11:15:37.0609 1164 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:15:37.0609 1164 AudioSrv - ok
11:15:37.0671 1164 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:15:37.0671 1164 audstub - ok
11:15:37.0734 1164 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:15:37.0734 1164 Beep - ok
11:15:37.0828 1164 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
11:15:37.0859 1164 BITS - ok
11:15:37.0921 1164 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
11:15:37.0921 1164 Browser - ok
11:15:37.0984 1164 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:15:37.0984 1164 cbidf2k - ok
11:15:38.0000 1164 cd20xrnt - ok
11:15:38.0031 1164 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:15:38.0031 1164 Cdaudio - ok
11:15:38.0109 1164 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:15:38.0109 1164 Cdfs - ok
11:15:38.0140 1164 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:15:38.0140 1164 Cdrom - ok
11:15:38.0171 1164 Changer - ok
11:15:38.0562 1164 [ E390DC1D7C461D7D56EC53402F329928 ] cisvc C:\WINDOWS\system32\cisvc.exe
11:15:38.0562 1164 cisvc - ok
11:15:38.0625 1164 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:15:38.0625 1164 ClipSrv - ok
11:15:38.0687 1164 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:15:38.0687 1164 CmBatt - ok
11:15:38.0718 1164 CmdIde - ok
11:15:38.0750 1164 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:15:38.0750 1164 Compbatt - ok
11:15:38.0765 1164 COMSysApp - ok
11:15:38.0812 1164 Cpqarray - ok
11:15:38.0875 1164 [ 097A0A4899B759A4F032BD464963B4BE ] cpuz132 C:\WINDOWS\system32\drivers\cpuz132_x32.sys
11:15:38.0875 1164 cpuz132 - ok
11:15:38.0937 1164 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:15:38.0953 1164 CryptSvc - ok
11:15:38.0968 1164 dac2w2k - ok
11:15:38.0984 1164 dac960nt - ok
11:15:39.0078 1164 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:15:39.0078 1164 DcomLaunch - ok
11:15:39.0156 1164 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:15:39.0156 1164 Dhcp - ok
11:15:39.0187 1164 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:15:39.0187 1164 Disk - ok
11:15:39.0218 1164 dmadmin - ok
11:15:39.0312 1164 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:15:39.0312 1164 dmboot - ok
11:15:39.0359 1164 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:15:39.0359 1164 dmio - ok
11:15:39.0406 1164 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:15:39.0406 1164 dmload - ok
11:15:39.0453 1164 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:15:39.0453 1164 dmserver - ok
11:15:39.0484 1164 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:15:39.0500 1164 DMusic - ok
11:15:39.0578 1164 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:15:39.0578 1164 Dnscache - ok
11:15:39.0640 1164 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:15:39.0640 1164 Dot3svc - ok
11:15:39.0718 1164 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] Dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:15:39.0718 1164 Dot4 - ok
11:15:39.0765 1164 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:15:39.0765 1164 Dot4Print - ok
11:15:39.0828 1164 [ CCC4092DFC85336F2E1C142483ADEB42 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
11:15:39.0828 1164 dot4usb - ok
11:15:39.0859 1164 dpti2o - ok
11:15:39.0921 1164 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:15:39.0921 1164 drmkaud - ok
11:15:39.0984 1164 [ 63A53BB2A85DD22A5E8D6C5CB6273043 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
11:15:39.0984 1164 eamon - ok
11:15:40.0031 1164 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:15:40.0031 1164 EapHost - ok
11:15:40.0109 1164 [ 4F72DD48A2ED63A57C1210228A472020 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
11:15:40.0109 1164 ehdrv - ok
11:15:40.0359 1164 [ E95AB781773870BD68ABE1AE1B57A8AC ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
11:15:40.0375 1164 ekrn - ok
11:15:40.0453 1164 [ 1079517E33044BFA7FF3C1B9A86F05BF ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
11:15:40.0453 1164 epfwtdir - ok
11:15:40.0515 1164 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:15:40.0531 1164 ERSvc - ok
11:15:40.0593 1164 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
11:15:40.0593 1164 Eventlog - ok
11:15:40.0671 1164 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
11:15:40.0687 1164 EventSystem - ok
11:15:40.0750 1164 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:15:40.0765 1164 Fastfat - ok
11:15:40.0828 1164 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:15:40.0843 1164 FastUserSwitchingCompatibility - ok
11:15:40.0921 1164 [ 2CD14C70D1D81AF054AA5ED8024DCAE6 ] Fax C:\WINDOWS\system32\fxssvc.exe
11:15:40.0921 1164 Fax - ok
11:15:40.0953 1164 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:15:40.0968 1164 Fdc - ok
11:15:41.0031 1164 [ 2F13193A419372E71168182C3489DD40 ] FETND5BV C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
11:15:41.0031 1164 FETND5BV - ok
11:15:41.0093 1164 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
11:15:41.0093 1164 FETNDIS - ok
11:15:41.0140 1164 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:15:41.0140 1164 Fips - ok
11:15:41.0203 1164 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:15:41.0203 1164 Flpydisk - ok
11:15:41.0281 1164 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:15:41.0296 1164 FltMgr - ok
11:15:41.0312 1164 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:15:41.0312 1164 Fs_Rec - ok
11:15:41.0343 1164 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:15:41.0343 1164 Ftdisk - ok
11:15:41.0406 1164 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:15:41.0421 1164 Gpc - ok
11:15:41.0515 1164 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:15:41.0515 1164 helpsvc - ok
11:15:41.0531 1164 HidServ - ok
11:15:41.0593 1164 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:15:41.0593 1164 HidUsb - ok
11:15:41.0656 1164 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:15:41.0656 1164 hkmsvc - ok
11:15:41.0687 1164 hpn - ok
11:15:41.0750 1164 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:15:41.0750 1164 HTTP - ok
11:15:41.0828 1164 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:15:41.0828 1164 HTTPFilter - ok
11:15:41.0859 1164 i2omgmt - ok
11:15:41.0875 1164 i2omp - ok
11:15:41.0953 1164 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:15:41.0953 1164 i8042prt - ok
11:15:42.0015 1164 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:15:42.0031 1164 Imapi - ok
11:15:42.0093 1164 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:15:42.0093 1164 ImapiService - ok
11:15:42.0125 1164 ini910u - ok
11:15:42.0156 1164 IntelIde - ok
11:15:42.0203 1164 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:15:42.0203 1164 intelppm - ok
11:15:42.0250 1164 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:15:42.0250 1164 Ip6Fw - ok
11:15:42.0296 1164 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:15:42.0312 1164 IpFilterDriver - ok
11:15:42.0343 1164 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:15:42.0343 1164 IpInIp - ok
11:15:42.0390 1164 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:15:42.0390 1164 IpNat - ok
11:15:42.0453 1164 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:15:42.0453 1164 IPSec - ok
11:15:42.0500 1164 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:15:42.0500 1164 IRENUM - ok
11:15:42.0562 1164 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:15:42.0562 1164 isapnp - ok
11:15:42.0718 1164 [ 4F4D4AA1E0849FECC0CF5AACD59030B5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:15:42.0718 1164 JavaQuickStarterService - ok
11:15:42.0734 1164 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:15:42.0750 1164 Kbdclass - ok
11:15:42.0796 1164 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:15:42.0812 1164 kmixer - ok
11:15:42.0875 1164 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:15:42.0875 1164 KSecDD - ok
11:15:42.0937 1164 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:15:42.0937 1164 lanmanserver - ok
11:15:43.0015 1164 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:15:43.0015 1164 lanmanworkstation - ok
11:15:43.0046 1164 lbrtfdc - ok
11:15:43.0125 1164 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:15:43.0125 1164 LmHosts - ok
11:15:43.0187 1164 [ 0BEFA983F8B9511EADD6960DD13E9FBF ] LPDSVC C:\WINDOWS\system32\tcpsvcs.exe
11:15:43.0187 1164 LPDSVC - ok
11:15:43.0250 1164 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:15:43.0250 1164 MBAMProtector - ok
11:15:43.0343 1164 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:15:43.0343 1164 MBAMScheduler - ok
11:15:43.0406 1164 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:15:43.0421 1164 MBAMService - ok
11:15:43.0515 1164 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe

[nuggy]

11:15:43.0531 1164 McComponentHostService - ok
11:15:43.0593 1164 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:15:43.0593 1164 Messenger - ok
11:15:43.0640 1164 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:15:43.0640 1164 mnmdd - ok
11:15:43.0687 1164 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:15:43.0703 1164 mnmsrvc - ok
11:15:43.0750 1164 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:15:43.0750 1164 Modem - ok
11:15:43.0812 1164 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
11:15:43.0828 1164 MODEMCSA - ok
11:15:43.0843 1164 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:15:43.0843 1164 Mouclass - ok
11:15:43.0906 1164 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:15:43.0906 1164 mouhid - ok
11:15:43.0937 1164 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:15:43.0937 1164 MountMgr - ok
11:15:43.0953 1164 mraid35x - ok
11:15:43.0984 1164 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:15:43.0984 1164 MRxDAV - ok
11:15:44.0062 1164 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:15:44.0062 1164 MRxSmb - ok
11:15:44.0125 1164 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:15:44.0125 1164 MSDTC - ok
11:15:44.0140 1164 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:15:44.0140 1164 Msfs - ok
11:15:44.0171 1164 MSIServer - ok
11:15:44.0203 1164 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:15:44.0203 1164 MSKSSRV - ok
11:15:44.0250 1164 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:15:44.0250 1164 MSPCLOCK - ok
11:15:44.0281 1164 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:15:44.0281 1164 MSPQM - ok
11:15:44.0328 1164 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:15:44.0328 1164 mssmbios - ok
11:15:44.0406 1164 [ 8CC4AB0F1FDB5FC7F58779DAB0B1D22E ] Mtlmnt5 C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys
11:15:44.0406 1164 Mtlmnt5 - ok
11:15:44.0500 1164 [ C3556A7AEAFA2E71F270531FF2F401FD ] Mtlstrm C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys
11:15:44.0531 1164 Mtlstrm - ok
11:15:44.0593 1164 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:15:44.0593 1164 Mup - ok
11:15:44.0656 1164 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:15:44.0687 1164 napagent - ok
11:15:44.0734 1164 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:15:44.0734 1164 NDIS - ok
11:15:44.0796 1164 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:15:44.0812 1164 NdisTapi - ok
11:15:44.0859 1164 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:15:44.0859 1164 Ndisuio - ok
11:15:44.0906 1164 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:15:44.0906 1164 NdisWan - ok
11:15:44.0968 1164 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:15:44.0968 1164 NDProxy - ok
11:15:45.0046 1164 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:15:45.0046 1164 NetBIOS - ok
11:15:45.0109 1164 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:15:45.0109 1164 NetBT - ok
11:15:45.0171 1164 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:15:45.0171 1164 NetDDE - ok
11:15:45.0203 1164 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:15:45.0203 1164 NetDDEdsdm - ok
11:15:45.0250 1164 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:15:45.0250 1164 Netlogon - ok
11:15:45.0296 1164 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
11:15:45.0296 1164 Netman - ok
11:15:45.0359 1164 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
11:15:45.0359 1164 Nla - ok
11:15:45.0437 1164 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:15:45.0437 1164 Npfs - ok
11:15:45.0515 1164 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:15:45.0515 1164 Ntfs - ok
11:15:45.0593 1164 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:15:45.0593 1164 NtLmSsp - ok
11:15:45.0656 1164 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:15:45.0687 1164 NtmsSvc - ok
11:15:45.0734 1164 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:15:45.0734 1164 Null - ok
11:15:45.0796 1164 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:15:45.0796 1164 NwlnkFlt - ok
11:15:45.0828 1164 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:15:45.0828 1164 NwlnkFwd - ok
11:15:45.0875 1164 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
11:15:45.0875 1164 NwlnkIpx - ok
11:15:45.0890 1164 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
11:15:45.0906 1164 NwlnkNb - ok
11:15:45.0937 1164 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
11:15:45.0937 1164 NwlnkSpx - ok
11:15:46.0015 1164 [ 85D8C6514BD48DF2CC61DEBE3F879DC0 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
11:15:46.0015 1164 NwSapAgent - ok
11:15:46.0078 1164 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
11:15:46.0078 1164 Parport - ok
11:15:46.0109 1164 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:15:46.0109 1164 PartMgr - ok
11:15:46.0171 1164 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:15:46.0171 1164 ParVdm - ok
11:15:46.0203 1164 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:15:46.0203 1164 PCI - ok
11:15:46.0218 1164 PCIDump - ok
11:15:46.0250 1164 PCIIde - ok
11:15:46.0312 1164 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:15:46.0312 1164 Pcmcia - ok
11:15:46.0343 1164 PDCOMP - ok
11:15:46.0359 1164 PDFRAME - ok
11:15:46.0375 1164 PDRELI - ok
11:15:46.0406 1164 PDRFRAME - ok
11:15:46.0421 1164 perc2 - ok
11:15:46.0453 1164 perc2hib - ok
11:15:46.0562 1164 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
11:15:46.0562 1164 PlugPlay - ok
11:15:46.0609 1164 [ 364E30F27BE1E6DED83E81C4DE93E808 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
11:15:46.0625 1164 Pml Driver HPZ12 - ok
11:15:46.0640 1164 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:15:46.0640 1164 PolicyAgent - ok
11:15:46.0687 1164 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:15:46.0687 1164 PptpMiniport - ok
11:15:46.0703 1164 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:15:46.0718 1164 ProtectedStorage - ok
11:15:46.0750 1164 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:15:46.0750 1164 PSched - ok
11:15:46.0781 1164 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:15:46.0781 1164 Ptilink - ok
11:15:46.0812 1164 ql1080 - ok
11:15:46.0828 1164 Ql10wnt - ok
11:15:46.0859 1164 ql12160 - ok
11:15:46.0875 1164 ql1240 - ok
11:15:46.0906 1164 ql1280 - ok
11:15:46.0937 1164 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:15:46.0937 1164 RasAcd - ok
11:15:47.0000 1164 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:15:47.0000 1164 RasAuto - ok
11:15:47.0046 1164 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:15:47.0046 1164 Rasl2tp - ok
11:15:47.0109 1164 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:15:47.0109 1164 RasMan - ok
11:15:47.0156 1164 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:15:47.0156 1164 RasPppoe - ok
11:15:47.0187 1164 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:15:47.0187 1164 Raspti - ok
11:15:47.0234 1164 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:15:47.0234 1164 Rdbss - ok
11:15:47.0265 1164 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:15:47.0265 1164 RDPCDD - ok
11:15:47.0328 1164 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:15:47.0328 1164 RDPWD - ok
11:15:47.0375 1164 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:15:47.0390 1164 RDSessMgr - ok
11:15:47.0437 1164 [ 5DF1543B5258AF20DEDDBB32808470C5 ] RecAgent C:\WINDOWS\system32\DRIVERS\SLDRV\RecAgent.sys
11:15:47.0437 1164 RecAgent - ok
11:15:47.0500 1164 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:15:47.0500 1164 redbook - ok
11:15:47.0562 1164 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:15:47.0562 1164 RemoteAccess - ok
11:15:47.0593 1164 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:15:47.0609 1164 RpcLocator - ok
11:15:47.0656 1164 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:15:47.0671 1164 RpcSs - ok
11:15:47.0718 1164 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:15:47.0734 1164 RSVP - ok
11:15:47.0781 1164 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
11:15:47.0781 1164 SamSs - ok
11:15:47.0828 1164 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:15:47.0828 1164 SCardSvr - ok
11:15:47.0906 1164 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:15:47.0906 1164 Schedule - ok
11:15:47.0968 1164 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:15:47.0968 1164 Secdrv - ok
11:15:48.0015 1164 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:15:48.0015 1164 seclogon - ok
11:15:48.0031 1164 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
11:15:48.0031 1164 SENS - ok
11:15:48.0109 1164 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:15:48.0109 1164 Serial - ok
11:15:48.0140 1164 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:15:48.0140 1164 Sfloppy - ok
11:15:48.0234 1164 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:15:48.0250 1164 SharedAccess - ok
11:15:48.0281 1164 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:15:48.0281 1164 ShellHWDetection - ok
11:15:48.0312 1164 Simbad - ok
11:15:48.0375 1164 [ E61F4A8551ED6D42245EC5C4A29C120B ] Slntamr C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys
11:15:48.0390 1164 Slntamr - ok
11:15:48.0421 1164 [ 7F5F9B53BEA4238AA18BA05382EC7629 ] SlNtHal C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys
11:15:48.0421 1164 SlNtHal - ok
11:15:48.0468 1164 [ 58F389DAEA07A855F7F38DD0D66E20C2 ] SlWdmSup C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys
11:15:48.0468 1164 SlWdmSup - ok
11:15:48.0531 1164 [ 442D891CF7CB138F185FB2A1161C8AF9 ] SNMP C:\WINDOWS\System32\snmp.exe
11:15:48.0531 1164 SNMP - ok
11:15:48.0593 1164 [ 4296E52A9D3CA6DCD1CF57E8BCA45AB7 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
11:15:48.0593 1164 SNMPTRAP - ok
11:15:48.0625 1164 Sparrow - ok
11:15:48.0656 1164 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:15:48.0656 1164 splitter - ok
11:15:48.0734 1164 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:15:48.0734 1164 Spooler - ok
11:15:48.0796 1164 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:15:48.0796 1164 sr - ok
11:15:48.0875 1164 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
11:15:48.0890 1164 srservice - ok
11:15:48.0968 1164 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:15:48.0984 1164 Srv - ok
11:15:49.0046 1164 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:15:49.0046 1164 SSDPSRV - ok
11:15:49.0125 1164 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:15:49.0140 1164 stisvc - ok
11:15:49.0156 1164 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:15:49.0156 1164 swenum - ok
11:15:49.0218 1164 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:15:49.0218 1164 swmidi - ok
11:15:49.0234 1164 SwPrv - ok
11:15:49.0250 1164 symc810 - ok
11:15:49.0281 1164 symc8xx - ok
11:15:49.0296 1164 sym_hi - ok
11:15:49.0312 1164 sym_u3 - ok
11:15:49.0375 1164 [ 1B75EC5D1A87A773A7C38855855466AE ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:15:49.0390 1164 SynTP - ok
11:15:49.0421 1164 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:15:49.0421 1164 sysaudio - ok
11:15:49.0484 1164 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:15:49.0484 1164 SysmonLog - ok
11:15:49.0546 1164 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:15:49.0578 1164 TapiSrv - ok
11:15:49.0656 1164 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:15:49.0671 1164 Tcpip - ok
11:15:49.0718 1164 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:15:49.0718 1164 TDPIPE - ok
11:15:49.0750 1164 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:15:49.0750 1164 TDTCP - ok
11:15:49.0812 1164 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:15:49.0812 1164 TermDD - ok
11:15:49.0890 1164 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
11:15:49.0921 1164 TermService - ok
11:15:49.0953 1164 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:15:49.0953 1164 Themes - ok
11:15:49.0984 1164 TosIde - ok
11:15:50.0046 1164 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:15:50.0046 1164 TrkWks - ok
11:15:50.0109 1164 [ D85938F272D1BCF3DB3A31FC0A048928 ] uagp35 C:\WINDOWS\system32\DRIVERS\uagp35.sys
11:15:50.0109 1164 uagp35 - ok
11:15:50.0156 1164 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:15:50.0156 1164 Udfs - ok
11:15:50.0187 1164 ultra - ok
11:15:50.0250 1164 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:15:50.0250 1164 Update - ok
11:15:50.0343 1164 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
11:15:50.0343 1164 upnphost - ok
11:15:50.0421 1164 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
11:15:50.0421 1164 UPS - ok
11:15:50.0484 1164 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:15:50.0484 1164 usbehci - ok
11:15:50.0546 1164 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:15:50.0546 1164 usbhub - ok
11:15:50.0625 1164 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:15:50.0625 1164 usbscan - ok
11:15:50.0671 1164 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:15:50.0671 1164 USBSTOR - ok
11:15:50.0718 1164 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:15:50.0718 1164 usbuhci - ok
11:15:50.0781 1164 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:15:50.0781 1164 VgaSave - ok
11:15:50.0859 1164 [ 8918527651FAFCE161CC5812216F3F09 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
11:15:50.0859 1164 viagfx - ok
11:15:50.0921 1164 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
11:15:50.0921 1164 ViaIde - ok
11:15:50.0953 1164 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:15:50.0953 1164 VolSnap - ok
11:15:51.0000 1164 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
11:15:51.0031 1164 VSS - ok
11:15:51.0078 1164 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
11:15:51.0093 1164 W32Time - ok
11:15:51.0187 1164 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:15:51.0187 1164 Wanarp - ok
11:15:51.0203 1164 WDICA - ok
11:15:51.0234 1164 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:15:51.0250 1164 wdmaud - ok
11:15:51.0312 1164 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:15:51.0312 1164 WebClient - ok
11:15:51.0437 1164 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:15:51.0437 1164 winmgmt - ok
11:15:51.0515 1164 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:15:51.0515 1164 WmdmPmSN - ok
11:15:51.0593 1164 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:15:51.0593 1164 WmiApSrv - ok
11:15:51.0734 1164 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:15:51.0781 1164 WMPNetworkSvc - ok
11:15:51.0828 1164 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:15:51.0828 1164 WS2IFSL - ok
11:15:51.0890 1164 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:15:51.0890 1164 wscsvc - ok
11:15:51.0937 1164 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:15:51.0953 1164 wuauserv - ok
11:15:52.0000 1164 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:15:52.0000 1164 WudfPf - ok
11:15:52.0031 1164 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:15:52.0031 1164 WudfRd - ok
11:15:52.0062 1164 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:15:52.0062 1164 WudfSvc - ok
11:15:52.0156 1164 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:15:52.0156 1164 WZCSVC - ok
11:15:52.0203 1164 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:15:52.0218 1164 xmlprov - ok
11:15:52.0250 1164 ================ Scan global ===============================
11:15:52.0281 1164 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
11:15:52.0359 1164 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
11:15:52.0406 1164 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
11:15:52.0421 1164 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
11:15:52.0421 1164 [Global] - ok
11:15:52.0437 1164 ================ Scan MBR ==================================
11:15:52.0453 1164 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:15:52.0687 1164 \Device\Harddisk0\DR0 - ok
11:15:52.0703 1164 ================ Scan VBR ==================================
11:15:52.0718 1164 [ 24384C801039CD099EC6489F183D7D48 ] \Device\Harddisk0\DR0\Partition1
11:15:52.0734 1164 \Device\Harddisk0\DR0\Partition1 - ok
11:15:52.0734 1164 ============================================================
11:15:52.0734 1164 Scan finished
11:15:52.0734 1164 ============================================================
11:15:52.0765 3492 Detected object count: 0
11:15:52.0765 3492 Actual detected object count: 0

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.