Hodně pomalý pc

[CZechBoY]

Zdravím,
mám tu další Win XP nejspíše zavirované, prosím o kontrolu, děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:22, on 18.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\dmwu.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\jmdp\stij.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programy\uTorrent\uTorrent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3220468
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={C41BE883-244D-11E2-9BA2-00105CE6E3C2}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo2.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo2.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo2.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C2BA0D8-5D11-4DE1-A8E4-B064B65AF132}: NameServer = 10.0.0.100,10.0.0.200
O17 - HKLM\System\CCS\Services\Tcpip\..\{D16CED8E-AFD0-494C-888F-572A0DB6093F}: NameServer = 10.0.0.100,10.0.0.200
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programy\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\WINDOWS\system32\dmwu.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 11931 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[CZechBoY]

ten SweetIM a další lišty jsem se snažil odinstalovat přes Revo Uninstaller, ale furt otravuje v Chromu :(

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.18.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
JR :: ABC [administrátor]

18.9.2013 20:49:46
MBAM-log-2013-09-18 (21-17-46).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 249726
Uplynulý čas: 21 minut, 2 sekund

Nalezené procesy v paměti: 1
C:\WINDOWS\system32\dmwu.exe (Adware.InstallBrain) -> 1844 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 1
C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\mgHelperGC.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SweetIM (PUP.Optional.SweetIM) -> Data: C:\Program Files\SweetIM\Messenger\SweetIM.exe -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Sweetpacks Communicator (PUP.Optional.SweetIM) -> Data: C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe -> Nebyla provedena žádná instrukce.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {C41BE883-244D-11E2-9BA2-00105CE6E3C2} -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {C41BE883-244D-11E2-9BA2-00105CE6E3C2} -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Špatný: (http://search.conduit.com?SearchSource= ... =CT3220468) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 2
C:\Documents and Settings\JR\Data aplikací\PriceGong (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 37
C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\mgHelperGC.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Plocha\GotClip_Setup.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Local Settings\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Local Settings\Temp\Shortcut_bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Local Settings\Temp\2827278562\chromeupdaterfull.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Installer\629b2e.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Installer\629b20.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\dmwu.exe (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.

(konec)

[CZechBoY]

# AdwCleaner v3.004 - Report created 18/09/2013 at 21:20:07
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : JR - ABC
# Running from : C:\Documents and Settings\JR\Dokumenty\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : IBUpdaterService

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\searchplugins\MyStart Search.xml
File Found : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\searchplugins\MyStart.xml
File Found : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\searchplugins\SweetIm.xml
File Found : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\searchplugins\Sweetpacks Search.xml
File Found : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
File Found : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage-journal
File Found : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Found : C:\Documents and Settings\JR\Plocha\Search The Web.url
File Found : C:\Documents and Settings\JR\Plocha\sweetpcfix.url
File Found : C:\WINDOWS\system32\dmwu.exe
File Found : C:\WINDOWS\system32\ImhxxpComm.dll
Folder Found : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\Extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Found : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found C:\DOCUME~1\JR\LOCALS~1\Temp\CT3220468
Folder Found C:\Documents and Settings\All Users\Data aplikací\SweetIM
Folder Found C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\CT3220468
Folder Found C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\Smartbar
Folder Found C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\SweetPacksToolbarData
Folder Found C:\Documents and Settings\JR\Data aplikací\PriceGong
Folder Found C:\Documents and Settings\JR\Local Settings\Data aplikací\Conduit
Folder Found C:\Documents and Settings\JR\Local Settings\Data aplikací\cre
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\SweetIM
Folder Found C:\WINDOWS\system32\ARFC
Folder Found C:\WINDOWS\system32\jmdp
Folder Found C:\WINDOWS\system32\WNLT

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\WNLT
Key Found : HKCU\Software\wscontb
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Found : HKLM\Software\WNLT
Product Found : SweetIM for Messenger 3.7
Product Found : Update Manager for SweetPacks 1.1
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\WINDOWS\system32\ARFC\wrtc.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com?SearchSource= ... =CT3220468

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\prefs.js ]

Line Found : user_pref("CT3220468.BT_Stats", "{\"last_log\":1352047167,\"uuid\":381365761163107,\"seq_id\":1,\"ssb\":1352047167}");
Line Found : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3220468.FirstTime", "true");
Line Found : user_pref("CT3220468.FirstTimeFF3", "true");
Line Found : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Line Found : user_pref("CT3220468.RevertSettingsEnabled", true);
Line Found : user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Found : user_pref("CT3220468.UserID", "UN08116856516329285");
Line Found : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3220468.autoDisableScopes", -1);
Line Found : user_pref("CT3220468.browser.search.defaultthis.engineName", true);
Line Found : user_pref("CT3220468.cbcountry_001", "CZ");
Line Found : user_pref("CT3220468.cbfirsttime", "Sun Nov 04 2012 17:39:04 GMT+0100");
Line Found : user_pref("CT3220468.countryCode", "CZ");
Line Found : user_pref("CT3220468.enableAlerts", "always");
Line Found : user_pref("CT3220468.enableFix404ByUser", "FALSE");
Line Found : user_pref("CT3220468.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT3220468.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3220468.fixPageNotFoundError", "true");
Line Found : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
Line Found : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3220468.fixUrls", true);
Line Found : user_pref("CT3220468.fullUserID", "UN08116856516329285.UP.20130713165513");
Line Found : user_pref("CT3220468.installId", "fft2E.tmp.exe");
Line Found : user_pref("CT3220468.installType", "XPE");
Line Found : user_pref("CT3220468.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3220468.isNewTabEnabled", true);
Line Found : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Line Found : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3220468.keyword", true);
Line Found : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN08116856516329285&SSPV=&Lay=1&UM=false\"}[...]
Line Found : user_pref("CT3220468.lastVersion", "10.16.70.505");
Line Found : user_pref("CT3220468.migrateAppsAndComponents", true);
Line Found : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fmuj.erasvet.cz%2Fklient%2Fregistrace-rozcestnik\",\"EB_MAIN_FRAME_TITLE\":\"Chcete%20nov%C3[...]
Line Found : user_pref("CT3220468.openThankYouPage", "true");
Line Found : user_pref("CT3220468.openUninstallPage", "FALSE");
Line Found : user_pref("CT3220468.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN08116856516329285&UM=&q=");
Line Found : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Line Found : user_pref("CT3220468.search.searchCount", "0");
Line Found : user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3220468.searchSuggestEnabledByUser", "true");
Line Found : user_pref("CT3220468.searchUserMode", "false");
Line Found : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
Line Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
Line Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3220468.serviceLayer_services_Configuration_lastUpdate", "1376938319777");
Line Found : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352047114865");
Line Found : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1352047114275");
Line Found : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352047121059");
Line Found : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1373485031401");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1353348224868");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358880451978");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364407533546");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.14.40.128_lastUpdate", "1360424873176");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.14.42.7_lastUpdate", "1361643976820");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363112375244");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369702753475");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373485035066");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.16.4.519_lastUpdate", "1375427779652");
Line Found : user_pref("CT3220468.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377014580712");
Line Found : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352047121535");
Line Found : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1376938319734");
Line Found : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1376938319463");
Line Found : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352047117976");
Line Found : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1377021779892");
Line Found : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1376938320327");
Line Found : user_pref("CT3220468.settingsINI", true);
Line Found : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3220468.showToolbarPermission", "false");
Line Found : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Line Found : user_pref("CT3220468.smartbar.Uninstall", "0");
Line Found : user_pref("CT3220468.smartbar.homepage", true);
Line Found : user_pref("CT3220468.smartbar.isHidden", true);
Line Found : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Line Found : user_pref("CT3220468.startPage", "userChanged");
Line Found : user_pref("CT3220468.toolbarBornServerTime", "4-11-2012");
Line Found : user_pref("CT3220468.toolbarCurrentServerTime", "20-8-2013");
Line Found : user_pref("CT3220468.toolbarLoginClientTime", "Wed Mar 27 2013 19:03:32 GMT+0100");
Line Found : user_pref("CT3220468.upgradeFromClearSBVersion", true);
Line Found : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1378961601415,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("Smartbar.ConduitHomepagesList", "");
Line Found : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
Line Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.sweetim.com/search.asp?barid={C41BE883-244D-11E2-9BA2-00105CE6E3C2}&src=2&crg=3.1010000.10005&q=");
Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
Line Found : user_pref("browser.newtab.url", "hxxp://www.sweetpacks-search.com/?barid=&src=97&");
Line Found : user_pref("browser.search.defaultenginename", "Sweetpacks Search");
Line Found : user_pref("browser.search.selectedEngine", "Sweetpacks Search");
Line Found : user_pref("browser.startup.homepage", "hxxp://www.sweetpacks-search.com/?barid=&src=10&|hxxp://www.centrum.cz/");
Line Found : user_pref("keyword.URL", "hxxp://mysearch.sweetpacks.com?src=6&barid=&&q=");
Line Found : user_pref("smartBar.searchInNewTabOwner", "CT3220468");
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3220468");
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CU[...]
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3220468");
Line Found : user_pref("smartbar.machineId", "C4YDA1YCVKZIVCPCYPI75RJXRBVZ31EU/XNLAHPJANWJULARL38XS0FPKDXRGZDHQ+GMELZQMGHCILG+Y7FYVQ");
Line Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Found : user_pref("smartbar.originalSearchEngine", "Obchody MALL.cz");
Line Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Line Found : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
Line Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.returnValue", "disable");
Line Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "true");
Line Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Found : user_pref("sweetim.toolbar.mode.debug", "false");
Line Found : user_pref("sweetim.toolbar.newtab.created", "false");
Line Found : user_pref("sweetim.toolbar.newtab.enable", "false");
Line Found : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.centrum.cz/");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Found : user_pref("sweetim.toolbar.scripts.0.enable", "true");
Line Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Found : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Found : user_pref("sweetim.toolbar.simapp_id", "{C41BE883-244D-11E2-9BA2-00105CE6E3C2}");
Line Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={C41BE883-244D-11E2-9BA2-00105CE6E3C2}");
Line Found : user_pref("sweetim.toolbar.version", "1.7.0.3");

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\p1hwxyfb.default\prefs.js ]


-\\ Google Chrome v29.0.1547.66

[ File : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Found : homepage

[ File : C:\Documents and Settings\Quest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [25839 octets] - [18/09/2013 21:20:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [25900 octets] ##########

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si shortcut-cleaner
na svojí plochu. Poklepej na ploše na sc-cleaner.exe
Program se spustí a poté vyhotoví log , ten sem vlož.


Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[CZechBoY]

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.09.19.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
JR :: ABC [administrátor]

19.9.2013 10:56:38
mbam-log-2013-09-19 (10-56-38).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 250505
Uplynulý čas: 51 minut, 12 sekund

Nalezené procesy v paměti: 2
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (PUP.Optional.SweetIM) -> 2544 -> Bude smazán při restartu.
C:\WINDOWS\system32\dmwu.exe (Adware.InstallBrain) -> 380 -> Bude smazán při restartu.

Nalezené moduly v paměti: 5
C:\Program Files\SweetIM\Communicator\mgcommon.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Program Files\SweetIM\Communicator\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Program Files\SweetIM\Communicator\mgcommunication.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Program Files\SweetIM\Communicator\mgsimcommon.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\mgHelperGC.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.

Nalezené klíče v registru: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (Adware.InstallBrain) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Sweetpacks Communicator (PUP.Optional.SweetIM) -> Data: C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {C41BE883-244D-11E2-9BA2-00105CE6E3C2} -> Přesun do karantény a smazání se zdařilo.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {C41BE883-244D-11E2-9BA2-00105CE6E3C2} -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Špatný: (http://search.conduit.com?SearchSource= ... =CT3220468) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 2
C:\Documents and Settings\JR\Data aplikací\PriceGong (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 38
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Program Files\SweetIM\Communicator\mgcommon.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Program Files\SweetIM\Communicator\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Program Files\SweetIM\Communicator\mgcommunication.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Program Files\SweetIM\Communicator\mgsimcommon.dll (PUP.Optional.SweetIM) -> Bude smazán při restartu.
C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0\mgHelperGC.dll (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Local Settings\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Local Settings\Temp\Shortcut_bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Local Settings\Temp\2827278562\chromeupdaterfull.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\Installer\629b2e.msi (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\WINDOWS\system32\dmwu.exe (Adware.InstallBrain) -> Bude smazán při restartu.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\JR\Data aplikací\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Přesun do karantény a smazání se zdařilo.

(konec)


při mazání mi vyběhlo MSE s nějakou nákazu v bodech obnovy, dal jsem smazat

Kód: Vybrat vše

file:C:\System Volume Information\_restore{D1DBA5C3-7A28-47F4-824E-8E05B7698F6F}\RP567\A0118078.exe
file:C:\System Volume Information\_restore{D1DBA5C3-7A28-47F4-824E-8E05B7698F6F}\RP567\A0118079.exe


[CZechBoY]

ještě jsem to vyčistil CCleanerem, pač tam bylo celkem dost temp souborů v IE5.Content

# AdwCleaner v3.004 - Report created 19/09/2013 at 13:28:46
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : JR - ABC
# Running from : C:\Documents and Settings\JR\Dokumenty\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\WINDOWS\system32\ARFC
Folder Deleted : C:\WINDOWS\system32\jmdp
Folder Deleted : C:\WINDOWS\system32\WNLT
Folder Deleted : C:\Documents and Settings\JR\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\JR\Local Settings\Data aplikací\cre
Folder Deleted : C:\DOCUME~1\JR\LOCALS~1\Temp\CT3220468
Folder Deleted : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\Smartbar
Folder Deleted : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\SweetPacksToolbarData
Folder Deleted : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\CT3220468
Folder Deleted : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\Extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[!] Folder Deleted : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[!] Folder Deleted : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
File Deleted : C:\WINDOWS\system32\ImhxxpComm.dll
File Deleted : C:\Documents and Settings\JR\Plocha\Search The Web.url
File Deleted : C:\Documents and Settings\JR\Plocha\sweetpcfix.url
File Deleted : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\searchplugins\MyStart Search.xml
File Deleted : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\searchplugins\MyStart.xml
File Deleted : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\searchplugins\SweetIm.xml
File Deleted : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\searchplugins\Sweetpacks Search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\WINDOWS\system32\ARFC\wrtc.exe]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Product Deleted : Update Manager for SweetPacks 1.1

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Documents and Settings\JR\Data aplikací\Mozilla\Firefox\Profiles\utkdcpri.default\prefs.js ]

Line Deleted : user_pref("CT3220468.BT_Stats", "{\"last_log\":1352047167,\"uuid\":381365761163107,\"seq_id\":1,\"ssb\":1352047167}");
Line Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.FirstTime", "true");
Line Deleted : user_pref("CT3220468.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Line Deleted : user_pref("CT3220468.RevertSettingsEnabled", true);
Line Deleted : user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Deleted : user_pref("CT3220468.UserID", "UN08116856516329285");
Line Deleted : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3220468.autoDisableScopes", -1);
Line Deleted : user_pref("CT3220468.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT3220468.cbcountry_001", "CZ");
Line Deleted : user_pref("CT3220468.cbfirsttime", "Sun Nov 04 2012 17:39:04 GMT+0100");
Line Deleted : user_pref("CT3220468.countryCode", "CZ");
Line Deleted : user_pref("CT3220468.enableAlerts", "always");
Line Deleted : user_pref("CT3220468.enableFix404ByUser", "FALSE");
Line Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3220468.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3220468.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3220468.fixUrls", true);
Line Deleted : user_pref("CT3220468.fullUserID", "UN08116856516329285.UP.20130713165513");
Line Deleted : user_pref("CT3220468.installId", "fft2E.tmp.exe");
Line Deleted : user_pref("CT3220468.installType", "XPE");
Line Deleted : user_pref("CT3220468.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3220468.isNewTabEnabled", true);
Line Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.keyword", true);
Line Deleted : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN08116856516329285&SSPV=&Lay=1&UM=false\"}[...]
Line Deleted : user_pref("CT3220468.lastVersion", "10.16.70.505");
Line Deleted : user_pref("CT3220468.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fmuj.erasvet.cz%2Fklient%2Fregistrace-rozcestnik\",\"EB_MAIN_FRAME_TITLE\":\"Chcete%20nov%C3[...]
Line Deleted : user_pref("CT3220468.openThankYouPage", "true");
Line Deleted : user_pref("CT3220468.openUninstallPage", "FALSE");
Line Deleted : user_pref("CT3220468.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN08116856516329285&UM=&q=");
Line Deleted : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Line Deleted : user_pref("CT3220468.search.searchCount", "0");
Line Deleted : user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3220468.searchUserMode", "false");
Line Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_services_Configuration_lastUpdate", "1376938319777");
Line Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352047114865");
Line Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1352047114275");
Line Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352047121059");
Line Deleted : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1373485031401");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1353348224868");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358880451978");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364407533546");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.14.40.128_lastUpdate", "1360424873176");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.14.42.7_lastUpdate", "1361643976820");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363112375244");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369702753475");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373485035066");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.16.4.519_lastUpdate", "1375427779652");
Line Deleted : user_pref("CT3220468.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377014580712");
Line Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352047121535");
Line Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1376938319734");
Line Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1376938319463");
Line Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352047117976");
Line Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1377021779892");
Line Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1376938320327");
Line Deleted : user_pref("CT3220468.settingsINI", true);
Line Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3220468.showToolbarPermission", "false");
Line Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Line Deleted : user_pref("CT3220468.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3220468.smartbar.homepage", true);
Line Deleted : user_pref("CT3220468.smartbar.isHidden", true);
Line Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Line Deleted : user_pref("CT3220468.startPage", "userChanged");
Line Deleted : user_pref("CT3220468.toolbarBornServerTime", "4-11-2012");
Line Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "20-8-2013");
Line Deleted : user_pref("CT3220468.toolbarLoginClientTime", "Wed Mar 27 2013 19:03:32 GMT+0100");
Line Deleted : user_pref("CT3220468.upgradeFromClearSBVersion", true);
Line Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1378961601415,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.sweetim.com/search.asp?barid={C41BE883-244D-11E2-9BA2-00105CE6E3C2}&src=2&crg=3.1010000.10005&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
Line Deleted : user_pref("browser.newtab.url", "hxxp://www.sweetpacks-search.com/?barid=&src=97&");
Line Deleted : user_pref("browser.search.defaultenginename", "Sweetpacks Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Sweetpacks Search");
Line Deleted : user_pref("keyword.URL", "hxxp://mysearch.sweetpacks.com?src=6&barid=&&q=");
Line Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3220468");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3220468");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3220468");
Line Deleted : user_pref("smartbar.machineId", "C4YDA1YCVKZIVCPCYPI75RJXRBVZ31EU/XNLAHPJANWJULARL38XS0FPKDXRGZDHQ+GMELZQMGHCILG+Y7FYVQ");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Deleted : user_pref("smartbar.originalSearchEngine", "Obchody MALL.cz");
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.returnValue", "disable");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.centrum.cz/");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(http://www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(http://www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{C41BE883-244D-11E2-9BA2-00105CE6E3C2}");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={C41BE883-244D-11E2-9BA2-00105CE6E3C2}");
Line Deleted : user_pref("sweetim.toolbar.version", "1.7.0.3");

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\p1hwxyfb.default\prefs.js ]


-\\ Google Chrome v29.0.1547.66

[ File : C:\Documents and Settings\JR\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

[ File : C:\Documents and Settings\Quest\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [25981 octets] - [18/09/2013 21:20:07]
AdwCleaner[R1].txt - [23593 octets] - [19/09/2013 13:26:47]
AdwCleaner[S0].txt - [24027 octets] - [19/09/2013 13:28:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24088 octets] ##########

---

shortcut nic nenašel

[CZechBoY]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Microsoft Windows XP x86
Ran by JR on źt 19.09.2013 at 13:35:03,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Documents and Settings\JR\Data aplikacˇ\mozilla\firefox\profiles\utkdcpri.default\minidumps [8 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 19.09.2013 at 13:41:40,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

---

RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : JR [Práva správce]
Mód : Kontrola -- Datum : 09/19/2013 13:45:10
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{2C2BA0D8-5D11-4DE1-A8E4-B064B65AF132} : NameServer (10.0.0.100,10.0.0.200) -> NALEZENO
[DNS][PUM] HKLM\[...]\CCSet\[...]\{D16CED8E-AFD0-494C-888F-572A0DB6093F} : NameServer (10.0.0.100,10.0.0.200) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{2C2BA0D8-5D11-4DE1-A8E4-B064B65AF132} : NameServer (10.0.0.100,10.0.0.200) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{D16CED8E-AFD0-494C-888F-572A0DB6093F} : NameServer (10.0.0.100,10.0.0.200) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{2C2BA0D8-5D11-4DE1-A8E4-B064B65AF132} : NameServer (10.0.0.100,10.0.0.200) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{D16CED8E-AFD0-494C-888F-572A0DB6093F} : NameServer (10.0.0.100,10.0.0.200) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS003\[...]\{2C2BA0D8-5D11-4DE1-A8E4-B064B65AF132} : NameServer (10.0.0.100,10.0.0.200) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[JR][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk : C:\Documents and Settings\JR\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk @C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST3120026A +++++
--- User ---
[MBR] d0b94c05c02d63b1ee4b784ce2c6f309
[BSP] 61c11d4a58a14e5ec3fe657612209222 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39997 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 81915435 | Size: 74465 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standardní diskové jednotky) - StoreJet Transcend USB Device +++++
--- User ---
[MBR] a2e62e3517482fcebfc397ececd03dcf
[BSP] b73ff4c103c79c34e73f0ddda7e2d606 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_09192013_134510.txt >>

[jaro3]

Doufám , že to neděláš za peníze..

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[CZechBoY]

neboj mám živnosťák
zatim to dělám jen abych umlčel masy lidí co jim nejde komp

[jaro3]

Pak pokračuj , co jsem radil.

[CZechBoY]

ten TDS mám dát Start Scan nebo jen spustit a restartovat pc?
dal jsem scan, pač to druhý mi přišlo jako blbost
a ten log se udělá i bez restartu pc



RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : JR [Práva správce]
Mód : Odebrat -- Datum : 09/20/2013 13:03:35
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[JR][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk : C:\Documents and Settings\JR\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk @C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST3120026A +++++
--- User ---
[MBR] d0b94c05c02d63b1ee4b784ce2c6f309
[BSP] 61c11d4a58a14e5ec3fe657612209222 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39997 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 81915435 | Size: 74465 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standardní diskové jednotky) - StoreJet Transcend USB Device +++++
--- User ---
[MBR] a2e62e3517482fcebfc397ececd03dcf
[BSP] b73ff4c103c79c34e73f0ddda7e2d606 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_09202013_130335.txt >>
RKreport[0]_S_09192013_134510.txt;RKreport[0]_S_09202013_130329.txt

---

13:04:45.0968 1560 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:04:46.0515 1560 ============================================================
13:04:46.0515 1560 Current date / time: 2013/09/20 13:04:46.0515
13:04:46.0515 1560 SystemInfo:
13:04:46.0515 1560
13:04:46.0515 1560 OS Version: 5.1.2600 ServicePack: 3.0
13:04:46.0515 1560 Product type: Workstation
13:04:46.0515 1560 ComputerName: ABC
13:04:46.0515 1560 UserName: JR
13:04:46.0515 1560 Windows directory: C:\WINDOWS
13:04:46.0515 1560 System windows directory: C:\WINDOWS
13:04:46.0515 1560 Processor architecture: Intel x86
13:04:46.0515 1560 Number of processors: 1
13:04:46.0515 1560 Page size: 0x1000
13:04:46.0515 1560 Boot type: Normal boot
13:04:46.0515 1560 ============================================================
13:04:50.0156 1560 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:04:50.0187 1560 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:04:50.0187 1560 ============================================================
13:04:50.0187 1560 \Device\Harddisk0\DR0:
13:04:50.0187 1560 MBR partitions:
13:04:50.0187 1560 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E1EDEC
13:04:50.0203 1560 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4E1EE6A, BlocksNum 0x9170A96
13:04:50.0203 1560 \Device\Harddisk1\DR3:
13:04:50.0203 1560 MBR partitions:
13:04:50.0203 1560 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
13:04:50.0203 1560 ============================================================
13:04:50.0421 1560 D: <-> \Device\Harddisk0\DR0\Partition2
13:04:50.0484 1560 C: <-> \Device\Harddisk0\DR0\Partition1
13:04:50.0484 1560 I: <-> \Device\Harddisk1\DR3\Partition1
13:04:50.0484 1560 ============================================================
13:04:50.0484 1560 Initialize success
13:04:50.0484 1560 ============================================================
13:05:03.0187 2508 ============================================================
13:05:03.0187 2508 Scan started
13:05:03.0187 2508 Mode: Manual;
13:05:03.0187 2508 ============================================================
13:05:05.0843 2508 ================ Scan system memory ========================
13:05:05.0843 2508 System memory - ok
13:05:05.0843 2508 ================ Scan services =============================
13:05:07.0031 2508 [ C01069448B2276659EB96946F63D5446 ] 3xHybrid C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
13:05:07.0171 2508 3xHybrid - ok
13:05:07.0218 2508 [ D76E9F5A991458A9F7E28395479B3150 ] 6to4 C:\WINDOWS\System32\6to4svc.dll
13:05:07.0218 2508 6to4 - ok
13:05:07.0234 2508 Abiosdsk - ok
13:05:07.0234 2508 abp480n5 - ok
13:05:07.0312 2508 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:05:07.0328 2508 ACPI - ok
13:05:07.0375 2508 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:05:07.0390 2508 ACPIEC - ok
13:05:07.0484 2508 [ 3109B16A0939BA11696EEB04F345D099 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:05:07.0515 2508 AdobeFlashPlayerUpdateSvc - ok
13:05:07.0531 2508 adpu160m - ok
13:05:07.0562 2508 [ E696E749BEDCDA8B23757B8B5EA93780 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
13:05:07.0562 2508 aeaudio - ok
13:05:07.0640 2508 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:05:07.0656 2508 aec - ok
13:05:07.0687 2508 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:05:07.0703 2508 AFD - ok
13:05:07.0734 2508 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
13:05:07.0750 2508 agp440 - ok
13:05:07.0750 2508 Aha154x - ok
13:05:07.0765 2508 aic78u2 - ok
13:05:07.0781 2508 aic78xx - ok
13:05:07.0843 2508 [ BA88534A3CEB6161E7432438B9EA4F54 ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
13:05:07.0921 2508 ALCXSENS - ok
13:05:07.0968 2508 [ A886A879D2D05D942C3565C4D451EC23 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
13:05:08.0046 2508 ALCXWDM - ok
13:05:08.0078 2508 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:05:08.0078 2508 Alerter - ok
13:05:08.0125 2508 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
13:05:08.0156 2508 ALG - ok
13:05:08.0156 2508 AliIde - ok
13:05:08.0515 2508 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] AllShare C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
13:05:12.0312 2508 AllShare - ok
13:05:12.0328 2508 amsint - ok
13:05:13.0671 2508 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
13:05:13.0671 2508 Apple Mobile Device - ok
13:05:13.0718 2508 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:05:13.0718 2508 AppMgmt - ok
13:05:13.0734 2508 asc - ok
13:05:13.0750 2508 asc3350p - ok
13:05:13.0765 2508 asc3550 - ok
13:05:14.0296 2508 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:05:14.0312 2508 aspnet_state - ok
13:05:14.0359 2508 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:05:14.0375 2508 AsyncMac - ok
13:05:14.0406 2508 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:05:14.0406 2508 atapi - ok
13:05:14.0421 2508 Atdisk - ok
13:05:14.0468 2508 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:05:14.0468 2508 Atmarpc - ok
13:05:14.0515 2508 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:05:14.0515 2508 AudioSrv - ok
13:05:14.0562 2508 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:05:14.0562 2508 audstub - ok
13:05:14.0609 2508 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:05:14.0750 2508 Beep - ok
13:05:15.0296 2508 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
13:05:15.0359 2508 BITS - ok
13:05:15.0390 2508 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:05:15.0390 2508 Bonjour Service - ok
13:05:15.0437 2508 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
13:05:15.0437 2508 Browser - ok
13:05:15.0468 2508 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:05:15.0468 2508 cbidf2k - ok
13:05:15.0500 2508 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:05:15.0500 2508 CCDECODE - ok
13:05:15.0515 2508 cd20xrnt - ok
13:05:15.0546 2508 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:05:15.0546 2508 Cdaudio - ok
13:05:15.0593 2508 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:05:15.0593 2508 Cdfs - ok
13:05:15.0625 2508 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:05:15.0625 2508 Cdrom - ok
13:05:15.0656 2508 Changer - ok
13:05:15.0671 2508 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:05:15.0671 2508 CiSvc - ok
13:05:15.0781 2508 [ 3A6DCB83CA4E71C8C5C828F05C66D95B ] CLCapSvc C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
13:05:15.0796 2508 CLCapSvc - ok
13:05:15.0828 2508 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:05:15.0828 2508 ClipSrv - ok
13:05:15.0875 2508 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:05:15.0875 2508 clr_optimization_v2.0.50727_32 - ok
13:05:15.0937 2508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:05:16.0031 2508 clr_optimization_v4.0.30319_32 - ok
13:05:16.0062 2508 [ 8E8D83D34A5291FC23D7A9F0110D44AE ] CLSched C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
13:05:16.0078 2508 CLSched - ok
13:05:16.0093 2508 CmdIde - ok
13:05:16.0109 2508 COMSysApp - ok
13:05:16.0125 2508 Cpqarray - ok
13:05:16.0171 2508 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:05:16.0187 2508 CryptSvc - ok
13:05:16.0250 2508 [ BC2DDAF478AAF92F237FB52E35EB53D6 ] CyberLink Media Library Service C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
13:05:16.0250 2508 CyberLink Media Library Service - ok
13:05:16.0265 2508 dac2w2k - ok
13:05:16.0281 2508 dac960nt - ok
13:05:16.0359 2508 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:05:16.0390 2508 DcomLaunch - ok
13:05:16.0421 2508 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:05:16.0421 2508 Dhcp - ok
13:05:16.0453 2508 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:05:16.0453 2508 Disk - ok
13:05:16.0468 2508 dmadmin - ok
13:05:16.0546 2508 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:05:16.0593 2508 dmboot - ok
13:05:16.0625 2508 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\DRIVERS\dmio.sys
13:05:16.0625 2508 dmio - ok
13:05:16.0656 2508 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:05:16.0656 2508 dmload - ok
13:05:16.0687 2508 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:05:16.0703 2508 dmserver - ok
13:05:16.0718 2508 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:05:16.0718 2508 DMusic - ok
13:05:16.0750 2508 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:05:16.0750 2508 Dnscache - ok
13:05:16.0796 2508 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:05:16.0796 2508 Dot3svc - ok
13:05:16.0828 2508 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
13:05:16.0843 2508 dot4 - ok
13:05:16.0843 2508 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
13:05:16.0843 2508 Dot4Print - ok
13:05:16.0875 2508 [ CCC4092DFC85336F2E1C142483ADEB42 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
13:05:16.0875 2508 dot4usb - ok
13:05:16.0875 2508 dpti2o - ok
13:05:16.0921 2508 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:05:16.0921 2508 drmkaud - ok
13:05:16.0953 2508 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:05:16.0953 2508 EapHost - ok
13:05:16.0984 2508 [ D0C7F8CA97D16263D434D943B4B7004F ] EL2000 C:\WINDOWS\system32\DRIVERS\EL2K_XP.sys
13:05:17.0000 2508 EL2000 - ok
13:05:17.0031 2508 [ CE37E3D51912E59C80C6D84337C0B4CD ] ElbyCDFL C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
13:05:17.0046 2508 ElbyCDFL - ok
13:05:17.0062 2508 [ 178CC9403816C082D22A1D47FA1F9C85 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
13:05:17.0062 2508 ElbyCDIO - ok
13:05:17.0093 2508 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:05:17.0109 2508 ERSvc - ok
13:05:17.0156 2508 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
13:05:17.0156 2508 Eventlog - ok
13:05:17.0203 2508 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
13:05:17.0203 2508 EventSystem - ok
13:05:17.0250 2508 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:05:17.0250 2508 Fastfat - ok
13:05:17.0281 2508 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:05:17.0296 2508 FastUserSwitchingCompatibility - ok
13:05:17.0328 2508 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:05:17.0328 2508 Fdc - ok
13:05:17.0359 2508 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:05:17.0375 2508 Fips - ok
13:05:17.0390 2508 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:05:17.0390 2508 Flpydisk - ok
13:05:17.0437 2508 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:05:17.0437 2508 FltMgr - ok
13:05:17.0500 2508 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:05:17.0500 2508 FontCache3.0.0.0 - ok
13:05:17.0515 2508 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:05:17.0515 2508 Fs_Rec - ok
13:05:17.0531 2508 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:05:17.0546 2508 Ftdisk - ok
13:05:17.0562 2508 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
13:05:17.0562 2508 gameenum - ok
13:05:17.0593 2508 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:05:17.0593 2508 GEARAspiWDM - ok
13:05:17.0656 2508 [ 360FC9E29EBCD7CB75320E2663EBA0F2 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
13:05:17.0656 2508 getPlusHelper - ok
13:05:17.0687 2508 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:05:17.0687 2508 Gpc - ok
13:05:17.0781 2508 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:05:17.0781 2508 gupdate - ok
13:05:17.0796 2508 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:05:17.0796 2508 gupdatem - ok
13:05:17.0843 2508 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
13:05:17.0843 2508 hamachi - ok
13:05:17.0984 2508 [ 1E8A0705F9925FAD9B2D4F6FC05E1982 ] Hamachi2Svc D:\Programy\LogMeIn Hamachi\hamachi-2.exe
13:05:18.0515 2508 Hamachi2Svc - ok
13:05:18.0578 2508 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:05:18.0578 2508 helpsvc - ok
13:05:18.0593 2508 HidServ - ok
13:05:18.0671 2508 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:05:18.0671 2508 HidUsb - ok
13:05:18.0703 2508 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:05:18.0718 2508 hkmsvc - ok
13:05:18.0718 2508 hpn - ok
13:05:18.0765 2508 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:05:18.0781 2508 HTTP - ok
13:05:18.0812 2508 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:05:18.0828 2508 HTTPFilter - ok
13:05:18.0828 2508 i2omgmt - ok
13:05:18.0843 2508 i2omp - ok
13:05:18.0875 2508 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:05:18.0890 2508 i8042prt - ok
13:05:18.0984 2508 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:05:19.0031 2508 idsvc - ok
13:05:19.0078 2508 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:05:19.0078 2508 Imapi - ok
13:05:19.0125 2508 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:05:19.0125 2508 ImapiService - ok
13:05:19.0140 2508 ini910u - ok
13:05:19.0171 2508 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:05:19.0171 2508 IntelIde - ok
13:05:19.0203 2508 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:05:19.0203 2508 intelppm - ok
13:05:19.0234 2508 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:05:19.0234 2508 Ip6Fw - ok
13:05:19.0265 2508 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:05:19.0281 2508 IpFilterDriver - ok
13:05:19.0296 2508 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:05:19.0296 2508 IpInIp - ok
13:05:19.0312 2508 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:05:19.0328 2508 IpNat - ok
13:05:19.0375 2508 [ 7A3611564FCE7C8BE50B03F58CB3EB7D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:05:19.0390 2508 iPod Service - ok
13:05:19.0421 2508 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:05:19.0421 2508 IPSec - ok
13:05:19.0453 2508 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:05:19.0453 2508 IRENUM - ok
13:05:19.0468 2508 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:05:19.0468 2508 isapnp - ok
13:05:19.0500 2508 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:05:19.0500 2508 Kbdclass - ok
13:05:19.0531 2508 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:05:19.0531 2508 kmixer - ok
13:05:19.0578 2508 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:05:19.0578 2508 KSecDD - ok
13:05:19.0640 2508 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:05:19.0640 2508 lanmanserver - ok
13:05:19.0687 2508 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:05:19.0687 2508 lanmanworkstation - ok
13:05:19.0703 2508 lbrtfdc - ok
13:05:19.0765 2508 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:05:19.0765 2508 LmHosts - ok
13:05:19.0781 2508 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:05:19.0781 2508 Messenger - ok
13:05:19.0875 2508 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:05:19.0875 2508 Microsoft Office Groove Audit Service - ok
13:05:19.0921 2508 [ 63C34814492AA65FC517B002DE77B191 ] MidiSyn C:\WINDOWS\system32\drivers\MidiSyn.sys
13:05:19.0921 2508 MidiSyn - ok
13:05:19.0953 2508 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:05:19.0953 2508 mnmdd - ok
13:05:19.0984 2508 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:05:19.0984 2508 mnmsrvc - ok
13:05:20.0015 2508 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:05:20.0015 2508 Modem - ok
13:05:20.0062 2508 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:05:20.0062 2508 Mouclass - ok
13:05:20.0093 2508 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:05:20.0093 2508 mouhid - ok
13:05:20.0125 2508 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:05:20.0125 2508 MountMgr - ok
13:05:20.0171 2508 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:05:20.0187 2508 MozillaMaintenance - ok
13:05:20.0218 2508 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
13:05:20.0218 2508 MPE - ok
13:05:20.0265 2508 [ 7E34BFA1A7B60BBA1DA03D677F16CD63 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:05:20.0281 2508 MpFilter - ok
13:05:20.0390 2508 [ 06D4F934E09C359B0EFBFB3146F1D910 ] MpKslb12582ee C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E310E6EC-EE92-40F2-9C30-B7C782D73C3F}\MpKslb12582ee.sys
13:05:20.0390 2508 MpKslb12582ee - ok
13:05:20.0406 2508 mraid35x - ok
13:05:20.0437 2508 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:05:20.0437 2508 MRxDAV - ok
13:05:20.0500 2508 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:05:20.0515 2508 MRxSmb - ok
13:05:20.0546 2508 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:05:20.0546 2508 MSDTC - ok
13:05:20.0578 2508 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:05:20.0578 2508 Msfs - ok
13:05:20.0593 2508 MSIServer - ok
13:05:20.0625 2508 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:05:20.0625 2508 MSKSSRV - ok
13:05:21.0062 2508 [ 90DC23D940551DB35367FB1E40575B25 ] MsMpSvc C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
13:05:21.0062 2508 MsMpSvc - ok
13:05:21.0109 2508 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:05:21.0109 2508 MSPCLOCK - ok
13:05:21.0140 2508 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:05:21.0140 2508 MSPQM - ok
13:05:21.0171 2508 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:05:21.0171 2508 mssmbios - ok
13:05:21.0203 2508 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:05:21.0203 2508 MSTEE - ok
13:05:21.0234 2508 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
13:05:21.0234 2508 ms_mpu401 - ok
13:05:21.0281 2508 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:05:21.0281 2508 Mup - ok
13:05:21.0312 2508 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:05:21.0312 2508 NABTSFEC - ok
13:05:21.0359 2508 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:05:21.0359 2508 napagent - ok
13:05:21.0390 2508 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:05:21.0406 2508 NDIS - ok
13:05:21.0421 2508 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:05:21.0421 2508 NdisIP - ok
13:05:21.0453 2508 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:05:21.0453 2508 NdisTapi - ok
13:05:21.0468 2508 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:05:21.0484 2508 Ndisuio - ok
13:05:21.0500 2508 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:05:21.0500 2508 NdisWan - ok
13:05:21.0546 2508 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:05:21.0546 2508 NDProxy - ok
13:05:21.0562 2508 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:05:21.0562 2508 NetBIOS - ok
13:05:21.0593 2508 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:05:21.0593 2508 NetBT - ok
13:05:21.0640 2508 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:05:21.0640 2508 NetDDE - ok
13:05:21.0656 2508 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:05:21.0656 2508 NetDDEdsdm - ok
13:05:21.0687 2508 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:05:21.0703 2508 Netlogon - ok
13:05:21.0734 2508 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
13:05:21.0750 2508 Netman - ok
13:05:21.0765 2508 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:05:21.0781 2508 NetTcpPortSharing - ok
13:05:21.0812 2508 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
13:05:21.0828 2508 Nla - ok
13:05:21.0843 2508 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
13:05:21.0843 2508 nm - ok
13:05:21.0890 2508 [ 0E58F99692802C501454EAC3D2AC3394 ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
13:05:21.0890 2508 nosGetPlusHelper - ok
13:05:21.0906 2508 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:05:21.0906 2508 Npfs - ok
13:05:21.0937 2508 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:05:21.0968 2508 Ntfs - ok
13:05:21.0984 2508 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:05:21.0984 2508 NtLmSsp - ok
13:05:22.0046 2508 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:05:22.0093 2508 NtmsSvc - ok
13:05:22.0125 2508 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:05:22.0125 2508 Null - ok
13:05:22.0296 2508 [ BA1B732C1A70CFEA0C1B64F2850BF44F ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:05:22.0406 2508 nv - ok
13:05:22.0437 2508 [ 0FEBE37DB6650FAA5965C00545009D1D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
13:05:22.0437 2508 NVSvc - ok
13:05:22.0484 2508 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:05:22.0484 2508 NwlnkFlt - ok
13:05:22.0500 2508 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:05:22.0500 2508 NwlnkFwd - ok
13:05:22.0640 2508 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:05:22.0640 2508 odserv - ok
13:05:22.0687 2508 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:05:22.0687 2508 ose - ok
13:05:22.0750 2508 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:05:22.0750 2508 Parport - ok
13:05:22.0781 2508 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:05:22.0781 2508 PartMgr - ok
13:05:22.0812 2508 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:05:22.0812 2508 ParVdm - ok
13:05:22.0843 2508 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:05:22.0843 2508 PCI - ok
13:05:22.0859 2508 PCIDump - ok
13:05:22.0890 2508 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
13:05:22.0890 2508 PCIIde - ok
13:05:22.0921 2508 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:05:22.0921 2508 Pcmcia - ok
13:05:22.0937 2508 PDCOMP - ok
13:05:22.0953 2508 PDFRAME - ok
13:05:22.0968 2508 PDRELI - ok
13:05:22.0984 2508 PDRFRAME - ok
13:05:23.0000 2508 perc2 - ok
13:05:23.0015 2508 perc2hib - ok
13:05:23.0046 2508 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
13:05:23.0046 2508 PlugPlay - ok
13:05:23.0093 2508 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:05:23.0093 2508 PolicyAgent - ok
13:05:23.0125 2508 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:05:23.0125 2508 PptpMiniport - ok
13:05:23.0140 2508 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:05:23.0140 2508 ProtectedStorage - ok
13:05:23.0171 2508 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:05:23.0187 2508 PSched - ok
13:05:23.0203 2508 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:05:23.0203 2508 Ptilink - ok
13:05:23.0218 2508 ql1080 - ok
13:05:23.0234 2508 Ql10wnt - ok
13:05:23.0250 2508 ql12160 - ok
13:05:23.0265 2508 ql1240 - ok
13:05:23.0281 2508 ql1280 - ok
13:05:23.0296 2508 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:05:23.0296 2508 RasAcd - ok
13:05:23.0343 2508 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:05:23.0343 2508 RasAuto - ok
13:05:23.0375 2508 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:05:23.0375 2508 Rasl2tp - ok
13:05:23.0421 2508 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:05:23.0437 2508 RasMan - ok
13:05:23.0468 2508 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:05:23.0468 2508 RasPppoe - ok
13:05:23.0484 2508 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:05:23.0484 2508 Raspti - ok
13:05:23.0515 2508 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:05:23.0515 2508 Rdbss - ok
13:05:23.0531 2508 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:05:23.0531 2508 RDPCDD - ok
13:05:23.0562 2508 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:05:23.0562 2508 rdpdr - ok
13:05:23.0609 2508 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:05:23.0625 2508 RDPWD - ok
13:05:23.0656 2508 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:05:23.0656 2508 RDSessMgr - ok
13:05:23.0703 2508 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:05:23.0703 2508 redbook - ok
13:05:23.0734 2508 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:05:23.0750 2508 RemoteAccess - ok
13:05:23.0781 2508 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:05:23.0781 2508 RemoteRegistry - ok
13:05:23.0828 2508 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:05:23.0828 2508 RpcLocator - ok
13:05:23.0859 2508 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:05:23.0859 2508 RpcSs - ok
13:05:23.0906 2508 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:05:23.0906 2508 RSVP - ok
13:05:23.0937 2508 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
13:05:23.0937 2508 rtl8139 - ok
13:05:23.0968 2508 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
13:05:23.0968 2508 SamSs - ok
13:05:24.0000 2508 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:05:24.0015 2508 SCardSvr - ok
13:05:24.0031 2508 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:05:24.0046 2508 Schedule - ok
13:05:24.0062 2508 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:05:24.0062 2508 Secdrv - ok
13:05:24.0078 2508 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:05:24.0109 2508 seclogon - ok
13:05:24.0140 2508 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
13:05:24.0140 2508 SENS - ok
13:05:24.0171 2508 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:05:24.0187 2508 serenum - ok
13:05:24.0218 2508 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:05:24.0234 2508 Serial - ok
13:05:24.0281 2508 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:05:24.0281 2508 Sfloppy - ok
13:05:24.0328 2508 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:05:24.0343 2508 SharedAccess - ok
13:05:24.0359 2508 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:05:24.0359 2508 ShellHWDetection - ok
13:05:24.0375 2508 Simbad - ok
13:05:24.0546 2508 [ D0776778A9FC5E37F2E9EB21FC8A9709 ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:05:24.0625 2508 Skype C2C Service - ok
13:05:24.0703 2508 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:05:24.0718 2508 SkypeUpdate - ok
13:05:24.0750 2508 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:05:24.0750 2508 SLIP - ok
13:05:24.0828 2508 [ 7D9B50329AF9FD94B0529282530D2CB7 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
13:05:24.0843 2508 smwdm - ok
13:05:24.0875 2508 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
13:05:24.0875 2508 SoundMAX Agent Service (default) - ok
13:05:24.0906 2508 Sparrow - ok
13:05:24.0921 2508 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:05:24.0921 2508 splitter - ok
13:05:24.0968 2508 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:05:24.0968 2508 Spooler - ok
13:05:25.0046 2508 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
13:05:25.0046 2508 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
13:05:25.0046 2508 sptd ( LockedFile.Multi.Generic ) - warning
13:05:25.0046 2508 sptd - detected LockedFile.Multi.Generic (1)
13:05:25.0093 2508 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:05:25.0093 2508 sr - ok
13:05:25.0140 2508 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
13:05:25.0140 2508 srservice - ok
13:05:25.0187 2508 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:05:25.0203 2508 Srv - ok
13:05:25.0218 2508 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:05:25.0218 2508 SSDPSRV - ok
13:05:25.0265 2508 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:05:25.0281 2508 stisvc - ok
13:05:25.0328 2508 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:05:25.0328 2508 streamip - ok
13:05:25.0343 2508 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:05:25.0343 2508 swenum - ok
13:05:25.0375 2508 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:05:25.0375 2508 swmidi - ok
13:05:25.0406 2508 SwPrv - ok
13:05:25.0421 2508 symc810 - ok
13:05:25.0437 2508 symc8xx - ok
13:05:25.0453 2508 sym_hi - ok
13:05:25.0468 2508 sym_u3 - ok
13:05:25.0500 2508 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:05:25.0500 2508 sysaudio - ok
13:05:25.0531 2508 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:05:25.0531 2508 SysmonLog - ok
13:05:25.0578 2508 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:05:25.0578 2508 TapiSrv - ok
13:05:25.0625 2508 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:05:25.0640 2508 Tcpip - ok
13:05:25.0718 2508 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
13:05:25.0718 2508 Tcpip6 - ok
13:05:25.0750 2508 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:05:25.0750 2508 TDPIPE - ok
13:05:25.0765 2508 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:05:25.0765 2508 TDTCP - ok
13:05:25.0812 2508 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:05:25.0812 2508 TermDD - ok
13:05:25.0859 2508 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
13:05:25.0859 2508 TermService - ok
13:05:25.0875 2508 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:05:25.0875 2508 Themes - ok
13:05:25.0921 2508 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:05:25.0921 2508 TlntSvr - ok
13:05:25.0937 2508 TosIde - ok
13:05:25.0968 2508 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:05:25.0968 2508 TrkWks - ok
13:05:26.0015 2508 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
13:05:26.0015 2508 tunmp - ok
13:05:26.0046 2508 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:05:26.0046 2508 Udfs - ok
13:05:26.0078 2508 ultra - ok
13:05:26.0109 2508 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:05:26.0140 2508 Update - ok
13:05:26.0187 2508 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
13:05:26.0203 2508 upnphost - ok
13:05:26.0218 2508 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
13:05:26.0234 2508 UPS - ok
13:05:26.0265 2508 [ 1DF89C499BF45D878B87EBD4421D462D ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
13:05:26.0265 2508 USBAAPL - ok
13:05:26.0296 2508 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:05:26.0296 2508 usbccgp - ok
13:05:26.0328 2508 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:05:26.0328 2508 usbehci - ok
13:05:26.0359 2508 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:05:26.0359 2508 usbhub - ok
13:05:26.0406 2508 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:05:26.0406 2508 usbprint - ok
13:05:26.0437 2508 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:05:26.0437 2508 USBSTOR - ok
13:05:26.0453 2508 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:05:26.0453 2508 usbuhci - ok
13:05:26.0500 2508 [ C90055BD2BB41443462EA715E0876B8D ] V0260VID C:\WINDOWS\system32\DRIVERS\V0260Vid.sys
13:05:26.0515 2508 V0260VID - ok
13:05:26.0531 2508 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:05:26.0531 2508 VgaSave - ok
13:05:26.0546 2508 ViaIde - ok
13:05:26.0562 2508 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:05:26.0562 2508 VolSnap - ok
13:05:26.0609 2508 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
13:05:26.0625 2508 VSS - ok
13:05:26.0656 2508 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
13:05:26.0671 2508 W32Time - ok
13:05:26.0703 2508 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:05:26.0703 2508 Wanarp - ok
13:05:26.0718 2508 WDICA - ok
13:05:26.0750 2508 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:05:26.0750 2508 wdmaud - ok
13:05:26.0796 2508 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:05:26.0796 2508 WebClient - ok
13:05:26.0875 2508 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:05:26.0890 2508 winmgmt - ok
13:05:26.0937 2508 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
13:05:26.0937 2508 WmdmPmSN - ok
13:05:27.0000 2508 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:05:27.0046 2508 Wmi - ok
13:05:27.0093 2508 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:05:27.0093 2508 WmiApSrv - ok
13:05:27.0187 2508 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:05:27.0656 2508 WMPNetworkSvc - ok
13:05:27.0687 2508 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:05:27.0687 2508 WpdUsb - ok
13:05:27.0796 2508 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:05:27.0828 2508 WPFFontCache_v0400 - ok
13:05:27.0859 2508 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:05:27.0875 2508 wscsvc - ok
13:05:27.0906 2508 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:05:27.0906 2508 WSTCODEC - ok
13:05:27.0921 2508 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:05:27.0937 2508 wuauserv - ok
13:05:27.0953 2508 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:05:27.0953 2508 WudfPf - ok
13:05:27.0968 2508 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:05:27.0968 2508 WudfRd - ok
13:05:28.0000 2508 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:05:28.0015 2508 WudfSvc - ok
13:05:28.0062 2508 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:05:28.0109 2508 WZCSVC - ok
13:05:28.0140 2508 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:05:28.0156 2508 xmlprov - ok
13:05:28.0187 2508 ================ Scan global ===============================
13:05:28.0203 2508 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
13:05:28.0265 2508 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
13:05:28.0296 2508 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
13:05:28.0312 2508 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
13:05:28.0312 2508 [Global] - ok
13:05:28.0328 2508 ================ Scan MBR ==================================
13:05:28.0343 2508 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
13:05:28.0484 2508 \Device\Harddisk0\DR0 - ok
13:05:28.0500 2508 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
13:05:29.0015 2508 \Device\Harddisk1\DR3 - ok
13:05:29.0015 2508 ================ Scan VBR ==================================
13:05:29.0031 2508 [ ADCF02252F0E0EC79A4C4B871B7CA4EB ] \Device\Harddisk0\DR0\Partition1
13:05:29.0031 2508 \Device\Harddisk0\DR0\Partition1 - ok
13:05:29.0046 2508 [ D26A47D72482B3E761F2C34AA0DAC363 ] \Device\Harddisk0\DR0\Partition2
13:05:29.0046 2508 \Device\Harddisk0\DR0\Partition2 - ok
13:05:29.0062 2508 [ 23D2B689532F011447CD859AA001EC82 ] \Device\Harddisk1\DR3\Partition1
13:05:29.0062 2508 \Device\Harddisk1\DR3\Partition1 - ok
13:05:29.0062 2508 ============================================================
13:05:29.0062 2508 Scan finished
13:05:29.0062 2508 ============================================================
13:05:29.0093 1844 Detected object count: 1
13:05:29.0093 1844 Actual detected object count: 1
13:05:48.0750 1844 sptd ( LockedFile.Multi.Generic ) - skipped by user
13:05:48.0750 1844 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
13:05:52.0921 1168 Deinitialize success