Prosim o kontrolu logu, pomalé PC

[aztam]

Dnes byl čistící den, jelikož mi Panda hlásil trojany v temp složce. Projel jsem ji nejprve ATF-Cleaner, nakonec to vzal přes CCleaner a pročistil systém. Poté sken Panda, MBAM a na zkoušku HitmanPro, který detekoval nejspíš několik falešných nálezů (system32/drivers). Nakonec jsem to završil údržbou v System Advenced Care. Výsledek je takový, že PC je zpomalené. I sebemenší práce na něm vždy vyžene výkon CPU na maximum, třeba jen kliknutím pravým tlačitkem myši i samotný myš se pohybuje sekaně. Práce na něm je nyní nemožná, zálohu bohužel již nemám.

Přidávám log z Hijackthis, pokud z toho půjde něco vyčarovat, než reinstal.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:37:36, on 9.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\Monitor.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe
C:\Program Files\CPUCooL\CooLSrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\ASC.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\xy\Plocha\HitmanPro.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lide.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-606747145-1004336348-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F04BFDE-A788-4DC5-BA0B-C1C481A53DBA}: NameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E3B0C7B-D059-4951-939E-70718C78D490}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe
O23 - Service: AdvancedSystemCareAntivirus (ASCAntivirusSrv) - IOBit - C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7993 bytes

[Reklama]

[jaro3]

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

MbAM dej znovu.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[aztam]

AdwCleaner log.


# Running from : C:\Documents and Settings\xy\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\xy\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Documents and Settings\xy\Data aplikací\Mozilla\Firefox\Profiles\l0cb9p96.default\searchplugins\icqplugin.xml
File Found : C:\Documents and Settings\xy\Data aplikací\Mozilla\Firefox\Profiles\l0cb9p96.default\user.js
Folder Found C:\Documents and Settings\xy\Data aplikací\SimilarSites
Folder Found C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
Folder Found C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
Folder Found C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
Folder Found C:\Program Files\DAEMON Tools Toolbar
Folder Found C:\Program Files\myfree codec
Folder Found C:\Program Files\SimilarSites

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.qip.ru/ie
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qip.ru/ie

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Documents and Settings\xy\Data aplikací\Mozilla\Firefox\Profiles\l0cb9p96.default\prefs.js ]

Line Found : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Found : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Found : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");

-\\ Google Chrome v30.0.1599.69

[ File : C:\Documents and Settings\xy\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5756 octets] - [11/10/2013 12:28:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5816 octets] ##########

[aztam]

Junkware Removal Tool log.




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] "C:\Documents and Settings\xy\Data aplikacˇ\microsoft\internet explorer\qipsearchbar.dll"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\daemon tools toolbar"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\xy\Data aplikacˇ\mozilla\firefox\profiles\l0cb9p96.default\user.js
Successfully deleted the following from C:\Documents and Settings\xy\Data aplikacˇ\mozilla\firefox\profiles\l0cb9p96.default\prefs.js

user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  11.10.2013 at 12:43:23,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[aztam]

RoqueKiller log.



¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[HJ TASKMAN] HKLM\[...]\Winlogon : TaskMan () -> NALEZENO
[DNS][PUM] HKLM\[...]\CCSet\[...]\{2F04BFDE-A788-4DC5-BA0B-C1C481A53DBA} : NameServer (10.0.0.1) -> NALEZENO
[DNS][PUM] HKLM\[...]\CCSet\[...]\{3E3B0C7B-D059-4951-939E-70718C78D490} : NameServer (10.0.0.1) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{2F04BFDE-A788-4DC5-BA0B-C1C481A53DBA} : NameServer (10.0.0.1) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{3E3B0C7B-D059-4951-939E-70718C78D490} : NameServer (10.0.0.1) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS003\[...]\{2F04BFDE-A788-4DC5-BA0B-C1C481A53DBA} : NameServer (10.0.0.1) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS003\[...]\{3E3B0C7B-D059-4951-939E-70718C78D490} : NameServer (10.0.0.1) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 6 ¤¤¤
[LocalService][SUSP UNIC] Downloader_AirRivalsEN.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\Downloader_AirRivalsEN.exe [x] -> NALEZENO
[LocalService][SUSP UNIC] Firefox Setup Stub 23.0.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\Firefox Setup Stub 23.0.exe [x] -> NALEZENO
[LocalService][SUSP UNIC] SRDownloader.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\SRDownloader.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] Downloader_AirRivalsEN.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\Downloader_AirRivalsEN.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] Firefox Setup Stub 23.0.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\Firefox Setup Stub 23.0.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] SRDownloader.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\SRDownloader.exe [x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> G:\windows\system32\config\SYSTEM | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> G:\windows\system32\config\SOFTWARE | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> G:\windows\system32\config\SECURITY | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> G:\windows\system32\config\SAM | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> G:\windows\system32\config\DEFAULT | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost
127.0.0.1 bir3yk.net
127.0.0.1 bir3yk.net
127.0.0.1 bir3yk.net
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST3200826AS +++++
--- User ---
[MBR] 30710d456db13881bec5ad78dcd2feb0
[BSP] e5ee885c777b8e3d20f172300ebd344a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 45002 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 92164905 | Size: 145769 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) (Standardní diskové jednotky) - ST380817AS +++++
--- User ---
[MBR] 4015a4fa87ff2548bb56b8222bb2a7bd
[BSP] 211efc3951ce7a2f200de08261b4062e : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 30004 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61448625 | Size: 46304 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10112013_124746.txt >>

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:zev souboru: zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[aztam]

AdwCleaner log.


# AdwCleaner v3.007 - Report created 12/10/2013 at 10:57:02
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : xy -
# Running from : C:\Documents and Settings\xy\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Documents and Settings\xy\Data aplikací\SimilarSites
File Deleted : C:\Documents and Settings\xy\Data aplikací\Mozilla\Firefox\Profiles\l0cb9p96.default\searchplugins\icqplugin.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Documents and Settings\xy\Data aplikací\Mozilla\Firefox\Profiles\l0cb9p96.default\prefs.js ]

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");

-\\ Google Chrome v30.0.1599.69

[ File : C:\Documents and Settings\xy\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5896 octets] - [11/10/2013 12:28:25]
AdwCleaner[R1].txt - [4383 octets] - [12/10/2013 10:51:12]
AdwCleaner[R2].txt - [4443 octets] - [12/10/2013 10:54:06]
AdwCleaner[S0].txt - [4243 octets] - [12/10/2013 10:57:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4303 octets] ##########

[aztam]

RoqueKiller log.


RogueKiller V8.7.2 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : xy [Práva správce]
Mód : Odebrat -- Datum : 10/12/2013 11:09:02
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ TASKMAN] HKLM\[...]\Winlogon : TaskMan () -> NAHRAZENO (Taskmgr.exe)
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 6 ¤¤¤
[LocalService][SUSP UNIC] Downloader_AirRivalsEN.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\Downloader_AirRivalsEN.exe [x] ->
[LocalService][SUSP UNIC] Firefox Setup Stub 23.0.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\Firefox Setup Stub 23.0.exe [x] ->
[LocalService][SUSP UNIC] SRDownloader.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\SRDownloader.exe [x] ->
[NetworkService][SUSP UNIC] Downloader_AirRivalsEN.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\Downloader_AirRivalsEN.exe [x] ->
[NetworkService][SUSP UNIC] Firefox Setup Stub 23.0.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\Firefox Setup Stub 23.0.exe [x] ->
[NetworkService][SUSP UNIC] SRDownloader.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\SRDownloader.exe [x] ->

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?_Clocptr@_Locimp@locale@std@@0PAV123@A) : MSVCP100.dll -> HOOKED (Unknown @ 0x7B0C0C47)

¤¤¤ Externí včelstvo: ¤¤¤
-> G:\windows\system32\config\SYSTEM | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> G:\windows\system32\config\SOFTWARE | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> G:\windows\system32\config\SECURITY | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> G:\windows\system32\config\SAM | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> G:\windows\system32\config\DEFAULT | DRVINFO [Drv - G:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST3200826AS +++++
--- User ---
[MBR] 30710d456db13881bec5ad78dcd2feb0
[BSP] e5ee885c777b8e3d20f172300ebd344a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 45002 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 92164905 | Size: 145769 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) (Standardní diskové jednotky) - ST380817AS +++++
--- User ---
[MBR] 4015a4fa87ff2548bb56b8222bb2a7bd
[BSP] 211efc3951ce7a2f200de08261b4062e : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 30004 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61448625 | Size: 46304 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10122013_110902.txt >>
RKreport[0]_S_10112013_124746.txt;RKreport[0]_S_10122013_110649.txt

[aztam]

TDSSKiller log.


11:10:04.0890 1860 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:10:18.0812 1860 ============================================================
11:10:18.0812 1860 Current date / time: 2013/10/12 11:10:18.0812
11:10:18.0812 1860 SystemInfo:
11:10:18.0812 1860
11:10:18.0812 1860 OS Version: 5.1.2600 ServicePack: 3.0
11:10:18.0812 1860 Product type: Workstation
11:10:18.0812 1860 ComputerName: AAA-7YP7L6K41UO
11:10:18.0812 1860 UserName: xy
11:10:18.0812 1860 Windows directory: C:\WINDOWS
11:10:18.0812 1860 System windows directory: C:\WINDOWS
11:10:18.0812 1860 Processor architecture: Intel x86
11:10:18.0812 1860 Number of processors: 2
11:10:18.0812 1860 Page size: 0x1000
11:10:18.0812 1860 Boot type: Normal boot
11:10:18.0812 1860 ============================================================
11:10:20.0000 1860 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:10:20.0015 1860 Drive \Device\Harddisk1\DR1 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:10:20.0015 1860 ============================================================
11:10:20.0015 1860 \Device\Harddisk0\DR0:
11:10:20.0015 1860 MBR partitions:
11:10:20.0015 1860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x57E52EA
11:10:20.0031 1860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x57E5368, BlocksNum 0x11CB4B98
11:10:20.0031 1860 \Device\Harddisk1\DR1:
11:10:20.0031 1860 MBR partitions:
11:10:20.0031 1860 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A9A172
11:10:20.0046 1860 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3A9A1F0, BlocksNum 0x5A70410
11:10:20.0046 1860 ============================================================
11:10:20.0078 1860 C: <-> \Device\Harddisk0\DR0\Partition1
11:10:20.0140 1860 D: <-> \Device\Harddisk0\DR0\Partition2
11:10:20.0203 1860 G: <-> \Device\Harddisk1\DR1\Partition1
11:10:20.0296 1860 I: <-> \Device\Harddisk1\DR1\Partition2
11:10:20.0296 1860 ============================================================
11:10:20.0296 1860 Initialize success
11:10:20.0296 1860 ============================================================
11:10:31.0437 3876 ============================================================
11:10:31.0437 3876 Scan started
11:10:31.0437 3876 Mode: Manual;
11:10:31.0437 3876 ============================================================
11:10:32.0000 3876 ================ Scan system memory ========================
11:10:32.0000 3876 System memory - ok
11:10:32.0000 3876 ================ Scan services =============================
11:10:32.0093 3876 Abiosdsk - ok
11:10:32.0093 3876 abp480n5 - ok
11:10:32.0125 3876 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:10:32.0140 3876 ACPI - ok
11:10:32.0156 3876 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:10:32.0156 3876 ACPIEC - ok
11:10:32.0203 3876 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:10:32.0218 3876 AdobeFlashPlayerUpdateSvc - ok
11:10:32.0218 3876 adpu160m - ok
11:10:32.0328 3876 [ 8539A04EEE824B24A86E7317AB64DFBE ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe
11:10:32.0343 3876 AdvancedSystemCareService6 - ok
11:10:32.0359 3876 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:10:32.0359 3876 aec - ok
11:10:32.0406 3876 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:10:32.0406 3876 AFD - ok
11:10:32.0406 3876 Aha154x - ok
11:10:32.0406 3876 aic78u2 - ok
11:10:32.0421 3876 aic78xx - ok
11:10:32.0437 3876 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:10:32.0453 3876 Alerter - ok
11:10:32.0453 3876 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
11:10:32.0453 3876 ALG - ok
11:10:32.0468 3876 AliIde - ok
11:10:32.0468 3876 amsint - ok
11:10:32.0500 3876 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:10:32.0500 3876 AppMgmt - ok
11:10:32.0515 3876 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:10:32.0515 3876 Arp1394 - ok
11:10:32.0531 3876 asc - ok
11:10:32.0531 3876 asc3350p - ok
11:10:32.0531 3876 asc3550 - ok
11:10:32.0578 3876 [ 323AB823727AEACF7A5B7F38A7A89774 ] ASCAntivirusSrv C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
11:10:32.0578 3876 ASCAntivirusSrv - ok
11:10:32.0593 3876 aslm75 - ok
11:10:32.0640 3876 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:10:32.0656 3876 aspnet_state - ok
11:10:32.0687 3876 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:10:32.0687 3876 AsyncMac - ok
11:10:32.0718 3876 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:10:32.0718 3876 atapi - ok
11:10:32.0718 3876 Atdisk - ok
11:10:32.0734 3876 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:10:32.0734 3876 Atmarpc - ok
11:10:32.0765 3876 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:10:32.0765 3876 AudioSrv - ok
11:10:32.0796 3876 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:10:32.0796 3876 audstub - ok
11:10:32.0812 3876 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:10:32.0812 3876 Beep - ok
11:10:32.0859 3876 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\System32\qmgr.dll
11:10:32.0859 3876 BITS - ok
11:10:32.0875 3876 [ 249276D3EF1E74B992299CB96099E4D7 ] Browser C:\WINDOWS\System32\browser.dll
11:10:32.0875 3876 Browser - ok
11:10:32.0906 3876 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:10:32.0906 3876 cbidf2k - ok
11:10:32.0937 3876 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:10:32.0937 3876 CCDECODE - ok
11:10:32.0937 3876 cd20xrnt - ok
11:10:32.0953 3876 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:10:32.0953 3876 Cdaudio - ok
11:10:32.0953 3876 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:10:32.0953 3876 Cdfs - ok
11:10:32.0968 3876 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:10:32.0968 3876 Cdrom - ok
11:10:32.0984 3876 Changer - ok
11:10:33.0000 3876 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:10:33.0000 3876 CiSvc - ok
11:10:33.0015 3876 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:10:33.0015 3876 ClipSrv - ok
11:10:33.0062 3876 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:10:33.0062 3876 clr_optimization_v2.0.50727_32 - ok
11:10:33.0093 3876 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:10:33.0140 3876 clr_optimization_v4.0.30319_32 - ok
11:10:33.0140 3876 CmdIde - ok
11:10:33.0203 3876 [ A2C08CFE1D549283CDAFD3FD67F3ABEE ] cmudax C:\WINDOWS\system32\drivers\cmudax.sys
11:10:33.0203 3876 cmudax - ok
11:10:33.0218 3876 COMSysApp - ok
11:10:33.0218 3876 Cpqarray - ok
11:10:33.0265 3876 [ 3C5BB6BF5CB02EDAD1D7C15A4DC94A78 ] CPUCooLServer C:\Program Files\CPUCooL\CooLSrv.exe
11:10:33.0265 3876 CPUCooLServer - ok
11:10:33.0281 3876 [ 6BADA94085B6709694F8327C211D12E1 ] cpuz135 C:\WINDOWS\system32\drivers\cpuz135_x32.sys
11:10:33.0281 3876 cpuz135 - ok
11:10:33.0312 3876 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:10:33.0312 3876 CryptSvc - ok
11:10:33.0312 3876 dac2w2k - ok
11:10:33.0312 3876 dac960nt - ok
11:10:33.0359 3876 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:10:33.0359 3876 DcomLaunch - ok
11:10:33.0390 3876 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
11:10:33.0390 3876 dgderdrv - ok
11:10:33.0421 3876 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:10:33.0421 3876 Dhcp - ok
11:10:33.0437 3876 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:10:33.0437 3876 Disk - ok
11:10:33.0437 3876 dmadmin - ok
11:10:33.0468 3876 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:10:33.0484 3876 dmboot - ok
11:10:33.0500 3876 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:10:33.0500 3876 dmio - ok
11:10:33.0515 3876 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:10:33.0515 3876 dmload - ok
11:10:33.0531 3876 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:10:33.0531 3876 dmserver - ok
11:10:33.0546 3876 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:10:33.0546 3876 DMusic - ok
11:10:33.0578 3876 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:10:33.0578 3876 Dnscache - ok
11:10:33.0609 3876 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:10:33.0609 3876 Dot3svc - ok
11:10:33.0609 3876 dpti2o - ok
11:10:33.0625 3876 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:10:33.0625 3876 drmkaud - ok
11:10:33.0671 3876 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
11:10:33.0671 3876 dtsoftbus01 - ok
11:10:33.0671 3876 EagleNT - ok
11:10:33.0671 3876 EagleXNt - ok
11:10:33.0718 3876 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:10:33.0718 3876 EapHost - ok
11:10:33.0750 3876 [ FD9FC82F134B1C91004FFC76A5AE494B ] ENTECH C:\WINDOWS\system32\DRIVERS\ENTECH.sys
11:10:33.0750 3876 ENTECH - ok
11:10:33.0781 3876 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:10:33.0781 3876 ERSvc - ok
11:10:33.0828 3876 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
11:10:33.0828 3876 Eventlog - ok
11:10:33.0859 3876 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
11:10:33.0859 3876 EventSystem - ok
11:10:33.0890 3876 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:10:33.0890 3876 Fastfat - ok
11:10:33.0921 3876 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:10:33.0921 3876 FastUserSwitchingCompatibility - ok
11:10:33.0937 3876 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:10:33.0937 3876 Fdc - ok
11:10:33.0953 3876 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:10:33.0953 3876 Fips - ok
11:10:33.0968 3876 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:10:33.0968 3876 Flpydisk - ok
11:10:34.0000 3876 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:10:34.0000 3876 FltMgr - ok
11:10:34.0062 3876 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:10:34.0062 3876 FontCache3.0.0.0 - ok
11:10:34.0062 3876 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:10:34.0062 3876 Fs_Rec - ok
11:10:34.0093 3876 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:10:34.0093 3876 Ftdisk - ok
11:10:34.0125 3876 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
11:10:34.0125 3876 giveio - ok
11:10:34.0125 3876 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:10:34.0125 3876 Gpc - ok
11:10:34.0187 3876 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:10:34.0187 3876 gupdate - ok
11:10:34.0187 3876 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:10:34.0187 3876 gupdatem - ok
11:10:34.0234 3876 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
11:10:34.0234 3876 hamachi - ok
11:10:34.0250 3876 [ 160B24FD894E79E71C983EA403A6E6E7 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
11:10:34.0265 3876 HdAudAddService - ok
11:10:34.0281 3876 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:10:34.0281 3876 HDAudBus - ok
11:10:34.0343 3876 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:10:34.0343 3876 helpsvc - ok
11:10:34.0375 3876 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:10:34.0375 3876 HidServ - ok
11:10:34.0375 3876 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:10:34.0375 3876 HidUsb - ok
11:10:34.0406 3876 [ CE77439BAF613019D6B7658292D1E4A6 ] hitmanpro37 C:\WINDOWS\system32\drivers\hitmanpro37.sys
11:10:34.0406 3876 hitmanpro37 - ok
11:10:34.0421 3876 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:10:34.0421 3876 hkmsvc - ok
11:10:34.0437 3876 hpn - ok
11:10:34.0468 3876 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:10:34.0468 3876 HTTP - ok
11:10:34.0484 3876 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:10:34.0484 3876 HTTPFilter - ok
11:10:34.0500 3876 i2omgmt - ok
11:10:34.0500 3876 i2omp - ok
11:10:34.0515 3876 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:10:34.0515 3876 i8042prt - ok
11:10:34.0578 3876 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:10:34.0593 3876 idsvc - ok
11:10:34.0625 3876 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:10:34.0625 3876 Imapi - ok
11:10:34.0640 3876 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\System32\imapi.exe
11:10:34.0640 3876 ImapiService - ok
11:10:34.0656 3876 ini910u - ok
11:10:34.0656 3876 IntelIde - ok
11:10:34.0703 3876 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:10:34.0703 3876 intelppm - ok
11:10:34.0718 3876 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:10:34.0718 3876 ip6fw - ok
11:10:34.0750 3876 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:10:34.0750 3876 IpFilterDriver - ok
11:10:34.0750 3876 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:10:34.0750 3876 IpInIp - ok
11:10:34.0765 3876 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:10:34.0781 3876 IpNat - ok
11:10:34.0781 3876 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:10:34.0781 3876 IPSec - ok
11:10:34.0812 3876 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:10:34.0812 3876 IRENUM - ok
11:10:34.0828 3876 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:10:34.0828 3876 isapnp - ok
11:10:34.0828 3876 [ C53360C1932904FE89C6BE55378628CB ] iteraid C:\WINDOWS\system32\DRIVERS\iteraid.sys
11:10:34.0843 3876 iteraid - ok
11:10:34.0890 3876 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:10:34.0890 3876 JavaQuickStarterService - ok
11:10:34.0890 3876 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:10:34.0906 3876 Kbdclass - ok
11:10:34.0906 3876 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:10:34.0906 3876 kmixer - ok
11:10:34.0937 3876 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:10:34.0937 3876 KSecDD - ok
11:10:34.0968 3876 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:10:34.0968 3876 lanmanserver - ok
11:10:35.0000 3876 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:10:35.0000 3876 lanmanworkstation - ok
11:10:35.0015 3876 lbrtfdc - ok
11:10:35.0046 3876 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:10:35.0046 3876 LmHosts - ok
11:10:35.0062 3876 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:10:35.0062 3876 Messenger - ok
11:10:35.0078 3876 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:10:35.0078 3876 mnmdd - ok
11:10:35.0109 3876 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
11:10:35.0109 3876 mnmsrvc - ok
11:10:35.0125 3876 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:10:35.0125 3876 Modem - ok
11:10:35.0140 3876 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:10:35.0140 3876 Mouclass - ok
11:10:35.0156 3876 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:10:35.0156 3876 mouhid - ok
11:10:35.0171 3876 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:10:35.0171 3876 MountMgr - ok
11:10:35.0203 3876 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:10:35.0203 3876 MozillaMaintenance - ok
11:10:35.0203 3876 mraid35x - ok
11:10:35.0218 3876 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:10:35.0218 3876 MRxDAV - ok
11:10:35.0265 3876 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:10:35.0265 3876 MRxSmb - ok
11:10:35.0296 3876 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:10:35.0296 3876 MSDTC - ok
11:10:35.0312 3876 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:10:35.0312 3876 Msfs - ok
11:10:35.0312 3876 MSIServer - ok
11:10:35.0328 3876 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:10:35.0328 3876 MSKSSRV - ok
11:10:35.0359 3876 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:10:35.0359 3876 MSPCLOCK - ok
11:10:35.0359 3876 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:10:35.0359 3876 MSPQM - ok
11:10:35.0375 3876 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:10:35.0375 3876 mssmbios - ok
11:10:35.0390 3876 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:10:35.0390 3876 MSTEE - ok
11:10:35.0421 3876 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
11:10:35.0421 3876 MTsensor - ok
11:10:35.0453 3876 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:10:35.0453 3876 Mup - ok
11:10:35.0468 3876 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:10:35.0468 3876 NABTSFEC - ok
11:10:35.0515 3876 [ 8D9298448E091CC1C0AB09BA4A033D21 ] NanoServiceMain C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
11:10:35.0515 3876 NanoServiceMain - ok
11:10:35.0562 3876 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:10:35.0562 3876 napagent - ok
11:10:35.0578 3876 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:10:35.0578 3876 NDIS - ok
11:10:35.0593 3876 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:10:35.0593 3876 NdisIP - ok
11:10:35.0609 3876 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:10:35.0609 3876 NdisTapi - ok
11:10:35.0625 3876 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:10:35.0625 3876 Ndisuio - ok
11:10:35.0640 3876 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:10:35.0640 3876 NdisWan - ok
11:10:35.0656 3876 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:10:35.0671 3876 NDProxy - ok
11:10:35.0687 3876 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:10:35.0687 3876 NetBIOS - ok
11:10:35.0703 3876 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:10:35.0703 3876 NetBT - ok
11:10:35.0718 3876 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:10:35.0718 3876 NetDDE - ok
11:10:35.0734 3876 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:10:35.0734 3876 NetDDEdsdm - ok
11:10:35.0765 3876 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\System32\lsass.exe
11:10:35.0765 3876 Netlogon - ok
11:10:35.0781 3876 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
11:10:35.0781 3876 Netman - ok
11:10:35.0812 3876 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:10:35.0812 3876 NetTcpPortSharing - ok
11:10:35.0828 3876 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:10:35.0828 3876 NIC1394 - ok
11:10:35.0843 3876 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
11:10:35.0843 3876 Nla - ok
11:10:35.0890 3876 [ 47BE15BF4956BD347F6777C8C652B140 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
11:10:35.0890 3876 NNSALPC - ok
11:10:35.0906 3876 [ 1C1DD165A0C83CD873C80FA7F81144A1 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
11:10:35.0906 3876 NNSHTTP - ok
11:10:35.0906 3876 [ F02E8B6AEB900958647D8D6797CD017D ] NNSHTTPS C:\WINDOWS\system32\DRIVERS\NNSHttps.sys
11:10:35.0906 3876 NNSHTTPS - ok
11:10:35.0921 3876 [ 37B51977634EF312EE7E4988D5D6FA43 ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIds.sys
11:10:35.0921 3876 NNSIDS - ok
11:10:35.0953 3876 [ BE16750EFF0DB102FBF4E366F5151B7B ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
11:10:35.0953 3876 NNSPICC - ok
11:10:35.0968 3876 [ DD72B458BEA2AAFB17F23313DD551CA1 ] NNSPIHS C:\WINDOWS\system32\DRIVERS\NNSPihs.sys
11:10:35.0968 3876 NNSPIHS - ok
11:10:35.0968 3876 [ C08CF30BA0F90C50CDC7A9EE8D4C4850 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
11:10:35.0968 3876 NNSPOP3 - ok
11:10:36.0000 3876 [ 0F556C86CF535494652D36A35E1A872B ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSProt.sys
11:10:36.0000 3876 NNSPROT - ok
11:10:36.0015 3876 [ DA4454BB1BDBFCB3E721DFC31C5C03EC ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
11:10:36.0015 3876 NNSPRV - ok
11:10:36.0015 3876 [ 23B44C4DEBF8D097F412C1360CC7EA13 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
11:10:36.0015 3876 NNSSMTP - ok
11:10:36.0031 3876 [ A99BED55F9B9FBA18B965D558D3BAEF7 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
11:10:36.0031 3876 NNSSTRM - ok
11:10:36.0062 3876 [ 6569B9A289E3594FF3AF5A5DD4131AC3 ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
11:10:36.0062 3876 NNSTLSC - ok
11:10:36.0078 3876 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:10:36.0078 3876 Npfs - ok
11:10:36.0093 3876 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:10:36.0109 3876 Ntfs - ok
11:10:36.0109 3876 [ 2D538082C665871F8269D96C868DFF17 ] ntiowp C:\WINDOWS\system32\drivers\ntiowp.sys
11:10:36.0125 3876 ntiowp - ok
11:10:36.0125 3876 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
11:10:36.0125 3876 NtLmSsp - ok
11:10:36.0156 3876 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:10:36.0171 3876 NtmsSvc - ok
11:10:36.0187 3876 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:10:36.0187 3876 Null - ok
11:10:36.0453 3876 [ A613A14FB4D9117F42A3A280F64E9EC4 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:10:36.0515 3876 nv - ok
11:10:36.0562 3876 [ F1AE0BC50661BE09E7BC5919F4C05505 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
11:10:36.0562 3876 NVSvc - ok
11:10:36.0671 3876 [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:10:36.0671 3876 nvUpdatusService - ok
11:10:36.0703 3876 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:10:36.0703 3876 NwlnkFlt - ok
11:10:36.0734 3876 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:10:36.0734 3876 NwlnkFwd - ok
11:10:36.0734 3876 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:10:36.0734 3876 ohci1394 - ok
11:10:36.0781 3876 [ 5FAE249A5635A52970652CA8EB216515 ] PAC7302 C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
11:10:36.0781 3876 PAC7302 - ok
11:10:36.0796 3876 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:10:36.0812 3876 Parport - ok
11:10:36.0812 3876 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:10:36.0812 3876 PartMgr - ok
11:10:36.0843 3876 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:10:36.0843 3876 ParVdm - ok
11:10:36.0859 3876 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:10:36.0859 3876 PCI - ok
11:10:36.0859 3876 PCIDump - ok
11:10:36.0890 3876 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:10:36.0890 3876 PCIIde - ok
11:10:36.0906 3876 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:10:36.0906 3876 Pcmcia - ok
11:10:36.0921 3876 PDCOMP - ok
11:10:36.0921 3876 PDFRAME - ok
11:10:36.0921 3876 PDRELI - ok
11:10:36.0937 3876 PDRFRAME - ok
11:10:36.0937 3876 perc2 - ok
11:10:36.0937 3876 perc2hib - ok
11:10:36.0968 3876 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
11:10:36.0968 3876 PlugPlay - ok
11:10:37.0000 3876 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
11:10:37.0000 3876 PnkBstrA - ok
11:10:37.0015 3876 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
11:10:37.0015 3876 PolicyAgent - ok
11:10:37.0031 3876 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:10:37.0031 3876 PptpMiniport - ok
11:10:37.0046 3876 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
11:10:37.0046 3876 Processor - ok
11:10:37.0046 3876 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:10:37.0046 3876 ProtectedStorage - ok
11:10:37.0062 3876 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:10:37.0062 3876 PSched - ok
11:10:37.0062 3876 [ ECE327FB4E6AC93EE1B05CF76E7BBF03 ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
11:10:37.0078 3876 PSINAflt - ok
11:10:37.0078 3876 [ 6A08DA3C91D798D339BE2208F957ED53 ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys
11:10:37.0078 3876 PSINFile - ok
11:10:37.0093 3876 [ 3DCFF75F5D38256ED965FDCE88CB3F2F ] PSINKNC C:\WINDOWS\system32\DRIVERS\psinknc.sys
11:10:37.0093 3876 PSINKNC - ok
11:10:37.0109 3876 [ BF9789A9FFDF3B97DE14403FD90F3200 ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys
11:10:37.0109 3876 PSINProc - ok
11:10:37.0125 3876 [ 0A7A792C8DB60F5C7469CDE730530342 ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys
11:10:37.0125 3876 PSINProt - ok
11:10:37.0156 3876 [ 7CFD0898C91DC843BB623B878C0C2F10 ] PSINReg C:\WINDOWS\system32\DRIVERS\PSINReg.sys
11:10:37.0156 3876 PSINReg - ok
11:10:37.0187 3876 [ 05A0C2744CEAC6F1B723EC469B650EF0 ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
11:10:37.0187 3876 PSKMAD - ok
11:10:37.0203 3876 [ 8EEF4F0BAEE8490CF971D742DB0AA416 ] PSUAService C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
11:10:37.0218 3876 PSUAService - ok
11:10:37.0234 3876 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:10:37.0234 3876 Ptilink - ok
11:10:37.0250 3876 ql1080 - ok
11:10:37.0250 3876 Ql10wnt - ok
11:10:37.0250 3876 ql12160 - ok
11:10:37.0265 3876 ql1240 - ok
11:10:37.0265 3876 ql1280 - ok
11:10:37.0265 3876 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:10:37.0281 3876 RasAcd - ok
11:10:37.0296 3876 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:10:37.0296 3876 RasAuto - ok
11:10:37.0328 3876 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:10:37.0328 3876 Rasl2tp - ok
11:10:37.0359 3876 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:10:37.0359 3876 RasMan - ok
11:10:37.0375 3876 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:10:37.0375 3876 RasPppoe - ok
11:10:37.0375 3876 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:10:37.0375 3876 Raspti - ok
11:10:37.0406 3876 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:10:37.0406 3876 Rdbss - ok
11:10:37.0421 3876 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:10:37.0421 3876 RDPCDD - ok
11:10:37.0437 3876 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:10:37.0437 3876 rdpdr - ok
11:10:37.0468 3876 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:10:37.0484 3876 RDPWD - ok
11:10:37.0500 3876 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:10:37.0500 3876 RDSessMgr - ok
11:10:37.0515 3876 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:10:37.0515 3876 redbook - ok
11:10:37.0546 3876 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:10:37.0546 3876 RemoteAccess - ok
11:10:37.0562 3876 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:10:37.0562 3876 RemoteRegistry - ok
11:10:37.0578 3876 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
11:10:37.0578 3876 RpcLocator - ok
11:10:37.0609 3876 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:10:37.0609 3876 RpcSs - ok
11:10:37.0640 3876 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
11:10:37.0640 3876 RSVP - ok
11:10:37.0671 3876 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:10:37.0671 3876 rtl8139 - ok
11:10:37.0687 3876 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
11:10:37.0687 3876 SamSs - ok
11:10:37.0703 3876 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:10:37.0703 3876 SCardSvr - ok
11:10:37.0718 3876 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:10:37.0734 3876 Schedule - ok
11:10:37.0828 3876 [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
11:10:37.0859 3876 SDScannerService - ok
11:10:37.0906 3876 [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:10:37.0921 3876 SDUpdateService - ok
11:10:37.0953 3876 [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:10:37.0953 3876 SDWSCService - ok
11:10:37.0968 3876 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:10:37.0984 3876 Secdrv - ok
11:10:38.0000 3876 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:10:38.0000 3876 seclogon - ok
11:10:38.0015 3876 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
11:10:38.0031 3876 SENS - ok
11:10:38.0031 3876 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:10:38.0031 3876 serenum - ok
11:10:38.0046 3876 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:10:38.0046 3876 Serial - ok
11:10:38.0093 3876 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
11:10:38.0093 3876 sfdrv01 - ok
11:10:38.0109 3876 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
11:10:38.0109 3876 sfhlp02 - ok
11:10:38.0125 3876 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:10:38.0125 3876 Sfloppy - ok
11:10:38.0140 3876 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
11:10:38.0140 3876 sfvfs02 - ok
11:10:38.0171 3876 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:10:38.0187 3876 SharedAccess - ok
11:10:38.0203 3876 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:10:38.0203 3876 ShellHWDetection - ok
11:10:38.0203 3876 Simbad - ok
11:10:38.0234 3876 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:10:38.0250 3876 SkypeUpdate - ok
11:10:38.0265 3876 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:10:38.0265 3876 SLIP - ok
11:10:38.0281 3876 Sparrow - ok
11:10:38.0312 3876 [ DC8D2952FB6FFBAEC67BD1B93A34DF11 ] speedfan C:\WINDOWS\system32\speedfan.sys
11:10:38.0312 3876 speedfan - ok
11:10:38.0343 3876 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:10:38.0343 3876 splitter - ok
11:10:38.0375 3876 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:10:38.0375 3876 Spooler - ok
11:10:38.0421 3876 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
11:10:38.0421 3876 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71E276F6D189413266EA22171806597B
11:10:38.0421 3876 sptd ( LockedFile.Multi.Generic ) - warning
11:10:38.0421 3876 sptd - detected LockedFile.Multi.Generic (1)
11:10:38.0437 3876 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:10:38.0437 3876 sr - ok
11:10:38.0468 3876 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\System32\srsvc.dll
11:10:38.0468 3876 srservice - ok
11:10:38.0500 3876 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:10:38.0500 3876 Srv - ok
11:10:38.0531 3876 [ 406776FE3C2B66796BAC1A7AFB9AC8A1 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
11:10:38.0531 3876 ssadbus - ok
11:10:38.0562 3876 [ B19532D015A5D295E2AA34BB521202CF ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
11:10:38.0562 3876 ssadmdfl - ok
11:10:38.0578 3876 [ 2AEBF9108E6F435458B9499C27394DA4 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
11:10:38.0578 3876 ssadmdm - ok
11:10:38.0593 3876 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:10:38.0593 3876 SSDPSRV - ok
11:10:38.0656 3876 [ 394BC2EEC0D81F70B80B0D951665A690 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
11:10:38.0656 3876 Steam Client Service - ok
11:10:38.0687 3876 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:10:38.0687 3876 stisvc - ok
11:10:38.0703 3876 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:10:38.0703 3876 streamip - ok
11:10:38.0734 3876 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:10:38.0734 3876 swenum - ok
11:10:38.0734 3876 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:10:38.0750 3876 swmidi - ok
11:10:38.0750 3876 SwPrv - ok
11:10:38.0750 3876 symc810 - ok
11:10:38.0765 3876 symc8xx - ok
11:10:38.0765 3876 sym_hi - ok
11:10:38.0765 3876 sym_u3 - ok
11:10:38.0781 3876 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:10:38.0781 3876 sysaudio - ok
11:10:38.0812 3876 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:10:38.0812 3876 SysmonLog - ok
11:10:38.0828 3876 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:10:38.0843 3876 TapiSrv - ok
11:10:38.0875 3876 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:10:38.0875 3876 Tcpip - ok
11:10:38.0890 3876 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:10:38.0890 3876 TDPIPE - ok
11:10:38.0906 3876 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:10:38.0906 3876 TDTCP - ok
11:10:38.0921 3876 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:10:38.0921 3876 TermDD - ok
11:10:38.0937 3876 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
11:10:38.0937 3876 TermService - ok
11:10:38.0968 3876 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:10:38.0968 3876 Themes - ok
11:10:38.0984 3876 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
11:10:39.0000 3876 TlntSvr - ok
11:10:39.0000 3876 TosIde - ok
11:10:39.0015 3876 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:10:39.0015 3876 TrkWks - ok
11:10:39.0031 3876 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:10:39.0031 3876 Udfs - ok
11:10:39.0046 3876 ultra - ok
11:10:39.0078 3876 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:10:39.0078 3876 Update - ok
11:10:39.0109 3876 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
11:10:39.0109 3876 upnphost - ok
11:10:39.0125 3876 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
11:10:39.0125 3876 UPS - ok
11:10:39.0140 3876 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:10:39.0140 3876 usbaudio - ok
11:10:39.0156 3876 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:10:39.0156 3876 usbccgp - ok
11:10:39.0171 3876 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:10:39.0171 3876 usbehci - ok
11:10:39.0187 3876 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:10:39.0187 3876 usbhub - ok
11:10:39.0203 3876 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:10:39.0203 3876 usbstor - ok
11:10:39.0203 3876 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:10:39.0203 3876 usbuhci - ok
11:10:39.0218 3876 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:10:39.0218 3876 VgaSave - ok
11:10:39.0218 3876 ViaIde - ok
11:10:39.0250 3876 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:10:39.0250 3876 VolSnap - ok
11:10:39.0281 3876 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
11:10:39.0296 3876 VSS - ok
11:10:39.0312 3876 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\System32\w32time.dll
11:10:39.0312 3876 W32Time - ok
11:10:39.0328 3876 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:10:39.0343 3876 Wanarp - ok
11:10:39.0359 3876 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:10:39.0359 3876 Wdf01000 - ok
11:10:39.0375 3876 WDICA - ok
11:10:39.0375 3876 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:10:39.0375 3876 wdmaud - ok
11:10:39.0390 3876 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:10:39.0406 3876 WebClient - ok
11:10:39.0468 3876 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:10:39.0468 3876 winmgmt - ok
11:10:39.0500 3876 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
11:10:39.0500 3876 WinRing0_1_2_0 - ok
11:10:39.0562 3876 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:10:39.0609 3876 WinRM - ok
11:10:39.0656 3876 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:10:39.0656 3876 WmdmPmSN - ok
11:10:39.0687 3876 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:10:39.0703 3876 Wmi - ok
11:10:39.0718 3876 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
11:10:39.0718 3876 WmiApSrv - ok
11:10:39.0734 3876 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:10:39.0734 3876 WpdUsb - ok
11:10:39.0812 3876 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:10:39.0828 3876 WPFFontCache_v0400 - ok
11:10:39.0859 3876 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:10:39.0875 3876 wscsvc - ok
11:10:39.0890 3876 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:10:39.0890 3876 WSTCODEC - ok
11:10:39.0906 3876 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:10:39.0906 3876 wuauserv - ok
11:10:39.0937 3876 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:10:39.0937 3876 WudfPf - ok
11:10:39.0953 3876 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:10:39.0953 3876 WudfRd - ok
11:10:39.0968 3876 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:10:39.0968 3876 WudfSvc - ok
11:10:40.0000 3876 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:10:40.0015 3876 WZCSVC - ok
11:10:40.0031 3876 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:10:40.0031 3876 xmlprov - ok
11:10:40.0078 3876 [ B29E7A2E211494AC05C2575D4725497A ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
11:10:40.0078 3876 yukonwxp - ok
11:10:40.0093 3876 ================ Scan global ===============================
11:10:40.0109 3876 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
11:10:40.0140 3876 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
11:10:40.0156 3876 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
11:10:40.0171 3876 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
11:10:40.0171 3876 [Global] - ok
11:10:40.0171 3876 ================ Scan MBR ==================================
11:10:40.0187 3876 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:10:40.0328 3876 \Device\Harddisk0\DR0 - ok
11:10:40.0343 3876 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
11:10:40.0468 3876 \Device\Harddisk1\DR1 - ok
11:10:40.0468 3876 ================ Scan VBR ==================================
11:10:40.0468 3876 [ CBBF708802725A368E1437F7FB75CD7B ] \Device\Harddisk0\DR0\Partition1
11:10:40.0468 3876 \Device\Harddisk0\DR0\Partition1 - ok
11:10:40.0484 3876 [ 364A0AC5922426A5DA4B45ECF7600A1D ] \Device\Harddisk0\DR0\Partition2
11:10:40.0484 3876 \Device\Harddisk0\DR0\Partition2 - ok
11:10:40.0484 3876 [ 34DA7792B42F07B10D23F974CA0861A8 ] \Device\Harddisk1\DR1\Partition1
11:10:40.0484 3876 \Device\Harddisk1\DR1\Partition1 - ok
11:10:40.0515 3876 [ 699CF5F9385C28027ECF1B67018E0341 ] \Device\Harddisk1\DR1\Partition2
11:10:40.0515 3876 \Device\Harddisk1\DR1\Partition2 - ok
11:10:40.0515 3876 ============================================================
11:10:40.0515 3876 Scan finished
11:10:40.0515 3876 ============================================================
11:10:40.0515 1256 Detected object count: 1
11:10:40.0515 1256 Actual detected object count: 1
11:12:28.0562 1256 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:12:28.0562 1256 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:12:30.0546 1168 Deinitialize success

[jaro3]

MbAM dej znovu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.