Prosím o kontrolu, záhadné výpadky internetu

P.O.B · Příspěvekod **P.O.B** » 24 črc 2013 13:25

Zdravím všechny rádce,

mám jeden akutní problém, notebook s XP připojený přes wifi či kabel (je to jedno) zhruba po hodině od startu ztratí přístup k internetu, respektive spíše jen jeho aplikace, takže třeba FF/IE nic nezobrazí, kdežto pokud pustím ping např. na seznam.cz, tak je vše OK 0% ztráta.

Notebook s 7, ležící vedle nemá problémy žádné.

Jde o podobný/stejný problém jako je popsaný zde

Kód: Vybrat vše

http://forum.zive.cz/viewtopic.php?f=927&t=1137153

Zkoušel jsem některé věci z toho topicu, ale marně, po restartu vždy vše ok, ale do cca hodiny spadne a konec, pak už nic, ani manuální dns bez restartu neúčinkuje... Proxy jsem kontroloval, nic...

Setkali jste se někdo s něčím podobným? Proč právě na XP?

Posílám log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:07, on 24.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\notes\ntmulti.exe
C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Astaro\Astaro Secure Client\ncpclcfg.exe
C:\Program Files\Astaro\Astaro Secure Client\ncprwsnt.exe
C:\Program Files\Astaro\Astaro Secure Client\ncpsec.exe
C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Astaro\Astaro Secure Client\rwsrsu.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\EPSON\BSTM\PG\E_L20IC2.EXE
C:\Program Files\Astaro\Astaro Secure Client\ncpbudgt.exe
C:\Program Files\Astaro\Astaro Secure Client\ncpmon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://sitedirector.symantec.com/932743 ... d&P1rem=89
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [EPSON PageSTM TrayIcon01] C:\Program Files\EPSON\BSTM\PG\E_L20IC2.EXE
O4 - HKLM\..\Run: [NcpBudget] "C:\Program Files\Astaro\Astaro Secure Client\ncpbudgt.exe"
O4 - HKLM\..\Run: [NcpPopup] "C:\Program Files\Astaro\Astaro Secure Client\ncppopup.exe" noerrmsg
O4 - HKLM\..\Run: [NcpMonitor] "C:\Program Files\Astaro\Astaro Secure Client\ncpmon.exe" AUTORUN
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C495939-D494-4F0E-9316-6A4BF17252D1}: NameServer = 81.200.48.11,192.168.0.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\ifxtcs.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: ncpclcfg - NCP engineering GmbH - C:\Program Files\Astaro\Astaro Secure Client\ncpclcfg.exe
O23 - Service: ncprwsnt - NCP Engineering GmbH - C:\Program Files\Astaro\Astaro Secure Client\ncprwsnt.exe
O23 - Service: NcpSec - Unknown owner - C:\Program Files\Astaro\Astaro Secure Client\ncpsec.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RwsRsu (rwsrsu) - Unknown owner - C:\Program Files\Astaro\Astaro Secure Client\rwsrsu.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 11884 bytes

Reklama

Příspěvekod **memphisto** » 24 črc 2013 13:45

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

P.O.B · Příspěvekod **P.O.B** » 24 črc 2013 14:25

ATF - OK

MbAM - OK - log níže

AdwCleaner - OK - log níže

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.24.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Kantorová Lenka :: KANTOROVA [administrátor]

24.7.2013 14:16:36
MBAM-log-2013-07-24 (14-21-13).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 225107
Uplynulý čas: 4 minut, 13 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Program Files\Unlocker\eBay_shortcuts_1016.exe (Adware.Clicker) -> Nebyla provedena žádná instrukce.

(konec)

# AdwCleaner v2.306 - Log vytvooen 24/07/2013 v 14:21:45
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Kantorová Lenka - KANTOROVA
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Kantorová Lenka\Plocha\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Ask
Složka Nalezeno : C:\Documents and Settings\Kantorová Lenka\Data aplikací\Mozilla\Firefox\Profiles\exrps3ub.default\extensions\toolbar@ask.com
Složka Nalezeno : C:\Documents and Settings\Kantorová Lenka\Local Settings\Data aplikací\AskToolbar
Složka Nalezeno : C:\Program Files\Ask.com
Složka Nalezeno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Soubor Nalezeno : C:\Documents and Settings\Kantorová Lenka\Data aplikací\Mozilla\Firefox\Profiles\exrps3ub.default\searchplugins\Askcom.xml
Soubor Nalezeno : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Klíe Nalezeno : HKCU\Software\APN
Klíe Nalezeno : HKCU\Software\Ask.com
Klíe Nalezeno : HKCU\Software\AskToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\Software\APN
Klíe Nalezeno : HKLM\Software\AskToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Documents and Settings\Kantorová Lenka\Data aplikací\Mozilla\Firefox\Profiles\exrps3ub.default\prefs.js

[OK] Soubor je eistý.

Soubor : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\gzyzejjb.default\prefs.js

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [8137 octets] - [24/07/2013 14:09:10]
AdwCleaner[R2].txt - [8068 octets] - [24/07/2013 14:21:45]

########## EOF - C:\AdwCleaner[R2].txt - [8128 octets] ##########

Zatím vše, díky moc za rychlou reakci, já musím bohužel z města, takže se chci jen omluvit, že případná odpověď bude až večer.

Ještě jednou díky :-)

Příspěvekod **jaro3** » 24 črc 2013 15:52

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

P.O.B · Příspěvekod **P.O.B** » 25 črc 2013 07:17

AdwCleaner - OK - vymazáno -> restart

Junkware... - OK

RogueKiller - OK

logy:

# AdwCleaner v2.306 - Log vytvooen 25/07/2013 v 06:30:09
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Kantorová Lenka - KANTOROVA
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Kantorová Lenka\Plocha\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\Ask
Složka Vymazáno : C:\Documents and Settings\Kantorová Lenka\Data aplikací\Mozilla\Firefox\Profiles\exrps3ub.default\extensions\toolbar@ask.com
Složka Vymazáno : C:\Documents and Settings\Kantorová Lenka\Local Settings\Data aplikací\AskToolbar
Složka Vymazáno : C:\Program Files\Ask.com
Složka Vymazáno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Soubor Vymazáno : C:\Documents and Settings\Kantorová Lenka\Data aplikací\Mozilla\Firefox\Profiles\exrps3ub.default\searchplugins\Askcom.xml
Soubor Vymazáno : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Klíe Vymazáno : HKCU\Software\APN
Klíe Vymazáno : HKCU\Software\Ask.com
Klíe Vymazáno : HKCU\Software\AskToolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\Software\APN
Klíe Vymazáno : HKLM\Software\AskToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Documents and Settings\Kantorová Lenka\Data aplikací\Mozilla\Firefox\Profiles\exrps3ub.default\prefs.js

C:\Documents and Settings\Kantorová Lenka\Data aplikací\Mozilla\Firefox\Profiles\exrps3ub.default\user.js ... Vymazáno !

[OK] Soubor je eistý.

Soubor : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\gzyzejjb.default\prefs.js

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [8137 octets] - [24/07/2013 14:09:10]
AdwCleaner[R2].txt - [8197 octets] - [24/07/2013 14:21:45]
AdwCleaner[S1].txt - [8250 octets] - [25/07/2013 06:30:09]

########## EOF - C:\AdwCleaner[S1].txt - [8310 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Microsoft Windows XP x86
Ran by Kantorov Lenka on źt 25.07.2013 at 6:39:56,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BBB6CE86-65D8-47BA-814C-DAEFADCE5884}

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 25.07.2013 at 6:43:06,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Kantorová Lenka [Práva správce]
Mód : Kontrola -- Datum : 07/25/2013 06:51:47
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{4C495939-D494-4F0E-9316-6A4BF17252D1} : NameServer (81.200.48.11,192.168.0.1) -> NALEZENO
[DNS] HKLM\[...]\CS001\[...]\{4C495939-D494-4F0E-9316-6A4BF17252D1} : NameServer (81.200.48.11,192.168.0.1) -> NALEZENO
[DNS] HKLM\[...]\CS003\[...]\{4C495939-D494-4F0E-9316-6A4BF17252D1} : NameServer (81.200.48.11,192.168.0.1) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[12] : NtAlertResumeThread @ 0x805D4BDC -> HOOKED (Unknown @ 0x8A421078)
[Address] SSDT[13] : NtAlertThread @ 0x805D4B8C -> HOOKED (Unknown @ 0x8A425A20)
[Address] SSDT[17] : NtAllocateVirtualMemory @ 0x805A8AC2 -> HOOKED (Unknown @ 0x8A463400)
[Address] SSDT[19] : NtAssignProcessToJobObject @ 0x805D66A0 -> HOOKED (Unknown @ 0x8A6B3578)
[Address] SSDT[31] : NtConnectPort @ 0x805A45D8 -> HOOKED (Unknown @ 0x8A777F18)
[Address] SSDT[43] : NtCreateMutant @ 0x806177F2 -> HOOKED (Unknown @ 0x8A4897A0)
[Address] SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C3A02 -> HOOKED (Unknown @ 0x89F120A0)
[Address] SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0x8A7701C8)
[Address] SSDT[57] : NtDebugActiveProcess @ 0x80643C82 -> HOOKED (Unknown @ 0x8A410F30)
[Address] SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0x8A46FB80)
[Address] SSDT[83] : NtFreeVirtualMemory @ 0x805B2FBA -> HOOKED (Unknown @ 0x89E20438)
[Address] SSDT[89] : NtImpersonateAnonymousToken @ 0x805F9332 -> HOOKED (Unknown @ 0x8A418698)
[Address] SSDT[91] : NtImpersonateThread @ 0x805D7860 -> HOOKED (Unknown @ 0x8A41D8E8)
[Address] SSDT[97] : NtLoadDriver @ 0x80584172 -> HOOKED (Unknown @ 0x8A6A03C8)
[Address] SSDT[108] : unknown @ 0x805B2042 -> HOOKED (Unknown @ 0x8A76F008)
[Address] SSDT[114] : NtOpenEvent @ 0x8060F1B0 -> HOOKED (Unknown @ 0x8A417080)
[Address] SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0x8A46FC10)
[Address] SSDT[123] : NtOpenProcessToken @ 0x805EE000 -> HOOKED (Unknown @ 0x8A45BEF8)
[Address] SSDT[125] : NtOpenSection @ 0x805AA3F4 -> HOOKED (Unknown @ 0x8A4128A0)
[Address] SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0x8A46FAF0)
[Address] SSDT[137] : NtProtectVirtualMemory @ 0x805B8426 -> HOOKED (Unknown @ 0x8A432DD8)
[Address] SSDT[206] : NtResumeThread @ 0x805D4A18 -> HOOKED (Unknown @ 0x8A425A58)
[Address] SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0x8A42A390)
[Address] SSDT[228] : NtSetInformationProcess @ 0x805CDEA0 -> HOOKED (Unknown @ 0x89EDDF80)
[Address] SSDT[240] : NtSetSystemInformation @ 0x8060FE68 -> HOOKED (Unknown @ 0x8A411098)
[Address] SSDT[253] : NtSuspendProcess @ 0x805D4AE0 -> HOOKED (Unknown @ 0x8A4130B8)
[Address] SSDT[254] : NtSuspendThread @ 0x805D4952 -> HOOKED (Unknown @ 0x8A424AE8)
[Address] SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0x8A76F890)
[Address] SSDT[258] : unknown @ 0x805D24D2 -> HOOKED (Unknown @ 0x8A424D28)
[Address] SSDT[267] : NtUnmapViewOfSection @ 0x805B2E50 -> HOOKED (Unknown @ 0x8A6AB608)
[Address] SSDT[277] : NtWriteVirtualMemory @ 0x805B43D4 -> HOOKED (Unknown @ 0x89DD5C58)
[Address] Shadow SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x8A791EF8)
[Address] Shadow SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x89F264A0)
[Address] Shadow SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x8A66A298)
[Address] Shadow SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x89F243A8)
[Address] Shadow SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x89C6B868)
[Address] Shadow SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x89EE43B0)
[Address] Shadow SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x8A6604F0)
[Address] Shadow SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x8A42CEC8)
[Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8A42B690)
[Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8A432908)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEVS-22UST0 +++++
--- User ---
[MBR] e0419e49cc462f64cac5ecbb850cddae
[BSP] 1cae57f6230e9e75551d841eabacc935 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_07252013_065147.txt >>

Příspěvekod **memphisto** » 25 črc 2013 09:05

Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

P.O.B · Příspěvekod **P.O.B** » 25 črc 2013 10:35

RogueKiller - druhou odrážku sem pochopil jako "Prohledat" nic jiného nešlo, až pak "delete"

TDSSKiller - po spuštění - "start scan" - po dokončení - restart

logy:

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Kantorová Lenka [Práva správce]
Mód : Odebrat -- Datum : 07/25/2013 10:03:30
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{4C495939-D494-4F0E-9316-6A4BF17252D1} : NameServer (81.200.48.11,192.168.0.1) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{4C495939-D494-4F0E-9316-6A4BF17252D1} : NameServer (81.200.48.11,192.168.0.1) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[DNS] HKLM\[...]\CS003\[...]\{4C495939-D494-4F0E-9316-6A4BF17252D1} : NameServer (81.200.48.11,192.168.0.1) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[12] : NtAlertResumeThread @ 0x805D4BDC -> HOOKED (Unknown @ 0x8A0DB438)
[Address] SSDT[13] : NtAlertThread @ 0x805D4B8C -> HOOKED (Unknown @ 0x8A0DB518)
[Address] SSDT[17] : NtAllocateVirtualMemory @ 0x805A8AC2 -> HOOKED (Unknown @ 0x8A5818B8)
[Address] SSDT[19] : NtAssignProcessToJobObject @ 0x805D66A0 -> HOOKED (Unknown @ 0x8A56F8A8)
[Address] SSDT[31] : NtConnectPort @ 0x805A45D8 -> HOOKED (Unknown @ 0x8A2365F0)
[Address] SSDT[43] : NtCreateMutant @ 0x806177F2 -> HOOKED (Unknown @ 0x8A403CA0)
[Address] SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C3A02 -> HOOKED (Unknown @ 0x89F493C8)
[Address] SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0x8A7320F8)
[Address] SSDT[57] : NtDebugActiveProcess @ 0x80643C82 -> HOOKED (Unknown @ 0x8A661328)
[Address] SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0x8A261D30)
[Address] SSDT[83] : NtFreeVirtualMemory @ 0x805B2FBA -> HOOKED (Unknown @ 0x8A64C898)
[Address] SSDT[89] : NtImpersonateAnonymousToken @ 0x805F9332 -> HOOKED (Unknown @ 0x8A567D68)
[Address] SSDT[91] : NtImpersonateThread @ 0x805D7860 -> HOOKED (Unknown @ 0x8A412408)
[Address] SSDT[97] : NtLoadDriver @ 0x80584172 -> HOOKED (Unknown @ 0x8A68E8B0)
[Address] SSDT[108] : unknown @ 0x805B2042 -> HOOKED (Unknown @ 0x8A233EF0)
[Address] SSDT[114] : NtOpenEvent @ 0x8060F1B0 -> HOOKED (Unknown @ 0x8A476390)
[Address] SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0x8A576DB8)
[Address] SSDT[123] : NtOpenProcessToken @ 0x805EE000 -> HOOKED (Unknown @ 0x8A1EE2A8)
[Address] SSDT[125] : NtOpenSection @ 0x805AA3F4 -> HOOKED (Unknown @ 0x8A610668)
[Address] SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0x8A576CE8)
[Address] SSDT[137] : NtProtectVirtualMemory @ 0x805B8426 -> HOOKED (Unknown @ 0x89F49498)
[Address] SSDT[206] : NtResumeThread @ 0x805D4A18 -> HOOKED (Unknown @ 0x8A55F498)
[Address] SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0x8A3F2DC8)
[Address] SSDT[228] : NtSetInformationProcess @ 0x805CDEA0 -> HOOKED (Unknown @ 0x8A67AD78)
[Address] SSDT[240] : NtSetSystemInformation @ 0x8060FE68 -> HOOKED (Unknown @ 0x8A699340)
[Address] SSDT[253] : NtSuspendProcess @ 0x805D4AE0 -> HOOKED (Unknown @ 0x8A4762D0)
[Address] SSDT[254] : NtSuspendThread @ 0x805D4952 -> HOOKED (Unknown @ 0x8A452C88)
[Address] SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0x8A29B7F0)
[Address] SSDT[258] : unknown @ 0x805D24D2 -> HOOKED (Unknown @ 0x8A3F2D08)
[Address] SSDT[267] : NtUnmapViewOfSection @ 0x805B2E50 -> HOOKED (Unknown @ 0x8A3E75E8)
[Address] SSDT[277] : NtWriteVirtualMemory @ 0x805B43D4 -> HOOKED (Unknown @ 0x8A73E2B0)
[Address] Shadow SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x8A6A27E0)
[Address] Shadow SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x8A1ABA48)
[Address] Shadow SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x8A1952F0)
[Address] Shadow SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x8A43C3C8)
[Address] Shadow SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x8A43C400)
[Address] Shadow SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x8A69E908)
[Address] Shadow SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x8A6D2660)
[Address] Shadow SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x8A6EADE8)
[Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8A610750)
[Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8A69FB18)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEVS-22UST0 +++++
--- User ---
[MBR] e0419e49cc462f64cac5ecbb850cddae
[BSP] 1cae57f6230e9e75551d841eabacc935 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07252013_100330.txt >>
RKreport[0]_S_07252013_065147.txt;RKreport[0]_S_07252013_100301.txt

10:05:40.0140 3924 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:05:40.0609 3924 ============================================================
10:05:40.0609 3924 Current date / time: 2013/07/25 10:05:40.0609
10:05:40.0609 3924 SystemInfo:
10:05:40.0609 3924
10:05:40.0609 3924 OS Version: 5.1.2600 ServicePack: 3.0
10:05:40.0609 3924 Product type: Workstation
10:05:40.0609 3924 ComputerName: KANTOROVA
10:05:40.0609 3924 UserName: Kantorová Lenka
10:05:40.0609 3924 Windows directory: C:\WINDOWS
10:05:40.0609 3924 System windows directory: C:\WINDOWS
10:05:40.0609 3924 Processor architecture: Intel x86
10:05:40.0609 3924 Number of processors: 2
10:05:40.0609 3924 Page size: 0x1000
10:05:40.0609 3924 Boot type: Normal boot
10:05:40.0609 3924 ============================================================
10:05:42.0468 3924 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:05:42.0468 3924 ============================================================
10:05:42.0468 3924 \Device\Harddisk0\DR0:
10:05:42.0468 3924 MBR partitions:
10:05:42.0468 3924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
10:05:42.0468 3924 ============================================================
10:05:42.0484 3924 C: <-> \Device\Harddisk0\DR0\Partition1
10:05:42.0484 3924 ============================================================
10:05:42.0484 3924 Initialize success
10:05:42.0484 3924 ============================================================
10:05:59.0875 1304 ============================================================
10:05:59.0875 1304 Scan started
10:05:59.0875 1304 Mode: Manual;
10:05:59.0875 1304 ============================================================
10:06:00.0468 1304 ================ Scan system memory ========================
10:06:00.0468 1304 System memory - ok
10:06:00.0468 1304 ================ Scan services =============================
10:06:00.0562 1304 [ 42FAEEF297D64C132862266418DBEF7F ] 602XML Updater C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
10:06:00.0562 1304 602XML Updater - ok
10:06:00.0718 1304 Abiosdsk - ok
10:06:00.0718 1304 abp480n5 - ok
10:06:00.0765 1304 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:06:00.0765 1304 ACPI - ok
10:06:00.0796 1304 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
10:06:00.0796 1304 ACPIEC - ok
10:06:00.0875 1304 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:06:00.0875 1304 AdobeFlashPlayerUpdateSvc - ok
10:06:00.0875 1304 adpu160m - ok
10:06:00.0906 1304 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:06:00.0906 1304 aec - ok
10:06:00.0937 1304 [ A1AD1A4A9F18D900CA9C93FA3EFDCB56 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
10:06:00.0937 1304 AegisP - ok
10:06:00.0968 1304 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:06:00.0968 1304 AFD - ok
10:06:00.0968 1304 Aha154x - ok
10:06:00.0984 1304 aic78u2 - ok
10:06:00.0984 1304 aic78xx - ok
10:06:01.0015 1304 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:06:01.0015 1304 Alerter - ok
10:06:01.0031 1304 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
10:06:01.0031 1304 ALG - ok
10:06:01.0031 1304 AliIde - ok
10:06:01.0046 1304 amsint - ok
10:06:01.0078 1304 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:06:01.0078 1304 AppMgmt - ok
10:06:01.0125 1304 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:06:01.0125 1304 Arp1394 - ok
10:06:01.0125 1304 asc - ok
10:06:01.0125 1304 asc3350p - ok
10:06:01.0140 1304 asc3550 - ok
10:06:01.0156 1304 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
10:06:01.0171 1304 ASMMAP - ok
10:06:01.0250 1304 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:06:01.0265 1304 aspnet_state - ok
10:06:01.0281 1304 [ DE91D0D73C3E61E6826D98FAC2FAC729 ] Asushwio C:\WINDOWS\system32\drivers\Asushwio.sys
10:06:01.0281 1304 Asushwio - ok
10:06:01.0296 1304 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:06:01.0296 1304 AsyncMac - ok
10:06:01.0312 1304 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:06:01.0312 1304 atapi - ok
10:06:01.0343 1304 [ 01C1550BA423C9813E829F566F598D60 ] AtcL001 C:\WINDOWS\system32\DRIVERS\l151x86.sys
10:06:01.0343 1304 AtcL001 - ok
10:06:01.0343 1304 Atdisk - ok
10:06:01.0359 1304 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
10:06:01.0359 1304 ATKGFNEXSrv - ok
10:06:01.0375 1304 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:06:01.0375 1304 Atmarpc - ok
10:06:01.0406 1304 [ F70D2392158CB68E775F8C4CD3D12FBB ] ATSWPDRV C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
10:06:01.0406 1304 ATSWPDRV - ok
10:06:01.0437 1304 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:06:01.0437 1304 AudioSrv - ok
10:06:01.0468 1304 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:06:01.0468 1304 audstub - ok
10:06:01.0531 1304 [ B5D974C1FD078A68C7536C561B031D39 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
10:06:01.0546 1304 Automatic LiveUpdate Scheduler - ok
10:06:01.0578 1304 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:06:01.0578 1304 Beep - ok
10:06:01.0828 1304 [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86 C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
10:06:01.0828 1304 BHDrvx86 - ok
10:06:01.0890 1304 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
10:06:01.0890 1304 BITS - ok
10:06:01.0953 1304 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys
10:06:01.0953 1304 Bridge - ok
10:06:01.0953 1304 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
10:06:01.0953 1304 BridgeMP - ok
10:06:02.0000 1304 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
10:06:02.0000 1304 Browser - ok
10:06:02.0031 1304 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:06:02.0031 1304 cbidf2k - ok
10:06:02.0234 1304 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:06:02.0250 1304 CCDECODE - ok
10:06:02.0328 1304 [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_N360 C:\WINDOWS\system32\drivers\N360\1404000.028\ccSetx86.sys
10:06:02.0328 1304 ccSet_N360 - ok
10:06:02.0328 1304 cd20xrnt - ok
10:06:02.0375 1304 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:06:02.0375 1304 Cdaudio - ok
10:06:02.0390 1304 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:06:02.0390 1304 Cdfs - ok
10:06:02.0406 1304 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:06:02.0406 1304 Cdrom - ok
10:06:02.0406 1304 Changer - ok
10:06:02.0437 1304 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:06:02.0437 1304 CiSvc - ok
10:06:02.0453 1304 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:06:02.0453 1304 ClipSrv - ok
10:06:02.0500 1304 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:06:02.0531 1304 clr_optimization_v2.0.50727_32 - ok
10:06:02.0546 1304 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:06:02.0546 1304 CmBatt - ok
10:06:02.0546 1304 CmdIde - ok
10:06:02.0562 1304 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:06:02.0562 1304 Compbatt - ok
10:06:02.0562 1304 COMSysApp - ok
10:06:02.0562 1304 Cpqarray - ok
10:06:02.0578 1304 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:06:02.0578 1304 CryptSvc - ok
10:06:02.0593 1304 dac2w2k - ok
10:06:02.0593 1304 dac960nt - ok
10:06:02.0640 1304 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:06:02.0656 1304 DcomLaunch - ok
10:06:02.0718 1304 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:06:02.0718 1304 Dhcp - ok
10:06:02.0750 1304 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:06:02.0750 1304 Disk - ok
10:06:02.0750 1304 dmadmin - ok
10:06:02.0796 1304 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:06:02.0796 1304 dmboot - ok
10:06:02.0812 1304 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:06:02.0812 1304 dmio - ok
10:06:02.0859 1304 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:06:02.0859 1304 dmload - ok
10:06:02.0890 1304 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:06:02.0890 1304 dmserver - ok
10:06:02.0906 1304 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:06:02.0906 1304 DMusic - ok
10:06:02.0921 1304 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:06:02.0921 1304 Dnscache - ok
10:06:02.0968 1304 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:06:02.0968 1304 Dot3svc - ok
10:06:02.0968 1304 dpti2o - ok
10:06:03.0000 1304 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:06:03.0000 1304 drmkaud - ok
10:06:03.0031 1304 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:06:03.0031 1304 EapHost - ok
10:06:03.0125 1304 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:06:03.0140 1304 eeCtrl - ok
10:06:03.0187 1304 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
10:06:03.0187 1304 EpsonBidirectionalService - ok
10:06:03.0203 1304 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:06:03.0203 1304 EraserUtilRebootDrv - ok
10:06:03.0218 1304 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:06:03.0218 1304 ERSvc - ok
10:06:03.0265 1304 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
10:06:03.0265 1304 Eventlog - ok
10:06:03.0328 1304 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
10:06:03.0328 1304 EventSystem - ok
10:06:03.0453 1304 [ F98BBFDC4BACCC8ECB8839A11B4DF1AF ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
10:06:03.0453 1304 EvtEng - ok
10:06:03.0468 1304 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:06:03.0468 1304 Fastfat - ok
10:06:03.0531 1304 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:06:03.0531 1304 FastUserSwitchingCompatibility - ok
10:06:03.0562 1304 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
10:06:03.0562 1304 Fdc - ok
10:06:03.0578 1304 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:06:03.0578 1304 Fips - ok
10:06:03.0593 1304 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
10:06:03.0593 1304 Flpydisk - ok
10:06:03.0625 1304 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:06:03.0625 1304 FltMgr - ok
10:06:03.0687 1304 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:06:03.0687 1304 FontCache3.0.0.0 - ok
10:06:03.0703 1304 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:06:03.0703 1304 Fs_Rec - ok
10:06:03.0734 1304 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:06:03.0734 1304 Ftdisk - ok
10:06:03.0781 1304 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
10:06:03.0781 1304 GEARAspiWDM - ok
10:06:03.0859 1304 [ FBB754B5D0BB19E139214CBA2542A883 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
10:06:03.0859 1304 ghaio - ok
10:06:03.0890 1304 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
10:06:03.0890 1304 giveio - ok
10:06:03.0921 1304 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:06:03.0921 1304 Gpc - ok
10:06:03.0953 1304 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:06:03.0953 1304 HDAudBus - ok
10:06:04.0015 1304 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:06:04.0015 1304 helpsvc - ok
10:06:04.0046 1304 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
10:06:04.0046 1304 HidServ - ok
10:06:04.0046 1304 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:06:04.0046 1304 hidusb - ok
10:06:04.0078 1304 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:06:04.0078 1304 hkmsvc - ok
10:06:04.0093 1304 hpn - ok
10:06:04.0140 1304 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:06:04.0140 1304 HTTP - ok
10:06:04.0171 1304 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:06:04.0171 1304 HTTPFilter - ok
10:06:04.0187 1304 i2omgmt - ok
10:06:04.0203 1304 i2omp - ok
10:06:04.0250 1304 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:06:04.0250 1304 i8042prt - ok
10:06:04.0484 1304 [ 8B998E6C0AEBBAECD6DA33DF947695D3 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
10:06:04.0515 1304 ialm - ok
10:06:04.0593 1304 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:06:04.0609 1304 idsvc - ok
10:06:04.0703 1304 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130724.001\IDSxpx86.sys
10:06:04.0703 1304 IDSxpx86 - ok
10:06:04.0765 1304 [ C6A1F4407A1C79F9F3C1C96F7BAF59AC ] IFXSpMgtSrv C:\WINDOWS\system32\ifxspmgt.exe
10:06:04.0765 1304 IFXSpMgtSrv - ok
10:06:04.0843 1304 [ 5CD59DAE129B4D4CA9EEE2EF7E0511BA ] IFXTCS C:\WINDOWS\system32\ifxtcs.exe
10:06:04.0843 1304 IFXTCS - ok
10:06:04.0890 1304 [ 2CDF483F8FC2BF3F7B93E3BDD734CFBD ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
10:06:04.0890 1304 IFXTPM - ok
10:06:04.0890 1304 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:06:04.0890 1304 Imapi - ok
10:06:04.0937 1304 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:06:04.0937 1304 ImapiService - ok
10:06:04.0953 1304 ini910u - ok
10:06:05.0156 1304 [ 60D7460B07012D364CED11DD9FD83E1F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:06:05.0171 1304 IntcAzAudAddService - ok
10:06:05.0171 1304 IntelIde - ok
10:06:05.0234 1304 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:06:05.0234 1304 intelppm - ok
10:06:05.0265 1304 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:06:05.0265 1304 Ip6Fw - ok
10:06:05.0281 1304 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:06:05.0281 1304 IpFilterDriver - ok
10:06:05.0328 1304 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:06:05.0328 1304 IpInIp - ok
10:06:05.0359 1304 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:06:05.0359 1304 IpNat - ok
10:06:05.0390 1304 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:06:05.0390 1304 IPSec - ok
10:06:05.0406 1304 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:06:05.0406 1304 IRENUM - ok
10:06:05.0421 1304 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:06:05.0421 1304 isapnp - ok
10:06:05.0515 1304 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:06:05.0515 1304 JavaQuickStarterService - ok
10:06:05.0546 1304 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:06:05.0546 1304 Kbdclass - ok
10:06:05.0546 1304 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:06:05.0546 1304 kbdhid - ok
10:06:05.0593 1304 [ CC2A86D7BBF14977340DCA61BBCBA771 ] kbfiltr C:\WINDOWS\system32\DRIVERS\kbfiltr.sys
10:06:05.0593 1304 kbfiltr - ok
10:06:05.0625 1304 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:06:05.0625 1304 kmixer - ok
10:06:05.0656 1304 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:06:05.0671 1304 KSecDD - ok
10:06:05.0687 1304 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:06:05.0703 1304 lanmanserver - ok
10:06:05.0734 1304 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:06:05.0734 1304 lanmanworkstation - ok
10:06:05.0734 1304 lbrtfdc - ok
10:06:05.0812 1304 [ C215E09622118383B236DD56C2065183 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:06:05.0812 1304 LightScribeService - ok
10:06:05.0953 1304 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
10:06:06.0046 1304 LiveUpdate - ok
10:06:06.0125 1304 [ 2D1389E05A807D956829F44BD4B60389 ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
10:06:06.0140 1304 LiveUpdate Notice Service - ok
10:06:06.0187 1304 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:06:06.0187 1304 LmHosts - ok
10:06:06.0203 1304 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:06:06.0203 1304 Messenger - ok
10:06:06.0234 1304 [ B39BF953A3A304A2D12751692EC355A0 ] MLPTDR_Q C:\WINDOWS\system32\MLPTDR_Q.sys
10:06:06.0234 1304 MLPTDR_Q - ok
10:06:06.0281 1304 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:06:06.0281 1304 mnmdd - ok
10:06:06.0312 1304 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:06:06.0312 1304 mnmsrvc - ok
10:06:06.0359 1304 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:06:06.0359 1304 Modem - ok
10:06:06.0375 1304 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:06:06.0375 1304 MODEMCSA - ok
10:06:06.0390 1304 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:06:06.0390 1304 Mouclass - ok
10:06:06.0406 1304 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:06:06.0406 1304 mouhid - ok
10:06:06.0421 1304 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:06:06.0421 1304 MountMgr - ok
10:06:06.0468 1304 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:06:06.0468 1304 MozillaMaintenance - ok
10:06:06.0468 1304 mraid35x - ok
10:06:06.0500 1304 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:06:06.0500 1304 MRxDAV - ok
10:06:06.0562 1304 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:06:06.0578 1304 MRxSmb - ok
10:06:06.0593 1304 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:06:06.0593 1304 MSDTC - ok
10:06:06.0625 1304 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:06:06.0625 1304 Msfs - ok
10:06:06.0625 1304 MSIServer - ok
10:06:06.0640 1304 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:06:06.0656 1304 MSKSSRV - ok
10:06:06.0656 1304 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:06:06.0656 1304 MSPCLOCK - ok
10:06:06.0687 1304 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:06:06.0687 1304 MSPQM - ok
10:06:06.0703 1304 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:06:06.0703 1304 mssmbios - ok
10:06:06.0718 1304 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:06:06.0718 1304 MSTEE - ok
10:06:06.0750 1304 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
10:06:06.0750 1304 MTsensor - ok
10:06:06.0812 1304 [ 85CD16B4FE05A26E1CBD546C168C4820 ] Multi-user Cleanup Service C:\notes\ntmulti.exe
10:06:06.0812 1304 Multi-user Cleanup Service - ok
10:06:06.0828 1304 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:06:06.0828 1304 Mup - ok
10:06:06.0921 1304 [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360 C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe
10:06:06.0921 1304 N360 - ok
10:06:06.0953 1304 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:06:06.0953 1304 NABTSFEC - ok
10:06:07.0000 1304 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:06:07.0015 1304 napagent - ok
10:06:07.0281 1304 [ CE2156DF796D41614AB60E68D107D573 ] NAVENG C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130724.016\NAVENG.SYS
10:06:07.0281 1304 NAVENG - ok
10:06:07.0328 1304 [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15 C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130724.016\NAVEX15.SYS
10:06:07.0343 1304 NAVEX15 - ok
10:06:07.0390 1304 [ F2A143338C59FE9890DF883B5843CBA6 ] ncpclcfg C:\Program Files\Astaro\Astaro Secure Client\ncpclcfg.exe
10:06:07.0390 1304 ncpclcfg - ok
10:06:07.0421 1304 [ 6040DB332A5674F0F4508A1A5A100C73 ] NcpFilt C:\WINDOWS\system32\DRIVERS\ncpvaxp.sys
10:06:07.0421 1304 NcpFilt - ok
10:06:07.0421 1304 [ 6040DB332A5674F0F4508A1A5A100C73 ] NcpFiltMP C:\WINDOWS\system32\DRIVERS\ncpvaxp.sys
10:06:07.0421 1304 NcpFiltMP - ok
10:06:07.0468 1304 [ 41F9780FC81CA33D15357A1A1C8FB46F ] ncprwsnt C:\Program Files\Astaro\Astaro Secure Client\ncprwsnt.exe
10:06:07.0484 1304 ncprwsnt - ok
10:06:07.0500 1304 [ AA221303E918469462FF3539483102F4 ] NcpSec C:\Program Files\Astaro\Astaro Secure Client\ncpsec.exe
10:06:07.0500 1304 NcpSec - ok
10:06:07.0515 1304 [ 6040DB332A5674F0F4508A1A5A100C73 ] ncpvaxp C:\WINDOWS\system32\DRIVERS\ncpvaxp.sys
10:06:07.0515 1304 ncpvaxp - ok
10:06:07.0562 1304 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:06:07.0562 1304 NDIS - ok
10:06:07.0593 1304 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:06:07.0593 1304 NdisIP - ok
10:06:07.0609 1304 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:06:07.0609 1304 NdisTapi - ok
10:06:07.0625 1304 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:06:07.0625 1304 Ndisuio - ok
10:06:07.0656 1304 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:06:07.0656 1304 NdisWan - ok
10:06:07.0703 1304 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:06:07.0703 1304 NDProxy - ok
10:06:07.0718 1304 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:06:07.0718 1304 NetBIOS - ok
10:06:07.0750 1304 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:06:07.0750 1304 NetBT - ok
10:06:07.0812 1304 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
10:06:07.0812 1304 NetDDE - ok
10:06:07.0812 1304 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:06:07.0812 1304 NetDDEdsdm - ok
10:06:07.0843 1304 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:06:07.0843 1304 Netlogon - ok
10:06:07.0890 1304 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
10:06:07.0906 1304 Netman - ok
10:06:07.0937 1304 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:06:07.0937 1304 NetTcpPortSharing - ok
10:06:08.0062 1304 [ A9574F52E2FD5C1C1B4807A326E0488F ] NETw4x32 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
10:06:08.0062 1304 NETw4x32 - ok
10:06:08.0109 1304 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:06:08.0109 1304 NIC1394 - ok
10:06:08.0156 1304 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
10:06:08.0156 1304 Nla - ok
10:06:08.0250 1304 [ 060DAF68493AD7ADF104413E5A62AFA8 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:06:08.0250 1304 NMIndexingService - ok
10:06:08.0265 1304 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:06:08.0265 1304 Npfs - ok
10:06:08.0312 1304 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:06:08.0312 1304 Ntfs - ok
10:06:08.0312 1304 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:06:08.0312 1304 NtLmSsp - ok
10:06:08.0343 1304 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:06:08.0343 1304 NtmsSvc - ok
10:06:08.0375 1304 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:06:08.0375 1304 Null - ok
10:06:08.0390 1304 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:06:08.0390 1304 NwlnkFlt - ok
10:06:08.0406 1304 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:06:08.0406 1304 NwlnkFwd - ok
10:06:08.0484 1304 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:06:08.0484 1304 odserv - ok
10:06:08.0531 1304 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:06:08.0546 1304 ohci1394 - ok
10:06:08.0562 1304 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:06:08.0578 1304 ose - ok
10:06:08.0593 1304 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
10:06:08.0609 1304 Parport - ok
10:06:08.0625 1304 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:06:08.0625 1304 PartMgr - ok
10:06:08.0656 1304 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:06:08.0656 1304 ParVdm - ok
10:06:08.0687 1304 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:06:08.0687 1304 pccsmcfd - ok
10:06:08.0703 1304 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:06:08.0703 1304 PCI - ok
10:06:08.0703 1304 PCIDump - ok
10:06:08.0734 1304 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:06:08.0734 1304 PCIIde - ok
10:06:08.0750 1304 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:06:08.0750 1304 Pcmcia - ok
10:06:08.0750 1304 PDCOMP - ok
10:06:08.0750 1304 PDFRAME - ok
10:06:08.0750 1304 PDRELI - ok
10:06:08.0750 1304 PDRFRAME - ok
10:06:08.0765 1304 perc2 - ok
10:06:08.0765 1304 perc2hib - ok
10:06:08.0812 1304 [ 0D8848FBE1765A3E27B69B5BEF6D429F ] PersonalSecureDrive C:\WINDOWS\System32\drivers\psd.sys
10:06:08.0812 1304 PersonalSecureDrive - ok
10:06:08.0859 1304 [ FEDD3F668E0F61F47057657B64645CD7 ] PersonalSecureDriveService C:\WINDOWS\system32\IfxPsdSv.exe
10:06:08.0859 1304 PersonalSecureDriveService - ok
10:06:08.0875 1304 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
10:06:08.0875 1304 PlugPlay - ok
10:06:08.0906 1304 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:06:08.0906 1304 PolicyAgent - ok
10:06:08.0921 1304 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:06:08.0921 1304 PptpMiniport - ok
10:06:08.0921 1304 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:06:08.0937 1304 ProtectedStorage - ok
10:06:08.0937 1304 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:06:08.0937 1304 PSched - ok
10:06:08.0953 1304 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:06:08.0953 1304 Ptilink - ok
10:06:08.0953 1304 ql1080 - ok
10:06:08.0968 1304 Ql10wnt - ok
10:06:08.0968 1304 ql12160 - ok
10:06:08.0968 1304 ql1240 - ok
10:06:08.0968 1304 ql1280 - ok
10:06:08.0984 1304 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:06:08.0984 1304 RasAcd - ok
10:06:09.0015 1304 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:06:09.0015 1304 RasAuto - ok
10:06:09.0031 1304 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:06:09.0031 1304 Rasl2tp - ok
10:06:09.0078 1304 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:06:09.0078 1304 RasMan - ok
10:06:09.0109 1304 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:06:09.0109 1304 RasPppoe - ok
10:06:09.0125 1304 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:06:09.0125 1304 Raspti - ok
10:06:09.0156 1304 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:06:09.0156 1304 Rdbss - ok
10:06:09.0187 1304 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:06:09.0187 1304 RDPCDD - ok
10:06:09.0218 1304 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:06:09.0218 1304 rdpdr - ok
10:06:09.0265 1304 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:06:09.0265 1304 RDPWD - ok
10:06:09.0281 1304 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:06:09.0296 1304 RDSessMgr - ok
10:06:09.0312 1304 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:06:09.0312 1304 redbook - ok
10:06:09.0375 1304 [ 796D6727F09AC61536EFB90DF68F5132 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
10:06:09.0375 1304 RegSrvc - ok
10:06:09.0421 1304 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:06:09.0421 1304 RemoteAccess - ok
10:06:09.0437 1304 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:06:09.0437 1304 RemoteRegistry - ok
10:06:09.0546 1304 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
10:06:09.0546 1304 RichVideo - ok
10:06:09.0578 1304 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
10:06:09.0578 1304 rimmptsk - ok
10:06:09.0609 1304 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
10:06:09.0609 1304 rimsptsk - ok
10:06:09.0625 1304 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
10:06:09.0625 1304 rismxdp - ok
10:06:09.0656 1304 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:06:09.0656 1304 RpcLocator - ok
10:06:09.0671 1304 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:06:09.0687 1304 RpcSs - ok
10:06:09.0734 1304 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:06:09.0734 1304 RSVP - ok
10:06:09.0781 1304 [ 8D0BF5FBBFDB25F7F506DF54C2C593C6 ] rwsrsu C:\Program Files\Astaro\Astaro Secure Client\rwsrsu.exe
10:06:09.0781 1304 rwsrsu - ok
10:06:09.0875 1304 [ EC2DF69EC26EE3D7E4C4D100256EB523 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
10:06:09.0875 1304 S24EventMonitor - ok
10:06:09.0906 1304 [ EADFB87F911A7A75D1B80617F92901E8 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
10:06:09.0906 1304 s24trans - ok
10:06:09.0906 1304 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
10:06:09.0921 1304 SamSs - ok
10:06:09.0937 1304 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:06:09.0937 1304 SCardSvr - ok
10:06:09.0984 1304 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:06:09.0984 1304 Schedule - ok
10:06:10.0015 1304 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
10:06:10.0015 1304 sdbus - ok
10:06:10.0062 1304 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:06:10.0062 1304 Secdrv - ok
10:06:10.0093 1304 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:06:10.0093 1304 seclogon - ok
10:06:10.0109 1304 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
10:06:10.0109 1304 SENS - ok
10:06:10.0140 1304 [ B490AD520257DDA26C1D587A71E527B5 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl.sys
10:06:10.0140 1304 Ser2pl - ok
10:06:10.0171 1304 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:06:10.0171 1304 Serenum - ok
10:06:10.0187 1304 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:06:10.0187 1304 Serial - ok
10:06:10.0265 1304 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:06:10.0281 1304 ServiceLayer - ok
10:06:10.0328 1304 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
10:06:10.0328 1304 sffdisk - ok
10:06:10.0343 1304 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
10:06:10.0343 1304 sffp_sd - ok
10:06:10.0359 1304 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:06:10.0359 1304 Sfloppy - ok
10:06:10.0421 1304 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:06:10.0421 1304 SharedAccess - ok
10:06:10.0437 1304 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:06:10.0437 1304 ShellHWDetection - ok
10:06:10.0437 1304 Simbad - ok
10:06:10.0468 1304 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:06:10.0468 1304 SLIP - ok
10:06:10.0546 1304 [ 84A9AF2B348B691453ACBAB37C8BFB27 ] smserial C:\WINDOWS\system32\DRIVERS\smserial.sys
10:06:10.0546 1304 smserial - ok
10:06:10.0671 1304 [ 0302BC619D4A723317E7F8EB0C362BD3 ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
10:06:10.0671 1304 SNP2UVC - ok
10:06:10.0671 1304 Sparrow - ok
10:06:10.0734 1304 [ DC8D2952FB6FFBAEC67BD1B93A34DF11 ] speedfan C:\WINDOWS\system32\speedfan.sys
10:06:10.0734 1304 speedfan - ok
10:06:10.0765 1304 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:06:10.0765 1304 splitter - ok
10:06:10.0781 1304 [ D1E30EEA74ED4C65A72AFDE5B6FA36EE ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
10:06:10.0796 1304 spmgr - ok
10:06:10.0812 1304 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:06:10.0812 1304 Spooler - ok
10:06:10.0812 1304 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:06:10.0812 1304 sr - ok
10:06:10.0859 1304 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
10:06:10.0859 1304 srservice - ok
10:06:10.0937 1304 [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP C:\WINDOWS\System32\Drivers\N360\1404000.028\SRTSP.SYS
10:06:10.0937 1304 SRTSP - ok
10:06:10.0984 1304 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\N360\1404000.028\SRTSPX.SYS
10:06:10.0984 1304 SRTSPX - ok
10:06:11.0031 1304 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:06:11.0031 1304 Srv - ok
10:06:11.0078 1304 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:06:11.0078 1304 SSDPSRV - ok
10:06:11.0125 1304 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:06:11.0125 1304 stisvc - ok
10:06:11.0171 1304 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:06:11.0171 1304 streamip - ok
10:06:11.0171 1304 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:06:11.0171 1304 swenum - ok
10:06:11.0203 1304 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:06:11.0203 1304 swmidi - ok
10:06:11.0203 1304 SwPrv - ok
10:06:11.0203 1304 symc810 - ok
10:06:11.0203 1304 symc8xx - ok
10:06:11.0281 1304 [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS C:\WINDOWS\system32\drivers\N360\1404000.028\SYMDS.SYS
10:06:11.0281 1304 SymDS - ok
10:06:11.0328 1304 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\N360\1404000.028\SYMEFA.SYS
10:06:11.0328 1304 SymEFA - ok
10:06:11.0390 1304 [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
10:06:11.0390 1304 SymEvent - ok
10:06:11.0453 1304 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\N360\1404000.028\Ironx86.SYS
10:06:11.0453 1304 SymIRON - ok
10:06:11.0515 1304 [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI C:\WINDOWS\System32\Drivers\N360\1404000.028\SYMTDI.SYS
10:06:11.0515 1304 SYMTDI - ok
10:06:11.0531 1304 sym_hi - ok
10:06:11.0531 1304 sym_u3 - ok
10:06:11.0593 1304 [ A16D3157B4406FBADA9B90131394C1BF ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:06:11.0593 1304 SynTP - ok
10:06:11.0625 1304 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:06:11.0625 1304 sysaudio - ok
10:06:11.0671 1304 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:06:11.0671 1304 SysmonLog - ok
10:06:11.0703 1304 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:06:11.0703 1304 TapiSrv - ok
10:06:11.0765 1304 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:06:11.0765 1304 Tcpip - ok
10:06:11.0812 1304 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:06:11.0812 1304 TDPIPE - ok
10:06:11.0828 1304 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:06:11.0828 1304 TDTCP - ok
10:06:11.0843 1304 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:06:11.0843 1304 TermDD - ok
10:06:11.0890 1304 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
10:06:11.0890 1304 TermService - ok
10:06:11.0906 1304 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:06:11.0921 1304 Themes - ok
10:06:11.0968 1304 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:06:11.0968 1304 TlntSvr - ok
10:06:12.0156 1304 [ 87843B2DA99051BC66E2D6C211E3D6A4 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
10:06:12.0156 1304 TOSHIBA Bluetooth Service - ok
10:06:12.0156 1304 TosIde - ok
10:06:12.0218 1304 [ 8C3BFAF3FCA90502E6FA35503B8E979E ] Tosrfbd C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
10:06:12.0218 1304 Tosrfbd - ok
10:06:12.0218 1304 Tosrfcom - ok
10:06:12.0234 1304 [ 7C807BA9660E2995CC0217A14A24094C ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
10:06:12.0234 1304 Tosrfhid - ok
10:06:12.0234 1304 [ 01C90086CD37E7E8D9A827E24167FCB7 ] tosrfusb C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
10:06:12.0234 1304 tosrfusb - ok
10:06:12.0250 1304 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:06:12.0250 1304 TrkWks - ok
10:06:12.0281 1304 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:06:12.0281 1304 Udfs - ok
10:06:12.0281 1304 ultra - ok
10:06:12.0328 1304 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
10:06:12.0328 1304 UMWdf - ok
10:06:12.0375 1304 [ 4847639D852763EE39415C929470F672 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
10:06:12.0375 1304 UnlockerDriver5 - ok
10:06:12.0437 1304 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:06:12.0437 1304 Update - ok
10:06:12.0468 1304 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
10:06:12.0468 1304 upnphost - ok
10:06:12.0484 1304 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
10:06:12.0484 1304 UPS - ok
10:06:12.0500 1304 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:06:12.0500 1304 usbccgp - ok
10:06:12.0531 1304 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:06:12.0531 1304 usbehci - ok
10:06:12.0546 1304 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:06:12.0546 1304 usbhub - ok
10:06:12.0562 1304 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:06:12.0562 1304 usbprint - ok
10:06:12.0562 1304 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:06:12.0562 1304 USBSTOR - ok
10:06:12.0593 1304 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:06:12.0593 1304 usbuhci - ok
10:06:12.0609 1304 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
10:06:12.0609 1304 usbvideo - ok
10:06:12.0625 1304 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:06:12.0625 1304 VgaSave - ok
10:06:12.0625 1304 ViaIde - ok
10:06:12.0640 1304 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:06:12.0640 1304 VolSnap - ok
10:06:12.0671 1304 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
10:06:12.0671 1304 VSS - ok
10:06:12.0703 1304 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
10:06:12.0718 1304 W32Time - ok
10:06:12.0734 1304 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:06:12.0734 1304 Wanarp - ok
10:06:12.0750 1304 WDICA - ok
10:06:12.0765 1304 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:06:12.0765 1304 wdmaud - ok
10:06:12.0781 1304 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:06:12.0781 1304 WebClient - ok
10:06:12.0843 1304 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:06:12.0843 1304 winmgmt - ok
10:06:12.0890 1304 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
10:06:12.0890 1304 WmdmPmSN - ok
10:06:12.0937 1304 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:06:12.0968 1304 Wmi - ok
10:06:13.0000 1304 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:06:13.0000 1304 WmiApSrv - ok
10:06:13.0031 1304 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:06:13.0046 1304 wscsvc - ok
10:06:13.0062 1304 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:06:13.0062 1304 WSTCODEC - ok
10:06:13.0078 1304 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:06:13.0078 1304 wuauserv - ok
10:06:13.0125 1304 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:06:13.0140 1304 WZCSVC - ok
10:06:13.0171 1304 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:06:13.0171 1304 xmlprov - ok
10:06:13.0171 1304 ================ Scan global ===============================
10:06:13.0203 1304 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
10:06:13.0250 1304 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
10:06:13.0265 1304 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
10:06:13.0281 1304 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
10:06:13.0281 1304 [Global] - ok
10:06:13.0281 1304 ================ Scan MBR ==================================
10:06:13.0296 1304 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
10:06:13.0515 1304 \Device\Harddisk0\DR0 - ok
10:06:13.0515 1304 ================ Scan VBR ==================================
10:06:13.0515 1304 [ D5A75630D0E549E8D8F0CAA0A169BB83 ] \Device\Harddisk0\DR0\Partition1
10:06:13.0515 1304 \Device\Harddisk0\DR0\Partition1 - ok
10:06:13.0515 1304 ============================================================
10:06:13.0515 1304 Scan finished
10:06:13.0515 1304 ============================================================
10:06:13.0515 3588 Detected object count: 0
10:06:13.0515 3588 Actual detected object count: 0
10:06:50.0875 2936 Deinitialize success

Příspěvekod **memphisto** » 25 črc 2013 16:35

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

P.O.B · Příspěvekod **P.O.B** » 25 črc 2013 18:01

Díky moc za další postup, vyrážím za chvíli na víkendový výlet, do pondělí nebudu u toho pc, ozvu se tedy v pondělí... Díky a omluva za zdržování.

Příspěvekod **jaro3** » 25 črc 2013 21:57

Nemusíš se omlouvat , až budeš mít čas budeme pokračovat.

P.O.B · Příspěvekod **P.O.B** » 01 srp 2013 05:55

Omlouvám se, nevím, kde mi hlava stojí :-(

Tady je log z CF, průběh činnosti CF standartní (instaloval konzolu...)

ComboFix 13-07-27.01 - Kantorová Lenka 29.07.2013 7:53.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1199 [GMT 2:00]
Spuštěný z: c:\documents and settings\Kantorovß Lenka\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-28 do 2013-07-29 )))))))))))))))))))))))))))))))
.
.
2013-07-25 04:39 . 2013-07-25 04:39 -------- d-----w- c:\windows\ERUNT
2013-07-24 10:03 . 2013-07-24 10:03 -------- d-----w- c:\program files\Trend Micro
2013-07-24 09:56 . 2013-07-24 09:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-24 09:56 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-24 06:08 . 2013-07-24 06:08 -------- d-----w- c:\program files\Defraggler
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-24 06:23 . 2013-06-24 06:23 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-24 06:23 . 2012-07-18 06:44 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-24 06:23 . 2010-06-28 05:47 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-24 06:23 . 2010-06-28 05:47 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-18 05:11 . 2013-05-28 09:36 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-13 05:21 . 2012-07-18 06:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-13 05:21 . 2012-07-18 06:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-23 05:25 . 2013-06-12 05:17 934488 ----a-w- c:\windows\system32\drivers\N360\1404000.028\symefa.sys
2013-05-21 05:02 . 2013-06-12 05:17 367704 ----a-w- c:\windows\system32\drivers\N360\1404000.028\symds.sys
2013-05-16 05:02 . 2013-06-12 05:17 603224 ----a-w- c:\windows\system32\drivers\N360\1404000.028\srtsp.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-17 16270848]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-03-04 677408]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-15 815104]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"EPSON PageSTM TrayIcon01"="c:\program files\EPSON\BSTM\PG\E_L20IC2.EXE" [2007-12-11 151552]
"NcpBudget"="c:\program files\Astaro\Astaro Secure Client\ncpbudgt.exe" [2008-01-17 401920]
"NcpPopup"="c:\program files\Astaro\Astaro Secure Client\ncppopup.exe" [2007-09-27 534016]
"NcpMonitor"="c:\program files\Astaro\Astaro Secure Client\ncpmon.exe" [2008-02-14 3437056]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-06-01 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-06-01 974848]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Corel MEDIA FOLDERS INDEXER 8.LNK]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Corel MEDIA FOLDERS INDEXER 8.LNK
backup=c:\windows\pss\Corel MEDIA FOLDERS INDEXER 8.LNKCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
2007-06-26 14:23 851968 ----a-w- c:\program files\ASUS\Splendid\ACMON.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2006-11-02 06:27 61440 ----a-w- c:\program files\ASUS\ATK Media\DMedia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2007-06-01 08:49 974848 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2007-06-01 08:51 823296 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1350WStatusDisplay]
2004-11-26 17:21 167936 ----a-w- c:\windows\system32\MSTMON_Q.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-03-17 15:59 2289664 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiFrame]
2007-06-21 12:07 999792 ------w- c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2008-03-18 08:15 2508072 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-08-10 13:11 573440 ----a-r- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2008-05-02 04:15 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 2]
2007-07-05 14:53 1040384 ----a-w- c:\program files\Wireless Console 2\wcourier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector\\PDR.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Astaro\\Astaro Secure Client\\NCPMON.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"%windir%\explorer.exe"= %windir%\explorer.exe
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1404000.028\symds.sys [12.6.2013 7:17 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1404000.028\symefa.sys [12.6.2013 7:17 934488]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [17.7.2013 5:53 1002072]
R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1404000.028\ccsetx86.sys [12.6.2013 7:17 134744]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [29.1.2007 14:07 39080]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1404000.028\ironx86.sys [12.6.2013 7:17 175264]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 84520]
R2 N360;Norton 360;c:\program files\Norton 360 Premier Edition\Engine\20.4.0.40\ccsvchst.exe [12.6.2013 7:16 144368]
R2 ncpclcfg;ncpclcfg;c:\program files\Astaro\Astaro Secure Client\ncpclcfg.exe [13.4.2010 12:22 81920]
R2 ncprwsnt;ncprwsnt;c:\program files\Astaro\Astaro Secure Client\NCPRWSNT.EXE [13.4.2010 12:22 1027584]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [29.7.2008 9:41 36864]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [13.8.2012 6:34 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130725.001\IDSXpx86.sys [26.7.2013 5:50 373728]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [29.7.2008 9:51 36608]
R3 NcpFiltMP;NcpFiltMP;c:\windows\system32\drivers\ncpvaxp.sys [13.4.2010 12:22 80488]
S2 MLPTDR_Q;MLPTDR_Q;c:\windows\system32\MLPTDR_Q.SYS [22.7.2003 16:44 18848]
S2 NcpSec;NcpSec;c:\program files\Astaro\Astaro Secure Client\NCPSEC.EXE [13.4.2010 12:22 45056]
S2 rwsrsu;RwsRsu;c:\program files\Astaro\Astaro Secure Client\rwsrsu.exe [13.4.2010 12:22 266240]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\Asushwio.sys [29.7.2008 9:30 5824]
S3 NcpFilt;Ncp Filter Service;c:\windows\system32\drivers\ncpvaxp.sys [13.4.2010 12:22 80488]
S3 ncpvaxp;NCP Secure Client Virtual Adapter Driver;c:\windows\system32\drivers\ncpvaxp.sys [13.4.2010 12:22 80488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 15:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-18 05:21]
.
2013-07-26 c:\windows\Tasks\Security Platform Backup Schedule.job
- c:\program files\Infineon\Security Platform Software\SpBackupWz.exe [2007-02-28 14:25]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = hxxp://sitedirector.symantec.com/932743 ... d&P1rem=89
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1 8.8.8.8
TCP: Interfaces\{4C495939-D494-4F0E-9316-6A4BF17252D1}: NameServer = 81.200.48.11,192.168.0.1
FF - ProfilePath - c:\documents and settings\Kantorová Lenka\Data aplikací\Mozilla\Firefox\Profiles\exrps3ub.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-NavLogon - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-29 08:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
Celkový čas: 2013-07-29 08:05:52
ComboFix-quarantined-files.txt 2013-07-29 06:05
.
Před spuštěním: Volných bajtů: 200 216 174 592
Po spuštění: Volných bajtů: 200 220 979 200
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - EF1784EC012B53D76E303E43C0F43CB0
413FC2A0C716421B3158746D63736515

Příspěvekod **jaro3** » 01 srp 2013 10:04

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím o kontrolu, záhadné výpadky internetu Vyřešeno

Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Re: Prosím o kontrolu, záhadné výpadky internetu

Kdo je online