Prosím o kontrolu logu Vyřešeno

[poison]

Prosím o kontrolu logu, občasná nefunkčnost myši. Děkuju

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:00, on 15.6.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\soundman.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\pocitac3\Plocha\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5088 bytes

[Reklama]

[Žbeky]

Myš jinde funguje OK? Případně jiná myš taky nefunguje?

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[poison]

Všechny zkoušené myši chodili v jiném PC bez potíží v tomto PC ne nebo po několika sekundách. S poslední zkoušenou myší zatím v pořádku.

Log MBAM:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.06.18.04

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
pocitac3 :: DOMA [administrátor]

Ochrana: Zakázána

18.6.2013 16:47:50
mbam-log-2013-06-18 (16-47-50).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 209681
Uplynulý čas: 4 minut, 20 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)


Log ADWC:
# AdwCleaner v2.303 - Log vytvooen 18/06/2013 v 16:53:22
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 2 (32 bits)
# Uživatel : pocitac3 - DOMA
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\pocitac3\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****


***** [Registry] *****


***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Documents and Settings\pocitac3\Data aplikací\Mozilla\Firefox\Profiles\wdtvu4hc.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v27.0.1453.110

Soubor : C:\Documents and Settings\pocitac3\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [900 octets] - [18/06/2013 16:53:22]

########## EOF - C:\AdwCleaner[R1].txt - [959 octets] ##########

[jaro3]

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Platform: Windows XP SP2
Doinstaluj si SP3

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[poison]

RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : pocitac3 [Práva správce]
Mód : Kontrola -- Datum : 07/08/2013 16:21:48
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] soundman.exe -- C:\WINDOWS\soundman.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD400BB-00DKA0 +++++
--- User ---
[MBR] 9cc46341c3dd72cfdc47e3a707917a8f
[BSP] b216291c92f379c4ea161d63e478de34 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38154 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_07082013_162148.txt >>


16:25:33.0203 3456 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:25:33.0468 3456 ============================================================
16:25:33.0468 3456 Current date / time: 2013/07/08 16:25:33.0468
16:25:33.0468 3456 SystemInfo:
16:25:33.0468 3456
16:25:33.0468 3456 OS Version: 5.1.2600 ServicePack: 2.0
16:25:33.0468 3456 Product type: Workstation
16:25:33.0468 3456 ComputerName: DOMA
16:25:33.0468 3456 UserName: pocitac3
16:25:33.0468 3456 Windows directory: C:\WINDOWS
16:25:33.0468 3456 System windows directory: C:\WINDOWS
16:25:33.0468 3456 Processor architecture: Intel x86
16:25:33.0468 3456 Number of processors: 1
16:25:33.0468 3456 Page size: 0x1000
16:25:33.0468 3456 Boot type: Normal boot
16:25:33.0468 3456 ============================================================
16:25:35.0671 3456 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:25:35.0687 3456 ============================================================
16:25:35.0687 3456 \Device\Harddisk0\DR0:
16:25:35.0687 3456 MBR partitions:
16:25:35.0687 3456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
16:25:35.0687 3456 ============================================================
16:25:35.0718 3456 C: <-> \Device\Harddisk0\DR0\Partition1
16:25:35.0718 3456 ============================================================
16:25:35.0718 3456 Initialize success
16:25:35.0718 3456 ============================================================
16:25:38.0796 3636 ============================================================
16:25:38.0796 3636 Scan started
16:25:38.0796 3636 Mode: Manual;
16:25:38.0796 3636 ============================================================
16:25:39.0734 3636 ================ Scan system memory ========================
16:25:39.0734 3636 System memory - ok
16:25:39.0750 3636 ================ Scan services =============================
16:25:39.0828 3636 Abiosdsk - ok
16:25:39.0843 3636 abp480n5 - ok
16:25:39.0890 3636 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:25:39.0890 3636 ACPI - ok
16:25:39.0937 3636 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:25:39.0937 3636 ACPIEC - ok
16:25:40.0000 3636 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:25:40.0015 3636 AdobeFlashPlayerUpdateSvc - ok
16:25:40.0031 3636 adpu160m - ok
16:25:40.0078 3636 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:25:40.0078 3636 aec - ok
16:25:40.0140 3636 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:25:40.0140 3636 AFD - ok
16:25:40.0187 3636 [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:25:40.0187 3636 agp440 - ok
16:25:40.0218 3636 Aha154x - ok
16:25:40.0234 3636 aic78u2 - ok
16:25:40.0250 3636 aic78xx - ok
16:25:40.0484 3636 [ DD8520280304B6145A6BE31008748C7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
16:25:40.0546 3636 ALCXWDM - ok
16:25:41.0015 3636 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:25:41.0015 3636 Alerter - ok
16:25:41.0046 3636 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
16:25:41.0062 3636 ALG - ok
16:25:41.0078 3636 AliIde - ok
16:25:41.0093 3636 amsint - ok
16:25:41.0140 3636 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:25:41.0140 3636 AppMgmt - ok
16:25:41.0156 3636 asc - ok
16:25:41.0171 3636 asc3350p - ok
16:25:41.0187 3636 asc3550 - ok
16:25:41.0218 3636 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:25:41.0218 3636 AsyncMac - ok
16:25:41.0265 3636 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:25:41.0265 3636 atapi - ok

[memphisto]

Log z TDDS není celý. Dodej zbytek a pak...

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

[poison]

16:25:33.0203 3456 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:25:33.0468 3456 ============================================================
16:25:33.0468 3456 Current date / time: 2013/07/08 16:25:33.0468
16:25:33.0468 3456 SystemInfo:
16:25:33.0468 3456
16:25:33.0468 3456 OS Version: 5.1.2600 ServicePack: 2.0
16:25:33.0468 3456 Product type: Workstation
16:25:33.0468 3456 ComputerName: DOMA
16:25:33.0468 3456 UserName: pocitac3
16:25:33.0468 3456 Windows directory: C:\WINDOWS
16:25:33.0468 3456 System windows directory: C:\WINDOWS
16:25:33.0468 3456 Processor architecture: Intel x86
16:25:33.0468 3456 Number of processors: 1
16:25:33.0468 3456 Page size: 0x1000
16:25:33.0468 3456 Boot type: Normal boot
16:25:33.0468 3456 ============================================================
16:25:35.0671 3456 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:25:35.0687 3456 ============================================================
16:25:35.0687 3456 \Device\Harddisk0\DR0:
16:25:35.0687 3456 MBR partitions:
16:25:35.0687 3456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
16:25:35.0687 3456 ============================================================
16:25:35.0718 3456 C: <-> \Device\Harddisk0\DR0\Partition1
16:25:35.0718 3456 ============================================================
16:25:35.0718 3456 Initialize success
16:25:35.0718 3456 ============================================================
16:25:38.0796 3636 ============================================================
16:25:38.0796 3636 Scan started
16:25:38.0796 3636 Mode: Manual;
16:25:38.0796 3636 ============================================================
16:25:39.0734 3636 ================ Scan system memory ========================
16:25:39.0734 3636 System memory - ok
16:25:39.0750 3636 ================ Scan services =============================
16:25:39.0828 3636 Abiosdsk - ok
16:25:39.0843 3636 abp480n5 - ok
16:25:39.0890 3636 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:25:39.0890 3636 ACPI - ok
16:25:39.0937 3636 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:25:39.0937 3636 ACPIEC - ok
16:25:40.0000 3636 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:25:40.0015 3636 AdobeFlashPlayerUpdateSvc - ok
16:25:40.0031 3636 adpu160m - ok
16:25:40.0078 3636 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:25:40.0078 3636 aec - ok
16:25:40.0140 3636 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:25:40.0140 3636 AFD - ok
16:25:40.0187 3636 [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:25:40.0187 3636 agp440 - ok
16:25:40.0218 3636 Aha154x - ok
16:25:40.0234 3636 aic78u2 - ok
16:25:40.0250 3636 aic78xx - ok
16:25:40.0484 3636 [ DD8520280304B6145A6BE31008748C7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
16:25:40.0546 3636 ALCXWDM - ok
16:25:41.0015 3636 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:25:41.0015 3636 Alerter - ok
16:25:41.0046 3636 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
16:25:41.0062 3636 ALG - ok
16:25:41.0078 3636 AliIde - ok
16:25:41.0093 3636 amsint - ok
16:25:41.0140 3636 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:25:41.0140 3636 AppMgmt - ok
16:25:41.0156 3636 asc - ok
16:25:41.0171 3636 asc3350p - ok
16:25:41.0187 3636 asc3550 - ok
16:25:41.0218 3636 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:25:41.0218 3636 AsyncMac - ok
16:25:41.0265 3636 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:25:41.0265 3636 atapi - ok
16:25:41.0281 3636 Atdisk - ok
16:25:41.0328 3636 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:25:41.0328 3636 Atmarpc - ok
16:25:41.0359 3636 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:25:41.0375 3636 AudioSrv - ok
16:25:41.0421 3636 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:25:41.0421 3636 audstub - ok
16:25:41.0468 3636 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:25:41.0468 3636 Beep - ok
16:25:41.0515 3636 [ BE5D50529799B9BAB6BE879EC768B6CF ] BIOS C:\WINDOWS\system32\drivers\BIOS.sys
16:25:41.0515 3636 BIOS - ok
16:25:41.0593 3636 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
16:25:41.0609 3636 BITS - ok
16:25:41.0671 3636 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
16:25:41.0671 3636 Browser - ok
16:25:41.0703 3636 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:25:41.0703 3636 cbidf2k - ok
16:25:41.0718 3636 cd20xrnt - ok
16:25:41.0765 3636 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:25:41.0765 3636 Cdaudio - ok
16:25:41.0796 3636 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:25:41.0796 3636 Cdfs - ok
16:25:41.0859 3636 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:25:41.0859 3636 Cdrom - ok
16:25:41.0875 3636 Changer - ok
16:25:41.0921 3636 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:25:41.0921 3636 CiSvc - ok
16:25:41.0968 3636 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:25:41.0968 3636 ClipSrv - ok
16:25:41.0968 3636 CmdIde - ok
16:25:42.0046 3636 [ 5A2004F687D4E55914E6E8898FB51C9D ] cmuda C:\WINDOWS\system32\drivers\cmuda.sys
16:25:42.0062 3636 cmuda - ok
16:25:42.0093 3636 COMSysApp - ok
16:25:42.0125 3636 Cpqarray - ok
16:25:42.0171 3636 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:25:42.0171 3636 CryptSvc - ok
16:25:42.0187 3636 dac2w2k - ok
16:25:42.0203 3636 dac960nt - ok
16:25:42.0250 3636 [ C72C15EE57E248C66E57C76CAB086CF2 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:25:42.0265 3636 DcomLaunch - ok
16:25:42.0296 3636 [ 562830EFB7CF367FB773FEA5256E67C8 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:25:42.0296 3636 Dhcp - ok
16:25:42.0343 3636 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:25:42.0343 3636 Disk - ok
16:25:42.0359 3636 dmadmin - ok
16:25:42.0421 3636 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:25:42.0437 3636 dmboot - ok
16:25:42.0468 3636 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:25:42.0484 3636 dmio - ok
16:25:42.0515 3636 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:25:42.0515 3636 dmload - ok
16:25:42.0546 3636 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:25:42.0546 3636 dmserver - ok
16:25:42.0593 3636 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:25:42.0593 3636 DMusic - ok
16:25:42.0640 3636 [ F605B3F5674D67587C4B6C9E92A3E025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:25:42.0656 3636 Dnscache - ok
16:25:42.0671 3636 dpti2o - ok
16:25:42.0687 3636 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:25:42.0687 3636 drmkaud - ok
16:25:42.0734 3636 [ 14EA0C26137744636EB25B3FF1F2B02E ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
16:25:42.0734 3636 eamon - ok
16:25:42.0796 3636 [ 366369746D1818FDD8589D1F2C8A6D03 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
16:25:42.0796 3636 ehdrv - ok
16:25:42.0937 3636 [ 7FE34FD5652C54BDA8D2DF8AC92E833A ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
16:25:42.0953 3636 ekrn - ok
16:25:42.0984 3636 [ 5F08103444A1B5B2A38EAB729DE0A1A3 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
16:25:43.0000 3636 epfw - ok
16:25:43.0031 3636 [ 03C6C226BC364D23682A8A5AE136F038 ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
16:25:43.0031 3636 Epfwndis - ok
16:25:43.0062 3636 [ FEDBE43C34EF0D4CB249C22964B0E17D ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
16:25:43.0062 3636 epfwtdi - ok
16:25:43.0109 3636 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:25:43.0109 3636 ERSvc - ok
16:25:43.0187 3636 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] Eventlog C:\WINDOWS\system32\services.exe
16:25:43.0187 3636 Eventlog - ok
16:25:43.0218 3636 [ 972378B907070F64932A87C90A035487 ] EventSystem C:\WINDOWS\system32\es.dll
16:25:43.0218 3636 EventSystem - ok
16:25:43.0265 3636 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:25:43.0281 3636 Fastfat - ok
16:25:43.0328 3636 [ 8BA76BD2A943F642F267A296A15776D2 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:25:43.0343 3636 FastUserSwitchingCompatibility - ok
16:25:43.0375 3636 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:25:43.0375 3636 Fdc - ok
16:25:43.0421 3636 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:25:43.0421 3636 Fips - ok
16:25:43.0453 3636 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:25:43.0453 3636 Flpydisk - ok
16:25:43.0500 3636 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:25:43.0500 3636 FltMgr - ok
16:25:43.0515 3636 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:25:43.0515 3636 Fs_Rec - ok
16:25:43.0546 3636 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:25:43.0546 3636 Ftdisk - ok
16:25:43.0593 3636 [ 5F92FD09E5610A5995DA7D775EADCD12 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
16:25:43.0593 3636 gameenum - ok
16:25:43.0640 3636 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:25:43.0640 3636 Gpc - ok
16:25:43.0703 3636 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:25:43.0718 3636 gupdate - ok
16:25:43.0718 3636 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:25:43.0734 3636 gupdatem - ok
16:25:43.0781 3636 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:25:43.0796 3636 gusvc - ok
16:25:43.0890 3636 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:25:43.0890 3636 helpsvc - ok
16:25:43.0906 3636 HidServ - ok
16:25:43.0968 3636 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:25:43.0968 3636 HidUsb - ok
16:25:43.0968 3636 hpn - ok
16:25:44.0031 3636 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:25:44.0031 3636 HTTP - ok
16:25:44.0062 3636 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:25:44.0078 3636 HTTPFilter - ok
16:25:44.0093 3636 i2omgmt - ok
16:25:44.0109 3636 i2omp - ok
16:25:44.0156 3636 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:25:44.0156 3636 i8042prt - ok
16:25:44.0203 3636 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:25:44.0203 3636 Imapi - ok
16:25:44.0250 3636 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:25:44.0265 3636 ImapiService - ok
16:25:44.0281 3636 ini910u - ok
16:25:44.0343 3636 [ EF4FDA4841001A4B98C411797DB8894A ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
16:25:44.0343 3636 IntelIde - ok
16:25:44.0390 3636 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:25:44.0390 3636 intelppm - ok
16:25:44.0421 3636 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:25:44.0421 3636 Ip6Fw - ok
16:25:44.0484 3636 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:25:44.0484 3636 IpFilterDriver - ok
16:25:44.0515 3636 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:25:44.0515 3636 IpInIp - ok
16:25:44.0546 3636 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:25:44.0546 3636 IpNat - ok
16:25:44.0609 3636 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:25:44.0609 3636 IPSec - ok
16:25:44.0640 3636 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:25:44.0640 3636 IRENUM - ok
16:25:44.0687 3636 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:25:44.0687 3636 isapnp - ok
16:25:44.0734 3636 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:25:44.0734 3636 Kbdclass - ok
16:25:44.0781 3636 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:25:44.0781 3636 kmixer - ok
16:25:44.0812 3636 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:25:44.0812 3636 KSecDD - ok
16:25:44.0843 3636 [ 6D6BDD68B775986577C48A8DF961A05C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
16:25:44.0859 3636 lanmanserver - ok
16:25:44.0890 3636 [ 69B0569AAE33F0D5057CA0E8577AAF07 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:25:44.0906 3636 lanmanworkstation - ok
16:25:44.0921 3636 lbrtfdc - ok
16:25:44.0968 3636 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:25:44.0968 3636 LmHosts - ok
16:25:45.0015 3636 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:25:45.0015 3636 Messenger - ok
16:25:45.0062 3636 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:25:45.0062 3636 mnmdd - ok
16:25:45.0109 3636 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:25:45.0125 3636 mnmsrvc - ok
16:25:45.0140 3636 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:25:45.0140 3636 Modem - ok
16:25:45.0187 3636 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:25:45.0187 3636 Mouclass - ok
16:25:45.0203 3636 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:25:45.0203 3636 MountMgr - ok
16:25:45.0250 3636 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:25:45.0250 3636 MozillaMaintenance - ok
16:25:45.0281 3636 mraid35x - ok
16:25:45.0296 3636 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:25:45.0296 3636 MRxDAV - ok
16:25:45.0375 3636 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:25:45.0390 3636 MRxSmb - ok
16:25:45.0437 3636 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:25:45.0437 3636 MSDTC - ok
16:25:45.0484 3636 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:25:45.0484 3636 Msfs - ok
16:25:45.0500 3636 MSIServer - ok
16:25:45.0531 3636 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:25:45.0531 3636 MSKSSRV - ok
16:25:45.0562 3636 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:25:45.0562 3636 MSPCLOCK - ok
16:25:45.0578 3636 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:25:45.0578 3636 MSPQM - ok
16:25:45.0640 3636 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:25:45.0640 3636 mssmbios - ok
16:25:45.0671 3636 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
16:25:45.0687 3636 ms_mpu401 - ok
16:25:45.0718 3636 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:25:45.0718 3636 Mup - ok
16:25:45.0734 3636 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:25:45.0750 3636 NDIS - ok
16:25:45.0781 3636 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:25:45.0781 3636 NdisTapi - ok
16:25:45.0812 3636 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:25:45.0828 3636 Ndisuio - ok
16:25:45.0843 3636 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:25:45.0859 3636 NdisWan - ok
16:25:45.0890 3636 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:25:45.0906 3636 NDProxy - ok
16:25:45.0921 3636 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:25:45.0921 3636 NetBIOS - ok
16:25:45.0953 3636 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:25:45.0953 3636 NetBT - ok
16:25:46.0000 3636 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
16:25:46.0000 3636 NetDDE - ok
16:25:46.0015 3636 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:25:46.0031 3636 NetDDEdsdm - ok
16:25:46.0062 3636 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:25:46.0062 3636 Netlogon - ok
16:25:46.0093 3636 [ AF342D2781225A8769686E0D47E3123E ] Netman C:\WINDOWS\System32\netman.dll
16:25:46.0109 3636 Netman - ok
16:25:46.0156 3636 [ 64C078BD4EFD441C3F159EDC5EA4420A ] Nla C:\WINDOWS\System32\mswsock.dll
16:25:46.0156 3636 Nla - ok
16:25:46.0187 3636 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:25:46.0187 3636 Npfs - ok
16:25:46.0265 3636 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:25:46.0265 3636 Ntfs - ok
16:25:46.0296 3636 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:25:46.0296 3636 NtLmSsp - ok
16:25:46.0375 3636 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:25:46.0406 3636 NtmsSvc - ok
16:25:46.0437 3636 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:25:46.0437 3636 Null - ok
16:25:46.0625 3636 [ C82F94077E2497E6685DA208E2F75B43 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:25:46.0671 3636 nv - ok
16:25:46.0703 3636 [ 948C21C77FAD271CC6F851FC46029DD4 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
16:25:46.0718 3636 NVSvc - ok
16:25:46.0765 3636 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:25:46.0765 3636 NwlnkFlt - ok
16:25:46.0781 3636 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:25:46.0781 3636 NwlnkFwd - ok
16:25:46.0890 3636 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:25:46.0921 3636 odserv - ok
16:25:46.0984 3636 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:25:46.0984 3636 ose - ok
16:25:47.0031 3636 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:25:47.0031 3636 Parport - ok
16:25:47.0046 3636 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:25:47.0062 3636 PartMgr - ok
16:25:47.0093 3636 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:25:47.0093 3636 ParVdm - ok
16:25:47.0125 3636 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:25:47.0125 3636 PCI - ok
16:25:47.0156 3636 PCIDump - ok
16:25:47.0171 3636 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:25:47.0171 3636 PCIIde - ok
16:25:47.0218 3636 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:25:47.0234 3636 Pcmcia - ok
16:25:47.0250 3636 PDCOMP - ok
16:25:47.0265 3636 PDFRAME - ok
16:25:47.0281 3636 PDRELI - ok
16:25:47.0296 3636 PDRFRAME - ok
16:25:47.0312 3636 perc2 - ok
16:25:47.0343 3636 perc2hib - ok
16:25:47.0406 3636 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] PlugPlay C:\WINDOWS\system32\services.exe
16:25:47.0421 3636 PlugPlay - ok
16:25:47.0437 3636 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:25:47.0437 3636 PolicyAgent - ok
16:25:47.0468 3636 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:25:47.0468 3636 PptpMiniport - ok
16:25:47.0484 3636 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:25:47.0484 3636 ProtectedStorage - ok
16:25:47.0500 3636 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:25:47.0515 3636 PSched - ok
16:25:47.0531 3636 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:25:47.0531 3636 Ptilink - ok
16:25:47.0546 3636 ql1080 - ok
16:25:47.0562 3636 Ql10wnt - ok
16:25:47.0578 3636 ql12160 - ok
16:25:47.0593 3636 ql1240 - ok
16:25:47.0609 3636 ql1280 - ok
16:25:47.0625 3636 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:25:47.0625 3636 RasAcd - ok
16:25:47.0656 3636 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:25:47.0656 3636 RasAuto - ok
16:25:47.0687 3636 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:25:47.0687 3636 Rasl2tp - ok
16:25:47.0734 3636 [ 6E519D777C91E90592403C9F981FDF03 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:25:47.0734 3636 RasMan - ok
16:25:47.0765 3636 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:25:47.0765 3636 RasPppoe - ok
16:25:47.0781 3636 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:25:47.0781 3636 Raspti - ok
16:25:47.0812 3636 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:25:47.0812 3636 Rdbss - ok
16:25:47.0859 3636 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:25:47.0859 3636 RDPCDD - ok
16:25:47.0921 3636 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:25:47.0921 3636 rdpdr - ok
16:25:47.0984 3636 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:25:47.0984 3636 RDPWD - ok
16:25:48.0031 3636 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:25:48.0031 3636 RDSessMgr - ok
16:25:48.0078 3636 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:25:48.0078 3636 redbook - ok
16:25:48.0125 3636 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:25:48.0125 3636 RemoteAccess - ok
16:25:48.0171 3636 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:25:48.0171 3636 RemoteRegistry - ok
16:25:48.0218 3636 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
16:25:48.0234 3636 RpcLocator - ok
16:25:48.0296 3636 [ C72C15EE57E248C66E57C76CAB086CF2 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:25:48.0296 3636 RpcSs - ok
16:25:48.0343 3636 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:25:48.0343 3636 RSVP - ok
16:25:48.0375 3636 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
16:25:48.0375 3636 rtl8139 - ok
16:25:48.0406 3636 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
16:25:48.0406 3636 SamSs - ok
16:25:48.0468 3636 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:25:48.0484 3636 SCardSvr - ok
16:25:48.0531 3636 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:25:48.0546 3636 Schedule - ok
16:25:48.0578 3636 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:25:48.0578 3636 Secdrv - ok
16:25:48.0625 3636 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:25:48.0640 3636 seclogon - ok
16:25:48.0656 3636 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
16:25:48.0671 3636 SENS - ok
16:25:48.0687 3636 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:25:48.0703 3636 serenum - ok
16:25:48.0734 3636 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:25:48.0734 3636 Serial - ok
16:25:48.0750 3636 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:25:48.0750 3636 Sfloppy - ok
16:25:48.0812 3636 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:25:48.0812 3636 SharedAccess - ok
16:25:49.0062 3636 [ 8BA76BD2A943F642F267A296A15776D2 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:25:49.0078 3636 ShellHWDetection - ok
16:25:49.0093 3636 Simbad - ok
16:25:49.0109 3636 Sparrow - ok
16:25:49.0140 3636 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:25:49.0140 3636 splitter - ok
16:25:49.0187 3636 [ 21B6FAA88044A41640E03EBB68BE93E8 ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:25:49.0203 3636 Spooler - ok
16:25:49.0250 3636 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:25:49.0250 3636 sr - ok
16:25:49.0281 3636 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
16:25:49.0281 3636 srservice - ok
16:25:49.0312 3636 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:25:49.0328 3636 Srv - ok
16:25:49.0375 3636 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:25:49.0390 3636 SSDPSRV - ok
16:25:49.0453 3636 [ 0645CCDDDD27F96EEA3534C1DEF736D9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:25:49.0453 3636 stisvc - ok
16:25:49.0500 3636 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:25:49.0500 3636 swenum - ok
16:25:49.0531 3636 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:25:49.0531 3636 swmidi - ok
16:25:49.0546 3636 SwPrv - ok
16:25:49.0578 3636 symc810 - ok
16:25:49.0593 3636 symc8xx - ok
16:25:49.0609 3636 sym_hi - ok
16:25:49.0625 3636 sym_u3 - ok
16:25:49.0656 3636 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:25:49.0656 3636 sysaudio - ok
16:25:49.0703 3636 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:25:49.0718 3636 SysmonLog - ok
16:25:49.0750 3636 [ 37162D29CD61519E6F5EA0DE99786FF6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:25:49.0765 3636 TapiSrv - ok
16:25:49.0796 3636 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:25:49.0812 3636 Tcpip - ok
16:25:49.0843 3636 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:25:49.0843 3636 TDPIPE - ok
16:25:49.0890 3636 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:25:49.0890 3636 TDTCP - ok
16:25:49.0937 3636 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:25:49.0937 3636 TermDD - ok
16:25:49.0984 3636 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
16:25:50.0000 3636 TermService - ok
16:25:50.0031 3636 [ 8BA76BD2A943F642F267A296A15776D2 ] Themes C:\WINDOWS\System32\shsvcs.dll
16:25:50.0031 3636 Themes - ok
16:25:50.0062 3636 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:25:50.0078 3636 TlntSvr - ok
16:25:50.0093 3636 TosIde - ok
16:25:50.0109 3636 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:25:50.0125 3636 TrkWks - ok
16:25:50.0171 3636 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:25:50.0171 3636 Udfs - ok
16:25:50.0203 3636 ultra - ok
16:25:50.0265 3636 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:25:50.0265 3636 Update - ok
16:25:50.0312 3636 [ 984FC1518B0D5B31D76F0E63608E0500 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:25:50.0312 3636 upnphost - ok
16:25:50.0359 3636 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
16:25:50.0359 3636 UPS - ok
16:25:50.0406 3636 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:25:50.0406 3636 usbehci - ok
16:25:50.0421 3636 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:25:50.0437 3636 usbhub - ok
16:25:50.0484 3636 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:25:50.0484 3636 USBSTOR - ok
16:25:50.0546 3636 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:25:50.0546 3636 usbuhci - ok
16:25:50.0578 3636 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:25:50.0578 3636 VgaSave - ok
16:25:50.0593 3636 ViaIde - ok
16:25:50.0640 3636 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:25:50.0640 3636 VolSnap - ok
16:25:50.0703 3636 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
16:25:50.0718 3636 VSS - ok
16:25:50.0781 3636 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
16:25:50.0781 3636 W32Time - ok
16:25:50.0828 3636 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:25:50.0828 3636 Wanarp - ok
16:25:50.0843 3636 WDICA - ok
16:25:50.0875 3636 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:25:50.0890 3636 wdmaud - ok
16:25:50.0906 3636 [ 3791ADF1D3466AC6B4B662D3F79CBFEC ] WebClient C:\WINDOWS\System32\webclnt.dll
16:25:50.0921 3636 WebClient - ok
16:25:51.0000 3636 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:25:51.0000 3636 winmgmt - ok
16:25:51.0078 3636 [ E02E913B3841717A890A644EE167B9A5 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
16:25:51.0078 3636 WmdmPmSN - ok
16:25:51.0140 3636 [ 0CDC4A0C6B820FAD99FB4CA74CD0C476 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:25:51.0156 3636 Wmi - ok
16:25:51.0218 3636 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:25:51.0234 3636 WmiApSrv - ok
16:25:51.0281 3636 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:25:51.0296 3636 wscsvc - ok
16:25:51.0312 3636 WSearch - ok
16:25:51.0359 3636 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:25:51.0375 3636 wuauserv - ok
16:25:51.0421 3636 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:25:51.0421 3636 WZCSVC - ok
16:25:51.0468 3636 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:25:51.0468 3636 xmlprov - ok
16:25:51.0484 3636 ================ Scan global ===============================
16:25:51.0531 3636 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
16:25:51.0546 3636 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
16:25:51.0578 3636 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
16:25:51.0609 3636 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] C:\WINDOWS\system32\services.exe
16:25:51.0609 3636 [Global] - ok
16:25:51.0609 3636 ================ Scan MBR ==================================
16:25:51.0640 3636 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
16:25:51.0843 3636 \Device\Harddisk0\DR0 - ok
16:25:51.0859 3636 ================ Scan VBR ==================================
16:25:51.0859 3636 [ AB0DC3C5FDF78D68B22BE82489BF1133 ] \Device\Harddisk0\DR0\Partition1
16:25:51.0875 3636 \Device\Harddisk0\DR0\Partition1 - ok
16:25:51.0875 3636 ============================================================
16:25:51.0875 3636 Scan finished
16:25:51.0875 3636 ============================================================
16:25:51.0906 3652 Detected object count: 0
16:25:51.0906 3652 Actual detected object count: 0
16:30:12.0203 3432 Deinitialize success

[poison]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.2 (07.09.2013:1)
OS: Microsoft Windows XP x86
Ran by pocitac3 on Łt 09.07.2013 at 16:53:11,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 09.07.2013 at 16:59:47,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[poison]

RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : pocitac3 [Práva správce]
Mód : Odebrat -- Datum : 07/09/2013 17:06:49
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] soundman.exe -- C:\WINDOWS\soundman.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD400BB-00DKA0 +++++
--- User ---
[MBR] 9cc46341c3dd72cfdc47e3a707917a8f
[BSP] b216291c92f379c4ea161d63e478de34 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38154 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07092013_170649.txt >>
RKreport[0]_S_07092013_170611.txt

[memphisto]

Jak je na tom PC?

+ nový log HJT

[poison]

PC v pořádku, myška funguje zatím bez potíží.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:25:32, on 10.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\soundman.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\pocitac3\Plocha\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4639 bytes

[memphisto]

HJT je rovněž ok, takže jestli nejsou problémy, tak poprosím zelenou fajku

Možná bych ještě odinstaloval Google Toolbar