Žádost o kontrolu logu Vyřešeno

[Gabriela Moravcová]

Dobrý večer,

prosila bych o kontrolu logu od zkušenějších.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:18:19, on 8.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com/inde ... 522492E48B
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

--
End of file - 3186 bytes

Děkuji za pomoc
G. Moravcová

//EDIT: Pokud vadí že jsem během té diagnostiky měla zapnutý internetový prohlížeč, napište a udělám to znovu.

[Reklama]

[jaro3]

Nemusíš , ale popiš problémy.

Nedávej logy do code.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Gabriela Moravcová]

No napsala jsem sem protože notebook se chová poslední dobou vcelku podivně, respektivě hrozně zpomaleně. Žádný software jsem neinstalovala, vše jako vždy. Je po výměně disku atp, protože je to takový dědeček mezi hardwarem už, ale po výměně šlapal zase jako divý. Ale pro účely mého podnikání dostačující. Proto mě zajímá zda tam náhodou nemám nějakou neplechu. :)

Jinak se omlouvám že odepisuji až teď, ale odjela jsem nečekaně do zahraničí za dodavatelem zboží.

Takže ATF + TFC hotové.
Log z AdwCleaner:

# AdwCleaner v3.007 - Report created 10/10/2013 at 18:12:47
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jirka - HRU-0971BC9CFED
# Running from : C:\Documents and Settings\Jirka\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
Folder Found C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Found C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
Folder Found C:\Documents and Settings\Jirka\Data aplikací\DriverCure
Folder Found C:\Documents and Settings\Jirka\Data aplikací\ParetoLogic
Folder Found C:\Documents and Settings\Jirka\Data aplikací\Toolbar4

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


*************************

AdwCleaner[R0].txt - [4413 octets] - [10/10/2013 18:12:47]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4473 octets] ##########

Log z mBamu:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.08.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jirka :: HRU-0971BC9CFED [administrátor]

10.10.2013 18:16:30
mbam-log-2013-10-10 (18-16-30).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 187176
Uplynulý čas: 6 minut,

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)


Mbam používám takřka pravidelně od doby co jsem měla v počítači nějaký mallware, přes který se mě pak nejspíše zjistily údaje k FTP + SFTP údajům od hostingových služeb a v php souborech jsem měla zanesené redirect skripty na nějaký ruský web. Tudíž dělám tím kompletní kontrolu i několikrát v týdnu.

[jaro3]

Správně.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Gabriela Moravcová]

Adwcleaner:

# AdwCleaner v3.007 - Report created 10/10/2013 at 19:34:50
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jirka - HRU-0971BC9CFED
# Running from : C:\Documents and Settings\Jirka\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
Folder Deleted : C:\Documents and Settings\Jirka\Data aplikací\DriverCure
Folder Deleted : C:\Documents and Settings\Jirka\Data aplikací\ParetoLogic
Folder Deleted : C:\Documents and Settings\Jirka\Data aplikací\Toolbar4
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


*************************

AdwCleaner[R0].txt - [4553 octets] - [10/10/2013 18:12:47]
AdwCleaner[R1].txt - [4613 octets] - [10/10/2013 19:10:58]
AdwCleaner[S0].txt - [4650 octets] - [10/10/2013 19:34:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4710 octets] ##########

Jrt:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Jirka on źt 10.10.2013 at 19:36:47,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1123561945-515967899-1177238915-1004\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 10.10.2013 at 19:40:30,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller:

RogueKiller V8.7.2 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jirka [Práva správce]
Mód : Kontrola -- Datum : 10/10/2013 19:44:13
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[BROK VAL] HKCR\[...]\command : () -> CHYBÍ

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - HTS541040G9SA00 +++++
--- User ---
[MBR] 713ea523a2f1003ed47f96f9a04d1b4d
[BSP] 146d5b27c603729fc76ec14ff2a7e8dc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38146 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10102013_194413.txt >>

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[Gabriela Moravcová]

RK:

RogueKiller V8.7.2 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jirka [Práva správce]
Mód : Odebrat -- Datum : 10/11/2013 20:52:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[BROK VAL] HKCR\[...]\command : () -> vytvořené ("%1" %*)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - HTS541040G9SA00 +++++
--- User ---
[MBR] 713ea523a2f1003ed47f96f9a04d1b4d
[BSP] 146d5b27c603729fc76ec14ff2a7e8dc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38146 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10112013_205225.txt >>
RKreport[0]_S_10102013_194413.txt;RKreport[0]_S_10112013_205205.txt


TDSSKiller:

20:55:42.0875 1164 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:55:44.0437 1164 ============================================================
20:55:44.0437 1164 Current date / time: 2013/10/11 20:55:44.0437
20:55:44.0437 1164 SystemInfo:
20:55:44.0437 1164
20:55:44.0437 1164 OS Version: 5.1.2600 ServicePack: 3.0
20:55:44.0437 1164 Product type: Workstation
20:55:44.0437 1164 ComputerName: HRU-0971BC9CFED
20:55:44.0437 1164 UserName: Jirka
20:55:44.0437 1164 Windows directory: C:\WINDOWS
20:55:44.0437 1164 System windows directory: C:\WINDOWS
20:55:44.0437 1164 Processor architecture: Intel x86
20:55:44.0437 1164 Number of processors: 1
20:55:44.0437 1164 Page size: 0x1000
20:55:44.0437 1164 Boot type: Normal boot
20:55:44.0437 1164 ============================================================
20:55:48.0812 1164 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:55:48.0812 1164 ============================================================
20:55:48.0812 1164 \Device\Harddisk0\DR0:
20:55:48.0812 1164 MBR partitions:
20:55:48.0812 1164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A81400
20:55:48.0812 1164 ============================================================
20:55:48.0890 1164 C: <-> \Device\Harddisk0\DR0\Partition1
20:55:48.0890 1164 ============================================================
20:55:48.0890 1164 Initialize success
20:55:48.0890 1164 ============================================================
20:55:53.0703 2072 ============================================================
20:55:53.0703 2072 Scan started
20:55:53.0703 2072 Mode: Manual;
20:55:53.0703 2072 ============================================================
20:55:54.0906 2072 ================ Scan system memory ========================
20:55:54.0921 2072 System memory - ok
20:55:54.0921 2072 ================ Scan services =============================
20:55:55.0031 2072 Abiosdsk - ok
20:55:55.0046 2072 abp480n5 - ok
20:55:55.0093 2072 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:55:55.0093 2072 ACPI - ok
20:55:55.0109 2072 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:55:55.0125 2072 ACPIEC - ok
20:55:55.0187 2072 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:55:55.0187 2072 AdobeFlashPlayerUpdateSvc - ok
20:55:55.0203 2072 adpu160m - ok
20:55:55.0265 2072 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:55:55.0265 2072 aec - ok
20:55:55.0281 2072 [ 4D43E74F2A1239D53929B82600F1971C ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:55:55.0281 2072 AFD - ok
20:55:55.0296 2072 Aha154x - ok
20:55:55.0312 2072 aic78u2 - ok
20:55:55.0328 2072 aic78xx - ok
20:55:55.0343 2072 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:55:55.0343 2072 Alerter - ok
20:55:55.0375 2072 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
20:55:55.0375 2072 ALG - ok
20:55:55.0375 2072 AliIde - ok
20:55:55.0390 2072 amsint - ok
20:55:55.0421 2072 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:55:55.0437 2072 AppMgmt - ok
20:55:55.0437 2072 asc - ok
20:55:55.0453 2072 asc3350p - ok
20:55:55.0468 2072 asc3550 - ok
20:55:55.0593 2072 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:55:55.0593 2072 aspnet_state - ok
20:55:55.0609 2072 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:55:55.0609 2072 AsyncMac - ok
20:55:55.0625 2072 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:55:55.0625 2072 atapi - ok
20:55:55.0640 2072 Atdisk - ok
20:55:55.0703 2072 [ 91FA52A79C87D1CD141C59844506A02B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:55:55.0703 2072 Ati HotKey Poller - ok
20:55:55.0812 2072 [ 956C7EC3A9DE96F785B829BEB41E3C3E ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:55:55.0843 2072 ati2mtag - ok
20:55:55.0921 2072 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:55:55.0921 2072 Atmarpc - ok
20:55:57.0609 2072 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:55:57.0625 2072 AudioSrv - ok
20:55:57.0656 2072 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:55:57.0656 2072 audstub - ok
20:55:57.0703 2072 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:55:57.0718 2072 Beep - ok
20:55:57.0796 2072 [ 3AEDE727580F0A7C3929DD6526145759 ] BITS C:\WINDOWS\system32\qmgr.dll
20:55:57.0890 2072 BITS - ok
20:55:57.0968 2072 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:55:57.0968 2072 Bonjour Service - ok
20:55:58.0000 2072 [ 39CE94B2B33771A3D95C70F41847F3F9 ] Browser C:\WINDOWS\System32\browser.dll
20:55:58.0000 2072 Browser - ok
20:55:58.0031 2072 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:55:58.0031 2072 cbidf2k - ok
20:55:58.0109 2072 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:55:58.0140 2072 CCDECODE - ok
20:55:58.0156 2072 cd20xrnt - ok
20:55:58.0171 2072 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:55:58.0187 2072 Cdaudio - ok
20:55:58.0218 2072 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:55:58.0234 2072 Cdfs - ok
20:55:58.0250 2072 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:55:58.0250 2072 Cdrom - ok
20:55:58.0265 2072 Changer - ok
20:55:58.0296 2072 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:55:58.0296 2072 CiSvc - ok
20:55:58.0312 2072 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:55:58.0312 2072 ClipSrv - ok
20:55:58.0515 2072 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:55:58.0531 2072 clr_optimization_v2.0.50727_32 - ok
20:55:58.0578 2072 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:55:58.0609 2072 clr_optimization_v4.0.30319_32 - ok
20:55:58.0640 2072 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:55:58.0640 2072 CmBatt - ok
20:55:58.0656 2072 CmdIde - ok
20:55:58.0671 2072 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:55:58.0671 2072 Compbatt - ok
20:55:58.0687 2072 COMSysApp - ok
20:55:58.0703 2072 Cpqarray - ok
20:55:58.0734 2072 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:55:58.0734 2072 CryptSvc - ok
20:55:58.0750 2072 dac2w2k - ok
20:55:58.0765 2072 dac960nt - ok
20:55:58.0812 2072 [ C0BD34A62508BA68F146E22CE45919F9 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:55:58.0828 2072 DcomLaunch - ok
20:55:58.0875 2072 [ EB737F46D7D494C7760A932C9B6491A4 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:55:58.0890 2072 Dhcp - ok
20:55:58.0906 2072 [ 47B6AAEC570F2C11D8BAD80A064D8ED1 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:55:58.0906 2072 Disk - ok
20:55:58.0921 2072 dmadmin - ok
20:55:58.0984 2072 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:55:59.0000 2072 dmboot - ok
20:55:59.0031 2072 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:55:59.0031 2072 dmio - ok
20:55:59.0062 2072 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:55:59.0062 2072 dmload - ok
20:55:59.0078 2072 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:55:59.0078 2072 dmserver - ok
20:55:59.0125 2072 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:55:59.0125 2072 DMusic - ok
20:55:59.0140 2072 [ 38AAD7E982198CB4F642BB60E59511F1 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:55:59.0140 2072 Dnscache - ok
20:55:59.0171 2072 [ AACFC38E9D085D58F9F933CFD6AF1D2B ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:55:59.0187 2072 Dot3svc - ok
20:55:59.0187 2072 dpti2o - ok
20:55:59.0203 2072 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:55:59.0203 2072 drmkaud - ok
20:55:59.0250 2072 [ B327281012B48BD73F587799F9F29BE2 ] DumpDrv C:\WINDOWS\system32\drivers\DumpDrv.sys
20:55:59.0265 2072 DumpDrv - ok
20:55:59.0359 2072 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:55:59.0359 2072 EapHost - ok
20:55:59.0375 2072 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:55:59.0375 2072 ERSvc - ok
20:55:59.0421 2072 [ 4F40D16B2D5ED9E48A193CE468912FED ] Eventlog C:\WINDOWS\system32\services.exe
20:55:59.0421 2072 Eventlog - ok
20:55:59.0484 2072 [ BE68EA4457E2E5717231CF91BE5448E0 ] EventSystem C:\WINDOWS\system32\es.dll
20:55:59.0484 2072 EventSystem - ok
20:55:59.0531 2072 [ 4D893323DAE445E34A4C9038B0551BC9 ] exFat C:\WINDOWS\system32\drivers\exFat.sys
20:55:59.0531 2072 exFat - ok
20:55:59.0578 2072 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:55:59.0578 2072 Fastfat - ok
20:55:59.0625 2072 [ 54A6BF743E0517528A5064CEAEB40EA7 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:55:59.0625 2072 FastUserSwitchingCompatibility - ok
20:55:59.0656 2072 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:55:59.0656 2072 Fdc - ok
20:55:59.0671 2072 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:55:59.0671 2072 Fips - ok
20:55:59.0765 2072 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:55:59.0781 2072 FLEXnet Licensing Service - ok
20:55:59.0812 2072 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:55:59.0812 2072 Flpydisk - ok
20:55:59.0859 2072 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:55:59.0859 2072 FltMgr - ok
20:55:59.0921 2072 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:55:59.0921 2072 FontCache3.0.0.0 - ok
20:55:59.0937 2072 [ 30D42943A54704EF13E2562911DBFCEA ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:55:59.0953 2072 Fs_Rec - ok
20:55:59.0968 2072 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:55:59.0968 2072 Ftdisk - ok
20:56:00.0000 2072 [ 035EAF9A18B84F9560984BCF41F52E99 ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys
20:56:00.0000 2072 gfiark - ok
20:56:00.0031 2072 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\WINDOWS\system32\drivers\gfibto.sys
20:56:00.0031 2072 gfibto - ok
20:56:00.0062 2072 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:56:00.0062 2072 Gpc - ok
20:56:00.0109 2072 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
20:56:00.0125 2072 hamachi - ok
20:56:00.0156 2072 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:56:00.0156 2072 HDAudBus - ok
20:56:00.0218 2072 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:56:00.0218 2072 helpsvc - ok
20:56:00.0265 2072 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:56:00.0265 2072 HidServ - ok
20:56:00.0296 2072 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:56:00.0296 2072 hidusb - ok
20:56:00.0312 2072 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:56:00.0312 2072 hkmsvc - ok
20:56:00.0328 2072 hpn - ok
20:56:00.0390 2072 [ 937031C085718C1C04A9C0864625EC6B ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:56:00.0390 2072 HTTP - ok
20:56:00.0421 2072 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:56:00.0421 2072 HTTPFilter - ok
20:56:00.0437 2072 i2omgmt - ok
20:56:00.0453 2072 i2omp - ok
20:56:00.0484 2072 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:56:00.0484 2072 i8042prt - ok
20:56:00.0593 2072 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:56:00.0640 2072 idsvc - ok
20:56:00.0656 2072 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:56:00.0671 2072 Imapi - ok
20:56:00.0687 2072 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:56:00.0687 2072 ImapiService - ok
20:56:00.0718 2072 ini910u - ok
20:56:00.0953 2072 [ FA9A9468F982835E99C1EC21257F7E60 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:56:01.0062 2072 IntcAzAudAddService - ok
20:56:01.0062 2072 IntelIde - ok
20:56:01.0109 2072 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:56:01.0109 2072 intelppm - ok
20:56:01.0140 2072 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:56:01.0140 2072 Ip6Fw - ok
20:56:01.0187 2072 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:56:01.0187 2072 IpFilterDriver - ok
20:56:01.0203 2072 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:56:01.0203 2072 IpInIp - ok
20:56:01.0218 2072 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:56:01.0218 2072 IpNat - ok
20:56:01.0234 2072 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:56:01.0250 2072 IPSec - ok
20:56:01.0281 2072 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:56:01.0281 2072 IRENUM - ok
20:56:01.0312 2072 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:56:01.0312 2072 isapnp - ok
20:56:01.0437 2072 [ 1834C96FB1F9280BCF6DDFA6DE8338BF ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:56:01.0437 2072 JavaQuickStarterService - ok
20:56:01.0500 2072 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:56:01.0500 2072 Kbdclass - ok
20:56:01.0515 2072 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:56:01.0515 2072 kbdhid - ok
20:56:01.0562 2072 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:56:01.0562 2072 kmixer - ok
20:56:01.0578 2072 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:56:01.0578 2072 KSecDD - ok
20:56:01.0609 2072 [ 21920AC69594AB021237054FA728FE46 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
20:56:01.0625 2072 LanmanServer - ok
20:56:01.0640 2072 [ 9A2E7EE3989AAC0079E9D23555545D52 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:56:01.0656 2072 lanmanworkstation - ok
20:56:01.0656 2072 lbrtfdc - ok
20:56:01.0687 2072 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:56:01.0703 2072 LmHosts - ok
20:56:01.0734 2072 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:56:01.0734 2072 Messenger - ok
20:56:01.0765 2072 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:56:01.0765 2072 mnmdd - ok
20:56:01.0796 2072 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:56:01.0812 2072 mnmsrvc - ok
20:56:01.0843 2072 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:56:01.0843 2072 Modem - ok
20:56:01.0843 2072 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:56:01.0859 2072 Mouclass - ok
20:56:01.0890 2072 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:56:01.0890 2072 mouhid - ok
20:56:01.0906 2072 [ 1A1FAA5102466F418494E94FF9B0B091 ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:56:01.0906 2072 MountMgr - ok
20:56:01.0921 2072 mraid35x - ok
20:56:01.0937 2072 [ 6A7C4AC5B52155115DEE97995C1CF157 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:56:01.0937 2072 MRxDAV - ok
20:56:01.0984 2072 [ 0AF15A971F120246C9EEF2C46E290539 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:56:01.0984 2072 MRxSmb - ok
20:56:02.0031 2072 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:56:02.0031 2072 MSDTC - ok
20:56:02.0062 2072 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:56:02.0062 2072 Msfs - ok
20:56:02.0078 2072 MSIServer - ok
20:56:02.0140 2072 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:56:02.0140 2072 MSKSSRV - ok
20:56:02.0156 2072 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:56:02.0156 2072 MSPCLOCK - ok
20:56:02.0171 2072 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:56:02.0171 2072 MSPQM - ok
20:56:02.0203 2072 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:56:02.0203 2072 mssmbios - ok
20:56:02.0234 2072 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:56:02.0250 2072 MSTEE - ok
20:56:02.0250 2072 [ 6546FE6639499FA4BEF180BDF08266A1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:56:02.0265 2072 Mup - ok
20:56:02.0328 2072 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:56:02.0328 2072 NABTSFEC - ok
20:56:02.0375 2072 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:56:02.0390 2072 napagent - ok
20:56:02.0484 2072 [ B5B1080D35974C0E718D64280761BCD5 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:56:02.0484 2072 NDIS - ok
20:56:02.0515 2072 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:56:02.0515 2072 NdisIP - ok
20:56:02.0546 2072 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:56:02.0546 2072 NdisTapi - ok
20:56:02.0593 2072 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:56:02.0593 2072 Ndisuio - ok
20:56:02.0609 2072 [ B053A8411045FD0664B389A090CB2BBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:56:02.0609 2072 NdisWan - ok
20:56:02.0625 2072 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:56:02.0625 2072 NDProxy - ok
20:56:02.0656 2072 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:56:02.0656 2072 NetBIOS - ok
20:56:02.0687 2072 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:56:02.0703 2072 NetBT - ok
20:56:02.0734 2072 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:56:02.0750 2072 NetDDE - ok
20:56:02.0765 2072 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:56:02.0765 2072 NetDDEdsdm - ok
20:56:02.0812 2072 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:56:02.0812 2072 Netlogon - ok
20:56:02.0828 2072 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
20:56:02.0843 2072 Netman - ok
20:56:02.0890 2072 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:56:02.0906 2072 NetTcpPortSharing - ok
20:56:02.0953 2072 [ 0D594D828829E1BC727B870899376B19 ] Nla C:\WINDOWS\System32\mswsock.dll
20:56:02.0953 2072 Nla - ok
20:56:02.0968 2072 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:56:02.0968 2072 Npfs - ok
20:56:03.0015 2072 [ AE8CAD8F28DB13B515A68510A539B0B8 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:56:03.0031 2072 Ntfs - ok
20:56:03.0031 2072 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:56:03.0046 2072 NtLmSsp - ok
20:56:03.0109 2072 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:56:03.0109 2072 NtmsSvc - ok
20:56:03.0140 2072 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:56:03.0140 2072 Null - ok
20:56:03.0171 2072 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:56:03.0171 2072 NwlnkFlt - ok
20:56:03.0187 2072 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:56:03.0187 2072 NwlnkFwd - ok
20:56:03.0234 2072 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
20:56:03.0234 2072 Parport - ok
20:56:03.0250 2072 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:56:03.0250 2072 PartMgr - ok
20:56:03.0281 2072 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:56:03.0281 2072 ParVdm - ok
20:56:03.0296 2072 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:56:03.0296 2072 PCI - ok
20:56:03.0312 2072 PCIDump - ok
20:56:03.0343 2072 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:56:03.0343 2072 PCIIde - ok
20:56:03.0359 2072 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:56:03.0359 2072 Pcmcia - ok
20:56:03.0375 2072 PDCOMP - ok
20:56:03.0406 2072 PDFRAME - ok
20:56:03.0406 2072 PDRELI - ok
20:56:03.0421 2072 PDRFRAME - ok
20:56:03.0437 2072 perc2 - ok
20:56:03.0453 2072 perc2hib - ok
20:56:04.0796 2072 [ 4F40D16B2D5ED9E48A193CE468912FED ] PlugPlay C:\WINDOWS\system32\services.exe
20:56:04.0796 2072 PlugPlay - ok
20:56:04.0812 2072 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:56:04.0812 2072 PolicyAgent - ok
20:56:04.0843 2072 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:56:04.0843 2072 PptpMiniport - ok
20:56:04.0859 2072 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:56:04.0859 2072 ProtectedStorage - ok
20:56:04.0890 2072 [ D8E11D311785F89F1D70A28B0E879127 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:56:04.0890 2072 PSched - ok
20:56:04.0906 2072 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:56:04.0906 2072 Ptilink - ok
20:56:04.0921 2072 ql1080 - ok
20:56:04.0937 2072 Ql10wnt - ok
20:56:04.0953 2072 ql12160 - ok
20:56:04.0968 2072 ql1240 - ok
20:56:04.0984 2072 ql1280 - ok
20:56:05.0000 2072 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:56:05.0015 2072 RasAcd - ok
20:56:05.0046 2072 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:56:05.0046 2072 RasAuto - ok
20:56:05.0078 2072 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:56:05.0078 2072 Rasl2tp - ok
20:56:05.0109 2072 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:56:05.0109 2072 RasMan - ok
20:56:05.0109 2072 [ 2C9D4620A0FD35DE1828370B392F6E2D ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:56:05.0125 2072 RasPppoe - ok
20:56:05.0125 2072 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:56:05.0125 2072 Raspti - ok
20:56:05.0171 2072 [ 77050C6615F6EB5402F832B27FD695E0 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:56:05.0171 2072 Rdbss - ok
20:56:05.0187 2072 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:56:05.0187 2072 RDPCDD - ok
20:56:05.0234 2072 [ 47EA20320E3D6FDC7B7BB22B2B881CA6 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:56:05.0234 2072 rdpdr - ok
20:56:05.0312 2072 [ E8E3107243B16A549B88D145EC051B06 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:56:05.0312 2072 RDPWD - ok
20:56:05.0375 2072 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:56:05.0375 2072 RDSessMgr - ok
20:56:05.0406 2072 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:56:05.0406 2072 redbook - ok
20:56:05.0453 2072 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:56:05.0453 2072 RemoteAccess - ok
20:56:05.0500 2072 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:56:05.0500 2072 RemoteRegistry - ok
20:56:05.0531 2072 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:56:05.0531 2072 RpcLocator - ok
20:56:05.0578 2072 [ C0BD34A62508BA68F146E22CE45919F9 ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:56:05.0593 2072 RpcSs - ok
20:56:05.0625 2072 [ 743D7D59767073A617B1DCC6C546F234 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:56:05.0625 2072 rspndr - ok
20:56:05.0671 2072 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:56:05.0671 2072 RSVP - ok
20:56:05.0687 2072 rt2870 - ok
20:56:05.0718 2072 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:56:05.0718 2072 rtl8139 - ok
20:56:05.0734 2072 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
20:56:05.0734 2072 SamSs - ok
20:56:05.0750 2072 SBRE - ok
20:56:05.0796 2072 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:56:05.0796 2072 SCardSvr - ok
20:56:05.0828 2072 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:56:05.0843 2072 Schedule - ok
20:56:05.0843 2072 Scutum50 - ok
20:56:05.0875 2072 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:56:05.0875 2072 Secdrv - ok
20:56:05.0906 2072 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:56:05.0906 2072 seclogon - ok
20:56:05.0921 2072 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
20:56:05.0937 2072 SENS - ok
20:56:05.0953 2072 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
20:56:05.0953 2072 Serial - ok
20:56:06.0015 2072 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:56:06.0015 2072 Sfloppy - ok
20:56:06.0046 2072 [ 65EACFE3182AFEE8D222D0B17FE05EDA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:56:06.0062 2072 SharedAccess - ok
20:56:06.0125 2072 [ 54A6BF743E0517528A5064CEAEB40EA7 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:56:06.0125 2072 ShellHWDetection - ok
20:56:06.0140 2072 Simbad - ok
20:56:06.0187 2072 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:56:06.0187 2072 SLIP - ok
20:56:06.0203 2072 Sparrow - ok
20:56:06.0250 2072 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:56:06.0250 2072 splitter - ok
20:56:06.0265 2072 [ CB1090BCA0E7B40D0B5B4E4D66531809 ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:56:06.0265 2072 Spooler - ok
20:56:06.0312 2072 [ 94610C8653635E4459316A0050D55CE7 ] SR C:\WINDOWS\system32\DRIVERS\sr.sys
20:56:06.0312 2072 SR - ok
20:56:06.0343 2072 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
20:56:06.0359 2072 srservice - ok
20:56:06.0390 2072 [ 30EFED0C77D59AE0CACB0B5C756767ED ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:56:06.0406 2072 Srv - ok
20:56:06.0421 2072 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:56:06.0421 2072 SSDPSRV - ok
20:56:06.0484 2072 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:56:06.0500 2072 stisvc - ok
20:56:06.0515 2072 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:56:06.0531 2072 streamip - ok
20:56:06.0546 2072 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:56:06.0546 2072 swenum - ok
20:56:06.0593 2072 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:56:06.0593 2072 swmidi - ok
20:56:06.0609 2072 SwPrv - ok
20:56:06.0625 2072 symc810 - ok
20:56:06.0640 2072 symc8xx - ok
20:56:06.0640 2072 sym_hi - ok
20:56:06.0656 2072 sym_u3 - ok
20:56:06.0687 2072 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:56:06.0687 2072 sysaudio - ok
20:56:06.0734 2072 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:56:06.0750 2072 SysmonLog - ok
20:56:06.0781 2072 [ AF2A883CC63318A8BDA168BDD7AC80D9 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:56:06.0781 2072 TapiSrv - ok
20:56:06.0828 2072 [ 367DE8E5F638C091F49273144274F629 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:56:06.0828 2072 Tcpip - ok
20:56:06.0859 2072 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:56:06.0859 2072 TDPIPE - ok
20:56:06.0890 2072 [ C0578456F29E5F26285F81B7B71FE57D ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:56:06.0890 2072 TDTCP - ok
20:56:06.0921 2072 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:56:06.0937 2072 TermDD - ok
20:56:06.0968 2072 [ 0E43A7CF302D85273FC86F5FCA9A1909 ] TermService C:\WINDOWS\System32\termsrv.dll
20:56:06.0984 2072 TermService - ok
20:56:07.0015 2072 [ 54A6BF743E0517528A5064CEAEB40EA7 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:56:07.0015 2072 Themes - ok
20:56:07.0046 2072 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:56:07.0062 2072 TlntSvr - ok
20:56:07.0062 2072 TosIde - ok
20:56:07.0093 2072 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:56:07.0093 2072 TrkWks - ok
20:56:07.0140 2072 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:56:07.0140 2072 Udfs - ok
20:56:07.0171 2072 ultra - ok
20:56:07.0234 2072 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:56:07.0250 2072 Update - ok
20:56:07.0296 2072 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
20:56:07.0296 2072 upnphost - ok
20:56:07.0328 2072 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
20:56:07.0328 2072 UPS - ok
20:56:07.0359 2072 [ C18D6C74953621346DF6B0A11F80C1CC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:56:07.0359 2072 usbccgp - ok
20:56:07.0406 2072 [ 52674B5DBEE499342A599C7771ABECAA ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:56:07.0406 2072 usbehci - ok
20:56:07.0437 2072 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:56:07.0437 2072 usbhub - ok
20:56:07.0453 2072 [ C5E11CD822ADF0019A5A862D9C4E2222 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:56:07.0453 2072 usbohci - ok
20:56:07.0500 2072 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:56:07.0500 2072 USBSTOR - ok
20:56:07.0578 2072 [ EE1C82338F2B831B2A863935C831DB21 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
20:56:07.0578 2072 usbvideo - ok
20:56:07.0593 2072 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:56:07.0593 2072 VgaSave - ok
20:56:07.0609 2072 ViaIde - ok
20:56:07.0656 2072 [ 3B8F222B23917C041E4DA29CCC57E7D0 ] vncmirror C:\WINDOWS\system32\DRIVERS\vncmirror.sys
20:56:07.0656 2072 vncmirror - ok
20:56:07.0671 2072 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:56:07.0671 2072 VolSnap - ok
20:56:07.0718 2072 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
20:56:07.0718 2072 VSS - ok
20:56:07.0750 2072 [ DF2E8EA96391126977DA1B8AB6FC39FC ] W32Time C:\WINDOWS\system32\w32time.dll
20:56:07.0765 2072 W32Time - ok
20:56:07.0828 2072 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:56:07.0828 2072 Wanarp - ok
20:56:07.0843 2072 WDICA - ok
20:56:07.0859 2072 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:56:07.0859 2072 wdmaud - ok
20:56:07.0906 2072 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:56:07.0906 2072 WebClient - ok
20:56:07.0984 2072 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:56:07.0984 2072 winmgmt - ok
20:56:08.0046 2072 WinRing0_1_2_0 - ok
20:56:08.0171 2072 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:56:08.0203 2072 WinRM - ok
20:56:08.0250 2072 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:56:08.0250 2072 WmdmPmSN - ok
20:56:08.0312 2072 [ 4E68A735673CE17152329428524BA1C3 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:56:08.0328 2072 Wmi - ok
20:56:08.0375 2072 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:56:08.0375 2072 WmiApSrv - ok
20:56:08.0468 2072 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:56:08.0500 2072 WMPNetworkSvc - ok
20:56:08.0546 2072 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:56:08.0546 2072 wscsvc - ok
20:56:08.0562 2072 WSearch - ok
20:56:08.0593 2072 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:56:08.0593 2072 WSTCODEC - ok
20:56:08.0625 2072 [ 02E4055488047729B333F99D93877038 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:56:08.0625 2072 wuauserv - ok
20:56:08.0671 2072 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:56:08.0671 2072 WudfPf - ok
20:56:08.0687 2072 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:56:08.0687 2072 WudfRd - ok
20:56:08.0703 2072 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:56:08.0703 2072 WudfSvc - ok
20:56:08.0750 2072 [ F345FF726D92D58ABE5B0AEE08D29DF1 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:56:08.0781 2072 WZCSVC - ok
20:56:08.0812 2072 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:56:08.0828 2072 xmlprov - ok
20:56:08.0843 2072 ================ Scan global ===============================
20:56:08.0875 2072 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
20:56:08.0890 2072 [ 990864D32638714B63056A61D93CF42E ] C:\WINDOWS\system32\winsrv.dll
20:56:08.0921 2072 [ 990864D32638714B63056A61D93CF42E ] C:\WINDOWS\system32\winsrv.dll
20:56:08.0953 2072 [ 4F40D16B2D5ED9E48A193CE468912FED ] C:\WINDOWS\system32\services.exe
20:56:08.0953 2072 [Global] - ok
20:56:08.0953 2072 ================ Scan MBR ==================================
20:56:08.0968 2072 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
20:56:09.0187 2072 \Device\Harddisk0\DR0 - ok
20:56:09.0203 2072 ================ Scan VBR ==================================
20:56:09.0203 2072 [ 407237A3F60D5F7348131CC47FF90CF5 ] \Device\Harddisk0\DR0\Partition1
20:56:09.0203 2072 \Device\Harddisk0\DR0\Partition1 - ok
20:56:09.0203 2072 ============================================================
20:56:09.0203 2072 Scan finished
20:56:09.0203 2072 ============================================================
20:56:09.0234 2064 Detected object count: 0
20:56:09.0234 2064 Actual detected object count: 0
20:58:19.0390 0744 Deinitialize success

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.