Pomalý chod programů, grafika blbně

[Rudy]

Stáhněte, rozbalte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Nechte pracovat a na konci akce sem dejte log.

[tomassovak]

Prostě po vymazání bodu obnovení se zdá že je to ok. Gmer nenašel i když několikrát zablbl potom nic. Ještě budu zkoušet a dám vědět

[tomassovak]

11:33:35.0843 2932 ============================================================
11:33:35.0843 2932 Scan started
11:33:35.0843 2932 Mode: Manual;
11:33:35.0843 2932 ============================================================
11:33:36.0546 2932 ================ Scan system memory ========================
11:33:36.0562 2932 System memory - ok
11:33:36.0562 2932 ================ Scan services =============================
11:33:36.0796 2932 Abiosdsk - ok
11:33:36.0796 2932 abp480n5 - ok
11:33:36.0906 2932 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:33:36.0921 2932 ACPI - ok
11:33:36.0968 2932 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:33:36.0968 2932 ACPIEC - ok
11:33:36.0968 2932 adpu160m - ok
11:33:37.0062 2932 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:33:37.0062 2932 aec - ok
11:33:37.0156 2932 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:33:37.0156 2932 AFD - ok
11:33:37.0171 2932 [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
11:33:37.0171 2932 agp440 - ok
11:33:37.0187 2932 Aha154x - ok
11:33:37.0187 2932 aic78u2 - ok
11:33:37.0203 2932 aic78xx - ok
11:33:37.0250 2932 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:33:37.0250 2932 Alerter - ok
11:33:37.0296 2932 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
11:33:37.0296 2932 ALG - ok
11:33:37.0296 2932 AliIde - ok
11:33:37.0312 2932 amsint - ok
11:33:37.0406 2932 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:33:37.0406 2932 AppMgmt - ok
11:33:37.0406 2932 asc - ok
11:33:37.0421 2932 asc3350p - ok
11:33:37.0421 2932 asc3550 - ok
11:33:37.0593 2932 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:33:37.0593 2932 aspnet_state - ok
11:33:37.0625 2932 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:33:37.0640 2932 AsyncMac - ok
11:33:37.0703 2932 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:33:37.0703 2932 atapi - ok
11:33:37.0703 2932 Atdisk - ok
11:33:37.0937 2932 [ 8FDB05AFF463CB36BE0FD3BC779121CD ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
11:33:37.0953 2932 Ati HotKey Poller - ok
11:33:40.0265 2932 [ 175DDF9AE328CB0D8696094FA1346361 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:33:40.0312 2932 ati2mtag - ok
11:33:40.0390 2932 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:33:40.0390 2932 Atmarpc - ok
11:33:40.0468 2932 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:33:40.0468 2932 AudioSrv - ok
11:33:40.0515 2932 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:33:40.0515 2932 audstub - ok
11:33:40.0578 2932 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:33:40.0578 2932 Beep - ok
11:33:40.0781 2932 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
11:33:40.0781 2932 BITS - ok
11:33:40.0843 2932 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
11:33:40.0859 2932 Browser - ok
11:33:40.0906 2932 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:33:40.0906 2932 cbidf2k - ok
11:33:40.0906 2932 cd20xrnt - ok
11:33:40.0953 2932 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:33:40.0953 2932 Cdaudio - ok
11:33:41.0031 2932 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:33:41.0031 2932 Cdfs - ok
11:33:41.0109 2932 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:33:41.0109 2932 Cdrom - ok
11:33:41.0109 2932 Changer - ok
11:33:41.0140 2932 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:33:41.0140 2932 CiSvc - ok
11:33:41.0171 2932 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:33:41.0171 2932 ClipSrv - ok
11:33:41.0281 2932 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:33:41.0281 2932 clr_optimization_v2.0.50727_32 - ok
11:33:41.0390 2932 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:33:41.0390 2932 clr_optimization_v4.0.30319_32 - ok
11:33:41.0390 2932 CmdIde - ok
11:33:41.0406 2932 COMSysApp - ok
11:33:41.0421 2932 Cpqarray - ok
11:33:41.0500 2932 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:33:41.0500 2932 CryptSvc - ok
11:33:41.0546 2932 [ 71007BD2E1E26927FE3E4EB00C0BEEDF ] ctljystk C:\WINDOWS\system32\DRIVERS\ctljystk.sys
11:33:41.0546 2932 ctljystk - ok
11:33:41.0562 2932 dac2w2k - ok
11:33:41.0578 2932 dac960nt - ok
11:33:41.0703 2932 [ C72C15EE57E248C66E57C76CAB086CF2 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:33:41.0703 2932 DcomLaunch - ok
11:33:41.0750 2932 [ 562830EFB7CF367FB773FEA5256E67C8 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:33:41.0750 2932 Dhcp - ok
11:33:41.0781 2932 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:33:41.0781 2932 Disk - ok
11:33:41.0781 2932 dmadmin - ok
11:33:42.0109 2932 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:33:42.0125 2932 dmboot - ok
11:33:42.0203 2932 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:33:42.0218 2932 dmio - ok
11:33:42.0250 2932 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:33:42.0250 2932 dmload - ok
11:33:42.0296 2932 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:33:42.0296 2932 dmserver - ok
11:33:42.0328 2932 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:33:42.0328 2932 DMusic - ok
11:33:42.0359 2932 [ F605B3F5674D67587C4B6C9E92A3E025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:33:42.0359 2932 Dnscache - ok
11:33:42.0359 2932 dpti2o - ok
11:33:42.0375 2932 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:33:42.0375 2932 drmkaud - ok
11:33:42.0484 2932 [ 2E2F6F46F4D297471A4E015BDB75399D ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
11:33:42.0484 2932 E1000 - ok
11:33:42.0593 2932 [ 01F83E1B5DCE05F5CB7D99113CA9E890 ] emu10k C:\WINDOWS\system32\drivers\emu10k1m.sys
11:33:42.0593 2932 emu10k - ok
11:33:42.0609 2932 [ 7FFA171CCE6A8BFC774862A578BA39A2 ] emu10k1 C:\WINDOWS\system32\drivers\ctlfacem.sys
11:33:42.0609 2932 emu10k1 - ok
11:33:42.0656 2932 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:33:42.0656 2932 ERSvc - ok
11:33:42.0750 2932 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] Eventlog C:\WINDOWS\system32\services.exe
11:33:42.0750 2932 Eventlog - ok
11:33:42.0828 2932 [ 972378B907070F64932A87C90A035487 ] EventSystem C:\WINDOWS\system32\es.dll
11:33:42.0828 2932 EventSystem - ok
11:33:42.0890 2932 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:33:42.0890 2932 Fastfat - ok
11:33:42.0937 2932 [ 8BA76BD2A943F642F267A296A15776D2 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:33:42.0937 2932 FastUserSwitchingCompatibility - ok
11:33:42.0968 2932 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:33:42.0968 2932 Fdc - ok
11:33:43.0046 2932 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:33:43.0046 2932 Fips - ok
11:33:43.0093 2932 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:33:43.0093 2932 Flpydisk - ok
11:33:43.0187 2932 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:33:43.0187 2932 FltMgr - ok
11:33:43.0328 2932 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:33:43.0328 2932 FontCache3.0.0.0 - ok
11:33:43.0328 2932 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:33:43.0328 2932 Fs_Rec - ok
11:33:43.0375 2932 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:33:43.0375 2932 Ftdisk - ok
11:33:43.0390 2932 [ 5F92FD09E5610A5995DA7D775EADCD12 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
11:33:43.0390 2932 gameenum - ok
11:33:43.0421 2932 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:33:43.0421 2932 Gpc - ok
11:33:43.0546 2932 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:33:43.0546 2932 helpsvc - ok
11:33:43.0546 2932 HidServ - ok
11:33:43.0609 2932 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:33:43.0609 2932 hidusb - ok
11:33:43.0609 2932 hpn - ok
11:33:43.0750 2932 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:33:43.0750 2932 HTTP - ok
11:33:43.0812 2932 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:33:43.0812 2932 HTTPFilter - ok
11:33:43.0812 2932 i2omgmt - ok
11:33:43.0812 2932 i2omp - ok
11:33:43.0859 2932 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:33:43.0859 2932 i8042prt - ok
11:33:44.0234 2932 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:33:44.0234 2932 idsvc - ok
11:33:44.0296 2932 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:33:44.0296 2932 Imapi - ok
11:33:44.0406 2932 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:33:44.0406 2932 ImapiService - ok
11:33:44.0421 2932 ini910u - ok
11:33:44.0484 2932 [ EF4FDA4841001A4B98C411797DB8894A ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:33:44.0484 2932 IntelIde - ok
11:33:44.0562 2932 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:33:44.0562 2932 intelppm - ok
11:33:44.0609 2932 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:33:44.0609 2932 Ip6Fw - ok
11:33:44.0640 2932 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:33:44.0640 2932 IpFilterDriver - ok
11:33:44.0671 2932 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:33:44.0671 2932 IpInIp - ok
11:33:44.0734 2932 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:33:44.0734 2932 IpNat - ok
11:33:44.0828 2932 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:33:44.0828 2932 IPSec - ok
11:33:44.0859 2932 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:33:44.0859 2932 IRENUM - ok
11:33:44.0906 2932 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:33:44.0906 2932 isapnp - ok
11:33:44.0984 2932 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:33:44.0984 2932 Kbdclass - ok
11:33:45.0093 2932 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:33:45.0109 2932 kmixer - ok
11:33:45.0140 2932 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:33:45.0140 2932 KSecDD - ok
11:33:45.0203 2932 [ 6D6BDD68B775986577C48A8DF961A05C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:33:45.0203 2932 lanmanserver - ok
11:33:45.0312 2932 [ 69B0569AAE33F0D5057CA0E8577AAF07 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:33:45.0312 2932 lanmanworkstation - ok
11:33:45.0312 2932 lbrtfdc - ok
11:33:45.0343 2932 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:33:45.0343 2932 LmHosts - ok
11:33:45.0375 2932 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:33:45.0375 2932 Messenger - ok
11:33:45.0437 2932 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:33:45.0437 2932 mnmdd - ok
11:33:45.0500 2932 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:33:45.0515 2932 mnmsrvc - ok
11:33:45.0562 2932 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:33:45.0562 2932 Modem - ok
11:33:45.0593 2932 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:33:45.0593 2932 Mouclass - ok
11:33:45.0656 2932 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:33:45.0656 2932 mouhid - ok
11:33:45.0687 2932 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:33:45.0687 2932 MountMgr - ok
11:33:45.0843 2932 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:33:45.0843 2932 MozillaMaintenance - ok
11:33:45.0843 2932 mraid35x - ok
11:33:45.0906 2932 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:33:45.0906 2932 MRxDAV - ok
11:33:46.0078 2932 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:33:46.0078 2932 MRxSmb - ok
11:33:46.0140 2932 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:33:46.0140 2932 MSDTC - ok
11:33:46.0156 2932 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:33:46.0156 2932 Msfs - ok
11:33:46.0171 2932 MSIServer - ok
11:33:46.0203 2932 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:33:46.0203 2932 MSKSSRV - ok
11:33:46.0218 2932 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:33:46.0218 2932 MSPCLOCK - ok
11:33:46.0250 2932 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:33:46.0250 2932 MSPQM - ok
11:33:46.0281 2932 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:33:46.0281 2932 mssmbios - ok
11:33:46.0328 2932 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:33:46.0328 2932 Mup - ok
11:33:46.0390 2932 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:33:46.0390 2932 NDIS - ok
11:33:46.0406 2932 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:33:46.0406 2932 NdisTapi - ok
11:33:46.0484 2932 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:33:46.0484 2932 Ndisuio - ok
11:33:46.0531 2932 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:33:46.0531 2932 NdisWan - ok
11:33:46.0546 2932 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:33:46.0546 2932 NDProxy - ok
11:33:46.0578 2932 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:33:46.0578 2932 NetBIOS - ok
11:33:46.0656 2932 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:33:46.0656 2932 NetBT - ok
11:33:46.0734 2932 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:33:46.0734 2932 NetDDE - ok
11:33:46.0781 2932 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:33:46.0781 2932 NetDDEdsdm - ok
11:33:46.0812 2932 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:33:46.0812 2932 Netlogon - ok
11:33:46.0890 2932 [ AF342D2781225A8769686E0D47E3123E ] Netman C:\WINDOWS\System32\netman.dll
11:33:46.0890 2932 Netman - ok
11:33:47.0015 2932 [ 60152B9BB5A545E4676B944C602BA227 ] NetSvc c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
11:33:47.0015 2932 NetSvc - ok
11:33:47.0140 2932 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:33:47.0140 2932 NetTcpPortSharing - ok
11:33:47.0250 2932 [ 64C078BD4EFD441C3F159EDC5EA4420A ] Nla C:\WINDOWS\System32\mswsock.dll
11:33:47.0265 2932 Nla - ok
11:33:47.0312 2932 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:33:47.0312 2932 Npfs - ok
11:33:47.0515 2932 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:33:47.0515 2932 Ntfs - ok
11:33:47.0562 2932 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:33:47.0562 2932 NtLmSsp - ok
11:33:47.0765 2932 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:33:47.0765 2932 NtmsSvc - ok
11:33:47.0781 2932 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:33:47.0781 2932 Null - ok
11:33:47.0828 2932 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:33:47.0828 2932 NwlnkFlt - ok
11:33:47.0859 2932 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:33:47.0859 2932 NwlnkFwd - ok
11:33:47.0921 2932 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:33:47.0921 2932 Parport - ok
11:33:47.0937 2932 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:33:47.0937 2932 PartMgr - ok
11:33:48.0000 2932 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:33:48.0000 2932 ParVdm - ok
11:33:48.0046 2932 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:33:48.0046 2932 PCI - ok
11:33:48.0062 2932 PCIDump - ok
11:33:48.0078 2932 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
11:33:48.0078 2932 PCIIde - ok
11:33:48.0156 2932 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:33:48.0156 2932 Pcmcia - ok
11:33:48.0156 2932 PDCOMP - ok
11:33:48.0171 2932 PDFRAME - ok
11:33:48.0187 2932 PDRELI - ok
11:33:48.0187 2932 PDRFRAME - ok
11:33:48.0187 2932 perc2 - ok
11:33:48.0203 2932 perc2hib - ok
11:33:48.0281 2932 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] PlugPlay C:\WINDOWS\system32\services.exe
11:33:48.0281 2932 PlugPlay - ok
11:33:48.0296 2932 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:33:48.0296 2932 PolicyAgent - ok
11:33:48.0328 2932 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:33:48.0328 2932 PptpMiniport - ok
11:33:48.0328 2932 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:33:48.0343 2932 ProtectedStorage - ok
11:33:48.0359 2932 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:33:48.0359 2932 PSched - ok
11:33:48.0375 2932 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:33:48.0375 2932 Ptilink - ok
11:33:48.0390 2932 ql1080 - ok
11:33:48.0390 2932 Ql10wnt - ok
11:33:48.0406 2932 ql12160 - ok
11:33:48.0406 2932 ql1240 - ok
11:33:48.0421 2932 ql1280 - ok
11:33:48.0421 2932 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:33:48.0421 2932 RasAcd - ok
11:33:48.0500 2932 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:33:48.0515 2932 RasAuto - ok
11:33:48.0546 2932 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:33:48.0546 2932 Rasl2tp - ok
11:33:48.0656 2932 [ 6E519D777C91E90592403C9F981FDF03 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:33:48.0656 2932 RasMan - ok
11:33:48.0671 2932 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:33:48.0671 2932 RasPppoe - ok
11:33:48.0687 2932 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:33:48.0687 2932 Raspti - ok
11:33:48.0765 2932 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:33:48.0765 2932 Rdbss - ok
11:33:48.0781 2932 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:33:48.0781 2932 RDPCDD - ok
11:33:48.0875 2932 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:33:48.0875 2932 rdpdr - ok
11:33:48.0968 2932 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:33:48.0968 2932 RDPWD - ok
11:33:49.0031 2932 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:33:49.0046 2932 RDSessMgr - ok
11:33:49.0062 2932 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:33:49.0062 2932 redbook - ok
11:33:49.0125 2932 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:33:49.0125 2932 RemoteAccess - ok
11:33:49.0171 2932 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:33:49.0171 2932 RemoteRegistry - ok
11:33:49.0250 2932 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:33:49.0265 2932 RpcLocator - ok
11:33:49.0390 2932 [ C72C15EE57E248C66E57C76CAB086CF2 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:33:49.0390 2932 RpcSs - ok
11:33:49.0468 2932 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:33:49.0468 2932 RSVP - ok
11:33:49.0500 2932 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
11:33:49.0500 2932 SamSs - ok
11:33:49.0562 2932 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:33:49.0562 2932 SCardSvr - ok
11:33:49.0656 2932 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:33:49.0656 2932 Schedule - ok
11:33:49.0703 2932 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:33:49.0703 2932 Secdrv - ok
11:33:49.0734 2932 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:33:49.0734 2932 seclogon - ok
11:33:49.0812 2932 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
11:33:49.0812 2932 SENS - ok
11:33:49.0828 2932 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:33:49.0828 2932 serenum - ok
11:33:49.0859 2932 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:33:49.0859 2932 Serial - ok
11:33:49.0890 2932 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:33:49.0890 2932 Sfloppy - ok
11:33:49.0921 2932 [ 0B1A5E9CACB5CDD54A2815107BD7C772 ] sfman C:\WINDOWS\system32\drivers\sfmanm.sys
11:33:49.0921 2932 sfman - ok
11:33:50.0046 2932 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:33:50.0046 2932 SharedAccess - ok
11:33:50.0125 2932 [ 8BA76BD2A943F642F267A296A15776D2 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:33:50.0125 2932 ShellHWDetection - ok
11:33:50.0125 2932 Simbad - ok
11:33:50.0140 2932 Sparrow - ok
11:33:50.0203 2932 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:33:50.0203 2932 splitter - ok
11:33:50.0234 2932 [ 21B6FAA88044A41640E03EBB68BE93E8 ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:33:50.0234 2932 Spooler - ok
11:33:50.0312 2932 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:33:50.0312 2932 sr - ok
11:33:50.0375 2932 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
11:33:50.0390 2932 srservice - ok
11:33:50.0484 2932 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:33:50.0500 2932 Srv - ok
11:33:50.0531 2932 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:33:50.0531 2932 SSDPSRV - ok
11:33:50.0703 2932 [ 0645CCDDDD27F96EEA3534C1DEF736D9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:33:50.0703 2932 stisvc - ok
11:33:50.0734 2932 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:33:50.0734 2932 swenum - ok
11:33:50.0765 2932 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:33:50.0765 2932 swmidi - ok
11:33:50.0765 2932 SwPrv - ok
11:33:50.0781 2932 symc810 - ok
11:33:50.0781 2932 symc8xx - ok
11:33:50.0796 2932 sym_hi - ok
11:33:50.0812 2932 sym_u3 - ok
11:33:50.0843 2932 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:33:50.0843 2932 sysaudio - ok
11:33:50.0921 2932 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:33:50.0921 2932 SysmonLog - ok
11:33:51.0078 2932 [ 37162D29CD61519E6F5EA0DE99786FF6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:33:51.0078 2932 TapiSrv - ok
11:33:51.0218 2932 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:33:51.0218 2932 Tcpip - ok
11:33:51.0265 2932 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:33:51.0265 2932 TDPIPE - ok
11:33:51.0296 2932 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:33:51.0296 2932 TDTCP - ok
11:33:51.0343 2932 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:33:51.0343 2932 TermDD - ok
11:33:51.0453 2932 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
11:33:51.0453 2932 TermService - ok
11:33:51.0515 2932 [ 8BA76BD2A943F642F267A296A15776D2 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:33:51.0515 2932 Themes - ok
11:33:51.0593 2932 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:33:51.0593 2932 TlntSvr - ok
11:33:51.0593 2932 TosIde - ok
11:33:51.0656 2932 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:33:51.0656 2932 TrkWks - ok
11:33:51.0703 2932 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:33:51.0703 2932 Udfs - ok
11:33:51.0703 2932 ultra - ok
11:33:51.0828 2932 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:33:51.0828 2932 Update - ok
11:33:51.0937 2932 [ 984FC1518B0D5B31D76F0E63608E0500 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:33:51.0937 2932 upnphost - ok
11:33:51.0968 2932 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
11:33:51.0984 2932 UPS - ok
11:33:52.0000 2932 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:33:52.0000 2932 usbehci - ok
11:33:52.0046 2932 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:33:52.0046 2932 usbhub - ok
11:33:52.0109 2932 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:33:52.0109 2932 usbstor - ok
11:33:52.0171 2932 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:33:52.0171 2932 usbuhci - ok
11:33:52.0171 2932 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:33:52.0187 2932 VgaSave - ok
11:33:52.0187 2932 ViaIde - ok
11:33:52.0250 2932 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:33:52.0250 2932 VolSnap - ok
11:33:52.0343 2932 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
11:33:52.0359 2932 VSS - ok
11:33:52.0453 2932 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
11:33:52.0453 2932 W32Time - ok
11:33:52.0468 2932 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:33:52.0468 2932 Wanarp - ok
11:33:52.0484 2932 WDICA - ok
11:33:52.0515 2932 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:33:52.0515 2932 wdmaud - ok
11:33:52.0546 2932 [ 3791ADF1D3466AC6B4B662D3F79CBFEC ] WebClient C:\WINDOWS\System32\webclnt.dll
11:33:52.0546 2932 WebClient - ok
11:33:52.0734 2932 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:33:52.0734 2932 winmgmt - ok
11:33:52.0812 2932 [ E02E913B3841717A890A644EE167B9A5 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
11:33:52.0812 2932 WmdmPmSN - ok
11:33:53.0031 2932 [ 0CDC4A0C6B820FAD99FB4CA74CD0C476 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:33:53.0046 2932 Wmi - ok
11:33:53.0125 2932 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:33:53.0125 2932 WmiApSrv - ok
11:33:53.0421 2932 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:33:53.0421 2932 WPFFontCache_v0400 - ok
11:33:53.0484 2932 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:33:53.0484 2932 wscsvc - ok
11:33:53.0546 2932 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:33:53.0546 2932 wuauserv - ok
11:33:53.0671 2932 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:33:53.0671 2932 WZCSVC - ok
11:33:53.0765 2932 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:33:53.0765 2932 xmlprov - ok
11:33:53.0781 2932 ================ Scan global ===============================
11:33:53.0843 2932 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
11:33:53.0937 2932 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
11:33:54.0031 2932 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
11:33:54.0109 2932 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] C:\WINDOWS\system32\services.exe
11:33:54.0109 2932 [Global] - ok
11:33:54.0109 2932 ================ Scan MBR ==================================
11:33:54.0156 2932 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:33:54.0437 2932 \Device\Harddisk0\DR0 - ok
11:33:54.0453 2932 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
11:33:54.0843 2932 \Device\Harddisk1\DR1 - ok
11:33:55.0187 2932 [ 09F3630B13CA1E91941525E12745ABEA ] \Device\Harddisk2\DR4
11:33:55.0187 2932 \Device\Harddisk2\DR4 - ok
11:33:55.0187 2932 ================ Scan VBR ==================================
11:33:55.0203 2932 [ E28BB1D49B9CB0D76637A6F8A0D04D72 ] \Device\Harddisk0\DR0\Partition1
11:33:55.0203 2932 \Device\Harddisk0\DR0\Partition1 - ok
11:33:55.0203 2932 [ D47ABF765115F7AF8B8EDB3D7FB9158F ] \Device\Harddisk1\DR1\Partition1
11:33:55.0218 2932 \Device\Harddisk1\DR1\Partition1 - ok
11:33:55.0218 2932 [ 8AD974520085597A24DD8DDD5F3B1CE4 ] \Device\Harddisk2\DR4\Partition1
11:33:55.0218 2932 \Device\Harddisk2\DR4\Partition1 - ok
11:33:55.0218 2932 ============================================================
11:33:55.0218 2932 Scan finished
11:33:55.0218 2932 ============================================================
11:33:55.0234 2924 Detected object count: 0
11:33:55.0234 2924 Actual detected object count: 0

[tomassovak]

11:12:29.0703 3456 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:12:29.0968 3456 ============================================================
11:12:29.0968 3456 Current date / time: 2013/01/25 11:12:29.0968
11:12:29.0968 3456 SystemInfo:
11:12:29.0968 3456
11:12:29.0968 3456 OS Version: 5.1.2600 ServicePack: 2.0
11:12:29.0968 3456 Product type: Workstation
11:12:29.0968 3456 ComputerName: DOMOV-E64DD0B12
11:12:29.0968 3456 UserName: Hans Peter Geerdes
11:12:29.0968 3456 Windows directory: C:\WINDOWS
11:12:29.0968 3456 System windows directory: C:\WINDOWS
11:12:29.0968 3456 Processor architecture: Intel x86
11:12:29.0968 3456 Number of processors: 2
11:12:29.0968 3456 Page size: 0x1000
11:12:29.0968 3456 Boot type: Normal boot
11:12:29.0968 3456 ============================================================
11:12:31.0671 3456 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:12:31.0671 3456 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:12:31.0671 3456 Drive \Device\Harddisk2\DR4 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:12:32.0015 3456 ============================================================
11:12:32.0015 3456 \Device\Harddisk0\DR0:
11:12:32.0015 3456 MBR partitions:
11:12:32.0015 3456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
11:12:32.0015 3456 \Device\Harddisk1\DR1:
11:12:32.0015 3456 MBR partitions:
11:12:32.0015 3456 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
11:12:32.0015 3456 \Device\Harddisk2\DR4:
11:12:32.0015 3456 MBR partitions:
11:12:32.0015 3456 \Device\Harddisk2\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A385FF1
11:12:32.0015 3456 ============================================================
11:12:32.0093 3456 C: <-> \Device\Harddisk0\DR0\Partition1
11:12:32.0140 3456 E: <-> \Device\Harddisk2\DR4\Partition1
11:12:32.0187 3456 G: <-> \Device\Harddisk1\DR1\Partition1
11:12:32.0187 3456 ============================================================
11:12:32.0187 3456 Initialize success
11:12:32.0187 3456 ============================================================
11:12:33.0640 3480 ============================================================
11:12:33.0640 3480 Scan started
11:12:33.0640 3480 Mode: Manual;
11:12:33.0640 3480 ============================================================
11:12:34.0656 3480 ================ Scan system memory ========================
11:12:34.0656 3480 System memory - ok
11:12:34.0656 3480 ================ Scan services =============================
11:12:34.0984 3480 Abiosdsk - ok
11:12:35.0000 3480 abp480n5 - ok
11:12:35.0125 3480 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:12:35.0187 3480 ACPI - ok
11:12:35.0234 3480 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:12:35.0250 3480 ACPIEC - ok
11:12:35.0265 3480 adpu160m - ok
11:12:35.0359 3480 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:12:35.0390 3480 aec - ok
11:12:35.0500 3480 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:12:35.0546 3480 AFD - ok
11:12:35.0593 3480 [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
11:12:35.0609 3480 agp440 - ok
11:12:35.0625 3480 Aha154x - ok
11:12:35.0640 3480 aic78u2 - ok
11:12:35.0671 3480 aic78xx - ok
11:12:35.0718 3480 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:12:35.0718 3480 Alerter - ok
11:12:35.0765 3480 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
11:12:35.0781 3480 ALG - ok
11:12:35.0781 3480 AliIde - ok
11:12:35.0812 3480 amsint - ok
11:12:35.0937 3480 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:12:36.0031 3480 AppMgmt - ok
11:12:36.0046 3480 asc - ok
11:12:36.0078 3480 asc3350p - ok
11:12:36.0093 3480 asc3550 - ok
11:12:36.0312 3480 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:12:36.0359 3480 aspnet_state - ok
11:12:36.0406 3480 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:12:36.0421 3480 AsyncMac - ok
11:12:36.0500 3480 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:12:36.0500 3480 atapi - ok
11:12:36.0515 3480 Atdisk - ok
11:12:36.0781 3480 [ 8FDB05AFF463CB36BE0FD3BC779121CD ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
11:12:36.0968 3480 Ati HotKey Poller - ok
11:12:39.0296 3480 [ 175DDF9AE328CB0D8696094FA1346361 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:12:39.0359 3480 ati2mtag - ok
11:12:39.0453 3480 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:12:39.0484 3480 Atmarpc - ok
11:12:39.0546 3480 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:12:39.0562 3480 AudioSrv - ok
11:12:39.0625 3480 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:12:39.0625 3480 audstub - ok
11:12:39.0703 3480 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:12:39.0718 3480 Beep - ok
11:12:39.0921 3480 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
11:12:40.0187 3480 BITS - ok
11:12:40.0250 3480 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
11:12:40.0281 3480 Browser - ok
11:12:40.0328 3480 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:12:40.0343 3480 cbidf2k - ok
11:12:40.0359 3480 cd20xrnt - ok
11:12:40.0406 3480 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:12:40.0406 3480 Cdaudio - ok
11:12:40.0500 3480 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:12:40.0515 3480 Cdfs - ok
11:12:40.0593 3480 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:12:40.0609 3480 Cdrom - ok
11:12:40.0625 3480 Changer - ok
11:12:40.0656 3480 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:12:40.0656 3480 CiSvc - ok
11:12:40.0703 3480 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:12:40.0703 3480 ClipSrv - ok
11:12:40.0859 3480 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:12:40.0953 3480 clr_optimization_v2.0.50727_32 - ok
11:12:41.0046 3480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:12:41.0156 3480 clr_optimization_v4.0.30319_32 - ok
11:12:41.0171 3480 CmdIde - ok
11:12:41.0187 3480 COMSysApp - ok
11:12:41.0234 3480 Cpqarray - ok
11:12:41.0296 3480 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:12:41.0312 3480 CryptSvc - ok
11:12:41.0375 3480 [ 71007BD2E1E26927FE3E4EB00C0BEEDF ] ctljystk C:\WINDOWS\system32\DRIVERS\ctljystk.sys
11:12:41.0390 3480 ctljystk - ok
11:12:41.0406 3480 dac2w2k - ok
11:12:41.0421 3480 dac960nt - ok
11:12:41.0609 3480 [ C72C15EE57E248C66E57C76CAB086CF2 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:12:41.0734 3480 DcomLaunch - ok
11:12:41.0812 3480 [ 562830EFB7CF367FB773FEA5256E67C8 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:12:41.0843 3480 Dhcp - ok
11:12:41.0875 3480 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:12:41.0890 3480 Disk - ok
11:12:41.0906 3480 dmadmin - ok
11:12:42.0234 3480 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:12:42.0484 3480 dmboot - ok
11:12:42.0578 3480 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:12:42.0625 3480 dmio - ok
11:12:42.0671 3480 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:12:42.0671 3480 dmload - ok
11:12:42.0734 3480 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:12:42.0734 3480 dmserver - ok
11:12:42.0812 3480 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:12:42.0828 3480 DMusic - ok
11:12:42.0906 3480 [ F605B3F5674D67587C4B6C9E92A3E025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:12:42.0921 3480 Dnscache - ok
11:12:42.0937 3480 dpti2o - ok
11:12:42.0953 3480 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:12:42.0968 3480 drmkaud - ok
11:12:43.0062 3480 [ 2E2F6F46F4D297471A4E015BDB75399D ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
11:12:43.0078 3480 E1000 - ok
11:12:43.0203 3480 [ 01F83E1B5DCE05F5CB7D99113CA9E890 ] emu10k C:\WINDOWS\system32\drivers\emu10k1m.sys
11:12:43.0296 3480 emu10k - ok
11:12:43.0312 3480 [ 7FFA171CCE6A8BFC774862A578BA39A2 ] emu10k1 C:\WINDOWS\system32\drivers\ctlfacem.sys
11:12:43.0312 3480 emu10k1 - ok
11:12:43.0359 3480 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:12:43.0375 3480 ERSvc - ok
11:12:43.0468 3480 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] Eventlog C:\WINDOWS\system32\services.exe
11:12:43.0515 3480 Eventlog - ok
11:12:43.0593 3480 [ 972378B907070F64932A87C90A035487 ] EventSystem C:\WINDOWS\system32\es.dll
11:12:43.0656 3480 EventSystem - ok
11:12:43.0750 3480 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:12:43.0781 3480 Fastfat - ok
11:12:43.0843 3480 [ 8BA76BD2A943F642F267A296A15776D2 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:12:43.0890 3480 FastUserSwitchingCompatibility - ok
11:12:43.0921 3480 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:12:43.0937 3480 Fdc - ok
11:12:44.0015 3480 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:12:44.0015 3480 Fips - ok
11:12:44.0046 3480 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:12:44.0046 3480 Flpydisk - ok
11:12:44.0156 3480 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:12:44.0187 3480 FltMgr - ok
11:12:44.0328 3480 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:12:44.0343 3480 FontCache3.0.0.0 - ok
11:12:44.0359 3480 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:12:44.0359 3480 Fs_Rec - ok
11:12:44.0421 3480 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:12:44.0468 3480 Ftdisk - ok
11:12:44.0500 3480 [ 5F92FD09E5610A5995DA7D775EADCD12 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
11:12:44.0500 3480 gameenum - ok
11:12:44.0515 3480 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:12:44.0531 3480 Gpc - ok
11:12:44.0671 3480 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:12:44.0687 3480 helpsvc - ok
11:12:44.0703 3480 HidServ - ok
11:12:44.0750 3480 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:12:44.0765 3480 hidusb - ok
11:12:44.0765 3480 hpn - ok
11:12:44.0921 3480 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:12:45.0000 3480 HTTP - ok
11:12:45.0062 3480 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:12:45.0078 3480 HTTPFilter - ok
11:12:45.0078 3480 i2omgmt - ok
11:12:45.0109 3480 i2omp - ok
11:12:45.0156 3480 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:12:45.0171 3480 i8042prt - ok
11:12:45.0546 3480 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:12:45.0812 3480 idsvc - ok
11:12:45.0875 3480 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:12:45.0890 3480 Imapi - ok
11:12:46.0000 3480 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:12:46.0046 3480 ImapiService - ok
11:12:46.0078 3480 ini910u - ok
11:12:46.0156 3480 [ EF4FDA4841001A4B98C411797DB8894A ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:12:46.0171 3480 IntelIde - ok
11:12:46.0250 3480 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:12:46.0250 3480 intelppm - ok
11:12:46.0312 3480 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:12:46.0312 3480 Ip6Fw - ok
11:12:46.0359 3480 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:12:46.0375 3480 IpFilterDriver - ok
11:12:46.0406 3480 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:12:46.0406 3480 IpInIp - ok
11:12:46.0484 3480 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:12:46.0515 3480 IpNat - ok
11:12:46.0609 3480 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:12:46.0625 3480 IPSec - ok
11:12:46.0687 3480 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:12:46.0687 3480 IRENUM - ok
11:12:46.0750 3480 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:12:46.0765 3480 isapnp - ok
11:12:46.0843 3480 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:12:46.0843 3480 Kbdclass - ok
11:12:46.0968 3480 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:12:47.0015 3480 kmixer - ok
11:12:47.0062 3480 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:12:47.0093 3480 KSecDD - ok
11:12:47.0187 3480 [ 6D6BDD68B775986577C48A8DF961A05C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:12:47.0218 3480 lanmanserver - ok
11:12:47.0328 3480 [ 69B0569AAE33F0D5057CA0E8577AAF07 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:12:47.0421 3480 lanmanworkstation - ok
11:12:47.0421 3480 lbrtfdc - ok
11:12:47.0484 3480 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:12:47.0484 3480 LmHosts - ok
11:12:47.0531 3480 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:12:47.0531 3480 Messenger - ok
11:12:47.0609 3480 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:12:47.0609 3480 mnmdd - ok
11:12:47.0687 3480 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:12:47.0687 3480 mnmsrvc - ok
11:12:47.0750 3480 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:12:47.0765 3480 Modem - ok
11:12:47.0828 3480 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:12:47.0828 3480 Mouclass - ok
11:12:47.0906 3480 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:12:47.0906 3480 mouhid - ok
11:12:47.0937 3480 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:12:47.0953 3480 MountMgr - ok
11:12:48.0125 3480 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:12:48.0156 3480 MozillaMaintenance - ok
11:12:48.0171 3480 mraid35x - ok
11:12:48.0250 3480 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:12:48.0312 3480 MRxDAV - ok
11:12:48.0468 3480 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:12:48.0609 3480 MRxSmb - ok
11:12:48.0656 3480 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:12:48.0656 3480 MSDTC - ok
11:12:48.0703 3480 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:12:48.0718 3480 Msfs - ok
11:12:48.0718 3480 MSIServer - ok
11:12:48.0765 3480 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:12:48.0765 3480 MSKSSRV - ok
11:12:48.0781 3480 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:12:48.0796 3480 MSPCLOCK - ok
11:12:48.0812 3480 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:12:48.0828 3480 MSPQM - ok
11:12:48.0875 3480 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:12:48.0875 3480 mssmbios - ok
11:12:48.0921 3480 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:12:48.0953 3480 Mup - ok
11:12:49.0031 3480 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:12:49.0093 3480 NDIS - ok
11:12:49.0109 3480 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:12:49.0125 3480 NdisTapi - ok
11:12:49.0187 3480 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:12:49.0187 3480 Ndisuio - ok
11:12:49.0265 3480 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:12:49.0281 3480 NdisWan - ok
11:12:49.0312 3480 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:12:49.0328 3480 NDProxy - ok
11:12:49.0359 3480 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:12:49.0375 3480 NetBIOS - ok
11:12:49.0437 3480 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:12:49.0500 3480 NetBT - ok
11:12:49.0593 3480 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:12:49.0640 3480 NetDDE - ok
11:12:49.0703 3480 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:12:49.0703 3480 NetDDEdsdm - ok
11:12:49.0734 3480 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:12:49.0734 3480 Netlogon - ok
11:12:49.0875 3480 [ AF342D2781225A8769686E0D47E3123E ] Netman C:\WINDOWS\System32\netman.dll
11:12:49.0921 3480 Netman - ok
11:12:50.0046 3480 [ 60152B9BB5A545E4676B944C602BA227 ] NetSvc c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
11:12:50.0093 3480 NetSvc - ok
11:12:50.0218 3480 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:12:50.0265 3480 NetTcpPortSharing - ok
11:12:50.0359 3480 [ 64C078BD4EFD441C3F159EDC5EA4420A ] Nla C:\WINDOWS\System32\mswsock.dll
11:12:50.0437 3480 Nla - ok
11:12:50.0484 3480 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:12:50.0500 3480 Npfs - ok
11:12:50.0734 3480 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:12:50.0906 3480 Ntfs - ok
11:12:50.0937 3480 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:12:50.0937 3480 NtLmSsp - ok
11:12:51.0156 3480 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:12:51.0312 3480 NtmsSvc - ok
11:12:51.0359 3480 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:12:51.0375 3480 Null - ok
11:12:51.0421 3480 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:12:51.0421 3480 NwlnkFlt - ok
11:12:51.0468 3480 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:12:51.0468 3480 NwlnkFwd - ok
11:12:51.0531 3480 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:12:51.0562 3480 Parport - ok
11:12:51.0578 3480 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:12:51.0593 3480 PartMgr - ok
11:12:51.0656 3480 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:12:51.0656 3480 ParVdm - ok
11:12:51.0734 3480 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:12:51.0750 3480 PCI - ok
11:12:51.0765 3480 PCIDump - ok
11:12:51.0781 3480 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
11:12:51.0796 3480 PCIIde - ok
11:12:51.0875 3480 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:12:51.0937 3480 Pcmcia - ok
11:12:51.0937 3480 PDCOMP - ok
11:12:51.0968 3480 PDFRAME - ok
11:12:51.0984 3480 PDRELI - ok
11:12:52.0000 3480 PDRFRAME - ok
11:12:52.0031 3480 perc2 - ok
11:12:52.0046 3480 perc2hib - ok
11:12:52.0156 3480 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] PlugPlay C:\WINDOWS\system32\services.exe
11:12:52.0171 3480 PlugPlay - ok
11:12:52.0187 3480 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:12:52.0187 3480 PolicyAgent - ok
11:12:52.0218 3480 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:12:52.0234 3480 PptpMiniport - ok
11:12:52.0265 3480 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:12:52.0265 3480 ProtectedStorage - ok
11:12:52.0296 3480 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:12:52.0328 3480 PSched - ok
11:12:52.0343 3480 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:12:52.0359 3480 Ptilink - ok
11:12:52.0359 3480 ql1080 - ok
11:12:52.0390 3480 Ql10wnt - ok
11:12:52.0406 3480 ql12160 - ok
11:12:52.0421 3480 ql1240 - ok
11:12:52.0453 3480 ql1280 - ok
11:12:52.0484 3480 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:12:52.0484 3480 RasAcd - ok
11:12:52.0578 3480 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:12:52.0593 3480 RasAuto - ok
11:12:52.0640 3480 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:12:52.0656 3480 Rasl2tp - ok
11:12:52.0796 3480 [ 6E519D777C91E90592403C9F981FDF03 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:12:52.0843 3480 RasMan - ok
11:12:52.0890 3480 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:12:52.0890 3480 RasPppoe - ok
11:12:52.0921 3480 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:12:52.0937 3480 Raspti - ok
11:12:53.0015 3480 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:12:53.0078 3480 Rdbss - ok
11:12:53.0125 3480 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:12:53.0125 3480 RDPCDD - ok
11:12:53.0250 3480 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:12:53.0296 3480 rdpdr - ok
11:12:53.0406 3480 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:12:53.0453 3480 RDPWD - ok
11:12:53.0546 3480 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:12:53.0578 3480 RDSessMgr - ok
11:12:53.0609 3480 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:12:53.0640 3480 redbook - ok
11:12:53.0796 3480 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:12:53.0812 3480 RemoteAccess - ok
11:12:53.0890 3480 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:12:53.0906 3480 RemoteRegistry - ok
11:12:53.0984 3480 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:12:54.0015 3480 RpcLocator - ok
11:12:54.0187 3480 [ C72C15EE57E248C66E57C76CAB086CF2 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:12:54.0187 3480 RpcSs - ok
11:12:54.0250 3480 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:12:54.0296 3480 RSVP - ok
11:12:54.0328 3480 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
11:12:54.0328 3480 SamSs - ok
11:12:54.0406 3480 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:12:54.0437 3480 SCardSvr - ok
11:12:54.0531 3480 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:12:54.0593 3480 Schedule - ok
11:12:54.0625 3480 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:12:54.0640 3480 Secdrv - ok
11:12:54.0687 3480 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:12:54.0687 3480 seclogon - ok
11:12:54.0765 3480 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
11:12:54.0765 3480 SENS - ok
11:12:54.0796 3480 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:12:54.0796 3480 serenum - ok
11:12:54.0843 3480 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:12:54.0859 3480 Serial - ok
11:12:54.0937 3480 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:12:54.0953 3480 Sfloppy - ok
11:12:54.0984 3480 [ 0B1A5E9CACB5CDD54A2815107BD7C772 ] sfman C:\WINDOWS\system32\drivers\sfmanm.sys
11:12:54.0984 3480 sfman - ok
11:12:55.0125 3480 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:12:55.0218 3480 SharedAccess - ok
11:12:55.0296 3480 [ 8BA76BD2A943F642F267A296A15776D2 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:12:55.0296 3480 ShellHWDetection - ok
11:12:55.0312 3480 Simbad - ok
11:12:55.0343 3480 Sparrow - ok
11:12:55.0421 3480 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:12:55.0421 3480 splitter - ok
11:12:55.0468 3480 [ 21B6FAA88044A41640E03EBB68BE93E8 ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:12:55.0484 3480 Spooler - ok
11:12:55.0578 3480 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:12:55.0593 3480 sr - ok
11:12:55.0656 3480 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
11:12:55.0718 3480 srservice - ok
11:12:55.0828 3480 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:12:55.0937 3480 Srv - ok
11:12:56.0015 3480 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:12:56.0031 3480 SSDPSRV - ok
11:12:56.0203 3480 [ 0645CCDDDD27F96EEA3534C1DEF736D9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:12:56.0343 3480 stisvc - ok
11:12:56.0359 3480 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:12:56.0359 3480 swenum - ok
11:12:56.0406 3480 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:12:56.0421 3480 swmidi - ok
11:12:56.0421 3480 SwPrv - ok
11:12:56.0453 3480 symc810 - ok
11:12:56.0468 3480 symc8xx - ok
11:12:56.0484 3480 sym_hi - ok
11:12:56.0515 3480 sym_u3 - ok
11:12:56.0562 3480 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:12:56.0578 3480 sysaudio - ok
11:12:56.0625 3480 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:12:56.0656 3480 SysmonLog - ok
11:12:56.0796 3480 [ 37162D29CD61519E6F5EA0DE99786FF6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:12:56.0859 3480 TapiSrv - ok
11:12:57.0015 3480 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:12:57.0125 3480 Tcpip - ok
11:12:57.0171 3480 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:12:57.0171 3480 TDPIPE - ok
11:12:57.0203 3480 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:12:57.0218 3480 TDTCP - ok
11:12:57.0265 3480 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:12:57.0281 3480 TermDD - ok
11:12:57.0390 3480 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
11:12:57.0468 3480 TermService - ok
11:12:57.0531 3480 [ 8BA76BD2A943F642F267A296A15776D2 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:12:57.0531 3480 Themes - ok
11:12:57.0625 3480 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:12:57.0640 3480 TlntSvr - ok
11:12:57.0656 3480 TosIde - ok
11:12:57.0734 3480 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:12:57.0765 3480 TrkWks - ok
11:12:57.0828 3480 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:12:57.0843 3480 Udfs - ok
11:12:57.0859 3480 ultra - ok
11:12:57.0984 3480 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:12:58.0062 3480 Update - ok
11:12:58.0171 3480 [ 984FC1518B0D5B31D76F0E63608E0500 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:12:58.0218 3480 upnphost - ok
11:12:58.0265 3480 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
11:12:58.0281 3480 UPS - ok
11:12:58.0312 3480 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:12:58.0312 3480 usbehci - ok
11:12:58.0359 3480 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:12:58.0375 3480 usbhub - ok
11:12:58.0406 3480 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:12:58.0406 3480 usbstor - ok
11:12:58.0453 3480 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:12:58.0453 3480 usbuhci - ok
11:12:58.0484 3480 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:12:58.0484 3480 VgaSave - ok
11:12:58.0500 3480 ViaIde - ok
11:12:58.0578 3480 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:12:58.0593 3480 VolSnap - ok
11:12:58.0750 3480 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
11:12:58.0890 3480 VSS - ok
11:12:58.0984 3480 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
11:12:59.0031 3480 W32Time - ok
11:12:59.0078 3480 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:12:59.0093 3480 Wanarp - ok
11:12:59.0109 3480 WDICA - ok
11:12:59.0156 3480 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:12:59.0187 3480 wdmaud - ok
11:12:59.0234 3480 [ 3791ADF1D3466AC6B4B662D3F79CBFEC ] WebClient C:\WINDOWS\System32\webclnt.dll
11:12:59.0250 3480 WebClient - ok
11:12:59.0437 3480 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:12:59.0484 3480 winmgmt - ok
11:12:59.0593 3480 [ E02E913B3841717A890A644EE167B9A5 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
11:12:59.0609 3480 WmdmPmSN - ok
11:12:59.0828 3480 [ 0CDC4A0C6B820FAD99FB4CA74CD0C476 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:13:00.0046 3480 Wmi - ok
11:13:00.0140 3480 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:13:00.0171 3480 WmiApSrv - ok
11:13:00.0484 3480 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:13:00.0703 3480 WPFFontCache_v0400 - ok
11:13:00.0796 3480 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:13:00.0812 3480 wscsvc - ok
11:13:00.0890 3480 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:13:00.0921 3480 wuauserv - ok
11:13:01.0062 3480 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:13:01.0171 3480 WZCSVC - ok
11:13:01.0281 3480 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:13:01.0390 3480 xmlprov - ok
11:13:01.0406 3480 ================ Scan global ===============================
11:13:01.0468 3480 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
11:13:01.0578 3480 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
11:13:01.0750 3480 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
11:13:01.0812 3480 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] C:\WINDOWS\system32\services.exe
11:13:01.0812 3480 [Global] - ok
11:13:01.0812 3480 ================ Scan MBR ==================================
11:13:01.0859 3480 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:13:02.0156 3480 \Device\Harddisk0\DR0 - ok
11:13:02.0171 3480 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
11:13:02.0515 3480 \Device\Harddisk1\DR1 - ok
11:13:02.0875 3480 [ 09F3630B13CA1E91941525E12745ABEA ] \Device\Harddisk2\DR4
11:13:02.0890 3480 \Device\Harddisk2\DR4 - ok
11:13:02.0890 3480 ================ Scan VBR ==================================
11:13:02.0906 3480 [ E28BB1D49B9CB0D76637A6F8A0D04D72 ] \Device\Harddisk0\DR0\Partition1
11:13:02.0921 3480 \Device\Harddisk0\DR0\Partition1 - ok
11:13:02.0921 3480 [ D47ABF765115F7AF8B8EDB3D7FB9158F ] \Device\Harddisk1\DR1\Partition1
11:13:02.0937 3480 \Device\Harddisk1\DR1\Partition1 - ok
11:13:02.0953 3480 [ 8AD974520085597A24DD8DDD5F3B1CE4 ] \Device\Harddisk2\DR4\Partition1
11:13:02.0953 3480 \Device\Harddisk2\DR4\Partition1 - ok
11:13:02.0953 3480 ============================================================
11:13:02.0953 3480 Scan finished
11:13:02.0953 3480 ============================================================
11:13:03.0000 3472 Detected object count: 0
11:13:03.0000 3472 Actual detected object count: 0
11:13:16.0640 3452 Deinitialize success

[tomassovak]

a ještě:


McAfee(R) Rootkit Detective 1.0 Beta scan report
On 18-01-2013 at 19:44:07
OS-Version 5.1.2600
Service Pack 3.0
====================================

Object-Type: SSDT-hook
Object-Name: ZwAdjustPrivilegesToken
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwClose
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwConnectPort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateEvent
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateMutant
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateNamedPipeFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreatePort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateSection
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateSemaphore
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateSymbolicLinkObject
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateWaitablePort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDebugActiveProcess
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDeleteKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDeleteValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDeviceIoControlFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDuplicateObject
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwEnumerateKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwEnumerateValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwFsControlFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwLoadDriver
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwLoadKey2
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwLoadKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwMapViewOfSection
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwNotifyChangeKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenEvent
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenMutant
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenProcess
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenSection
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenSemaphore
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwPlugPlayControl
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQueryKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQueryMultipleValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQuerySection
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQueryValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQueueApcThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwRenameKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwReplaceKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwReplyPort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwReplyWaitReceivePort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwRequestWaitReplyPort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwRestoreKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwResumeThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSaveKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSecureConnectPort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetContextThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetInformationToken
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetSecurityObject
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetSystemInformation
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSuspendProcess
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSuspendThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSystemDebugControl
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwTerminateProcess
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwTerminateThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwUnmapViewOfSection
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwWriteVirtualMemory
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: File/Folder
Object-Name: System Idle Process
Pid: n/a
Object-Path: System Idle Process
Status: Visible

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\filterpipelineprintproc.dll
Status: Hidden

Object-Type: Process
Object-Name: System
Pid: 4
Object-Path:
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1284
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: CCC.exe
Pid: 772
Object-Path: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Status: Visible

Object-Type: Process
Object-Name: winlogon.exe
Pid: 1032
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: images_ns.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_ns.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: RealPlayer.exe
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_exe\RealPlayer.exe
Status: Hidden

Object-Type: File/Folder
Object-Name: Personal.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_earth.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_earth.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\filterpipelineprintproc.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: images_talk.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_talk.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\msxpsdrv.inf
Status: Hidden

Object-Type: File/Folder
Object-Name: VikPev00
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\VikPev00
Status: Hidden

Object-Type: Process
Object-Name: CTHELPER.EXE
Pid: 544
Object-Path: C:\WINDOWS\system32\CTHELPER.EXE
Status: Visible

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: Desktop.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: nss.cab
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\nss.cab
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\msxpsinc.ppd
Status: Hidden

Object-Type: Process
Object-Name: wscntfy.exe
Pid: 1324
Object-Path: C:\WINDOWS\system32\wscntfy.exe
Status: Visible

Object-Type: File/Folder
Object-Name: PrintHood.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\filterpipelineprintproc.dll
Status: Hidden

Object-Type: Process
Object-Name: services.exe
Pid: 1076
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible

Object-Type: File/Folder
Object-Name: Profiles.Folder.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\filterpipelineprintproc.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: Recent.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\filterpipelineprintproc.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: stubinst_config_en.xml
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\stubinst_config_en.xml
Status: Hidden

Object-Type: Process
Object-Name: lsass.exe
Pid: 1088
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1600
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_ar.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_ar.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: SetPath.bat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SetPath.bat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\msxpsinc.ppd
Status: Hidden

Object-Type: File/Folder
Object-Name: LocalAppData.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: Favorites.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\msxpsinc.ppd
Status: Hidden

Object-Type: Process
Object-Name: ati2evxx.exe
Pid: 1872
Object-Path: C:\WINDOWS\system32\ati2evxx.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\msxpsinc.ppd
Status: Hidden

Object-Type: File/Folder
Object-Name: images_gpy.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_gpy.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: images_acrobat.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_acrobat.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: Programs.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Hidden

Object-Type: Process
Object-Name: svchost.exe
Pid: 1372
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_ff.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_ff.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: images_gapps.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_gapps.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: StartUp.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: images_real.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_real.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: images_toolbar.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_toolbar.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: AppData.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\msxpsdrv.inf
Status: Hidden

Object-Type: Process
Object-Name: WLIDSVCM.EXE
Pid: 2940
Object-Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
Status: Visible

Object-Type: File/Folder
Object-Name: images_skype.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_skype.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: History.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\History.folder.dat
Status: Hidden

Object-Type: Process
Object-Name: LWEMon.exe
Pid: 644
Object-Path: C:\Program Files\Logitech\Gaming Software\LWEMon.exe
Status: Visible

Object-Type: File/Folder
Object-Name: SendTo.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\msxpsinc.ppd
Status: Hidden

Object-Type: Process
Object-Name: avp.exe
Pid: 652
Object-Path: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
Status: Visible

Object-Type: File/Folder
Object-Name: images_sd.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_sd.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\filterpipelineprintproc.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: images_desktop.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_desktop.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: NetHood.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\msxpsdrv.inf
Status: Hidden

Object-Type: File/Folder
Object-Name: StartMenu.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: Music.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Music.folder.dat
Status: Hidden

Object-Type: Process
Object-Name: svchost.exe
Pid: 1704
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: WLIDSVC.EXE
Pid: 1448
Object-Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Status: Visible

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\mxdwdrv.dll
Status: Hidden

Object-Type: Process
Object-Name: smss.exe
Pid: 940
Object-Path: C:\WINDOWS\system32\smss.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\msxpsinc.gpd
Status: Hidden

Object-Type: Process
Object-Name: alg.exe
Pid: 2736
Object-Path: C:\WINDOWS\system32\alg.exe
Status: Visible

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\msxpsdrv.inf
Status: Hidden

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\xpssvcs.dll
Status: Hidden

Object-Type: Process
Object-Name: MOM.exe
Pid: 700
Object-Path: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\msxpsdrv.inf
Status: Hidden

Object-Type: File/Folder
Object-Name: RealPlayer.exe
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\RealPlayer.exe
Status: Hidden

Object-Type: Process
Object-Name: avp.exe
Pid: 964
Object-Path: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
Status: Visible

Object-Type: File/Folder
Object-Name: stubinst_pkg_en-eu.cab
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\stubinst_pkg_en-eu.cab
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: images_picasa.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_picasa.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: chrome.cab
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\chrome.cab
Status: Hidden

Object-Type: File/Folder
Object-Name: images_ksd.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_ksd.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: images_chrome.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_chrome.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: Profiles.Folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: Pictures.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_maxthon.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_maxthon.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\msxpsdrv.inf
Status: Hidden

Object-Type: Process
Object-Name: csrss.exe
Pid: 992
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1504
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: spoolsv.exe
Pid: 1760
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible

Object-Type: Process
Object-Name: explorer.exe
Pid: 232
Object-Path: C:\WINDOWS\explorer.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\msxpsinc.ppd
Status: Hidden

Object-Type: File/Folder
Object-Name: Templates.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: gtb_v6_1.cab
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\gtb_v6_1.cab
Status: Hidden

Object-Type: File/Folder
Object-Name: Cookies.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Hidden

Object-Type: Process
Object-Name: ati2evxx.exe
Pid: 1264
Object-Path: C:\WINDOWS\system32\ati2evxx.exe
Status: Visible

Object-Type: File/Folder
Object-Name: images_wps.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_wps.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: SysPath.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SysPath.dat
Status: Hidden

Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 500
Object-Path: G:\TOSHIBA\Zaloha\C\Rootkit_Detective.exe
Status: Visible

Object-Type: File/Folder
Object-Name: Cache.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: LocalSettings.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\msxpsdrv.cat
Status: Hidden

Scan complete. Found hidden Processes and Files: 91 .
Total files scanned: 212228
McAfee(R) Rootkit Detective 1.0 Beta scan report
On 25-01-2013 at 11:39:36
OS-Version 5.1.2600
Service Pack 2.0
====================================

Object-Type: File/Folder
Object-Name: System Idle Process
Pid: n/a
Object-Path: System Idle Process
Status: Visible

Object-Type: Process
Object-Name: explorer.exe
Pid: 1792
Object-Path: C:\WINDOWS\explorer.exe
Status: Visible

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\filterpipelineprintproc.dll
Status: Hidden

Object-Type: Process
Object-Name: System
Pid: 4
Object-Path:
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: images_ns.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_ns.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: RealPlayer.exe
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_exe\RealPlayer.exe
Status: Hidden

Object-Type: File/Folder
Object-Name: Personal.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_earth.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_earth.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\filterpipelineprintproc.dll
Status: Hidden

Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 3348
Object-Path: E:\TOSHIBA\Zaloha\C\Rootkit_Detective.exe
Status: Visible

Object-Type: File/Folder
Object-Name: images_talk.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_talk.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\msxpsdrv.inf
Status: Hidden

Object-Type: File/Folder
Object-Name: VikPev00
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\VikPev00
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: F9128C08CB912FC540A6E41C8B2DAAC9302D865034E6D8296A3BAB10E57A02F5.met
Pid: n/a
Object-Path: C:\Documents and Settings\Hans-Peter Geerdes.DOMOV-AC71F76AA\Doctor Web\CureIt Quarantine\91\F9128C08CB912FC540A6E41C8B2DAAC9302D865034E6D8296A3BAB10E57A02F5.met
Status: Hidden

Object-Type: File/Folder
Object-Name: Desktop.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: nss.cab
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\nss.cab
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\msxpsinc.ppd
Status: Hidden

Object-Type: File/Folder
Object-Name: PrintHood.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\filterpipelineprintproc.dll
Status: Hidden

Object-Type: Process
Object-Name: spoolsv.exe
Pid: 1588
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible

Object-Type: File/Folder
Object-Name: Profiles.Folder.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\filterpipelineprintproc.dll
Status: Hidden

Object-Type: Process
Object-Name: CCC.exe
Pid: 1080
Object-Path: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Status: Visible

Object-Type: File/Folder
Object-Name: Recent.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\filterpipelineprintproc.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: stubinst_config_en.xml
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\stubinst_config_en.xml
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_ar.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_ar.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: SetPath.bat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SetPath.bat
Status: Hidden

Object-Type: Process
Object-Name: alg.exe
Pid: 580
Object-Path: C:\WINDOWS\system32\alg.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\msxpsinc.ppd
Status: Hidden

Object-Type: File/Folder
Object-Name: LocalAppData.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: F9128C08CB912FC540A6E41C8B2DAAC9302D865034E6D8296A3BAB10E57A02F5
Pid: n/a
Object-Path: C:\Documents and Settings\Hans-Peter Geerdes.DOMOV-AC71F76AA\Doctor Web\CureIt Quarantine\91\F9128C08CB912FC540A6E41C8B2DAAC9302D865034E6D8296A3BAB10E57A02F5
Status: Hidden

Object-Type: Process
Object-Name: smss.exe
Pid: 588
Object-Path: C:\WINDOWS\system32\smss.exe
Status: Visible

Object-Type: File/Folder
Object-Name: Favorites.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\msxpsinc.ppd
Status: Hidden

Object-Type: Process
Object-Name: ati2evxx.exe
Pid: 1364
Object-Path: C:\WINDOWS\system32\ati2evxx.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\msxpsinc.ppd
Status: Hidden

Object-Type: File/Folder
Object-Name: images_gpy.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_gpy.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: images_acrobat.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_acrobat.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: Programs.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Hidden

Object-Type: Process
Object-Name: svchost.exe
Pid: 1372
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\msxpsdrv.cat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_ff.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_ff.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: images_gapps.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_gapps.gif
Status: Hidden

Object-Type: Process
Object-Name: wscntfy.exe
Pid: 612
Object-Path: C:\WINDOWS\system32\wscntfy.exe
Status: Visible

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\mxdwdrv.dll
Status: Hidden

Object-Type: Process
Object-Name: svchost.exe
Pid: 1128
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: StartUp.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: images_real.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_real.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: images_toolbar.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_toolbar.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: AppData.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\msxpsdrv.inf
Status: Hidden

Object-Type: File/Folder
Object-Name: images_skype.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_skype.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: History.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\History.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: SendTo.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Hidden

Object-Type: Process
Object-Name: devldr32.exe
Pid: 136
Object-Path: C:\WINDOWS\system32\devldr32.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\msxpsinc.ppd
Status: Hidden

Object-Type: Process
Object-Name: csrss.exe
Pid: 652
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible

Object-Type: File/Folder
Object-Name: images_sd.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_sd.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: filterpipelineprintproc.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\filterpipelineprintproc.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: F4E47EF55252014F983C4CDE507805D064FE1C042DD821FD000BE735093CCB6B
Pid: n/a
Object-Path: C:\Documents and Settings\Hans-Peter Geerdes.DOMOV-AC71F76AA\Doctor Web\CureIt Quarantine\4E\F4E47EF55252014F983C4CDE507805D064FE1C042DD821FD000BE735093CCB6B
Status: Hidden

Object-Type: File/Folder
Object-Name: images_desktop.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_desktop.gif
Status: Hidden

Object-Type: Process
Object-Name: svchost.exe
Pid: 1172
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: File/Folder
Object-Name: NetHood.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\msxpsdrv.cat
Status: Hidden

Object-Type: Process
Object-Name: ati2evxx.exe
Pid: 920
Object-Path: C:\WINDOWS\system32\ati2evxx.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\msxpsdrv.inf
Status: Hidden

Object-Type: File/Folder
Object-Name: StartMenu.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: Music.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Music.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\mxdwdrv.dll
Status: Hidden

Object-Type: Process
Object-Name: svchost.exe
Pid: 940
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\amd64\msxpsinc.gpd
Status: Hidden

Object-Type: Process
Object-Name: ctfmon.exe
Pid: 1712
Object-Path: C:\WINDOWS\system32\ctfmon.exe
Status: Visible

Object-Type: Process
Object-Name: winlogon.exe
Pid: 692
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\amd64\msxpsdrv.inf
Status: Hidden

Object-Type: Process
Object-Name: MOM.exe
Pid: 1720
Object-Path: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Status: Visible

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\msxpsdrv.inf
Status: Hidden

Object-Type: File/Folder
Object-Name: RealPlayer.exe
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\RealPlayer.exe
Status: Hidden

Object-Type: File/Folder
Object-Name: F4E47EF55252014F983C4CDE507805D064FE1C042DD821FD000BE735093CCB6B.met
Pid: n/a
Object-Path: C:\Documents and Settings\Hans-Peter Geerdes.DOMOV-AC71F76AA\Doctor Web\CureIt Quarantine\4E\F4E47EF55252014F983C4CDE507805D064FE1C042DD821FD000BE735093CCB6B.met
Status: Hidden

Object-Type: File/Folder
Object-Name: stubinst_pkg_en-eu.cab
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\stubinst_pkg_en-eu.cab
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsinc.gpd
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\msxpsinc.gpd
Status: Hidden

Object-Type: File/Folder
Object-Name: images_picasa.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_picasa.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: chrome.cab
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\chrome.cab
Status: Hidden

Object-Type: File/Folder
Object-Name: F4E47EF55252014F983C4CDE507805D064FE1C042DD821FD000BE735093CCB6B.rst
Pid: n/a
Object-Path: C:\Documents and Settings\Hans-Peter Geerdes.DOMOV-AC71F76AA\Doctor Web\CureIt Quarantine\4E\F4E47EF55252014F983C4CDE507805D064FE1C042DD821FD000BE735093CCB6B.rst
Status: Hidden

Object-Type: File/Folder
Object-Name: images_ksd.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_ksd.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: mxdwdrv.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\amd64\mxdwdrv.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: images_chrome.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_chrome.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: Profiles.Folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: Pictures.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_maxthon.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_maxthon.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.inf
Pid: n/a
Object-Path: C:\0a109e3b06f8f61f6c914b\i386\msxpsdrv.inf
Status: Hidden

Object-Type: Process
Object-Name: services.exe
Pid: 736
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible

Object-Type: Process
Object-Name: firefox.exe
Pid: 1512
Object-Path: C:\Program Files\Mozilla Firefox\firefox.exe
Status: Visible

Object-Type: File/Folder
Object-Name: msxpsinc.ppd
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\msxpsinc.ppd
Status: Hidden

Object-Type: File/Folder
Object-Name: Templates.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Hidden

Object-Type: Process
Object-Name: lsass.exe
Pid: 748
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible

Object-Type: File/Folder
Object-Name: gtb_v6_1.cab
Pid: n/a
Object-Path: C:\Documents and Settings\Hans Peter Geerdes\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\stub_data\gtb_v6_1.cab
Status: Hidden

Object-Type: File/Folder
Object-Name: Cookies.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: images_wps.gif
Pid: n/a
Object-Path: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google Updater\icons\images_wps.gif
Status: Hidden

Object-Type: File/Folder
Object-Name: SysPath.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\SysPath.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: Cache.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Hidden

Object-Type: Process
Object-Name: svchost.exe
Pid: 1016
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: File/Folder
Object-Name: LocalSettings.folder.dat
Pid: n/a
Object-Path: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Hidden

Object-Type: File/Folder
Object-Name: xpssvcs.dll
Pid: n/a
Object-Path: C:\cd118de7c9f3929a80ec534a9f4f\i386\xpssvcs.dll
Status: Hidden

Object-Type: File/Folder
Object-Name: msxpsdrv.cat
Pid: n/a
Object-Path: C:\73c150ad167994eacedf9db3\i386\msxpsdrv.cat
Status: Hidden

Scan complete. Found hidden Processes and Files: 96 .
Total files scanned: 153988

[Rudy]

Ani v posledních testech žádný rootkit nevidím.

[tomassovak]

bezpochyby je to lepší ale i přesto blbne vide. Ale co mysláte že v CCC by bylo špatně když to hlasí ve win event logu?

Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:41
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000021: 2013-01-25 10:51:41:156 Exception: Hodnota daného názvu neexistuje.
Exception Called by: ATI.ACE.LOG.Foundation.Implementation.Setting::DeleteRegistry processID:00200 threadID:(CCCThreadNew:Systemtray) domainName:(ccc.exe ) assemblyName:(LOG.Foundation.Implementation, Version=2.0.4567.41227, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
************************************************************************************************************************


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:41
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000020: 2013-01-25 10:51:41:046 FAILED: ADL.ADL.ADL_Display_ImageExpansion_Get
Error Called by: ATI.ACE.CLI.Aspect.DeviceProperty.Graphics.Runtime.DevicePropertyImageScalingController::Parse processID:00200 threadID:( ) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.DeviceProperty.Graphics.Runtime, Version=2.0.4567.41182, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:40
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000018: 2013-01-25 10:51:40:671 Could not find Type [ATI.ACE.CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DB_TutorialInfoCentre] from [CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard] in assembly [CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard]
Error Called by: ATI.ACE.LOG.Foundation.Services::LoadAssembly processID:00200 threadID:(CCCThreadNew:Dashboard) domainName:(ccc.exe ) assemblyName:(LOG.Foundation, Version=2.0.4567.41122, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:40
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000016: 2013-01-25 10:51:40:656 Exception <Load>: Nelze načíst soubor nebo sestavení CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard nebo jeden z jejich závislých prvků. Systém nemůže nalézt uvedený soubor.
Exception Called by: ATI.ACE.LOG.Foundation.Services::LoadAssembly processID:00200 threadID:(CCCThreadNew:Dashboard) domainName:(ccc.exe ) assemblyName:(LOG.Foundation, Version=2.0.4567.41122, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
************************************************************************************************************************


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:40
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000017: 2013-01-25 10:51:40:656 Could not find Type [ATI.ACE.CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DB_TutorialInfoCentre] from [CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard] in assembly [CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard]
Error Called by: ATI.ACE.LOG.Foundation.Services::LoadAssembly processID:00200 threadID:( ) domainName:(ccc.exe ) assemblyName:(LOG.Foundation, Version=2.0.4567.41122, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:40
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000014: 2013-01-25 10:51:40:125 Validation: Caste [1] is null
Error Called by: ATI.ACE.CLI.Component.Runtime.Runtime::Run processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Component.Runtime, Version=2.0.4567.41130, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000013: 2013-01-25 10:51:39:531 Exception <atixcode.dll>: Načítání závodu třídy modelu COM pro komponentu s identifikátorem CLSID {981145A7-E08E-48F3-A1C4-52C28BCAAAF9} se nezdařilo kvůli následující chybě : 80040154.
Exception Called by: ATI.ACE.CLI.Aspect.TransCode.Graphics.Shared.TC_Component::CheckTrancodeComObject processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.TransCode.Graphics.Shared, Version=2.0.4567.41235, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
************************************************************************************************************************


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000012: 2013-01-25 10:51:39:375 RT_MMVideo::InitializeInternetVideo GetMMVideoAdjustInfoItem Pulldown FAILED
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::InitializeInternetVideo processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.4567.41184, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000011: 2013-01-25 10:51:39:375 RT_MMVideo::InitializeBlueStretch GetMMVideoAdjustInfoItem Pulldown FAILED
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::InitializeBlueStretch processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.4567.41184, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000010: 2013-01-25 10:51:39:375 RT_MMVideo::InitAdvancedVideoFeature: Failed in VideoItem = CONTROLLER_VIDEO_DEMOMODE
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::InitAdvancedVideoFeature processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.4567.41184, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000009: 2013-01-25 10:51:39:375 RT_MMVideo::InitAdvancedVideoFeature: Failed in VideoItem = CONTROLLER_VIDEO_DYNAMICRANGE
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::InitAdvancedVideoFeature processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.4567.41184, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000008: 2013-01-25 10:51:39:375 RT_MMVideo::InitAdvancedVideoFeature: Failed in VideoItem = CONTROLLER_VIDEO_STATICGAMMA
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::InitAdvancedVideoFeature processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.4567.41184, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000007: 2013-01-25 10:51:39:375 RT_MMVideo::InitAdvancedVideoFeature: Failed in VideoItem = CONTROLLER_VIDEO_MOSQUITONOISEREMOVAL
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::InitAdvancedVideoFeature processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.4567.41184, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000006: 2013-01-25 10:51:39:375 RT_MMVideo::InitAdvancedVideoFeature: Failed in VideoItem = CONTROLLER_VIDEO_DEBLOCKING
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::InitAdvancedVideoFeature processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.4567.41184, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:39
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000004: 2013-01-25 10:51:39:328 Name of null object is [SAspect:MMVideo]
Error Called by: ATI.ACE.CLI.Aspect.MMVideo.Graphics.Runtime.RT_MMVideo::Check processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.MMVideo.Graphics.Runtime, Version=2.0.4567.41184, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:37
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000003: 2013-01-25 10:51:37:906 FAILED: ADL.ADL.ADL_Display_ImageExpansion_Get
Error Called by: ATI.ACE.CLI.Aspect.DeviceProperty.Graphics.Runtime.DevicePropertyImageScalingController::Parse processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Aspect.DeviceProperty.Graphics.Runtime, Version=2.0.4567.41182, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:36
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000002: 2013-01-25 10:51:36:921 RT_GC_2
Error Called by: ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_2::.ctor processID:00200 threadID:(CCCThreadNew:Runtime) domainName:(ccc.exe ) assemblyName:(CLI.Caste.Graphics.Runtime, Version=2.0.4567.41133, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.
Typ události: Informace
Zdroj události: ACEEventLogSource
Kategorie události: Není k dispozici
ID události: 0
Datum: 25.1.2013
Čas: 10:51:36
Uživatel: Není k dispozici
Počítač: DOMOV-E64DD0B12
Popis:
0000000001: 2013-01-25 10:51:36:000 Failed to merge manifest file: C:\Program Files\ATI Technologies\ATI.ACE\MOM-InstallProxy\mom-installproxy.xml with exception: Soubor C:\Program Files\ATI Technologies\ATI.ACE\MOM-InstallProxy\mom-installproxy.xml nebyl nalezen.
Error Called by: ATI.ACE.CLI.Foundation.MergeManifest::ReadManifest processID:00200 threadID:( ) domainName:(ccc.exe ) assemblyName:(CLI.Foundation.XManifest, Version=2.0.4567.41229, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------


Další informace získáte v Centru pro nápovědu a pomoc na http://go.microsoft.com/fwlink/events.asp.

[Rudy]

Nastavte kartu na default. Tam by měla fungovat bez problémů. Pokud paříte hry, některé si mohou kartu samy přenastavit. To ale není náš obor.

[tomassovak]

Já vím že řešení her není zde určené. Ale jak říkám kdybych neměl podezření že se to chová stejně tak jako minule. Nepsal bych ale je to tak prostě naprosto podobně se to chová. Od odstraní je to lepší ale stejně prostě zvůk při trhání je jiný. Ale že bych něco špatně naistaloval? Třebna soubory nebo že by to bylo tím že není vše naistalováno jako přestím sp3. I když to přestím zlobilo? Byl napadnouté directy taky tam byla havěť. Nyní se to jeví že je to čisté ale že by byla karta? Tu jsem testoval neškube se v testech. To se jeví zdát problém ve win? Ramky jsem netestoval. Když dám vědět s dotazy nebo kde je problém. Ale po odvirování bylo několi dní dobré potom odstraní a zase je to zpět. Kompletní formát? Raději počkám. Jedinou chybu co vím je že nemám sp3 a že mám použité soubory ze zálohy a v podlesní řadě netestoval komponenty. Dot net jsem intaloval všechno zvláš bez posloupnosti toť vše.

[Rudy]

Chtělo by to určitě nainstalovat SP3. Některé hry dokáží změnit schéma barev a další vci v nastavení grafické karty. Mám i podezření, že systém je "nakopaný". Dřív, než se rozhodnete reinstalovat, zkusil bych ještě opravu systému z instal. média.

[tomassovak]

Skoro ve všem je a byla chyba. Infiltrace, win opravit. Zdroj špatně odváděl teplo, chladič zanešen i když nebyl dostatečně zaprášen stejně to blblo. Při vysátí se to pomalu zlepšovalo od prachu a pasta se asi výpálil. Stála cca 60 kč a nevydržela ani 1/2 roků.. Obsahovala střídro.

[Rudy]

Zdroj špatně odváděl teplo......

Mám tomu rozumět tak, že chlazení nefungovalo, jak mělo?