kontrola logu - pomalé otváranie aplikacii a spomalený pc

[Márty84]

Teoreticky by ho mel rkill vypnout, nebo to aspon zkusit, ale radeji ho vypnete. Vlastne oba, pac podle ComboFixu tam stale mate jak ESET, tak MSE

[AndreaP]

A mám problém, rikl som stiahla z prvého odkazu, všetko prebehlo, uložila som log z riklu a uz mi zostala len obrazovka. Bez ikon. Takze druhy odkaz na stiahnutie som uz nestiahla

[AndreaP]

Roguekiller. Exe teda nemám, mám to restartnut?

[Márty84]

Tak to restartujte a pokracujte Roguekillerem

[AndreaP]

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Normálny režim
Užívateľ: Andrea [Práva Správcu]
Režim: Kontrola -- Dátum: 08/13/2012 21:26:16

¤¤¤ Škodlivé procesy: 8 ¤¤¤
[SUSP PATH] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.dll -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll -> UNLOADED
[SUSP PATH] codecmngr.dll -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll -> UNLOADED
[SUSP PATH] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]

¤¤¤ Záznamy Registrov: 1 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač: [NAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600JS-55MHB1 +++++
--- User ---
[MBR] a83bf45dc9ee56da448649164e4830fb
[BSP] 3f59e787b76f687974cb304693008996 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 131061 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1].txt >>
RKreport[1].txt

[AndreaP]

Rkill 2.0.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/13/2012 08:54:00 PM in x86 mode.
Windows Version: Windows XP

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.com "@" has been changed to ComFile!
* HKLM\Software\Classes\.com "@"was reset to comfile!


Performing miscellaneous checks.

* No issues found.

Restarting Explorer.exe in order to apply changes.

Program finished at: 08/13/2012 08:54:35 PM
Execution time: 0 hours(s), 0 minute(s), and 34 seconds(s)

[AndreaP]

no dúfam že som všetko spravila dobre

[Márty84]

Znovu spustte RogueKiller (pokud jste ho jeste nezavrela, pokracujte rovnou kliknutim na Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi kratky test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[AndreaP]

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Normálny režim
Užívateľ: Andrea [Práva Správcu]
Režim: Odebrať -- Dátum: 08/13/2012 21:42:59

¤¤¤ Škodlivé procesy: 17 ¤¤¤
[SUSP PATH] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.dll -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll -> UNLOADED
[SUSP PATH] codecmngr.dll -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll -> UNLOADED
[SUSP PATH] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.dll -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll -> UNLOADED
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.dll -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll -> UNLOADED
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[RESIDUE] codecmngr.exe -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -> KILLED [TermProc]
[SUSP PATH] codecmngr.dll -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll -> UNLOADED

¤¤¤ Záznamy Registrov: 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač: [NAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600JS-55MHB1 +++++
--- User ---
[MBR] a83bf45dc9ee56da448649164e4830fb
[BSP] 3f59e787b76f687974cb304693008996 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 131061 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

[Márty84]

Postupujte podle navodu od kolegy vyoska

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[AndreaP]

21:50:31.0640 3804 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:50:31.0843 3804 ============================================================
21:50:31.0843 3804 Current date / time: 2012/08/13 21:50:31.0843
21:50:31.0843 3804 SystemInfo:
21:50:31.0843 3804
21:50:31.0843 3804 OS Version: 5.1.2600 ServicePack: 3.0
21:50:31.0843 3804 Product type: Workstation
21:50:31.0843 3804 ComputerName: AP-80NVCGATWOLV
21:50:31.0843 3804 UserName: Andrea
21:50:31.0843 3804 Windows directory: C:\WINDOWS
21:50:31.0843 3804 System windows directory: C:\WINDOWS
21:50:31.0843 3804 Processor architecture: Intel x86
21:50:31.0843 3804 Number of processors: 2
21:50:31.0843 3804 Page size: 0x1000
21:50:31.0843 3804 Boot type: Normal boot
21:50:31.0843 3804 ============================================================
21:50:33.0625 3804 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:50:33.0625 3804 ============================================================
21:50:33.0625 3804 \Device\Harddisk0\DR0:
21:50:33.0625 3804 MBR partitions:
21:50:33.0625 3804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05
21:50:33.0625 3804 ============================================================
21:50:33.0671 3804 C: <-> \Device\Harddisk0\DR0\Partition0
21:50:33.0703 3804 ============================================================
21:50:33.0703 3804 Initialize success
21:50:33.0703 3804 ============================================================
21:51:12.0343 1432 ============================================================
21:51:12.0343 1432 Scan started
21:51:12.0343 1432 Mode: Manual; SigCheck; TDLFS;
21:51:12.0343 1432 ============================================================
21:51:12.0609 1432 Abiosdsk - ok
21:51:12.0625 1432 abp480n5 - ok
21:51:12.0687 1432 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:51:16.0250 1432 ACPI - ok
21:51:16.0281 1432 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:51:16.0515 1432 ACPIEC - ok
21:51:16.0515 1432 adpu160m - ok
21:51:16.0546 1432 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:51:16.0734 1432 aec - ok
21:51:16.0796 1432 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:51:16.0875 1432 AFD - ok
21:51:16.0890 1432 Aha154x - ok
21:51:16.0890 1432 aic78u2 - ok
21:51:16.0906 1432 aic78xx - ok
21:51:16.0937 1432 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
21:51:17.0109 1432 Alerter - ok
21:51:17.0140 1432 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
21:51:17.0343 1432 ALG - ok
21:51:17.0343 1432 AliIde - ok
21:51:17.0359 1432 amsint - ok
21:51:17.0421 1432 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
21:51:17.0906 1432 androidusb - ok
21:51:17.0937 1432 Angelnt (4a8cb8fea9dcb6f93017f413e2646001) C:\WINDOWS\System32\Drivers\ANGELNT.SYS
21:51:17.0953 1432 Angelnt ( UnsignedFile.Multi.Generic ) - warning
21:51:17.0953 1432 Angelnt - detected UnsignedFile.Multi.Generic (1)
21:51:18.0000 1432 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
21:51:18.0234 1432 AppMgmt - ok
21:51:18.0250 1432 asc - ok
21:51:18.0265 1432 asc3350p - ok
21:51:18.0265 1432 asc3550 - ok
21:51:18.0406 1432 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:51:18.0437 1432 aspnet_state - ok
21:51:18.0484 1432 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:51:18.0656 1432 AsyncMac - ok
21:51:18.0671 1432 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:51:18.0843 1432 atapi - ok
21:51:18.0843 1432 Atdisk - ok
21:51:18.0921 1432 Ati HotKey Poller (956dc0b34bc040e191d4016e6a9a7364) C:\WINDOWS\system32\Ati2evxx.exe
21:51:19.0093 1432 Ati HotKey Poller - ok
21:51:19.0234 1432 ati2mtag (400299684f30d5c29b79eaaf3b5ff6c6) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:51:19.0359 1432 ati2mtag - ok
21:51:19.0531 1432 atksgt (3c4b9850a2631c2263507400d029057b) C:\WINDOWS\system32\DRIVERS\atksgt.sys
21:51:19.0593 1432 atksgt - ok
21:51:19.0656 1432 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:51:19.0812 1432 Atmarpc - ok
21:51:19.0875 1432 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
21:51:20.0031 1432 AudioSrv - ok
21:51:20.0078 1432 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:51:20.0234 1432 audstub - ok
21:51:20.0281 1432 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:51:20.0437 1432 Beep - ok
21:51:20.0515 1432 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
21:51:20.0750 1432 BITS - ok
21:51:20.0796 1432 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
21:51:20.0968 1432 Browser - ok
21:51:21.0125 1432 catchme - ok
21:51:21.0171 1432 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:51:21.0343 1432 cbidf2k - ok
21:51:21.0359 1432 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:51:21.0515 1432 CCDECODE - ok
21:51:21.0515 1432 cd20xrnt - ok
21:51:21.0546 1432 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:51:21.0718 1432 Cdaudio - ok
21:51:21.0781 1432 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:51:21.0937 1432 Cdfs - ok
21:51:21.0968 1432 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:51:22.0140 1432 Cdrom - ok
21:51:22.0140 1432 Changer - ok
21:51:22.0187 1432 cisvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
21:51:22.0375 1432 cisvc - ok
21:51:22.0421 1432 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
21:51:22.0578 1432 ClipSrv - ok
21:51:22.0718 1432 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:51:22.0750 1432 clr_optimization_v2.0.50727_32 - ok
21:51:22.0750 1432 CmdIde - ok
21:51:23.0046 1432 Codecs Pack (2094792fa621c5c84bd2e3281eb2c537) C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe
21:51:23.0187 1432 Codecs Pack - ok
21:51:23.0359 1432 COMSysApp - ok
21:51:23.0375 1432 Cpqarray - ok
21:51:23.0421 1432 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
21:51:23.0593 1432 CryptSvc - ok
21:51:23.0593 1432 dac2w2k - ok
21:51:23.0609 1432 dac960nt - ok
21:51:23.0656 1432 DCamUSBSQTECH (100ff3d9e16afb3163bd6f9aaaab7c55) C:\WINDOWS\system32\Drivers\SQcaptur.sys
21:51:23.0703 1432 DCamUSBSQTECH ( UnsignedFile.Multi.Generic ) - warning
21:51:23.0703 1432 DCamUSBSQTECH - detected UnsignedFile.Multi.Generic (1)
21:51:23.0781 1432 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
21:51:23.0984 1432 DcomLaunch - ok
21:51:24.0031 1432 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
21:51:24.0046 1432 dgderdrv - ok
21:51:24.0109 1432 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
21:51:24.0265 1432 Dhcp - ok
21:51:24.0328 1432 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:51:24.0515 1432 Disk - ok
21:51:24.0531 1432 dmadmin - ok
21:51:24.0593 1432 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:51:24.0796 1432 dmboot - ok
21:51:24.0812 1432 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:51:25.0000 1432 dmio - ok
21:51:25.0046 1432 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:51:25.0218 1432 dmload - ok
21:51:25.0250 1432 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
21:51:25.0406 1432 dmserver - ok
21:51:25.0453 1432 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:51:25.0609 1432 DMusic - ok
21:51:25.0671 1432 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
21:51:25.0796 1432 Dnscache - ok
21:51:25.0843 1432 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
21:51:26.0015 1432 Dot3svc - ok
21:51:26.0015 1432 dpti2o - ok
21:51:26.0046 1432 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:51:26.0203 1432 drmkaud - ok
21:51:26.0281 1432 eamon (8c2b6bbc82ad12cd9a2e73e5dcbba705) C:\WINDOWS\system32\DRIVERS\eamon.sys
21:51:26.0828 1432 eamon - ok
21:51:26.0875 1432 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
21:51:27.0062 1432 EapHost - ok
21:51:27.0125 1432 ehdrv (5412ed24fffca64e2f0168399b86c952) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
21:51:27.0156 1432 ehdrv - ok
21:51:27.0406 1432 ekrn (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
21:51:27.0468 1432 ekrn - ok
21:51:27.0531 1432 epfw (774babcb1144513dc86992003740b774) C:\WINDOWS\system32\DRIVERS\epfw.sys
21:51:27.0546 1432 epfw - ok
21:51:27.0562 1432 Epfwndis (4b86da2c58063b647577cd669cffaeeb) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
21:51:27.0593 1432 Epfwndis - ok
21:51:27.0609 1432 epfwtdi (1b36748ea9e25549ebe5d8ea105bd981) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
21:51:27.0625 1432 epfwtdi - ok
21:51:27.0671 1432 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
21:51:27.0843 1432 ERSvc - ok
21:51:27.0890 1432 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:51:27.0984 1432 Eventlog - ok
21:51:28.0031 1432 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
21:51:28.0093 1432 EventSystem - ok
21:51:28.0140 1432 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:51:28.0343 1432 Fastfat - ok
21:51:28.0406 1432 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:51:28.0500 1432 FastUserSwitchingCompatibility - ok
21:51:28.0515 1432 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:51:28.0687 1432 Fdc - ok
21:51:28.0703 1432 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:51:28.0859 1432 Fips - ok
21:51:28.0875 1432 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:51:29.0031 1432 Flpydisk - ok
21:51:29.0062 1432 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:51:29.0234 1432 FltMgr - ok
21:51:29.0375 1432 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:51:29.0390 1432 FontCache3.0.0.0 - ok
21:51:29.0453 1432 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS
21:51:29.0468 1432 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
21:51:29.0468 1432 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
21:51:29.0515 1432 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:51:29.0703 1432 Fs_Rec - ok
21:51:29.0765 1432 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:51:29.0953 1432 Ftdisk - ok
21:51:29.0984 1432 ghsmdm (4c1c4461ac322851e09864c71aeff0b9) C:\WINDOWS\system32\DRIVERS\ghsmdm.sys
21:51:30.0015 1432 ghsmdm - ok
21:51:30.0062 1432 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:51:30.0265 1432 Gpc - ok
21:51:30.0406 1432 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:51:30.0437 1432 gusvc - ok
21:51:30.0468 1432 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:51:30.0640 1432 HDAudBus - ok
21:51:30.0687 1432 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:51:30.0859 1432 helpsvc - ok
21:51:30.0921 1432 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
21:51:31.0078 1432 HidServ - ok
21:51:31.0109 1432 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:51:31.0281 1432 HidUsb - ok
21:51:31.0328 1432 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
21:51:31.0500 1432 hkmsvc - ok
21:51:31.0500 1432 hpn - ok
21:51:31.0671 1432 hpqcxs08 (38d6b51f04def7fb248fa56e4c47407e) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:51:31.0687 1432 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:51:31.0687 1432 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:51:31.0718 1432 hpqddsvc (3ee4a63539ec04ee2d4bd293985087ab) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:51:31.0734 1432 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:51:31.0734 1432 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:51:31.0734 1432 hpt3xx - ok
21:51:31.0796 1432 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:51:32.0265 1432 HPZid412 - ok
21:51:32.0328 1432 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:51:32.0359 1432 HPZipr12 - ok
21:51:32.0406 1432 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:51:32.0453 1432 HPZius12 - ok
21:51:32.0515 1432 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:51:32.0656 1432 HTTP - ok
21:51:32.0703 1432 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
21:51:32.0906 1432 HTTPFilter - ok
21:51:32.0953 1432 hwdatacard (200ab8daf659c7324601fcc824d7f910) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
21:51:33.0015 1432 hwdatacard - ok
21:51:33.0031 1432 i2omgmt - ok
21:51:33.0031 1432 i2omp - ok
21:51:33.0093 1432 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:51:33.0250 1432 i8042prt - ok
21:51:33.0312 1432 ICQ Service (f88e5dc5ca4c3f1aeb32169ab20d0b5a) C:\Program Files\ICQ6Toolbar\ICQ Service.exe
21:51:33.0359 1432 ICQ Service - ok
21:51:33.0546 1432 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:51:33.0656 1432 idsvc - ok
21:51:33.0812 1432 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:51:33.0968 1432 Imapi - ok
21:51:34.0015 1432 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
21:51:34.0218 1432 ImapiService - ok
21:51:34.0265 1432 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys
21:51:34.0296 1432 InCDfs ( UnsignedFile.Multi.Generic ) - warning
21:51:34.0296 1432 InCDfs - detected UnsignedFile.Multi.Generic (1)
21:51:34.0296 1432 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
21:51:34.0312 1432 InCDPass ( UnsignedFile.Multi.Generic ) - warning
21:51:34.0312 1432 InCDPass - detected UnsignedFile.Multi.Generic (1)
21:51:34.0328 1432 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys
21:51:34.0328 1432 InCDrec ( UnsignedFile.Multi.Generic ) - warning
21:51:34.0328 1432 InCDrec - detected UnsignedFile.Multi.Generic (1)
21:51:34.0375 1432 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys
21:51:34.0390 1432 incdrm ( UnsignedFile.Multi.Generic ) - warning
21:51:34.0390 1432 incdrm - detected UnsignedFile.Multi.Generic (1)
21:51:34.0531 1432 InCDsrv (e9372a17c22fc4e5c9fd8798a97775fc) C:\Program Files\Ahead\InCD\InCDsrv.exe
21:51:34.0609 1432 InCDsrv ( UnsignedFile.Multi.Generic ) - warning
21:51:34.0609 1432 InCDsrv - detected UnsignedFile.Multi.Generic (1)
21:51:34.0625 1432 ini910u - ok
21:51:34.0937 1432 IntcAzAudAddService (909d03b3b7fb7c830b74f74f4d0ea7ce) C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:51:35.0250 1432 IntcAzAudAddService - ok
21:51:35.0437 1432 IntelIde - ok
21:51:35.0500 1432 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:51:35.0640 1432 intelppm - ok
21:51:35.0671 1432 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:51:35.0859 1432 ip6fw - ok
21:51:35.0906 1432 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:51:36.0125 1432 IpFilterDriver - ok
21:51:36.0156 1432 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:51:36.0312 1432 IpInIp - ok
21:51:36.0328 1432 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:51:36.0531 1432 IpNat - ok
21:51:36.0546 1432 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:51:36.0718 1432 IPSec - ok
21:51:36.0750 1432 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:51:36.0906 1432 IRENUM - ok
21:51:36.0968 1432 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:51:37.0125 1432 isapnp - ok
21:51:37.0250 1432 JavaQuickStarterService (4f2143570d2250ca4c4a4c98553c82cd) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
21:51:37.0296 1432 JavaQuickStarterService - ok
21:51:37.0296 1432 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:51:37.0453 1432 Kbdclass - ok
21:51:37.0515 1432 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:51:37.0656 1432 kbdhid - ok
21:51:37.0687 1432 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:51:37.0875 1432 kmixer - ok
21:51:37.0906 1432 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:51:38.0031 1432 KSecDD - ok
21:51:38.0078 1432 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
21:51:38.0156 1432 lanmanserver - ok
21:51:38.0218 1432 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
21:51:38.0312 1432 lanmanworkstation - ok
21:51:38.0312 1432 lbrtfdc - ok
21:51:38.0375 1432 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
21:51:38.0406 1432 lirsgt - ok
21:51:38.0453 1432 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
21:51:38.0640 1432 LmHosts - ok
21:51:38.0687 1432 massfilter_hs (3c7b3072c3c5cc23f5fd46f8dfda7480) C:\WINDOWS\system32\drivers\massfilter_hs.sys
21:51:38.0703 1432 massfilter_hs - ok
21:51:38.0796 1432 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
21:51:38.0875 1432 MDM - ok
21:51:38.0921 1432 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
21:51:39.0109 1432 Messenger - ok
21:51:39.0156 1432 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:51:39.0343 1432 mnmdd - ok
21:51:39.0390 1432 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
21:51:39.0562 1432 mnmsrvc - ok
21:51:39.0578 1432 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:51:39.0750 1432 Modem - ok
21:51:39.0765 1432 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:51:39.0921 1432 Mouclass - ok
21:51:39.0968 1432 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:51:40.0156 1432 mouhid - ok
21:51:40.0187 1432 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:51:40.0328 1432 MountMgr - ok
21:51:40.0406 1432 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:51:40.0437 1432 MozillaMaintenance - ok
21:51:40.0500 1432 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:51:40.0562 1432 MpFilter - ok
21:51:40.0734 1432 MpKsldb491116 - ok
21:51:40.0750 1432 mraid35x - ok
21:51:40.0812 1432 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:51:41.0015 1432 MRxDAV - ok
21:51:41.0078 1432 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:51:41.0187 1432 MRxSmb - ok
21:51:41.0265 1432 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
21:51:41.0406 1432 MSDTC - ok
21:51:41.0437 1432 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:51:41.0593 1432 Msfs - ok
21:51:41.0609 1432 MSIServer - ok
21:51:41.0625 1432 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:51:41.0781 1432 MSKSSRV - ok
21:51:41.0843 1432 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:51:41.0875 1432 MsMpSvc - ok
21:51:41.0921 1432 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:51:42.0078 1432 MSPCLOCK - ok
21:51:42.0109 1432 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:51:42.0312 1432 MSPQM - ok
21:51:42.0359 1432 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:51:42.0515 1432 mssmbios - ok
21:51:42.0562 1432 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:51:42.0656 1432 Mup - ok
21:51:42.0703 1432 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:51:42.0875 1432 NABTSFEC - ok
21:51:42.0968 1432 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
21:51:43.0218 1432 napagent - ok
21:51:43.0234 1432 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:51:43.0406 1432 NDIS - ok
21:51:43.0437 1432 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:51:43.0593 1432 NdisIP - ok
21:51:43.0656 1432 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:51:43.0734 1432 NdisTapi - ok
21:51:43.0812 1432 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:51:43.0953 1432 Ndisuio - ok
21:51:43.0984 1432 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:51:44.0156 1432 NdisWan - ok
21:51:44.0187 1432 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:51:44.0281 1432 NDProxy - ok
21:51:44.0343 1432 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:51:44.0531 1432 NetBIOS - ok
21:51:44.0546 1432 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:51:44.0750 1432 NetBT - ok
21:51:44.0812 1432 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:51:44.0968 1432 NetDDE - ok
21:51:44.0984 1432 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:51:45.0125 1432 NetDDEdsdm - ok
21:51:45.0156 1432 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:51:45.0328 1432 Netlogon - ok
21:51:45.0390 1432 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
21:51:45.0609 1432 Netman - ok
21:51:45.0718 1432 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:51:45.0750 1432 NetTcpPortSharing - ok
21:51:45.0828 1432 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
21:51:45.0890 1432 Nla - ok
21:51:46.0109 1432 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Documents and Settings\Andrea\My Documents\PROGRAMY\CDBurnerXP\NMSAccessU.exe
21:51:46.0140 1432 NMSAccess - ok
21:51:46.0187 1432 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:51:46.0328 1432 Npfs - ok
21:51:46.0406 1432 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:51:46.0593 1432 Ntfs - ok
21:51:46.0593 1432 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
21:51:46.0750 1432 NtLmSsp - ok
21:51:46.0828 1432 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
21:51:47.0015 1432 NtmsSvc - ok
21:51:47.0062 1432 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
21:51:47.0078 1432 NuidFltr - ok
21:51:47.0140 1432 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:51:47.0312 1432 Null - ok
21:51:47.0359 1432 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:51:47.0531 1432 NwlnkFlt - ok
21:51:47.0546 1432 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:51:47.0718 1432 NwlnkFwd - ok
21:51:47.0812 1432 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:51:47.0843 1432 ose - ok
21:51:47.0859 1432 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
21:51:48.0062 1432 Parport - ok
21:51:48.0093 1432 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:51:48.0250 1432 PartMgr - ok
21:51:48.0312 1432 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:51:48.0468 1432 ParVdm - ok
21:51:48.0484 1432 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:51:48.0640 1432 PCI - ok
21:51:48.0640 1432 PCIDump - ok
21:51:48.0671 1432 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:51:48.0843 1432 PCIIde - ok
21:51:48.0875 1432 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:51:49.0046 1432 Pcmcia - ok
21:51:49.0062 1432 pcouffin - ok
21:51:49.0062 1432 PDCOMP - ok
21:51:49.0078 1432 PDFRAME - ok
21:51:49.0093 1432 PDRELI - ok
21:51:49.0093 1432 PDRFRAME - ok
21:51:49.0109 1432 perc2 - ok
21:51:49.0125 1432 perc2hib - ok
21:51:49.0187 1432 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:51:49.0250 1432 PlugPlay - ok
21:51:49.0312 1432 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
21:51:49.0312 1432 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:51:49.0312 1432 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:51:49.0312 1432 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:51:49.0468 1432 PolicyAgent - ok
21:51:49.0531 1432 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:51:49.0671 1432 PptpMiniport - ok
21:51:49.0703 1432 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
21:51:49.0859 1432 Processor - ok
21:51:49.0859 1432 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:51:50.0015 1432 ProtectedStorage - ok
21:51:50.0031 1432 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:51:50.0203 1432 PSched - ok
21:51:50.0234 1432 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:51:50.0437 1432 Ptilink - ok
21:51:50.0500 1432 PWSYSDRV (57ba9e2a52e6665be919c83e468a54ad) C:\WINDOWS\system32\drivers\PWSYSDRV.sys
21:51:50.0515 1432 PWSYSDRV ( UnsignedFile.Multi.Generic ) - warning
21:51:50.0515 1432 PWSYSDRV - detected UnsignedFile.Multi.Generic (1)
21:51:50.0531 1432 ql1080 - ok
21:51:50.0531 1432 Ql10wnt - ok
21:51:50.0546 1432 ql12160 - ok
21:51:50.0562 1432 ql1240 - ok
21:51:50.0562 1432 ql1280 - ok
21:51:50.0625 1432 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:51:50.0781 1432 RasAcd - ok
21:51:50.0812 1432 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
21:51:50.0984 1432 RasAuto - ok
21:51:51.0015 1432 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:51:51.0156 1432 Rasl2tp - ok
21:51:51.0203 1432 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
21:51:51.0375 1432 RasMan - ok
21:51:51.0375 1432 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:51:51.0531 1432 RasPppoe - ok
21:51:51.0546 1432 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:51:51.0718 1432 Raspti - ok
21:51:51.0765 1432 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:51:51.0953 1432 Rdbss - ok
21:51:51.0984 1432 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:51:52.0156 1432 RDPCDD - ok
21:51:52.0218 1432 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:51:52.0375 1432 rdpdr - ok
21:51:52.0421 1432 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
21:51:52.0562 1432 RDPWD - ok
21:51:52.0593 1432 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
21:51:52.0781 1432 RDSessMgr - ok
21:51:52.0781 1432 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:51:52.0953 1432 redbook - ok
21:51:52.0968 1432 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
21:51:53.0140 1432 RemoteAccess - ok
21:51:53.0171 1432 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
21:51:53.0328 1432 RemoteRegistry - ok
21:51:53.0390 1432 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
21:51:53.0562 1432 RpcLocator - ok
21:51:53.0640 1432 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
21:51:53.0750 1432 RpcSs - ok
21:51:53.0812 1432 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
21:51:54.0031 1432 RSVP - ok
21:51:54.0078 1432 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
21:51:54.0234 1432 rtl8139 - ok
21:51:54.0234 1432 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:51:54.0390 1432 SamSs - ok
21:51:54.0437 1432 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
21:51:54.0625 1432 SCardSvr - ok
21:51:54.0687 1432 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
21:51:54.0875 1432 Schedule - ok
21:51:54.0921 1432 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:51:55.0078 1432 Secdrv - ok
21:51:55.0125 1432 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
21:51:55.0281 1432 seclogon - ok
21:51:55.0312 1432 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
21:51:55.0468 1432 SENS - ok
21:51:55.0531 1432 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:51:55.0687 1432 serenum - ok
21:51:55.0703 1432 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
21:51:55.0859 1432 Serial - ok
21:51:56.0046 1432 ServiceLayer (3ec8de67b1c78c31e54c0f030e6bd7d5) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:51:56.0125 1432 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
21:51:56.0125 1432 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
21:51:56.0171 1432 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:51:56.0328 1432 Sfloppy - ok
21:51:56.0390 1432 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
21:51:56.0609 1432 SharedAccess - ok
21:51:56.0656 1432 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:51:56.0703 1432 ShellHWDetection - ok
21:51:56.0703 1432 Simbad - ok
21:51:56.0765 1432 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:51:56.0921 1432 SLIP - ok
21:51:56.0937 1432 Sparrow - ok
21:51:56.0968 1432 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:51:57.0125 1432 splitter - ok
21:51:57.0187 1432 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
21:51:57.0250 1432 Spooler - ok
21:51:57.0265 1432 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:51:57.0421 1432 sr - ok
21:51:57.0484 1432 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
21:51:57.0687 1432 srservice - ok
21:51:57.0765 1432 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:51:57.0906 1432 Srv - ok
21:51:57.0953 1432 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
21:51:58.0078 1432 ssadbus - ok
21:51:58.0125 1432 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
21:51:58.0281 1432 ssadmdfl - ok
21:51:58.0296 1432 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
21:51:58.0343 1432 ssadmdm - ok
21:51:58.0375 1432 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
21:51:58.0468 1432 ssadserd - ok
21:51:58.0531 1432 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
21:51:58.0703 1432 SSDPSRV - ok
21:51:58.0734 1432 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
21:51:58.0765 1432 StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:51:58.0765 1432 StarOpen - detected UnsignedFile.Multi.Generic (1)
21:51:58.0843 1432 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
21:51:59.0031 1432 StillCam - ok
21:51:59.0093 1432 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
21:51:59.0312 1432 stisvc - ok
21:51:59.0359 1432 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:51:59.0515 1432 streamip - ok
21:51:59.0562 1432 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:51:59.0734 1432 swenum - ok
21:51:59.0765 1432 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:51:59.0921 1432 swmidi - ok
21:51:59.0921 1432 SwPrv - ok
21:51:59.0937 1432 symc810 - ok
21:51:59.0937 1432 symc8xx - ok
21:51:59.0953 1432 sym_hi - ok
21:51:59.0968 1432 sym_u3 - ok
21:52:00.0000 1432 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:52:00.0171 1432 sysaudio - ok
21:52:00.0265 1432 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
21:52:00.0468 1432 SysmonLog - ok
21:52:00.0500 1432 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
21:52:00.0718 1432 TapiSrv - ok
21:52:00.0812 1432 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:52:00.0937 1432 Tcpip - ok
21:52:00.0984 1432 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:52:01.0156 1432 TDPIPE - ok
21:52:01.0171 1432 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:52:01.0343 1432 TDTCP - ok
21:52:01.0359 1432 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:52:01.0515 1432 TermDD - ok
21:52:01.0578 1432 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
21:52:01.0781 1432 TermService - ok
21:52:01.0843 1432 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:52:01.0875 1432 Themes - ok
21:52:01.0937 1432 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe
21:52:02.0093 1432 TlntSvr - ok
21:52:02.0093 1432 TosIde - ok
21:52:02.0140 1432 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
21:52:02.0296 1432 TrkWks - ok
21:52:02.0343 1432 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
21:52:02.0375 1432 TrueSight ( UnsignedFile.Multi.Generic ) - warning
21:52:02.0375 1432 TrueSight - detected UnsignedFile.Multi.Generic (1)
21:52:02.0406 1432 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:52:02.0562 1432 Udfs - ok
21:52:02.0578 1432 ultra - ok
21:52:02.0640 1432 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:52:02.0875 1432 Update - ok
21:52:02.0937 1432 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
21:52:03.0187 1432 upnphost - ok
21:52:03.0218 1432 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
21:52:03.0406 1432 UPS - ok
21:52:03.0421 1432 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:52:03.0578 1432 usbccgp - ok
21:52:03.0609 1432 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:52:03.0765 1432 usbehci - ok
21:52:03.0796 1432 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:52:03.0984 1432 usbhub - ok
21:52:04.0015 1432 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:52:04.0156 1432 usbohci - ok
21:52:04.0218 1432 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:52:04.0375 1432 usbprint - ok
21:52:04.0390 1432 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:52:04.0562 1432 usbscan - ok
21:52:04.0578 1432 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:52:04.0718 1432 USBSTOR - ok
21:52:04.0765 1432 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
21:52:04.0937 1432 usbvideo - ok
21:52:04.0968 1432 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
21:52:05.0140 1432 usb_rndisx - ok
21:52:05.0203 1432 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:52:05.0421 1432 VgaSave - ok
21:52:05.0437 1432 ViaIde - ok
21:52:05.0484 1432 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:52:05.0640 1432 VolSnap - ok
21:52:05.0671 1432 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
21:52:05.0906 1432 VSS - ok
21:52:05.0953 1432 w300bus (d4baa1ac8dcea1382e81aa6fe48cdd7c) C:\WINDOWS\system32\DRIVERS\w300bus.sys
21:52:05.0953 1432 w300bus ( UnsignedFile.Multi.Generic ) - warning
21:52:05.0953 1432 w300bus - detected UnsignedFile.Multi.Generic (1)
21:52:05.0984 1432 w300mdfl (12d415ab0ddd86c42cdc5f120a381f24) C:\WINDOWS\system32\DRIVERS\w300mdfl.sys
21:52:06.0015 1432 w300mdfl ( UnsignedFile.Multi.Generic ) - warning
21:52:06.0015 1432 w300mdfl - detected UnsignedFile.Multi.Generic (1)
21:52:06.0078 1432 w300mdm (f470d5e61ee7f951883f70d676551c89) C:\WINDOWS\system32\DRIVERS\w300mdm.sys
21:52:06.0093 1432 w300mdm ( UnsignedFile.Multi.Generic ) - warning
21:52:06.0093 1432 w300mdm - detected UnsignedFile.Multi.Generic (1)
21:52:06.0109 1432 w300mgmt (1b575b7384e22f5b278d3d7fc1bae682) C:\WINDOWS\system32\DRIVERS\w300mgmt.sys
21:52:06.0109 1432 w300mgmt ( UnsignedFile.Multi.Generic ) - warning
21:52:06.0109 1432 w300mgmt - detected UnsignedFile.Multi.Generic (1)
21:52:06.0140 1432 w300obex (a2bc36924ae02ca1e01ec39c99afea09) C:\WINDOWS\system32\DRIVERS\w300obex.sys
21:52:06.0140 1432 w300obex ( UnsignedFile.Multi.Generic ) - warning
21:52:06.0140 1432 w300obex - detected UnsignedFile.Multi.Generic (1)
21:52:06.0171 1432 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
21:52:06.0375 1432 W32Time - ok
21:52:06.0390 1432 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:52:06.0546 1432 Wanarp - ok
21:52:06.0625 1432 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
21:52:06.0671 1432 Wdf01000 - ok
21:52:06.0687 1432 WDICA - ok
21:52:06.0734 1432 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:52:06.0875 1432 wdmaud - ok
21:52:06.0921 1432 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
21:52:07.0093 1432 WebClient - ok
21:52:07.0187 1432 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
21:52:07.0390 1432 winmgmt - ok
21:52:07.0437 1432 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
21:52:07.0531 1432 WmdmPmSN - ok
21:52:07.0609 1432 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
21:52:07.0718 1432 Wmi - ok
21:52:07.0781 1432 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:52:07.0937 1432 WmiApSrv - ok
21:52:07.0984 1432 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
21:52:08.0000 1432 WpdUsb - ok
21:52:08.0062 1432 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:52:08.0234 1432 WS2IFSL - ok
21:52:08.0296 1432 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
21:52:08.0468 1432 wscsvc - ok
21:52:08.0515 1432 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:52:08.0671 1432 WSTCODEC - ok
21:52:08.0718 1432 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
21:52:08.0875 1432 wuauserv - ok
21:52:08.0937 1432 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:52:09.0015 1432 WudfPf - ok
21:52:09.0031 1432 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:52:09.0093 1432 WudfRd - ok
21:52:09.0109 1432 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
21:52:09.0140 1432 WudfSvc - ok
21:52:09.0218 1432 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
21:52:09.0437 1432 WZCSVC - ok
21:52:09.0453 1432 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
21:52:09.0640 1432 xmlprov - ok
21:52:09.0656 1432 ZSMC211 - ok
21:52:09.0687 1432 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:52:10.0265 1432 \Device\Harddisk0\DR0 - ok
21:52:10.0281 1432 Boot (0x1200) (9b1090d5e1b9cff60ff1892dd69ea913) \Device\Harddisk0\DR0\Partition0
21:52:10.0281 1432 \Device\Harddisk0\DR0\Partition0 - ok
21:52:10.0281 1432 ============================================================
21:52:10.0281 1432 Scan finished
21:52:10.0281 1432 ============================================================
21:52:10.0390 1796 Detected object count: 20
21:52:10.0390 1796 Actual detected object count: 20
21:52:39.0390 1796 Angelnt ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0390 1796 Angelnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0390 1796 DCamUSBSQTECH ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0390 1796 DCamUSBSQTECH ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0406 1796 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0406 1796 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0406 1796 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0406 1796 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0406 1796 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0406 1796 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0406 1796 InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0406 1796 InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0406 1796 InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0406 1796 InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0406 1796 InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0406 1796 InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0406 1796 incdrm ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0406 1796 incdrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0421 1796 InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0421 1796 InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0421 1796 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0421 1796 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0421 1796 PWSYSDRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0421 1796 PWSYSDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0421 1796 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0421 1796 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0421 1796 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0421 1796 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0421 1796 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0421 1796 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0437 1796 w300bus ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0437 1796 w300bus ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0437 1796 w300mdfl ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0437 1796 w300mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0437 1796 w300mdm ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0437 1796 w300mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0437 1796 w300mgmt ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0437 1796 w300mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:39.0437 1796 w300obex ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:39.0437 1796 w300obex ( UnsignedFile.Multi.Generic ) - User select action: Skip

[Márty84]

Jeste bych rad videl log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

[AndreaP]

Pokusam sa prilepit, poprosim o strpenie.

[AndreaP]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Andrea at 2012-08-13 22:07:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 81 GB (62%) free of 131 GB
Total RAM: 446 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:05, on 13.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Documents and Settings\Andrea\My Documents\PROGRAMY\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe
C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe
C:\Documents and Settings\Andrea\My Documents\Downloads\tdsskiller.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Andrea\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Andrea.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.29.1\bh\BabylonToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\ARO 2012\ARO.exe -rem
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Codecs Pack - Unknown owner - C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMSAccess - Unknown owner - C:\Documents and Settings\Andrea\My Documents\PROGRAMY\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8008 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Codecs Pack.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1292428093-725345543-1003Core.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default

prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT20867 ... hSource=13"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@joj.sk/TV_JOJ_Media_Player]
"Description"=TV JOJ Media Player
"Path"=C:\Program Files\TV JOJ Media Player\npplugin_netscape.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npkimi.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
avg_igeared.xml
babylon.xml
bing.xml
Cetrumcz_igeared.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\
engine@conduit.com
ffxtlbr@babylon.com
toolbar@ask.com
{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
{20a82645-c095-46ed-80e3-08825760534b}
{37483b40-c254-4a72-bda4-22ee90182c1e}
{800b5000-a755-47e1-992b-48a1c1357f07}
{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{dd02a4eb-4afd-4d60-99d8-e67f964ca813}

C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\searchplugins\
askcom.xml
atlas.xml
bProtect.xml
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-34.xml
icqplugin-35.xml
icqplugin-36.xml
icqplugin-37.xml
icqplugin-38.xml
icqplugin-39.xml
icqplugin-4.xml
icqplugin-40.xml
icqplugin-41.xml
icqplugin-42.xml
icqplugin-43.xml
icqplugin-44.xml
icqplugin-45.xml
icqplugin-46.xml
icqplugin-47.xml
icqplugin-48.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.29.1\bh\BabylonToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-15 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-01-10 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{D5D47440-0750-463D-BAEF-A47D02414806}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-15 192112]
{D0F4A166-B8D4-48b8-9D63-80849FE137CB}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2006-07-12 1397760]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 3117344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AROReminder"=C:\Program Files\ARO 2012\ARO.exe [2012-07-06 2553752]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-16 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll

[AndreaP]

======List of files/folders created in the last 1 month======

2012-08-13 22:08:00 ----D---- C:\Program Files\trend micro
2012-08-13 22:07:06 ----D---- C:\rsit
2012-08-13 21:55:27 ----SHD---- C:\RECYCLER
2012-08-13 21:50:31 ----A---- C:\TDSSKiller.2.7.48.0_13.08.2012_21.50.31_log.txt
2012-08-13 21:22:43 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2012-08-13 19:40:40 ----A---- C:\ComboFix.txt
2012-08-13 15:21:51 ----D---- C:\WINDOWS\temp
2012-08-13 14:52:19 ----D---- C:\123.exe
2012-08-12 20:01:39 ----A---- C:\Boot.bak
2012-08-12 20:01:31 ----RASHD---- C:\cmdcons
2012-08-12 19:43:54 ----A---- C:\WINDOWS\zip.exe
2012-08-12 19:43:54 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-08-12 19:43:54 ----A---- C:\WINDOWS\SWSC.exe
2012-08-12 19:43:54 ----A---- C:\WINDOWS\SWREG.exe
2012-08-12 19:43:54 ----A---- C:\WINDOWS\sed.exe
2012-08-12 19:43:54 ----A---- C:\WINDOWS\PEV.exe
2012-08-12 19:43:54 ----A---- C:\WINDOWS\NIRCMD.exe
2012-08-12 19:43:54 ----A---- C:\WINDOWS\MBR.exe
2012-08-12 19:43:54 ----A---- C:\WINDOWS\grep.exe
2012-08-12 19:42:57 ----D---- C:\Qoobox
2012-08-12 19:41:53 ----D---- C:\WINDOWS\erdnt
2012-08-06 15:15:48 ----A---- C:\WINDOWS\is-MU3M6.exe
2012-08-06 12:45:35 ----D---- C:\Documents and Settings\Andrea\Application Data\Canneverbe Limited
2012-08-06 12:45:35 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2012-08-06 11:51:15 ----A---- C:\WINDOWS\vypalovac.ini
2012-08-03 21:31:40 ----D---- C:\Documents and Settings\Andrea\Application Data\ESET
2012-08-03 21:24:56 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2012-08-03 18:43:20 ----D---- C:\Program Files\Oracle
2012-08-03 18:43:09 ----D---- C:\Documents and Settings\Andrea\Application Data\Oracle
2012-08-03 18:43:03 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2012-08-03 18:43:03 ----A---- C:\WINDOWS\system32\javaws.exe
2012-08-03 18:42:45 ----A---- C:\WINDOWS\system32\javaw.exe
2012-08-03 18:42:45 ----A---- C:\WINDOWS\system32\java.exe
2012-08-03 17:57:34 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-03 17:45:14 ----D---- C:\Program Files\OpenApp
2012-08-03 17:42:50 ----D---- C:\Program Files\smartdl
2012-08-01 19:13:16 ----A---- C:\torrent.exe
2012-07-30 22:49:23 ----A---- C:\WINDOWS\IE4 Error Log.txt
2012-07-29 20:36:46 ----D---- C:\Program Files\NCH_EN
2012-07-29 20:29:13 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Software
2012-07-29 20:29:11 ----D---- C:\Program Files\NCH Software
2012-07-29 20:29:06 ----D---- C:\Documents and Settings\Andrea\Application Data\NCH Software
2012-07-29 20:13:29 ----D---- C:\Program Files\ConduitEngine
2012-07-29 20:12:15 ----D---- C:\Program Files\Ashampoo
2012-07-29 17:13:49 ----D---- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
2012-07-29 17:09:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2012-07-29 17:09:22 ----D---- C:\Program Files\ffdshow
2012-07-29 17:09:02 ----D---- C:\WINDOWS\system32\searchplugins
2012-07-29 17:08:06 ----D---- C:\Program Files\Haali
2012-07-29 17:07:47 ----D---- C:\Program Files\Savings Sidekick
2012-07-29 17:07:08 ----D---- C:\Documents and Settings\All Users\Application Data\Codecs Pack
2012-07-29 16:48:07 ----D---- C:\Program Files\Conduit
2012-07-29 16:46:49 ----D---- C:\Program Files\BitTorrentBar
2012-07-29 16:46:34 ----D---- C:\Program Files\BitTorrent
2012-07-29 16:46:03 ----D---- C:\Documents and Settings\Andrea\Application Data\BitTorrent
2012-07-29 16:01:28 ----A---- C:\user.js
2012-07-29 15:59:13 ----D---- C:\Program Files\GotClip
2012-07-19 13:38:31 ----A---- C:\WINDOWS\system32\drivers\zghsvousb.sys
2012-07-19 13:38:31 ----A---- C:\WINDOWS\system32\drivers\zghstrace.sys
2012-07-19 13:38:31 ----A---- C:\WINDOWS\system32\drivers\zghsnmea.sys
2012-07-19 13:38:31 ----A---- C:\WINDOWS\system32\drivers\zghsnet.sys
2012-07-19 13:38:31 ----A---- C:\WINDOWS\system32\drivers\zghsmdm.sys
2012-07-19 13:38:31 ----A---- C:\WINDOWS\system32\drivers\zghsdiagmdm.sys
2012-07-19 13:38:30 ----A---- C:\WINDOWS\system32\drivers\zghsdiag.sys
2012-07-19 13:38:30 ----A---- C:\WINDOWS\system32\drivers\zghsat.sys
2012-07-19 13:38:30 ----A---- C:\WINDOWS\system32\drivers\massfilter_hs.sys
2012-07-19 13:38:30 ----A---- C:\WINDOWS\system32\drivers\ghsnmea.sys
2012-07-19 13:38:30 ----A---- C:\WINDOWS\system32\drivers\ghsmdm.sys
2012-07-19 13:38:30 ----A---- C:\WINDOWS\system32\drivers\ghsdiag.sys
2012-07-19 13:38:30 ----A---- C:\WINDOWS\system32\drivers\ghsandroid.sys
2012-07-19 13:38:29 ----A---- C:\WINDOWS\system32\drivers\androidusb.sys
2012-07-19 13:37:50 ----A---- C:\WINDOWS\AdbWinApi.dll
2012-07-19 13:37:49 ----A---- C:\WINDOWS\adb.exe
2012-07-19 13:37:48 ----D---- C:\Program Files\Handset USB Driver

======List of files/folders modified in the last 1 month======

2012-08-13 22:08:00 ----D---- C:\Program Files
2012-08-13 21:51:13 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-13 21:50:32 ----D---- C:\WINDOWS\system32\drivers
2012-08-13 21:43:01 ----SD---- C:\WINDOWS\Tasks
2012-08-13 21:27:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-13 18:58:45 ----D---- C:\WINDOWS
2012-08-13 18:58:45 ----A---- C:\WINDOWS\system.ini
2012-08-13 18:56:02 ----D---- C:\WINDOWS\system32\drivers\etc
2012-08-13 15:22:41 ----D---- C:\WINDOWS\system32\config
2012-08-13 15:13:15 ----D---- C:\WINDOWS\system32
2012-08-13 15:13:15 ----D---- C:\WINDOWS\AppPatch
2012-08-13 15:13:10 ----D---- C:\Program Files\Common Files
2012-08-13 14:35:40 ----D---- C:\Omega
2012-08-13 14:35:20 ----A---- C:\WINDOWS\wincmd.ini
2012-08-13 14:28:45 ----D---- C:\ALFA
2012-08-12 20:38:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-12 20:37:54 ----D---- C:\Download
2012-08-12 20:01:39 ----RASH---- C:\boot.ini
2012-08-12 19:43:18 ----D---- C:\WINDOWS\Prefetch
2012-08-11 17:24:18 ----D---- C:\Program Files\OLYMPfitnes
2012-08-11 15:48:24 ----A---- C:\WINDOWS\ODBC.INI
2012-08-06 12:31:41 ----SHD---- C:\WINDOWS\Installer
2012-08-06 12:31:30 ----D---- C:\Config.Msi
2012-08-06 12:31:28 ----D---- C:\Program Files\SweetIM
2012-08-06 12:31:28 ----D---- C:\Documents and Settings\All Users\Application Data\SweetIM
2012-08-06 09:26:02 ----D---- C:\Documents and Settings\Andrea\Application Data\Kastner software
2012-08-06 09:26:01 ----D---- C:\Documents and Settings\All Users\Application Data\KASTNER software
2012-08-05 23:22:20 ----D---- C:\Documents and Settings\Andrea\Application Data\Skype
2012-08-03 21:29:12 ----HD---- C:\WINDOWS\inf
2012-08-03 21:24:56 ----D---- C:\Program Files\Eset
2012-08-03 19:38:55 ----D---- C:\Program Files\Mozilla Firefox
2012-08-03 18:54:44 ----D---- C:\Program Files\Common Files\Java
2012-08-03 18:42:15 ----D---- C:\Program Files\Java
2012-08-03 11:20:37 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-29 17:11:36 ----HD---- C:\Program Files\Uninstall Information
2012-07-29 16:01:12 ----D---- C:\Documents and Settings\Andrea\Application Data\BabylonToolbar
2012-07-19 18:51:24 ----A---- C:\WINDOWS\win.ini
2012-07-19 13:40:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-03-14 160816]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2012-03-14 61936]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-07-12 28672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2012-07-02 51072]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-12-25 278984]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-12-25 25416]
R2 PWSYSDRV;PWSYSDRV; \??\C:\WINDOWS\system32\drivers\PWSYSDRV.sys []
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-16 1611776]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2012-03-14 40336]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S1 MpKsldb491116;MpKsldb491116; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8650BCC9-DE40-4C74-AC31-F8AD17A0FA68}\MpKsldb491116.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 catchme;catchme; \??\C:\123.exe\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2003-01-10 30921]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2012-01-31 20032]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 ghsmdm;Handset USB Modem; C:\WINDOWS\system32\DRIVERS\ghsmdm.sys [2011-03-28 113432]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2006-10-30 88960]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\WINDOWS\system32\drivers\massfilter_hs.sys []
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2005-12-28 60800]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC211;USB PC Camera (ZS0211); C:\WINDOWS\System32\Drivers\ZS211.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-16 389120]
R2 Codecs Pack;Codecs Pack; C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe [2012-07-29 1692192]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-07-05 161704]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 NMSAccess;NMSAccess; C:\Documents and Settings\Andrea\My Documents\PROGRAMY\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-15 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------