PC-HELP.CZ

PC se občas chová podivně,poskakující kurzor, označená složka/zástupce na ploše přeskakuje z jedné na druhé, ve správci úloh je nějak více spuštěných procesů než bývalo aniž bych něco nového instaloval.
Dneska jsem skenoval PC, Norton nic nenašel, MbAM také nic až teprve IObit malware nalezl několik trojanů.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:49, on 6.6.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
E:\WINDOWS\PixArt\PAC7302\Monitor.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Program Files\Java\jre7\bin\jqs.exe
E:\Program Files\Nero\Update\NASvc.exe
E:\Program Files\Norton AntiVirus\Engine\20.3.1.22\ccSvcHst.exe
E:\Program Files\IObit\IObit Malware Fighter\IMF.exe
E:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Norton AntiVirus\Engine\20.3.1.22\ccSvcHst.exe
E:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
E:\WINDOWS\System32\wbem\wmiapsrv.exe
E:\Program Files\VideoLAN\VLC\vlc.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Mozilla Firefox\plugin-container.exe
E:\WINDOWS\system32\msiexec.exe
E:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lide.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {e5432fba-1139-40d2-9607-7f4294470559} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - E:\Program Files\IObit Apps Toolbar\IE\7.1\iobitappsToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\Program Files\Norton AntiVirus\Engine\20.3.1.22\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - E:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {bb3f7563-e9a4-43bc-9a7c-94a642dd1ffa} - (no file)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - E:\Program Files\IObit Apps Toolbar\IE\7.1\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PAC7302_Monitor] E:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "E:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://tbedits.robotboom.com/one-toolba ... 2012072910
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - E:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{67D882D3-8565-434C-80DC-D34FE64F7A11}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - E:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - E:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Application Updater - Spigot, Inc. - E:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - E:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - E:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero Update (NAUpdate) - Nero AG - E:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - E:\Program Files\Norton AntiVirus\Engine\20.3.1.22\ccSvcHst.exe
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - E:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - E:\WINDOWS\system32\GameMon.des.exe (file missing)

--
End of file - 7175 bytes

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod





Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Přikládám log z AdwCleaner

# AdwCleaner v2.301 - Log vytvooen 06/06/2013 v 18:36:39
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : ccr - CCR-1KVB86K4SMC
# Spuštin systém : Normální
# Spuštino z : E:\Documents and Settings\ccr\Dokumenty\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****

Nalezeno : Application Updater

***** [Soubory / Složky] *****

Složka Nalezeno : E:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : E:\Documents and Settings\ccr\Data aplikací\Search Settings
Složka Nalezeno : E:\Program Files\Application Updater
Složka Nalezeno : E:\Program Files\Common Files\spigot
Složka Nalezeno : E:\Program Files\IObit Apps Toolbar
Soubor Nalezeno : E:\Documents and Settings\ccr\Data aplikací\Mozilla\Firefox\Profiles\k2itvfcz.default\searchplugins\icqplugin.xml

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BB3F7563-E9A4-43BC-9A7C-94A642DD1FFA}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [60ffxtbr@RobotBoom_60.com]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BB3F7563-E9A4-43BC-9A7C-94A642DD1FFA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BB3F7563-E9A4-43BC-9A7C-94A642DD1FFA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\RobotBoom_60
Klíe Nalezeno : HKCU\Software\Search Settings
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKLM\Software\Application Updater
Klíe Nalezeno : HKLM\Software\Freeze.com
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49F7D468-4A60-4A40-A1E9-0C54D45631EE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9118F0B6-5B47-4223-99DF-8ED9A2A6842D}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{995778BD-AC5E-4EDF-A658-A7268BB31426}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0EB21B6-5D9B-4B0D-BB11-00F2245F1271}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F691E243-421B-46F5-9B00-1DB969F1EB99}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F3157AA407841454BB0C9BE8D1982BC9
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@RobotBoom_60.com/Plugin
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\Software\RobotBoom_60
Klíe Nalezeno : HKLM\Software\Search Settings
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKU\S-1-5-21-1547161642-854245398-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKU\S-1-5-21-1547161642-854245398-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v21.0 (cs)

Soubor : E:\Documents and Settings\ccr\Data aplikací\Mozilla\Firefox\Profiles\k2itvfcz.default\prefs.js

Nalezeno : user_pref("browser.search.defaultengine", "Ask.com");
Nalezeno : user_pref("browser.search.order.1", "Ask.com");
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.engineVerified", false);
Nalezeno : user_pref("icqtoolbar.firstTbRun", false);
Nalezeno : user_pref("icqtoolbar.geolastmodified", 1343740491);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_def[...]
Nalezeno : user_pref("icqtoolbar.history", "lucinka12799||%20onlien%20tv");
Nalezeno : user_pref("icqtoolbar.icqgeo", 42);
Nalezeno : user_pref("icqtoolbar.installTime", "1343741706");
Nalezeno : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Nalezeno : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 0);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "14.0.1");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.suggestions", false);
Nalezeno : user_pref("icqtoolbar.uninstStatSent", true);
Nalezeno : user_pref("icqtoolbar.uniqueID", "134373142813437316681343740491925");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1343740493);
Nalezeno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Nalezeno : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v27.0.1453.94

Soubor : E:\Documents and Settings\ccr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5922 octets] - [06/06/2013 18:36:39]

########## EOF - E:\AdwCleaner[R1].txt - [5982 octets] ##########

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Zde je log AdwCleaner

# AdwCleaner v2.301 - Log vytvooen 07/06/2013 v 11:37:05
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : ccr - CCR-1KVB86K4SMC
# Spuštin systém : Normální
# Spuštino z : E:\Documents and Settings\ccr\Dokumenty\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****

Zastaveno & vymazáno : Application Updater

***** [Soubory / Složky] *****

Složka Vymazáno : E:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : E:\Documents and Settings\ccr\Data aplikací\Search Settings
Složka Vymazáno : E:\Program Files\Application Updater
Složka Vymazáno : E:\Program Files\Common Files\spigot
Složka Vymazáno : E:\Program Files\IObit Apps Toolbar
Soubor Vymazáno : E:\Documents and Settings\ccr\Data aplikací\Mozilla\Firefox\Profiles\k2itvfcz.default\searchplugins\icqplugin.xml

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BB3F7563-E9A4-43BC-9A7C-94A642DD1FFA}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [60ffxtbr@RobotBoom_60.com]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BB3F7563-E9A4-43BC-9A7C-94A642DD1FFA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BB3F7563-E9A4-43BC-9A7C-94A642DD1FFA}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\RobotBoom_60
Klíe Vymazáno : HKCU\Software\Search Settings
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKLM\Software\Application Updater
Klíe Vymazáno : HKLM\Software\Freeze.com
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49F7D468-4A60-4A40-A1E9-0C54D45631EE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9118F0B6-5B47-4223-99DF-8ED9A2A6842D}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{995778BD-AC5E-4EDF-A658-A7268BB31426}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0EB21B6-5D9B-4B0D-BB11-00F2245F1271}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F691E243-421B-46F5-9B00-1DB969F1EB99}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F3157AA407841454BB0C9BE8D1982BC9
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@RobotBoom_60.com/Plugin
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\Software\RobotBoom_60
Klíe Vymazáno : HKLM\Software\Search Settings
Klíe Vymazáno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (cs)

Soubor : E:\Documents and Settings\ccr\Data aplikací\Mozilla\Firefox\Profiles\k2itvfcz.default\prefs.js

E:\Documents and Settings\ccr\Data aplikací\Mozilla\Firefox\Profiles\k2itvfcz.default\user.js ... Vymazáno !

Vymazáno : user_pref("browser.search.defaultengine", "Ask.com");
Vymazáno : user_pref("browser.search.order.1", "Ask.com");
Vymazáno : user_pref("icqtoolbar.allowSendURL", false);
Vymazáno : user_pref("icqtoolbar.engineVerified", false);
Vymazáno : user_pref("icqtoolbar.firstTbRun", false);
Vymazáno : user_pref("icqtoolbar.geolastmodified", 1343740491);
Vymazáno : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_def[...]
Vymazáno : user_pref("icqtoolbar.history", "lucinka12799||%20onlien%20tv");
Vymazáno : user_pref("icqtoolbar.icqgeo", 42);
Vymazáno : user_pref("icqtoolbar.installTime", "1343741706");
Vymazáno : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Vymazáno : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Vymazáno : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazáno : user_pref("icqtoolbar.previousFFVersion", "14.0.1");
Vymazáno : user_pref("icqtoolbar.skip_default_search", "no");
Vymazáno : user_pref("icqtoolbar.suggestions", false);
Vymazáno : user_pref("icqtoolbar.uninstStatSent", true);
Vymazáno : user_pref("icqtoolbar.uniqueID", "134373142813437316681343740491925");
Vymazáno : user_pref("icqtoolbar.usageStatstTimestamp", 1343740493);
Vymazáno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Vymazáno : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v27.0.1453.110

Soubor : E:\Documents and Settings\ccr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [6051 octets] - [06/06/2013 18:36:39]
AdwCleaner[S1].txt - [5832 octets] - [07/06/2013 11:37:05]

########## EOF - E:\AdwCleaner[S1].txt - [5892 octets] ##########

log z RoqueKiller

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : ccr [Práva správce]
Mód : Kontrola -- Datum : 06/07/2013 11:55:40
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{67D882D3-8565-434C-80DC-D34FE64F7A11} : NameServer (10.0.0.1) -> NALEZENO
[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{67D882D3-8565-434C-80DC-D34FE64F7A11} : NameServer (10.0.0.1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[12] : NtAlertResumeThread @ 0x805D4B3A -> HOOKED (Unknown @ 0x8491D690)
SSDT[13] : NtAlertThread @ 0x805D4AEA -> HOOKED (Unknown @ 0x849414D0)
SSDT[17] : NtAllocateVirtualMemory @ 0x805A8A9E -> HOOKED (Unknown @ 0x848072F8)
SSDT[19] : NtAssignProcessToJobObject @ 0x805D65FE -> HOOKED (Unknown @ 0x847FBE08)
SSDT[31] : NtConnectPort @ 0x805A45B4 -> HOOKED (Unknown @ 0x845BCA00)
SSDT[43] : NtCreateMutant @ 0x80616D52 -> HOOKED (Unknown @ 0x847D94A0)
SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C39B6 -> HOOKED (Unknown @ 0x84788FC0)
SSDT[53] : NtCreateThread @ 0x805D0FD4 -> HOOKED (Unknown @ 0x84B61EB0)
SSDT[57] : NtDebugActiveProcess @ 0x80642F58 -> HOOKED (Unknown @ 0x84819080)
SSDT[68] : NtDuplicateObject @ 0x805BDFC4 -> HOOKED (Unknown @ 0x8492DA60)
SSDT[83] : NtFreeVirtualMemory @ 0x805B2F7E -> HOOKED (Unknown @ 0x847D6CA8)
SSDT[89] : NtImpersonateAnonymousToken @ 0x805F8A32 -> HOOKED (Unknown @ 0x84904FD0)
SSDT[91] : NtImpersonateThread @ 0x805D77BE -> HOOKED (Unknown @ 0x849042D0)
SSDT[97] : NtLoadDriver @ 0x8058413A -> HOOKED (Unknown @ 0x8453A8B8)
SSDT[108] : unknown @ 0x805B2006 -> HOOKED (Unknown @ 0x849F04F8)
SSDT[114] : NtOpenEvent @ 0x8060E702 -> HOOKED (Unknown @ 0x849065F0)
SSDT[122] : NtOpenProcess @ 0x805CB3FC -> HOOKED (Unknown @ 0x84A96008)
SSDT[123] : NtOpenProcessToken @ 0x805ED722 -> HOOKED (Unknown @ 0x849D5B68)
SSDT[125] : NtOpenSection @ 0x805AA3D2 -> HOOKED (Unknown @ 0x8489CBB0)
SSDT[128] : NtOpenThread @ 0x805CB688 -> HOOKED (Unknown @ 0x8492F998)
SSDT[137] : NtProtectVirtualMemory @ 0x805B83DA -> HOOKED (Unknown @ 0x84789158)
SSDT[206] : NtResumeThread @ 0x805D4976 -> HOOKED (Unknown @ 0x8492E078)
SSDT[213] : NtSetContextThread @ 0x805D16F6 -> HOOKED (Unknown @ 0x84A9C9F8)
SSDT[228] : NtSetInformationProcess @ 0x805CDE46 -> HOOKED (Unknown @ 0x847D6DC8)
SSDT[240] : NtSetSystemInformation @ 0x8060F3BA -> HOOKED (Unknown @ 0x8481A630)
SSDT[253] : NtSuspendProcess @ 0x805D4A3E -> HOOKED (Unknown @ 0x848132E0)
SSDT[254] : NtSuspendThread @ 0x805D48B0 -> HOOKED (Unknown @ 0x84937148)
SSDT[257] : NtTerminateProcess @ 0x805D299E -> HOOKED (Unknown @ 0x8497DE08)
SSDT[258] : unknown @ 0x805D2B98 -> HOOKED (Unknown @ 0x84B14E00)
SSDT[267] : NtUnmapViewOfSection @ 0x805B2E14 -> HOOKED (Unknown @ 0x849850A8)
SSDT[277] : NtWriteVirtualMemory @ 0x805B4394 -> HOOKED (Unknown @ 0x8448F558)
S_SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x84B0D758)
S_SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x84A9DCE8)
S_SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x84A794F0)
S_SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x84A86CA8)
S_SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x84A89AF8)
S_SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x84A7E460)
S_SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x84A79420)
S_SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x84A8C890)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x84AA0D70)
S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8492F270)

¤¤¤ Externí včelstvo: ¤¤¤
-> C:\windows\system32\config\SOFTWARE
-> C:\windows\system32\config\SYSTEM
-> C:\Documents and Settings\Administrator\NTUSER.DAT
-> C:\Documents and Settings\Adminstrator\NTUSER.DAT
-> C:\Documents and Settings\All Users\NTUSER.DAT
-> C:\Documents and Settings\Default User\NTUSER.DAT
-> C:\Documents and Settings\Guest\NTUSER.DAT
-> C:\Documents and Settings\LocalService\NTUSER.DAT
-> C:\Documents and Settings\NetworkService\NTUSER.DAT
-> G:\windows\system32\config\SOFTWARE
-> G:\windows\system32\config\SYSTEM
-> G:\Documents and Settings\Default User\NTUSER.DAT
-> G:\Documents and Settings\Guest\NTUSER.DAT
-> G:\Documents and Settings\LocalService\NTUSER.DAT
-> G:\Documents and Settings\NetworkService\NTUSER.DAT
-> G:\Documents and Settings\UpdatusUser\NTUSER.DAT

¤¤¤ Soubor HOSTS: ¤¤¤
--> E:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Maxtor 6V080E0 +++++
--- User ---
[MBR] d9807c3f72123a6c38ebd8ad97832f73
[BSP] 213872ff2495476d32dea74bce866d2a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 61310 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 125564040 | Size: 14998 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST3200826AS +++++
--- User ---
[MBR] 30710d456db13881bec5ad78dcd2feb0
[BSP] e5ee885c777b8e3d20f172300ebd344a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 45002 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 92164905 | Size: 145769 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_S_06072013_02d1155.txt >>
RKreport[1]_S_06072013_02d1147.txt ; RKreport[2]_S_06072013_02d1155.txt

Log z TDSSKiller

11:48:37.0234 2316 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:48:37.0343 2316 ============================================================
11:48:37.0343 2316 Current date / time: 2013/06/07 11:48:37.0343
11:48:37.0343 2316 SystemInfo:
11:48:37.0343 2316
11:48:37.0343 2316 OS Version: 5.1.2600 ServicePack: 3.0
11:48:37.0343 2316 Product type: Workstation
11:48:37.0343 2316 ComputerName: CCR-1KVB86K4SMC
11:48:37.0343 2316 UserName: ccr
11:48:37.0343 2316 Windows directory: E:\WINDOWS
11:48:37.0343 2316 System windows directory: E:\WINDOWS
11:48:37.0343 2316 Processor architecture: Intel x86
11:48:37.0343 2316 Number of processors: 2
11:48:37.0343 2316 Page size: 0x1000
11:48:37.0343 2316 Boot type: Normal boot
11:48:37.0343 2316 ============================================================
11:48:39.0484 2316 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:48:39.0484 2316 Drive \Device\Harddisk1\DR1 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:48:39.0484 2316 ============================================================
11:48:39.0484 2316 \Device\Harddisk0\DR0:
11:48:39.0484 2316 MBR partitions:
11:48:39.0484 2316 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x77BF449
11:48:39.0515 2316 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x77BF4C7, BlocksNum 0x1D4B139
11:48:39.0515 2316 \Device\Harddisk1\DR1:
11:48:39.0515 2316 MBR partitions:
11:48:39.0515 2316 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x57E52EA
11:48:39.0531 2316 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x57E5368, BlocksNum 0x11CB4B98
11:48:39.0531 2316 ============================================================
11:48:39.0562 2316 C: <-> \Device\Harddisk0\DR0\Partition1
11:48:39.0609 2316 E: <-> \Device\Harddisk0\DR0\Partition2
11:48:39.0656 2316 G: <-> \Device\Harddisk1\DR1\Partition1
11:48:39.0718 2316 H: <-> \Device\Harddisk1\DR1\Partition2
11:48:39.0718 2316 ============================================================
11:48:39.0718 2316 Initialize success
11:48:39.0718 2316 ============================================================
11:48:49.0156 2696 ============================================================
11:48:49.0156 2696 Scan started
11:48:49.0156 2696 Mode: Manual;
11:48:49.0156 2696 ============================================================
11:48:49.0750 2696 ================ Scan system memory ========================
11:48:49.0750 2696 System memory - ok
11:48:49.0750 2696 ================ Scan services =============================
11:48:49.0843 2696 Abiosdsk - ok
11:48:49.0843 2696 abp480n5 - ok
11:48:49.0890 2696 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI E:\WINDOWS\system32\DRIVERS\ACPI.sys
11:48:49.0890 2696 ACPI - ok
11:48:49.0921 2696 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC E:\WINDOWS\system32\drivers\ACPIEC.sys
11:48:49.0921 2696 ACPIEC - ok
11:48:49.0953 2696 [ A23675760DEC131B9F799B6FB038A1F0 ] admjoy E:\WINDOWS\system32\DRIVERS\admjoy.sys
11:48:49.0953 2696 admjoy - ok
11:48:50.0000 2696 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc E:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe
11:48:50.0015 2696 AdobeFlashPlayerUpdateSvc - ok
11:48:50.0015 2696 adpu160m - ok
11:48:50.0140 2696 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 E:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
11:48:50.0156 2696 AdvancedSystemCareService6 - ok
11:48:50.0171 2696 [ 8BED39E3C35D6A489438B8141717A557 ] aec E:\WINDOWS\system32\drivers\aec.sys
11:48:50.0171 2696 aec - ok
11:48:50.0187 2696 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD E:\WINDOWS\System32\drivers\afd.sys
11:48:50.0187 2696 AFD - ok
11:48:50.0203 2696 Aha154x - ok
11:48:50.0203 2696 aic78u2 - ok
11:48:50.0218 2696 aic78xx - ok
11:48:50.0250 2696 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter E:\WINDOWS\system32\alrsvc.dll
11:48:50.0265 2696 Alerter - ok
11:48:50.0281 2696 [ 88842DE939A827577BF24243699AC80A ] ALG E:\WINDOWS\System32\alg.exe
11:48:50.0281 2696 ALG - ok
11:48:50.0281 2696 AliIde - ok
11:48:50.0296 2696 amsint - ok
11:48:50.0328 2696 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt E:\WINDOWS\System32\appmgmts.dll
11:48:50.0359 2696 AppMgmt - ok
11:48:50.0359 2696 asc - ok
11:48:50.0359 2696 asc3350p - ok
11:48:50.0375 2696 asc3550 - ok
11:48:50.0437 2696 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:48:50.0453 2696 aspnet_state - ok
11:48:50.0468 2696 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac E:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:48:50.0468 2696 AsyncMac - ok
11:48:50.0500 2696 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi E:\WINDOWS\system32\DRIVERS\atapi.sys
11:48:50.0500 2696 atapi - ok
11:48:50.0515 2696 Atdisk - ok
11:48:50.0546 2696 [ 2911A46A482F1BBE39F47BAC4CF6F609 ] Ati HotKey Poller E:\WINDOWS\System32\Ati2evxx.exe
11:48:50.0562 2696 Ati HotKey Poller - ok
11:48:50.0593 2696 [ 2B2CC2C47F5DE490F27D4292F0EDC034 ] ATI Smart E:\WINDOWS\system32\ati2sgag.exe
11:48:50.0609 2696 ATI Smart - ok
11:48:50.0734 2696 [ E9375396F55B58C2042C7C9844D297E3 ] ati2mtag E:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:48:50.0765 2696 ati2mtag - ok
11:48:50.0843 2696 ATICDSDr - ok
11:48:50.0859 2696 atimtag - ok
11:48:50.0875 2696 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc E:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:48:50.0875 2696 Atmarpc - ok
11:48:50.0906 2696 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv E:\WINDOWS\System32\audiosrv.dll
11:48:50.0906 2696 AudioSrv - ok
11:48:50.0937 2696 [ D9F724AA26C010A217C97606B160ED68 ] audstub E:\WINDOWS\system32\DRIVERS\audstub.sys
11:48:50.0937 2696 audstub - ok
11:48:50.0968 2696 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep E:\WINDOWS\system32\drivers\Beep.sys
11:48:50.0968 2696 Beep - ok
11:48:51.0078 2696 [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86 E:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys
11:48:51.0125 2696 BHDrvx86 - ok
11:48:51.0156 2696 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS E:\WINDOWS\System32\qmgr.dll
11:48:51.0218 2696 BITS - ok
11:48:51.0234 2696 [ 249276D3EF1E74B992299CB96099E4D7 ] Browser E:\WINDOWS\System32\browser.dll
11:48:51.0250 2696 Browser - ok
11:48:51.0281 2696 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k E:\WINDOWS\system32\drivers\cbidf2k.sys
11:48:51.0281 2696 cbidf2k - ok
11:48:51.0296 2696 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE E:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:48:51.0296 2696 CCDECODE - ok
11:48:51.0343 2696 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NAV E:\WINDOWS\system32\drivers\NAV\1403010.016\ccSetx86.sys
11:48:51.0359 2696 ccSet_NAV - ok
11:48:51.0406 2696 [ 41CD31307E054F878EA3FD7F7D2C2922 ] ccSet_NST E:\WINDOWS\system32\drivers\NST\7DD01000.020\ccSetx86.sys
11:48:51.0406 2696 ccSet_NST - ok
11:48:51.0421 2696 cd20xrnt - ok
11:48:51.0453 2696 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio E:\WINDOWS\system32\drivers\Cdaudio.sys
11:48:51.0453 2696 Cdaudio - ok
11:48:51.0484 2696 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs E:\WINDOWS\system32\drivers\Cdfs.sys
11:48:51.0484 2696 Cdfs - ok
11:48:51.0500 2696 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom E:\WINDOWS\system32\DRIVERS\cdrom.sys
11:48:51.0500 2696 Cdrom - ok
11:48:51.0500 2696 Changer - ok
11:48:51.0531 2696 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc E:\WINDOWS\system32\cisvc.exe
11:48:51.0531 2696 CiSvc - ok
11:48:51.0546 2696 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv E:\WINDOWS\system32\clipsrv.exe
11:48:51.0546 2696 ClipSrv - ok
11:48:51.0578 2696 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:48:51.0671 2696 clr_optimization_v2.0.50727_32 - ok
11:48:51.0718 2696 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:48:51.0765 2696 clr_optimization_v4.0.30319_32 - ok
11:48:51.0765 2696 CmdIde - ok
11:48:51.0765 2696 COMSysApp - ok
11:48:51.0781 2696 Cpqarray - ok
11:48:51.0812 2696 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv E:\Program Files\SystemRequirementsLab\cpudrv.sys
11:48:51.0812 2696 cpudrv - ok
11:48:51.0828 2696 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc E:\WINDOWS\System32\cryptsvc.dll
11:48:51.0843 2696 CryptSvc - ok
11:48:51.0843 2696 dac2w2k - ok
11:48:51.0843 2696 dac960nt - ok
11:48:51.0890 2696 [ C868F3AE15CF71A93F2AA3A32856D839 ] DcomLaunch E:\WINDOWS\system32\rpcss.dll
11:48:51.0906 2696 DcomLaunch - ok
11:48:51.0906 2696 dgderdrv - ok
11:48:51.0937 2696 [ B575C523F537F24D66D31F8877E6BCAB ] dg_ssudbus E:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:48:51.0937 2696 dg_ssudbus - ok
11:48:51.0968 2696 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp E:\WINDOWS\System32\dhcpcsvc.dll
11:48:51.0968 2696 Dhcp - ok
11:48:52.0015 2696 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk E:\WINDOWS\system32\DRIVERS\disk.sys
11:48:52.0015 2696 Disk - ok
11:48:52.0015 2696 dmadmin - ok
11:48:52.0046 2696 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot E:\WINDOWS\system32\drivers\dmboot.sys
11:48:52.0062 2696 dmboot - ok
11:48:52.0078 2696 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio E:\WINDOWS\system32\drivers\dmio.sys
11:48:52.0078 2696 dmio - ok
11:48:52.0109 2696 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload E:\WINDOWS\system32\drivers\dmload.sys
11:48:52.0125 2696 dmload - ok
11:48:52.0171 2696 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver E:\WINDOWS\System32\dmserver.dll
11:48:52.0203 2696 dmserver - ok
11:48:52.0250 2696 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic E:\WINDOWS\system32\drivers\DMusic.sys
11:48:52.0250 2696 DMusic - ok
11:48:52.0281 2696 [ 0634B791684B84F4A331F3D3536FEEF8 ] Dnscache E:\WINDOWS\System32\dnsrslvr.dll
11:48:52.0281 2696 Dnscache - ok
11:48:52.0406 2696 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc E:\WINDOWS\System32\dot3svc.dll
11:48:52.0437 2696 Dot3svc - ok
11:48:52.0437 2696 dpti2o - ok
11:48:52.0453 2696 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud E:\WINDOWS\system32\drivers\drmkaud.sys
11:48:52.0453 2696 drmkaud - ok
11:48:52.0484 2696 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 E:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
11:48:52.0500 2696 dtsoftbus01 - ok
11:48:52.0515 2696 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost E:\WINDOWS\System32\eapsvc.dll
11:48:52.0515 2696 EapHost - ok
11:48:52.0578 2696 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl E:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:48:52.0593 2696 eeCtrl - ok
11:48:52.0625 2696 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv E:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:48:52.0625 2696 EraserUtilRebootDrv - ok
11:48:52.0656 2696 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc E:\WINDOWS\System32\ersvc.dll
11:48:52.0656 2696 ERSvc - ok
11:48:52.0703 2696 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] Eventlog E:\WINDOWS\system32\services.exe
11:48:52.0703 2696 Eventlog - ok
11:48:52.0718 2696 [ 260C69FD67687B0DC062FC3D31655857 ] EventSystem E:\WINDOWS\System32\es.dll
11:48:52.0750 2696 EventSystem - ok
11:48:52.0765 2696 [ 38D332A6D56AF32635675F132548343E ] Fastfat E:\WINDOWS\system32\drivers\Fastfat.sys
11:48:52.0765 2696 Fastfat - ok
11:48:52.0796 2696 [ B927443008910B412BEC72FC41C1BAD0 ] FastUserSwitchingCompatibility E:\WINDOWS\System32\shsvcs.dll
11:48:52.0812 2696 FastUserSwitchingCompatibility - ok
11:48:52.0812 2696 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc E:\WINDOWS\system32\DRIVERS\fdc.sys
11:48:52.0828 2696 Fdc - ok
11:48:52.0906 2696 [ 9840396B26E424046AD335C98B3F16C3 ] FileMonitor E:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
11:48:52.0921 2696 FileMonitor - ok
11:48:52.0937 2696 [ AC366695A0796560AA37215AD5762AAF ] Fips E:\WINDOWS\system32\drivers\Fips.sys
11:48:52.0937 2696 Fips - ok
11:48:52.0953 2696 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk E:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:48:52.0953 2696 Flpydisk - ok
11:48:52.0953 2696 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr E:\WINDOWS\system32\drivers\fltmgr.sys
11:48:52.0953 2696 FltMgr - ok
11:48:53.0000 2696 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:48:53.0000 2696 FontCache3.0.0.0 - ok
11:48:53.0015 2696 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec E:\WINDOWS\system32\drivers\Fs_Rec.sys
11:48:53.0015 2696 Fs_Rec - ok
11:48:53.0031 2696 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk E:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:48:53.0031 2696 Ftdisk - ok
11:48:53.0062 2696 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc E:\WINDOWS\system32\DRIVERS\msgpc.sys
11:48:53.0062 2696 Gpc - ok
11:48:53.0109 2696 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate E:\Program Files\Google\Update\GoogleUpdate.exe
11:48:53.0109 2696 gupdate - ok
11:48:53.0125 2696 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem E:\Program Files\Google\Update\GoogleUpdate.exe
11:48:53.0125 2696 gupdatem - ok
11:48:53.0140 2696 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus E:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:48:53.0140 2696 HDAudBus - ok
11:48:53.0203 2696 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:48:53.0203 2696 helpsvc - ok
11:48:53.0203 2696 HidServ - ok
11:48:53.0234 2696 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc E:\WINDOWS\System32\kmsvc.dll
11:48:53.0234 2696 hkmsvc - ok
11:48:53.0250 2696 hpn - ok
11:48:53.0265 2696 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP E:\WINDOWS\system32\Drivers\HTTP.sys
11:48:53.0281 2696 HTTP - ok
11:48:53.0281 2696 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter E:\WINDOWS\System32\w3ssl.dll
11:48:53.0281 2696 HTTPFilter - ok
11:48:53.0296 2696 i2omgmt - ok
11:48:53.0296 2696 i2omp - ok
11:48:53.0328 2696 [ C528E27945367191E7BAE364930B6932 ] i8042prt E:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:48:53.0328 2696 i8042prt - ok
11:48:53.0406 2696 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:48:53.0437 2696 idsvc - ok
11:48:53.0500 2696 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 E:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130606.001\IDSxpx86.sys
11:48:53.0515 2696 IDSxpx86 - ok
11:48:53.0546 2696 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi E:\WINDOWS\system32\DRIVERS\imapi.sys
11:48:53.0546 2696 Imapi - ok
11:48:53.0562 2696 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService E:\WINDOWS\System32\imapi.exe
11:48:53.0578 2696 ImapiService - ok
11:48:53.0609 2696 [ 24EA4E2F76E216CE70353736E3556585 ] IMFservice E:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
11:48:53.0640 2696 IMFservice - ok
11:48:53.0640 2696 ini910u - ok
11:48:53.0859 2696 [ 723907CC600271BB216FAAA0B6877678 ] IntcAzAudAddService E:\WINDOWS\system32\drivers\RtkHDAud.sys
11:48:53.0906 2696 IntcAzAudAddService - ok
11:48:53.0921 2696 IntelIde - ok
11:48:53.0937 2696 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm E:\WINDOWS\system32\DRIVERS\intelppm.sys
11:48:53.0953 2696 intelppm - ok
11:48:53.0968 2696 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw E:\WINDOWS\system32\drivers\ip6fw.sys
11:48:53.0968 2696 ip6fw - ok
11:48:54.0000 2696 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver E:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:48:54.0000 2696 IpFilterDriver - ok
11:48:54.0015 2696 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp E:\WINDOWS\system32\DRIVERS\ipinip.sys
11:48:54.0015 2696 IpInIp - ok
11:48:54.0031 2696 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat E:\WINDOWS\system32\DRIVERS\ipnat.sys
11:48:54.0031 2696 IpNat - ok
11:48:54.0078 2696 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec E:\WINDOWS\system32\DRIVERS\ipsec.sys
11:48:54.0078 2696 IPSec - ok
11:48:54.0078 2696 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM E:\WINDOWS\system32\DRIVERS\irenum.sys
11:48:54.0078 2696 IRENUM - ok
11:48:54.0093 2696 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp E:\WINDOWS\system32\DRIVERS\isapnp.sys
11:48:54.0093 2696 isapnp - ok
11:48:54.0187 2696 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService E:\Program Files\Java\jre7\bin\jqs.exe
11:48:54.0203 2696 JavaQuickStarterService - ok
11:48:54.0218 2696 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass E:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:48:54.0218 2696 Kbdclass - ok
11:48:54.0234 2696 [ 692BCF44383D056AED41B045A323D378 ] kmixer E:\WINDOWS\system32\drivers\kmixer.sys
11:48:54.0234 2696 kmixer - ok
11:48:54.0234 2696 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD E:\WINDOWS\system32\drivers\KSecDD.sys
11:48:54.0234 2696 KSecDD - ok
11:48:54.0265 2696 [ 21920AC69594AB021237054FA728FE46 ] lanmanserver E:\WINDOWS\System32\srvsvc.dll
11:48:54.0265 2696 lanmanserver - ok
11:48:54.0281 2696 [ 5190783F51A2D7A8495202C664D7C963 ] lanmanworkstation E:\WINDOWS\System32\wkssvc.dll
11:48:54.0296 2696 lanmanworkstation - ok
11:48:54.0296 2696 lbrtfdc - ok
11:48:54.0328 2696 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts E:\WINDOWS\System32\lmhsvc.dll
11:48:54.0343 2696 LmHosts - ok
11:48:54.0375 2696 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger E:\WINDOWS\System32\msgsvc.dll
11:48:54.0375 2696 Messenger - ok
11:48:54.0390 2696 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd E:\WINDOWS\system32\drivers\mnmdd.sys
11:48:54.0406 2696 mnmdd - ok
11:48:54.0421 2696 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc E:\WINDOWS\System32\mnmsrvc.exe
11:48:54.0421 2696 mnmsrvc - ok
11:48:54.0453 2696 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem E:\WINDOWS\system32\drivers\Modem.sys
11:48:54.0453 2696 Modem - ok
11:48:54.0468 2696 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass E:\WINDOWS\system32\DRIVERS\mouclass.sys
11:48:54.0468 2696 Mouclass - ok
11:48:54.0484 2696 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr E:\WINDOWS\system32\drivers\MountMgr.sys
11:48:54.0484 2696 MountMgr - ok
11:48:54.0531 2696 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:48:54.0531 2696 MozillaMaintenance - ok
11:48:54.0546 2696 mraid35x - ok
11:48:54.0546 2696 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV E:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:48:54.0546 2696 MRxDAV - ok
11:48:54.0578 2696 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb E:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:48:54.0578 2696 MRxSmb - ok
11:48:54.0593 2696 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC E:\WINDOWS\System32\msdtc.exe
11:48:54.0609 2696 MSDTC - ok
11:48:54.0609 2696 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs E:\WINDOWS\system32\drivers\Msfs.sys
11:48:54.0609 2696 Msfs - ok
11:48:54.0625 2696 MSIServer - ok
11:48:54.0640 2696 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV E:\WINDOWS\system32\drivers\MSKSSRV.sys
11:48:54.0640 2696 MSKSSRV - ok
11:48:54.0671 2696 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK E:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:48:54.0671 2696 MSPCLOCK - ok
11:48:54.0687 2696 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM E:\WINDOWS\system32\drivers\MSPQM.sys
11:48:54.0687 2696 MSPQM - ok
11:48:54.0718 2696 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios E:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:48:54.0718 2696 mssmbios - ok
11:48:54.0750 2696 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE E:\WINDOWS\system32\drivers\MSTEE.sys
11:48:54.0750 2696 MSTEE - ok
11:48:54.0750 2696 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup E:\WINDOWS\system32\drivers\Mup.sys
11:48:54.0750 2696 Mup - ok
11:48:54.0765 2696 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:48:54.0765 2696 NABTSFEC - ok
11:48:54.0812 2696 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent E:\WINDOWS\System32\qagentrt.dll
11:48:54.0828 2696 napagent - ok
11:48:54.0875 2696 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate E:\Program Files\Nero\Update\NASvc.exe
11:48:54.0906 2696 NAUpdate - ok
11:48:54.0953 2696 [ 241BD3019FB31E812A51B31B06906335 ] NAV E:\Program Files\Norton AntiVirus\Engine\20.3.1.22\ccSvcHst.exe
11:48:54.0968 2696 NAV - ok
11:48:55.0031 2696 [ CE2156DF796D41614AB60E68D107D573 ] NAVENG E:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130606.039\NAVENG.SYS
11:48:55.0031 2696 NAVENG - ok
11:48:55.0093 2696 [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15 E:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130606.039\NAVEX15.SYS
11:48:55.0140 2696 NAVEX15 - ok
11:48:55.0187 2696 [ 8D11DA92F83D8C8281689739BEF05FD5 ] NCO E:\Program Files\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe
11:48:55.0187 2696 NCO - ok
11:48:55.0218 2696 [ 1DF7F42665C94B825322FAE71721130D ] NDIS E:\WINDOWS\system32\drivers\NDIS.sys
11:48:55.0218 2696 NDIS - ok
11:48:55.0265 2696 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP E:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:48:55.0265 2696 NdisIP - ok
11:48:55.0296 2696 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi E:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:48:55.0296 2696 NdisTapi - ok
11:48:55.0296 2696 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio E:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:48:55.0296 2696 Ndisuio - ok
11:48:55.0328 2696 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan E:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:48:55.0328 2696 NdisWan - ok
11:48:55.0328 2696 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy E:\WINDOWS\system32\drivers\NDProxy.sys
11:48:55.0328 2696 NDProxy - ok
11:48:55.0343 2696 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS E:\WINDOWS\system32\DRIVERS\netbios.sys
11:48:55.0343 2696 NetBIOS - ok
11:48:55.0359 2696 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT E:\WINDOWS\system32\DRIVERS\netbt.sys
11:48:55.0359 2696 NetBT - ok
11:48:55.0390 2696 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE E:\WINDOWS\system32\netdde.exe
11:48:55.0406 2696 NetDDE - ok
11:48:55.0406 2696 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm E:\WINDOWS\system32\netdde.exe
11:48:55.0406 2696 NetDDEdsdm - ok
11:48:55.0437 2696 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon E:\WINDOWS\System32\lsass.exe
11:48:55.0437 2696 Netlogon - ok
11:48:55.0453 2696 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman E:\WINDOWS\System32\netman.dll
11:48:55.0484 2696 Netman - ok
11:48:55.0515 2696 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:48:55.0515 2696 NetTcpPortSharing - ok
11:48:55.0531 2696 [ AAC97DAB5F8A0573CF10E0EAC42A7724 ] Nla E:\WINDOWS\System32\mswsock.dll
11:48:55.0546 2696 Nla - ok
11:48:55.0562 2696 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs E:\WINDOWS\system32\drivers\Npfs.sys
11:48:55.0562 2696 Npfs - ok
11:48:55.0578 2696 npggsvc - ok
11:48:55.0593 2696 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs E:\WINDOWS\system32\drivers\Ntfs.sys
11:48:55.0609 2696 Ntfs - ok
11:48:55.0609 2696 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp E:\WINDOWS\System32\lsass.exe
11:48:55.0609 2696 NtLmSsp - ok
11:48:55.0640 2696 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc E:\WINDOWS\system32\ntmssvc.dll
11:48:55.0656 2696 NtmsSvc - ok
11:48:55.0687 2696 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null E:\WINDOWS\system32\drivers\Null.sys
11:48:55.0687 2696 Null - ok
11:48:55.0718 2696 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt E:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:48:55.0718 2696 NwlnkFlt - ok
11:48:55.0734 2696 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd E:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:48:55.0734 2696 NwlnkFwd - ok
11:48:55.0812 2696 [ 5FAE249A5635A52970652CA8EB216515 ] PAC7302 E:\WINDOWS\system32\DRIVERS\PAC7302.SYS
11:48:55.0812 2696 PAC7302 - ok
11:48:55.0843 2696 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport E:\WINDOWS\system32\DRIVERS\parport.sys
11:48:55.0843 2696 Parport - ok
11:48:55.0843 2696 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr E:\WINDOWS\system32\drivers\PartMgr.sys
11:48:55.0859 2696 PartMgr - ok
11:48:55.0875 2696 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm E:\WINDOWS\system32\drivers\ParVdm.sys
11:48:55.0875 2696 ParVdm - ok
11:48:55.0890 2696 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI E:\WINDOWS\system32\DRIVERS\pci.sys
11:48:55.0890 2696 PCI - ok
11:48:55.0890 2696 PCIDump - ok
11:48:55.0906 2696 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde E:\WINDOWS\system32\DRIVERS\pciide.sys
11:48:55.0906 2696 PCIIde - ok
11:48:55.0921 2696 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia E:\WINDOWS\system32\drivers\Pcmcia.sys
11:48:55.0921 2696 Pcmcia - ok
11:48:55.0937 2696 PDCOMP - ok
11:48:55.0937 2696 PDFRAME - ok
11:48:55.0937 2696 PDRELI - ok
11:48:55.0953 2696 PDRFRAME - ok
11:48:55.0953 2696 perc2 - ok
11:48:55.0953 2696 perc2hib - ok
11:48:56.0000 2696 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] PlugPlay E:\WINDOWS\system32\services.exe
11:48:56.0000 2696 PlugPlay - ok
11:48:56.0015 2696 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent E:\WINDOWS\System32\lsass.exe
11:48:56.0015 2696 PolicyAgent - ok
11:48:56.0046 2696 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport E:\WINDOWS\system32\DRIVERS\raspptp.sys
11:48:56.0046 2696 PptpMiniport - ok
11:48:56.0062 2696 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor E:\WINDOWS\system32\DRIVERS\processr.sys
11:48:56.0062 2696 Processor - ok
11:48:56.0062 2696 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage E:\WINDOWS\system32\lsass.exe
11:48:56.0062 2696 ProtectedStorage - ok
11:48:56.0078 2696 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched E:\WINDOWS\system32\DRIVERS\psched.sys
11:48:56.0078 2696 PSched - ok
11:48:56.0109 2696 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink E:\WINDOWS\system32\DRIVERS\ptilink.sys
11:48:56.0109 2696 Ptilink - ok
11:48:56.0109 2696 ql1080 - ok
11:48:56.0125 2696 Ql10wnt - ok
11:48:56.0125 2696 ql12160 - ok
11:48:56.0125 2696 ql1240 - ok
11:48:56.0140 2696 ql1280 - ok
11:48:56.0140 2696 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd E:\WINDOWS\system32\DRIVERS\rasacd.sys
11:48:56.0140 2696 RasAcd - ok
11:48:56.0171 2696 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto E:\WINDOWS\System32\rasauto.dll
11:48:56.0171 2696 RasAuto - ok
11:48:56.0171 2696 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp E:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:48:56.0171 2696 Rasl2tp - ok
11:48:56.0203 2696 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan E:\WINDOWS\System32\rasmans.dll
11:48:56.0218 2696 RasMan - ok
11:48:56.0218 2696 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe E:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:48:56.0234 2696 RasPppoe - ok
11:48:56.0234 2696 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti E:\WINDOWS\system32\DRIVERS\raspti.sys
11:48:56.0234 2696 Raspti - ok
11:48:56.0250 2696 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss E:\WINDOWS\system32\DRIVERS\rdbss.sys
11:48:56.0265 2696 Rdbss - ok
11:48:56.0265 2696 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD E:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:48:56.0265 2696 RDPCDD - ok
11:48:56.0312 2696 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr E:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:48:56.0312 2696 rdpdr - ok
11:48:56.0343 2696 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD E:\WINDOWS\system32\drivers\RDPWD.sys
11:48:56.0343 2696 RDPWD - ok
11:48:56.0359 2696 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr E:\WINDOWS\system32\sessmgr.exe
11:48:56.0359 2696 RDSessMgr - ok
11:48:56.0359 2696 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook E:\WINDOWS\system32\DRIVERS\redbook.sys
11:48:56.0375 2696 redbook - ok
11:48:56.0390 2696 [ BA5148E2DA9AB2B786EE239510BE819A ] RegFilter E:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
11:48:56.0390 2696 RegFilter - ok
11:48:56.0421 2696 [ 127C26B5371651043450E52542099ABA ] RemoteAccess E:\WINDOWS\System32\mprdim.dll
11:48:56.0421 2696 RemoteAccess - ok
11:48:56.0453 2696 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry E:\WINDOWS\system32\regsvc.dll
11:48:56.0453 2696 RemoteRegistry - ok
11:48:56.0468 2696 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator E:\WINDOWS\System32\locator.exe
11:48:56.0484 2696 RpcLocator - ok
11:48:56.0500 2696 [ C868F3AE15CF71A93F2AA3A32856D839 ] RpcSs E:\WINDOWS\system32\rpcss.dll
11:48:56.0515 2696 RpcSs - ok
11:48:56.0531 2696 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP E:\WINDOWS\System32\rsvp.exe
11:48:56.0546 2696 RSVP - ok
11:48:56.0578 2696 [ D507C1400284176573224903819FFDA3 ] rtl8139 E:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:48:56.0578 2696 rtl8139 - ok
11:48:56.0578 2696 [ ED0A176354487CEED65B80A7148AB739 ] SamSs E:\WINDOWS\system32\lsass.exe
11:48:56.0593 2696 SamSs - ok
11:48:56.0609 2696 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr E:\WINDOWS\System32\SCardSvr.exe
11:48:56.0609 2696 SCardSvr - ok
11:48:56.0640 2696 [ 3FF232A7731621B8902D81D42418C93C ] Schedule E:\WINDOWS\system32\schedsvc.dll
11:48:56.0656 2696 Schedule - ok
11:48:56.0671 2696 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv E:\WINDOWS\system32\DRIVERS\secdrv.sys
11:48:56.0671 2696 Secdrv - ok
11:48:56.0687 2696 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon E:\WINDOWS\System32\seclogon.dll
11:48:56.0687 2696 seclogon - ok
11:48:56.0703 2696 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS E:\WINDOWS\system32\sens.dll
11:48:56.0703 2696 SENS - ok
11:48:56.0718 2696 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum E:\WINDOWS\system32\DRIVERS\serenum.sys
11:48:56.0718 2696 serenum - ok
11:48:56.0734 2696 [ B842729337C9B921615C40D3C1A1AF96 ] Serial E:\WINDOWS\system32\DRIVERS\serial.sys
11:48:56.0734 2696 Serial - ok
11:48:56.0765 2696 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy E:\WINDOWS\system32\drivers\Sfloppy.sys
11:48:56.0765 2696 Sfloppy - ok
11:48:56.0796 2696 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess E:\WINDOWS\System32\ipnathlp.dll
11:48:56.0812 2696 SharedAccess - ok
11:48:56.0828 2696 [ B927443008910B412BEC72FC41C1BAD0 ] ShellHWDetection E:\WINDOWS\System32\shsvcs.dll
11:48:56.0828 2696 ShellHWDetection - ok
11:48:56.0828 2696 Simbad - ok
11:48:56.0859 2696 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP E:\WINDOWS\system32\DRIVERS\SLIP.sys
11:48:56.0859 2696 SLIP - ok
11:48:56.0890 2696 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver E:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
11:48:56.0890 2696 SmartDefragDriver - ok
11:48:56.0906 2696 Sparrow - ok
11:48:56.0937 2696 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter E:\WINDOWS\system32\drivers\splitter.sys
11:48:56.0937 2696 splitter - ok
11:48:56.0968 2696 [ CB1090BCA0E7B40D0B5B4E4D66531809 ] Spooler E:\WINDOWS\system32\spoolsv.exe
11:48:56.0968 2696 Spooler - ok
11:48:56.0984 2696 [ 94610C8653635E4459316A0050D55CE7 ] sr E:\WINDOWS\system32\DRIVERS\sr.sys
11:48:56.0984 2696 sr - ok
11:48:57.0000 2696 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice E:\WINDOWS\System32\srsvc.dll
11:48:57.0000 2696 srservice - ok
11:48:57.0046 2696 [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP E:\WINDOWS\System32\Drivers\NAV\1403010.016\SRTSP.SYS
11:48:57.0078 2696 SRTSP - ok
11:48:57.0093 2696 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX E:\WINDOWS\system32\drivers\NAV\1403010.016\SRTSPX.SYS
11:48:57.0093 2696 SRTSPX - ok
11:48:57.0109 2696 [ 5252605079810904E31C332E241CD59B ] Srv E:\WINDOWS\system32\DRIVERS\srv.sys
11:48:57.0109 2696 Srv - ok
11:48:57.0125 2696 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV E:\WINDOWS\System32\ssdpsrv.dll
11:48:57.0125 2696 SSDPSRV - ok
11:48:57.0171 2696 [ CA22092117F4F8BA3700B4BF9962444A ] ssudmdm E:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:48:57.0171 2696 ssudmdm - ok
11:48:57.0187 2696 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc E:\WINDOWS\system32\wiaservc.dll
11:48:57.0203 2696 stisvc - ok
11:48:57.0234 2696 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip E:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:48:57.0234 2696 streamip - ok
11:48:57.0265 2696 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum E:\WINDOWS\system32\DRIVERS\swenum.sys
11:48:57.0265 2696 swenum - ok
11:48:57.0281 2696 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi E:\WINDOWS\system32\drivers\swmidi.sys
11:48:57.0281 2696 swmidi - ok
11:48:57.0281 2696 SwPrv - ok
11:48:57.0296 2696 symc810 - ok
11:48:57.0296 2696 symc8xx - ok
11:48:57.0328 2696 [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS E:\WINDOWS\system32\drivers\NAV\1403010.016\SYMDS.SYS
11:48:57.0343 2696 SymDS - ok
11:48:57.0406 2696 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA E:\WINDOWS\system32\drivers\NAV\1403010.016\SYMEFA.SYS
11:48:57.0437 2696 SymEFA - ok
11:48:57.0484 2696 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent E:\WINDOWS\system32\Drivers\SYMEVENT.SYS
11:48:57.0484 2696 SymEvent - ok
11:48:57.0515 2696 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON E:\WINDOWS\system32\drivers\NAV\1403010.016\Ironx86.SYS
11:48:57.0515 2696 SymIRON - ok
11:48:57.0531 2696 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI E:\WINDOWS\System32\Drivers\NAV\1403010.016\SYMTDI.SYS
11:48:57.0546 2696 SYMTDI - ok
11:48:57.0546 2696 sym_hi - ok
11:48:57.0562 2696 sym_u3 - ok
11:48:57.0562 2696 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio E:\WINDOWS\system32\drivers\sysaudio.sys
11:48:57.0562 2696 sysaudio - ok
11:48:57.0593 2696 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog E:\WINDOWS\system32\smlogsvc.exe
11:48:57.0593 2696 SysmonLog - ok
11:48:57.0640 2696 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv E:\WINDOWS\System32\tapisrv.dll
11:48:57.0656 2696 TapiSrv - ok
11:48:57.0687 2696 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip E:\WINDOWS\system32\DRIVERS\tcpip.sys
11:48:57.0687 2696 Tcpip - ok
11:48:57.0718 2696 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE E:\WINDOWS\system32\drivers\TDPIPE.sys
11:48:57.0718 2696 TDPIPE - ok
11:48:57.0765 2696 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP E:\WINDOWS\system32\drivers\TDTCP.sys
11:48:57.0765 2696 TDTCP - ok
11:48:57.0796 2696 [ 88155247177638048422893737429D9E ] TermDD E:\WINDOWS\system32\DRIVERS\termdd.sys
11:48:57.0796 2696 TermDD - ok
11:48:57.0812 2696 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService E:\WINDOWS\System32\termsrv.dll
11:48:57.0828 2696 TermService - ok
11:48:57.0859 2696 [ B927443008910B412BEC72FC41C1BAD0 ] Themes E:\WINDOWS\System32\shsvcs.dll
11:48:57.0859 2696 Themes - ok
11:48:57.0890 2696 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr E:\WINDOWS\System32\tlntsvr.exe
11:48:57.0906 2696 TlntSvr - ok
11:48:57.0906 2696 TosIde - ok
11:48:57.0921 2696 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks E:\WINDOWS\system32\trkwks.dll
11:48:57.0937 2696 TrkWks - ok
11:48:57.0953 2696 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs E:\WINDOWS\system32\drivers\Udfs.sys
11:48:57.0953 2696 Udfs - ok
11:48:57.0953 2696 ultra - ok
11:48:58.0000 2696 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update E:\WINDOWS\system32\DRIVERS\update.sys
11:48:58.0000 2696 Update - ok
11:48:58.0046 2696 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost E:\WINDOWS\System32\upnphost.dll
11:48:58.0062 2696 upnphost - ok
11:48:58.0078 2696 [ 20A0F6A11959E92908717D09E87D670D ] UPS E:\WINDOWS\System32\ups.exe
11:48:58.0078 2696 UPS - ok
11:48:58.0109 2696 [ CAAEF0A4B5AE343918AE6287D5A4843D ] UrlFilter E:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
11:48:58.0109 2696 UrlFilter - ok
11:48:58.0140 2696 [ E919708DB44ED8543A7C017953148330 ] usbaudio E:\WINDOWS\system32\drivers\usbaudio.sys
11:48:58.0140 2696 usbaudio - ok
11:48:58.0140 2696 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp E:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:48:58.0156 2696 usbccgp - ok
11:48:58.0171 2696 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci E:\WINDOWS\system32\DRIVERS\usbehci.sys
11:48:58.0171 2696 usbehci - ok
11:48:58.0171 2696 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub E:\WINDOWS\system32\DRIVERS\usbhub.sys
11:48:58.0187 2696 usbhub - ok
11:48:58.0187 2696 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci E:\WINDOWS\system32\DRIVERS\usbohci.sys
11:48:58.0187 2696 usbohci - ok
11:48:58.0218 2696 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan E:\WINDOWS\system32\DRIVERS\usbscan.sys
11:48:58.0218 2696 usbscan - ok
11:48:58.0234 2696 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:48:58.0234 2696 USBSTOR - ok
11:48:58.0265 2696 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave E:\WINDOWS\System32\drivers\vga.sys
11:48:58.0265 2696 VgaSave - ok
11:48:58.0265 2696 ViaIde - ok
11:48:58.0312 2696 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap E:\WINDOWS\system32\drivers\VolSnap.sys
11:48:58.0312 2696 VolSnap - ok
11:48:58.0328 2696 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS E:\WINDOWS\System32\vssvc.exe
11:48:58.0343 2696 VSS - ok
11:48:58.0375 2696 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time E:\WINDOWS\System32\w32time.dll
11:48:58.0390 2696 W32Time - ok
11:48:58.0406 2696 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp E:\WINDOWS\system32\DRIVERS\wanarp.sys
11:48:58.0406 2696 Wanarp - ok
11:48:58.0453 2696 [ EE8A9734B448836B0127C76066119E9C ] WCMVCAM E:\WINDOWS\system32\DRIVERS\wcmvcam.sys
11:48:58.0468 2696 WCMVCAM - ok
11:48:58.0468 2696 WDICA - ok
11:48:58.0484 2696 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud E:\WINDOWS\system32\drivers\wdmaud.sys
11:48:58.0500 2696 wdmaud - ok
11:48:58.0515 2696 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient E:\WINDOWS\System32\webclnt.dll
11:48:58.0531 2696 WebClient - ok
11:48:58.0562 2696 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt E:\WINDOWS\system32\wbem\WMIsvc.dll
11:48:58.0562 2696 winmgmt - ok
11:48:58.0609 2696 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN E:\WINDOWS\system32\MsPMSNSv.dll
11:48:58.0609 2696 WmdmPmSN - ok
11:48:58.0656 2696 [ 6538D6BDE04B56737FE743C24D4CE83D ] Wmi E:\WINDOWS\System32\advapi32.dll
11:48:58.0671 2696 Wmi - ok
11:48:58.0703 2696 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv E:\WINDOWS\System32\wbem\wmiapsrv.exe
11:48:58.0703 2696 WmiApSrv - ok
11:48:58.0734 2696 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb E:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:48:58.0734 2696 WpdUsb - ok
11:48:58.0828 2696 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:48:58.0843 2696 WPFFontCache_v0400 - ok
11:48:58.0890 2696 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc E:\WINDOWS\system32\wscsvc.dll
11:48:58.0890 2696 wscsvc - ok
11:48:58.0906 2696 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:48:58.0921 2696 WSTCODEC - ok
11:48:58.0937 2696 [ C1364564800EE9784192145324A23308 ] wuauserv E:\WINDOWS\system32\wuauserv.dll
11:48:58.0968 2696 wuauserv - ok
11:48:58.0984 2696 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf E:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:48:58.0984 2696 WudfPf - ok
11:48:59.0000 2696 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd E:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:48:59.0000 2696 WudfRd - ok
11:48:59.0015 2696 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc E:\WINDOWS\System32\WUDFSvc.dll
11:48:59.0031 2696 WudfSvc - ok
11:48:59.0062 2696 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC E:\WINDOWS\System32\wzcsvc.dll
11:48:59.0093 2696 WZCSVC - ok
11:48:59.0093 2696 XDva398 - ok
11:48:59.0125 2696 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov E:\WINDOWS\System32\xmlprov.dll
11:48:59.0140 2696 xmlprov - ok
11:48:59.0140 2696 ================ Scan global ===============================
11:48:59.0171 2696 [ F36278E42C8C5DF03CE17DAC8231C91C ] E:\WINDOWS\system32\basesrv.dll
11:48:59.0171 2696 [ 77A41C497ADB0C96D1E8DF6F71D843C0 ] E:\WINDOWS\system32\winsrv.dll
11:48:59.0203 2696 [ 77A41C497ADB0C96D1E8DF6F71D843C0 ] E:\WINDOWS\system32\winsrv.dll
11:48:59.0218 2696 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] E:\WINDOWS\system32\services.exe
11:48:59.0218 2696 [Global] - ok
11:48:59.0218 2696 ================ Scan MBR ==================================
11:48:59.0234 2696 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:48:59.0390 2696 \Device\Harddisk0\DR0 - ok
11:48:59.0390 2696 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
11:48:59.0531 2696 \Device\Harddisk1\DR1 - ok
11:48:59.0531 2696 ================ Scan VBR ==================================
11:48:59.0546 2696 [ E8B7C8C6058D0CBEC3A017E850E0C0DB ] \Device\Harddisk0\DR0\Partition1
11:48:59.0546 2696 \Device\Harddisk0\DR0\Partition1 - ok
11:48:59.0562 2696 [ D28807F99416C0AE5E9921C1B6DB046E ] \Device\Harddisk0\DR0\Partition2
11:48:59.0562 2696 \Device\Harddisk0\DR0\Partition2 - ok
11:48:59.0562 2696 [ CBBF708802725A368E1437F7FB75CD7B ] \Device\Harddisk1\DR1\Partition1
11:48:59.0562 2696 \Device\Harddisk1\DR1\Partition1 - ok
11:48:59.0578 2696 [ 364A0AC5922426A5DA4B45ECF7600A1D ] \Device\Harddisk1\DR1\Partition2
11:48:59.0578 2696 \Device\Harddisk1\DR1\Partition2 - ok
11:48:59.0578 2696 ============================================================
11:48:59.0578 2696 Scan finished
11:48:59.0578 2696 ============================================================
11:48:59.0593 2232 Detected object count: 0
11:48:59.0593 2232 Actual detected object count: 0
11:49:42.0093 3308 Deinitialize success

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.