VIRY.CZ

Prosím o kontrolu logů z TDSS a Combofix. NOD hlásí Win32/Wigon v operační paměti - soubor svchost.exe (1548). Díky

12:45:13.0375 2288 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
12:45:13.0546 2288 ============================================================
12:45:13.0546 2288 Current date / time: 2012/04/01 12:45:13.0546
12:45:13.0546 2288 SystemInfo:
12:45:13.0546 2288
12:45:13.0546 2288 OS Version: 5.1.2600 ServicePack: 3.0
12:45:13.0546 2288 Product type: Workstation
12:45:13.0546 2288 ComputerName: LOJZA
12:45:13.0546 2288 UserName: Jirka
12:45:13.0546 2288 Windows directory: C:\WINDOWS
12:45:13.0546 2288 System windows directory: C:\WINDOWS
12:45:13.0546 2288 Processor architecture: Intel x86
12:45:13.0546 2288 Number of processors: 2
12:45:13.0546 2288 Page size: 0x1000
12:45:13.0546 2288 Boot type: Normal boot
12:45:13.0546 2288 ============================================================
12:45:14.0843 2288 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x271B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:45:14.0859 2288 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:45:14.0859 2288 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:45:14.0890 2288 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:45:14.0890 2288 \Device\Harddisk0\DR0:
12:45:14.0890 2288 MBR used
12:45:14.0890 2288 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x995C65B
12:45:14.0890 2288 \Device\Harddisk1\DR1:
12:45:14.0890 2288 MBR used
12:45:14.0906 2288 \Device\Harddisk2\DR2:
12:45:14.0906 2288 MBR used
12:45:14.0906 2288 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
12:45:14.0906 2288 \Device\Harddisk3\DR3:
12:45:14.0906 2288 MBR used
12:45:14.0906 2288 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
12:45:15.0109 2288 Initialize success
12:45:15.0109 2288 ============================================================
12:45:19.0437 4060 ============================================================
12:45:19.0437 4060 Scan started
12:45:19.0437 4060 Mode: Manual;
12:45:19.0437 4060 ============================================================
12:45:20.0234 4060 602XML Updater (f11d68e40ed62fdb7c460c445f1ec4e5) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
12:45:20.0234 4060 602XML Updater - ok
12:45:20.0281 4060 Abiosdsk - ok
12:45:20.0312 4060 abp480n5 - ok
12:45:20.0343 4060 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:45:20.0343 4060 ACDaemon - ok
12:45:20.0390 4060 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:45:20.0406 4060 ACPI - ok
12:45:20.0437 4060 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:45:20.0437 4060 ACPIEC - ok
12:45:20.0515 4060 ACS (5ac144f03b31afab6717ad3622d1680d) C:\WINDOWS\system32\acs.exe
12:45:20.0515 4060 ACS - ok
12:45:20.0609 4060 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:45:20.0609 4060 AdobeFlashPlayerUpdateSvc - ok
12:45:20.0625 4060 adpu160m - ok
12:45:20.0687 4060 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:45:20.0687 4060 aec - ok
12:45:20.0734 4060 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:45:20.0734 4060 AFD - ok
12:45:20.0765 4060 Aha154x - ok
12:45:20.0781 4060 aic78u2 - ok
12:45:20.0812 4060 aic78xx - ok
12:45:20.0859 4060 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
12:45:20.0859 4060 Alerter - ok
12:45:20.0937 4060 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
12:45:20.0937 4060 ALG - ok
12:45:20.0953 4060 AliIde - ok
12:45:21.0093 4060 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
12:45:21.0109 4060 Ambfilt - ok
12:45:21.0187 4060 AmdK8 (99bd5596b5d06c2ead3cecc6f11999f5) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
12:45:21.0187 4060 AmdK8 - ok
12:45:21.0203 4060 amsint - ok
12:45:21.0265 4060 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
12:45:21.0265 4060 androidusb - ok
12:45:21.0312 4060 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
12:45:21.0312 4060 AppMgmt - ok
12:45:21.0468 4060 AR9271 (8e2257584b2c52d44b4cb1949947d885) C:\WINDOWS\system32\DRIVERS\athuw.sys
12:45:21.0468 4060 AR9271 - ok
12:45:21.0515 4060 asc - ok
12:45:21.0531 4060 asc3350p - ok
12:45:21.0562 4060 asc3550 - ok
12:45:21.0640 4060 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:45:21.0640 4060 aspnet_state - ok
12:45:21.0718 4060 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:45:21.0718 4060 AsyncMac - ok
12:45:21.0750 4060 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:45:21.0750 4060 atapi - ok
12:45:21.0781 4060 Atdisk - ok
12:45:21.0828 4060 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:45:21.0828 4060 Atmarpc - ok
12:45:21.0875 4060 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
12:45:21.0875 4060 AudioSrv - ok
12:45:21.0921 4060 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:45:21.0921 4060 audstub - ok
12:45:21.0984 4060 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:45:21.0984 4060 Beep - ok
12:45:22.0062 4060 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
12:45:22.0062 4060 BITS - ok
12:45:22.0109 4060 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
12:45:22.0109 4060 Browser - ok
12:45:22.0171 4060 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
12:45:22.0171 4060 BthEnum - ok
12:45:22.0203 4060 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
12:45:22.0203 4060 BTHMODEM - ok
12:45:22.0234 4060 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
12:45:22.0234 4060 BthPan - ok
12:45:22.0296 4060 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
12:45:22.0296 4060 BTHPORT - ok
12:45:22.0343 4060 BthServ (70ca4b3f634c9dca200832f8da76e009) C:\WINDOWS\System32\bthserv.dll
12:45:22.0343 4060 BthServ - ok
12:45:22.0390 4060 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
12:45:22.0390 4060 BTHUSB - ok
12:45:22.0484 4060 catchme - ok
12:45:22.0562 4060 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:45:22.0562 4060 cbidf2k - ok
12:45:22.0640 4060 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:45:22.0640 4060 CCDECODE - ok
12:45:22.0656 4060 cd20xrnt - ok
12:45:22.0703 4060 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:45:22.0703 4060 Cdaudio - ok
12:45:22.0765 4060 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:45:22.0765 4060 Cdfs - ok
12:45:22.0828 4060 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:45:22.0828 4060 Cdrom - ok
12:45:22.0859 4060 Changer - ok
12:45:22.0906 4060 cisvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
12:45:22.0906 4060 cisvc - ok
12:45:22.0937 4060 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
12:45:22.0937 4060 ClipSrv - ok
12:45:22.0984 4060 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:45:22.0984 4060 clr_optimization_v2.0.50727_32 - ok
12:45:23.0031 4060 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:45:23.0031 4060 clr_optimization_v4.0.30319_32 - ok
12:45:23.0062 4060 CmdIde - ok
12:45:23.0078 4060 COMSysApp - ok
12:45:23.0109 4060 Cpqarray - ok
12:45:23.0156 4060 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
12:45:23.0156 4060 CryptSvc - ok
12:45:23.0171 4060 dac2w2k - ok
12:45:23.0203 4060 dac960nt - ok
12:45:23.0265 4060 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
12:45:23.0265 4060 DcomLaunch - ok
12:45:23.0328 4060 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
12:45:23.0328 4060 Dhcp - ok
12:45:23.0390 4060 Dio06 (7b8ef391d8bf6cecc8c8712cd03170ad) C:\WINDOWS\system32\Drivers\Dio06.sys
12:45:23.0390 4060 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\Dio06.sys. md5: 7b8ef391d8bf6cecc8c8712cd03170ad
12:45:23.0390 4060 Dio06 ( LockedFile.Multi.Generic ) - warning
12:45:23.0390 4060 Dio06 - detected LockedFile.Multi.Generic (1)
12:45:23.0421 4060 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:45:23.0421 4060 Disk - ok
12:45:23.0453 4060 dmadmin - ok
12:45:23.0531 4060 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
12:45:23.0531 4060 dmboot - ok
12:45:23.0578 4060 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
12:45:23.0593 4060 dmio - ok
12:45:23.0656 4060 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:45:23.0656 4060 dmload - ok
12:45:23.0718 4060 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
12:45:23.0718 4060 dmserver - ok
12:45:23.0781 4060 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:45:23.0781 4060 DMusic - ok
12:45:23.0843 4060 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
12:45:23.0843 4060 Dnscache - ok
12:45:23.0875 4060 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
12:45:23.0875 4060 Dot3svc - ok
12:45:23.0906 4060 dpti2o - ok
12:45:23.0921 4060 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:45:23.0921 4060 drmkaud - ok
12:45:23.0968 4060 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
12:45:23.0984 4060 eamon - ok
12:45:24.0015 4060 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
12:45:24.0015 4060 EapHost - ok
12:45:24.0078 4060 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
12:45:24.0078 4060 ehdrv - ok
12:45:24.0187 4060 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
12:45:24.0187 4060 ekrn - ok
12:45:24.0281 4060 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
12:45:24.0281 4060 epfwtdir - ok
12:45:24.0328 4060 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
12:45:24.0328 4060 ERSvc - ok
12:45:24.0375 4060 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
12:45:24.0375 4060 Eventlog - ok
12:45:24.0406 4060 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\System32\es.dll
12:45:24.0406 4060 EventSystem - ok
12:45:24.0500 4060 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:45:24.0500 4060 Fastfat - ok
12:45:24.0546 4060 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
12:45:24.0546 4060 FastUserSwitchingCompatibility - ok
12:45:24.0593 4060 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:45:24.0593 4060 Fdc - ok
12:45:24.0640 4060 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
12:45:24.0640 4060 Fips - ok
12:45:24.0687 4060 FirebirdGuardianDefaultInstance - ok
12:45:24.0703 4060 FirebirdServerDefaultInstance - ok
12:45:24.0750 4060 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:45:24.0750 4060 Flpydisk - ok
12:45:24.0796 4060 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:45:24.0812 4060 FltMgr - ok
12:45:24.0875 4060 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:45:24.0875 4060 FontCache3.0.0.0 - ok
12:45:24.0953 4060 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:45:24.0953 4060 Fs_Rec - ok
12:45:25.0000 4060 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:45:25.0000 4060 Ftdisk - ok
12:45:25.0046 4060 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:45:25.0046 4060 Gpc - ok
12:45:25.0140 4060 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:45:25.0140 4060 gupdate - ok
12:45:25.0156 4060 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:45:25.0156 4060 gupdatem - ok
12:45:25.0187 4060 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:45:25.0187 4060 gusvc - ok
12:45:25.0281 4060 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:45:25.0281 4060 HDAudBus - ok
12:45:25.0328 4060 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:45:25.0328 4060 helpsvc - ok
12:45:25.0390 4060 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
12:45:25.0390 4060 HidServ - ok
12:45:25.0437 4060 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:45:25.0437 4060 hidusb - ok
12:45:25.0484 4060 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
12:45:25.0484 4060 hkmsvc - ok
12:45:25.0515 4060 hpn - ok
12:45:25.0531 4060 hpt3xx - ok
12:45:25.0593 4060 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:45:25.0593 4060 HTTP - ok
12:45:25.0640 4060 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
12:45:25.0640 4060 HTTPFilter - ok
12:45:25.0671 4060 i2omgmt - ok
12:45:25.0687 4060 i2omp - ok
12:45:25.0750 4060 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:45:25.0750 4060 i8042prt - ok
12:45:25.0828 4060 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:45:25.0828 4060 idsvc - ok
12:45:25.0921 4060 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:45:25.0921 4060 Imapi - ok
12:45:25.0968 4060 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
12:45:25.0968 4060 ImapiService - ok
12:45:26.0000 4060 ini910u - ok
12:45:26.0265 4060 IntcAzAudAddService (09e73e7455e7eac14e25739b30e16b52) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:45:26.0296 4060 IntcAzAudAddService - ok
12:45:26.0375 4060 IntelIde - ok
12:45:26.0437 4060 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:45:26.0437 4060 ip6fw - ok
12:45:26.0468 4060 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:45:26.0468 4060 IpFilterDriver - ok
12:45:26.0484 4060 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:45:26.0484 4060 IpInIp - ok
12:45:26.0531 4060 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:45:26.0546 4060 IpNat - ok
12:45:26.0625 4060 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:45:26.0625 4060 IPSec - ok
12:45:26.0671 4060 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:45:26.0671 4060 IRENUM - ok
12:45:26.0703 4060 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:45:26.0703 4060 isapnp - ok
12:45:26.0812 4060 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe
12:45:26.0812 4060 JavaQuickStarterService - ok
12:45:26.0890 4060 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:45:26.0890 4060 Kbdclass - ok
12:45:26.0921 4060 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:45:26.0921 4060 kbdhid - ok
12:45:26.0984 4060 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:45:26.0984 4060 kmixer - ok
12:45:27.0031 4060 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:45:27.0031 4060 KSecDD - ok
12:45:27.0109 4060 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
12:45:27.0109 4060 lanmanserver - ok
12:45:27.0171 4060 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
12:45:27.0171 4060 lanmanworkstation - ok
12:45:27.0187 4060 lbrtfdc - ok
12:45:27.0234 4060 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
12:45:27.0234 4060 LmHosts - ok
12:45:27.0296 4060 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:45:27.0296 4060 MDM - ok
12:45:27.0390 4060 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
12:45:27.0390 4060 Messenger - ok
12:45:27.0468 4060 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:45:27.0468 4060 Microsoft Office Groove Audit Service - ok
12:45:27.0546 4060 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:45:27.0546 4060 mnmdd - ok
12:45:27.0593 4060 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\System32\mnmsrvc.exe
12:45:27.0609 4060 mnmsrvc - ok
12:45:27.0640 4060 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
12:45:27.0640 4060 Modem - ok
12:45:27.0734 4060 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
12:45:27.0750 4060 Monfilt - ok
12:45:27.0812 4060 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:45:27.0812 4060 Mouclass - ok
12:45:27.0859 4060 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:45:27.0859 4060 mouhid - ok
12:45:27.0906 4060 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:45:27.0906 4060 MountMgr - ok
12:45:27.0968 4060 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
12:45:27.0968 4060 MPE - ok
12:45:28.0000 4060 mraid35x - ok
12:45:28.0046 4060 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:45:28.0046 4060 MRxDAV - ok
12:45:28.0125 4060 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:45:28.0125 4060 MRxSmb - ok
12:45:28.0203 4060 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\System32\msdtc.exe
12:45:28.0203 4060 MSDTC - ok
12:45:28.0234 4060 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:45:28.0234 4060 Msfs - ok
12:45:28.0265 4060 MSIServer - ok
12:45:28.0328 4060 MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\Program Files\MSI\Live Update 5\msibios32_100507.sys
12:45:28.0328 4060 MSI_MSIBIOS_010507 - ok
12:45:28.0390 4060 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:45:28.0406 4060 MSKSSRV - ok
12:45:28.0437 4060 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:45:28.0437 4060 MSPCLOCK - ok
12:45:28.0484 4060 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:45:28.0484 4060 MSPQM - ok
12:45:28.0531 4060 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:45:28.0531 4060 mssmbios - ok
12:45:28.0593 4060 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:45:28.0593 4060 MSTEE - ok
12:45:28.0656 4060 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:45:28.0656 4060 Mup - ok
12:45:28.0703 4060 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:45:28.0703 4060 NABTSFEC - ok
12:45:28.0765 4060 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
12:45:28.0765 4060 napagent - ok
12:45:28.0859 4060 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:45:28.0859 4060 NDIS - ok
12:45:28.0890 4060 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:45:28.0890 4060 NdisIP - ok
12:45:28.0937 4060 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:45:28.0937 4060 NdisTapi - ok
12:45:28.0984 4060 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:45:28.0984 4060 Ndisuio - ok
12:45:29.0046 4060 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:45:29.0046 4060 NdisWan - ok
12:45:29.0093 4060 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:45:29.0093 4060 NDProxy - ok
12:45:29.0125 4060 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:45:29.0125 4060 NetBIOS - ok
12:45:29.0156 4060 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:45:29.0156 4060 NetBT - ok
12:45:29.0203 4060 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
12:45:29.0203 4060 NetDDE - ok
12:45:29.0218 4060 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
12:45:29.0218 4060 NetDDEdsdm - ok
12:45:29.0296 4060 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:45:29.0296 4060 Netlogon - ok
12:45:29.0328 4060 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
12:45:29.0328 4060 Netman - ok
12:45:29.0406 4060 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:45:29.0406 4060 NetTcpPortSharing - ok
12:45:29.0484 4060 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
12:45:29.0484 4060 Nla - ok
12:45:29.0546 4060 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:45:29.0546 4060 Npfs - ok
12:45:29.0593 4060 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:45:29.0593 4060 Ntfs - ok
12:45:29.0671 4060 NTIOLib_1_0_4 (cd2166c9511d336a058cde91778aaa69) C:\Program Files\MSI\Live Update 5\NTIOLib.sys
12:45:29.0671 4060 NTIOLib_1_0_4 - ok
12:45:29.0734 4060 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
12:45:29.0734 4060 NtLmSsp - ok
12:45:29.0796 4060 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
12:45:29.0796 4060 NtmsSvc - ok
12:45:29.0843 4060 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:45:29.0843 4060 Null - ok
12:45:30.0281 4060 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:45:30.0328 4060 nv - ok
12:45:30.0406 4060 NVENETFD (45ba510db13a0496db1cd16826519e03) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
12:45:30.0406 4060 NVENETFD - ok
12:45:30.0437 4060 nvnetbus (57cbdb934fb1afb7e03b413d151a6152) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
12:45:30.0437 4060 nvnetbus - ok
12:45:30.0500 4060 nvsvc (a2322c6207ebb0761a6c8cc9003ebacf) C:\WINDOWS\system32\nvsvc32.exe
12:45:30.0500 4060 nvsvc - ok
12:45:30.0656 4060 nvUpdatusService (844a25c9e3076edef2b12e0beded755d) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:45:30.0671 4060 nvUpdatusService - ok
12:45:30.0765 4060 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:45:30.0765 4060 NwlnkFlt - ok
12:45:30.0781 4060 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:45:30.0781 4060 NwlnkFwd - ok
12:45:30.0875 4060 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:45:30.0890 4060 odserv - ok
12:45:30.0906 4060 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:45:30.0906 4060 ose - ok
12:45:31.0171 4060 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:45:31.0203 4060 osppsvc - ok
12:45:31.0281 4060 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
12:45:31.0281 4060 Parport - ok
12:45:31.0312 4060 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:45:31.0312 4060 PartMgr - ok
12:45:31.0375 4060 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
12:45:31.0375 4060 ParVdm - ok
12:45:31.0406 4060 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
12:45:31.0406 4060 PCI - ok
12:45:31.0421 4060 PCIDump - ok
12:45:31.0468 4060 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:45:31.0468 4060 PCIIde - ok
12:45:31.0546 4060 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:45:31.0546 4060 Pcmcia - ok
12:45:31.0578 4060 PDCOMP - ok
12:45:31.0593 4060 PDFRAME - ok
12:45:31.0625 4060 PDRELI - ok
12:45:31.0640 4060 PDRFRAME - ok
12:45:31.0671 4060 perc2 - ok
12:45:31.0687 4060 perc2hib - ok
12:45:31.0750 4060 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
12:45:31.0750 4060 PlugPlay - ok
12:45:31.0781 4060 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:45:31.0796 4060 PolicyAgent - ok
12:45:31.0828 4060 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:45:31.0828 4060 PptpMiniport - ok
12:45:31.0906 4060 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
12:45:31.0906 4060 Processor - ok
12:45:31.0921 4060 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:45:31.0921 4060 ProtectedStorage - ok
12:45:31.0968 4060 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:45:31.0968 4060 PSched - ok
12:45:32.0031 4060 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
12:45:32.0031 4060 PSI_SVC_2 - ok
12:45:32.0109 4060 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:45:32.0109 4060 Ptilink - ok
12:45:32.0171 4060 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:45:32.0171 4060 PxHelp20 - ok
12:45:32.0187 4060 ql1080 - ok
12:45:32.0218 4060 Ql10wnt - ok
12:45:32.0234 4060 ql12160 - ok
12:45:32.0265 4060 ql1240 - ok
12:45:32.0281 4060 ql1280 - ok
12:45:32.0312 4060 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:45:32.0312 4060 RasAcd - ok
12:45:32.0390 4060 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
12:45:32.0390 4060 RasAuto - ok
12:45:32.0468 4060 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:45:32.0468 4060 Rasl2tp - ok
12:45:32.0515 4060 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
12:45:32.0515 4060 RasMan - ok
12:45:32.0562 4060 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:45:32.0562 4060 RasPppoe - ok
12:45:32.0625 4060 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:45:32.0625 4060 Raspti - ok
12:45:32.0671 4060 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:45:32.0671 4060 Rdbss - ok
12:45:32.0703 4060 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:45:32.0703 4060 RDPCDD - ok
12:45:32.0765 4060 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:45:32.0765 4060 rdpdr - ok
12:45:32.0843 4060 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
12:45:32.0843 4060 RDPWD - ok
12:45:32.0890 4060 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
12:45:32.0890 4060 RDSessMgr - ok
12:45:32.0953 4060 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:45:32.0953 4060 redbook - ok
12:45:33.0015 4060 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
12:45:33.0015 4060 RemoteAccess - ok
12:45:33.0046 4060 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
12:45:33.0046 4060 RemoteRegistry - ok
12:45:33.0093 4060 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
12:45:33.0093 4060 RFCOMM - ok
12:45:33.0140 4060 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\System32\locator.exe
12:45:33.0140 4060 RpcLocator - ok
12:45:33.0234 4060 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
12:45:33.0234 4060 RpcSs - ok
12:45:33.0281 4060 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
12:45:33.0281 4060 RSVP - ok
12:45:33.0328 4060 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
12:45:33.0328 4060 RTL8023xp - ok
12:45:33.0375 4060 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
12:45:33.0375 4060 SamSs - ok
12:45:33.0453 4060 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
12:45:33.0453 4060 SCardSvr - ok
12:45:33.0484 4060 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
12:45:33.0484 4060 Schedule - ok
12:45:33.0546 4060 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:45:33.0546 4060 Secdrv - ok
12:45:33.0578 4060 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
12:45:33.0578 4060 seclogon - ok
12:45:33.0609 4060 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
12:45:33.0609 4060 SENS - ok
12:45:33.0687 4060 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:45:33.0687 4060 serenum - ok
12:45:33.0703 4060 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
12:45:33.0703 4060 Serial - ok
12:45:33.0750 4060 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:45:33.0750 4060 Sfloppy - ok
12:45:33.0796 4060 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
12:45:33.0796 4060 SharedAccess - ok
12:45:33.0843 4060 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
12:45:33.0843 4060 ShellHWDetection - ok
12:45:33.0890 4060 Simbad - ok
12:45:33.0953 4060 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
12:45:33.0953 4060 SkypeUpdate - ok
12:45:34.0000 4060 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:45:34.0000 4060 SLIP - ok
12:45:34.0062 4060 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
12:45:34.0062 4060 Sony Ericsson PCCompanion - ok
12:45:34.0109 4060 Sparrow - ok
12:45:34.0156 4060 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:45:34.0156 4060 splitter - ok
12:45:34.0218 4060 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:45:34.0218 4060 Spooler - ok
12:45:34.0250 4060 sptd - ok
12:45:34.0296 4060 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
12:45:34.0296 4060 sr - ok
12:45:34.0359 4060 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
12:45:34.0359 4060 srservice - ok
12:45:34.0406 4060 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:45:34.0406 4060 Srv - ok
12:45:34.0484 4060 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
12:45:34.0484 4060 ssadbus - ok
12:45:34.0515 4060 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
12:45:34.0515 4060 ssadmdfl - ok
12:45:34.0562 4060 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
12:45:34.0562 4060 ssadmdm - ok
12:45:34.0609 4060 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
12:45:34.0609 4060 ssadserd - ok
12:45:34.0703 4060 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
12:45:34.0703 4060 sscdbus - ok
12:45:34.0734 4060 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
12:45:34.0734 4060 sscdmdfl - ok
12:45:34.0765 4060 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
12:45:34.0765 4060 sscdmdm - ok
12:45:34.0812 4060 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
12:45:34.0812 4060 SSDPSRV - ok
12:45:34.0859 4060 SSPORT (ef3458337d7341a05169cefc73709264) C:\WINDOWS\system32\Drivers\SSPORT.sys
12:45:34.0859 4060 SSPORT - ok
12:45:34.0890 4060 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
12:45:34.0906 4060 stisvc - ok
12:45:34.0968 4060 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:45:34.0968 4060 streamip - ok
12:45:35.0015 4060 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:45:35.0015 4060 swenum - ok
12:45:35.0140 4060 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:45:35.0140 4060 SwitchBoard - ok
12:45:35.0234 4060 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:45:35.0234 4060 swmidi - ok
12:45:35.0250 4060 SwPrv - ok
12:45:35.0281 4060 symc810 - ok
12:45:35.0296 4060 symc8xx - ok
12:45:35.0328 4060 sym_hi - ok
12:45:35.0343 4060 sym_u3 - ok
12:45:35.0390 4060 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:45:35.0390 4060 sysaudio - ok
12:45:35.0453 4060 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
12:45:35.0453 4060 SysmonLog - ok
12:45:35.0500 4060 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
12:45:35.0500 4060 TapiSrv - ok
12:45:35.0593 4060 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:45:35.0593 4060 Tcpip - ok
12:45:35.0640 4060 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:45:35.0640 4060 TDPIPE - ok
12:45:35.0671 4060 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:45:35.0671 4060 TDTCP - ok
12:45:35.0750 4060 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:45:35.0750 4060 TermDD - ok
12:45:35.0812 4060 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
12:45:35.0812 4060 TermService - ok
12:45:35.0859 4060 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
12:45:35.0859 4060 Themes - ok
12:45:35.0906 4060 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\System32\tlntsvr.exe
12:45:35.0906 4060 TlntSvr - ok
12:45:35.0968 4060 TosIde - ok
12:45:36.0015 4060 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
12:45:36.0015 4060 TrkWks - ok
12:45:36.0062 4060 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:45:36.0062 4060 Udfs - ok
12:45:36.0109 4060 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
12:45:36.0109 4060 UleadBurningHelper - ok
12:45:36.0171 4060 ultra - ok
12:45:36.0250 4060 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:45:36.0250 4060 Update - ok
12:45:36.0296 4060 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
12:45:36.0312 4060 upnphost - ok
12:45:36.0343 4060 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
12:45:36.0343 4060 UPS - ok
12:45:36.0390 4060 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:45:36.0390 4060 usbccgp - ok
12:45:36.0468 4060 USBCCID (2825e0e294686a26506690059e1f437a) C:\WINDOWS\system32\DRIVERS\usbccid.sys
12:45:36.0468 4060 USBCCID - ok
12:45:36.0515 4060 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:45:36.0515 4060 usbehci - ok
12:45:36.0562 4060 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:45:36.0562 4060 usbhub - ok
12:45:36.0625 4060 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:45:36.0625 4060 usbohci - ok
12:45:36.0687 4060 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:45:36.0687 4060 usbprint - ok
12:45:36.0734 4060 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:45:36.0734 4060 usbscan - ok
12:45:36.0796 4060 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:45:36.0796 4060 USBSTOR - ok
12:45:36.0875 4060 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:45:36.0875 4060 VgaSave - ok
12:45:36.0906 4060 ViaIde - ok
12:45:36.0937 4060 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
12:45:36.0937 4060 VolSnap - ok
12:45:37.0000 4060 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
12:45:37.0000 4060 VSS - ok
12:45:37.0078 4060 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
12:45:37.0078 4060 W32Time - ok
12:45:37.0125 4060 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:45:37.0125 4060 Wanarp - ok
12:45:37.0203 4060 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
12:45:37.0203 4060 Wdf01000 - ok
12:45:37.0265 4060 WDICA - ok
12:45:37.0312 4060 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:45:37.0312 4060 wdmaud - ok
12:45:37.0359 4060 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
12:45:37.0359 4060 WebClient - ok
12:45:37.0406 4060 wfcxacap (0e507042ccefc40b8bb5dde75a7bd0c7) C:\WINDOWS\system32\DRIVERS\wfcxacap.sys
12:45:37.0406 4060 wfcxacap - ok
12:45:37.0484 4060 wfcxatun (b8acb6b48f928ff5e58b1a2dc3fa628c) C:\WINDOWS\system32\drivers\wfcxatun.sys
12:45:37.0500 4060 wfcxatun - ok
12:45:37.0515 4060 wfcxdtun (e32eeeac4ed0249474a2c9b71f1d5a73) C:\WINDOWS\system32\drivers\wfcxdtun.sys
12:45:37.0515 4060 wfcxdtun - ok
12:45:37.0546 4060 wfcxtcap (fc4f80b8c23dbf4d23a9a4ded38cf430) C:\WINDOWS\system32\drivers\wfcxtcap.sys
12:45:37.0562 4060 wfcxtcap - ok
12:45:37.0593 4060 WFCXVCAP (e9905845abc7b3521f642f9c8d08a03e) C:\WINDOWS\system32\drivers\wfcxvcap.sys
12:45:37.0593 4060 WFCXVCAP - ok
12:45:37.0625 4060 wfcxxbar (0aed0d6f83ade999fa6a8e485830e4c5) C:\WINDOWS\system32\drivers\wfcxxbar.sys
12:45:37.0625 4060 wfcxxbar - ok
12:45:37.0671 4060 WIBUKEY (afcea7939925378f867dde6af76f3924) C:\WINDOWS\system32\DRIVERS\WibuKey.sys
12:45:37.0671 4060 WIBUKEY - ok
12:45:37.0765 4060 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:45:37.0765 4060 winmgmt - ok
12:45:37.0859 4060 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
12:45:37.0859 4060 WinRM - ok
12:45:37.0953 4060 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
12:45:37.0953 4060 WinUSB - ok
12:45:38.0000 4060 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:45:38.0015 4060 WmdmPmSN - ok
12:45:38.0093 4060 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
12:45:38.0093 4060 Wmi - ok
12:45:38.0187 4060 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\System32\wbem\wmiapsrv.exe
12:45:38.0187 4060 WmiApSrv - ok
12:45:38.0296 4060 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:45:38.0296 4060 WMPNetworkSvc - ok
12:45:38.0375 4060 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:45:38.0375 4060 WpdUsb - ok
12:45:38.0468 4060 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:45:38.0468 4060 WPFFontCache_v0400 - ok
12:45:38.0515 4060 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:45:38.0515 4060 WS2IFSL - ok
12:45:38.0593 4060 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
12:45:38.0593 4060 wscsvc - ok
12:45:38.0656 4060 WSIMD (0091d78c5f8fde0cdf2b214823de6e48) C:\WINDOWS\system32\DRIVERS\wsimd.sys
12:45:38.0656 4060 WSIMD - ok
12:45:38.0703 4060 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:45:38.0703 4060 WSTCODEC - ok
12:45:38.0781 4060 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
12:45:38.0796 4060 wuauserv - ok
12:45:38.0843 4060 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:45:38.0843 4060 WudfPf - ok
12:45:38.0875 4060 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:45:38.0875 4060 WudfRd - ok
12:45:38.0921 4060 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:45:38.0921 4060 WudfSvc - ok
12:45:39.0015 4060 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
12:45:39.0015 4060 WZCSVC - ok
12:45:39.0078 4060 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
12:45:39.0078 4060 xmlprov - ok
12:45:39.0093 4060 MBR (0x1B8) (faacde0542989a34aaea8650dd223935) \Device\Harddisk0\DR0
12:45:39.0125 4060 \Device\Harddisk0\DR0 - ok
12:45:39.0125 4060 MBR (0x1B8) (8548a4bd85bff9512789e36382a4c809) \Device\Harddisk1\DR1
12:45:39.0156 4060 \Device\Harddisk1\DR1 - ok
12:45:39.0156 4060 MBR (0x1B8) (faacde0542989a34aaea8650dd223935) \Device\Harddisk2\DR2
12:45:39.0171 4060 \Device\Harddisk2\DR2 - ok
12:45:39.0578 4060 MBR (0x1B8) (faacde0542989a34aaea8650dd223935) \Device\Harddisk3\DR3
12:45:39.0625 4060 \Device\Harddisk3\DR3 - ok
12:45:39.0625 4060 Boot (0x1200) (33ed982f6ce5e41dc63b77efcc5b4bf9) \Device\Harddisk0\DR0\Partition0
12:45:39.0625 4060 \Device\Harddisk0\DR0\Partition0 - ok
12:45:39.0625 4060 Boot (0x1200) (7398844371f2804edac43da9e0d912b9) \Device\Harddisk2\DR2\Partition0
12:45:39.0640 4060 \Device\Harddisk2\DR2\Partition0 - ok
12:45:39.0687 4060 Boot (0x1200) (072255499779b0f88ca647eb00dcc86c) \Device\Harddisk3\DR3\Partition0
12:45:39.0687 4060 \Device\Harddisk3\DR3\Partition0 - ok
12:45:39.0687 4060 ============================================================
12:45:39.0687 4060 Scan finished
12:45:39.0687 4060 ============================================================
12:45:39.0703 4020 Detected object count: 1
12:45:39.0703 4020 Actual detected object count: 1
12:45:49.0656 4020 Dio06 ( LockedFile.Multi.Generic ) - skipped by user
12:45:49.0656 4020 Dio06 ( LockedFile.Multi.Generic ) - User select action: Skip
12:45:57.0921 2104 Deinitialize success


ComboFix 12-03-30.06 - Jirka 01.04.2012 12:25:16.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2590 [GMT 2:00]
Spuštěný z: e:\pc\Antiviry\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Dvbpws.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-01 do 2012-04-01 )))))))))))))))))))))))))))))))
.
.
2012-03-30 17:06 . 2012-03-30 17:06 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-28 11:21 . 2012-03-28 11:21 -------- d-----w- c:\program files\ESET
2012-03-28 11:21 . 2012-03-28 11:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2012-03-26 14:16 . 2012-03-26 14:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Protexis
2012-03-26 14:16 . 2012-03-26 14:16 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Corel
2012-03-26 14:06 . 2012-03-26 14:06 348256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2012-03-26 14:05 . 2012-03-26 14:05 348256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2012-03-26 14:04 . 2012-03-28 19:12 416 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2012-03-26 14:03 . 2012-03-26 14:03 -------- d-----w- c:\program files\Microsoft SDKs
2012-03-26 14:03 . 2012-03-26 14:03 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2012-03-26 14:02 . 2012-03-26 14:02 -------- d-----w- c:\program files\gs
2012-03-26 14:02 . 2012-03-26 14:02 -------- d-----w- c:\program files\Common Files\Corel
2012-03-26 14:01 . 2012-03-26 14:01 -------- d-----w- c:\program files\Common Files\Protexis
2012-03-26 14:01 . 2012-03-26 14:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Corel
2012-03-26 13:57 . 2012-03-26 13:57 -------- d-----w- c:\program files\Corel
2012-03-26 09:58 . 2012-03-26 09:58 -------- d-----w- c:\program files\Common Files\Skype
2012-03-26 07:48 . 2012-03-28 11:09 53632 ----a-w- c:\windows\system32\drivers\Dio06.sys
2012-03-20 23:20 . 2010-07-09 22:38 61440 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-20 23:20 . 2010-07-09 22:38 13549568 ----a-w- c:\windows\system32\nvoglnt.dll
2012-03-20 23:20 . 2010-07-09 22:38 4595712 ----a-w- c:\windows\system32\nvcuda.dll
2012-03-20 23:20 . 2010-07-09 22:38 2914408 ----a-w- c:\windows\system32\nvcuvid.dll
2012-03-20 23:20 . 2010-07-09 22:38 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-03-20 23:20 . 2010-07-09 22:38 236136 ----a-w- c:\windows\system32\nvcodins.dll
2012-03-20 23:20 . 2010-07-09 22:38 236136 ----a-w- c:\windows\system32\nvcod.dll
2012-03-20 23:20 . 2010-07-09 22:38 2195030 ----a-w- c:\windows\system32\nvdata.bin
2012-03-20 23:20 . 2010-07-09 22:38 1388544 ----a-w- c:\windows\system32\nvapi.dll
2012-03-20 23:20 . 2010-07-09 22:38 10260480 ----a-w- c:\windows\system32\nvcompiler.dll
2012-03-20 23:20 . 2012-03-20 23:20 -------- d-----w- C:\NVIDIA
2012-03-19 22:20 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2012-03-19 22:20 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\UpdatusUser
2012-03-19 21:09 . 2012-03-19 21:09 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\DDMSettings
2012-03-18 19:37 . 2012-03-18 19:37 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-18 19:37 . 2012-03-18 19:37 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-03-13 22:48 . 2012-03-13 22:48 -------- d-----w- c:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2012-03-13 22:47 . 2012-03-20 23:24 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-03-13 22:47 . 2012-03-20 23:24 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-03-13 22:47 . 2012-03-20 23:24 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-03-13 20:14 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2012-03-13 20:11 . 2012-02-29 23:58 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-03-13 20:11 . 2012-02-29 23:58 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-03-12 08:44 . 2012-03-12 08:44 -------- d-----w- c:\program files\GeoGet
2012-03-12 08:37 . 2012-03-28 17:34 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\GeoGet
2012-03-10 20:52 . 1996-09-30 17:46 24576 ------w- c:\windows\UniFISH.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-30 17:06 . 2011-10-03 14:59 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-25 09:53 . 2012-02-25 09:53 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\NewShortcut3_6D20AC6FF7844F04BE4C6D94A1805157.exe
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\NewShortcut2_6D20AC6FF7844F04BE4C6D94A1805157.exe
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\ARPPRODUCTICON.exe
2012-02-03 09:57 . 2001-10-25 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:07 . 2012-02-18 18:09 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2011-10-03 06:37 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2012-03-18 19:37 . 2011-10-03 07:35 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-30_22.13.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-01 10:05 . 2012-04-01 10:05 16384 c:\windows\Temp\Perflib_Perfdata_290.dat
+ 2012-03-31 19:38 . 2012-03-31 19:38 3620808 c:\windows\system32\FNTCACHE.DAT
- 2012-03-29 08:48 . 2012-03-29 08:48 3620808 c:\windows\system32\FNTCACHE.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-05-21 561263]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 3080264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Nika\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\Jirka\Nabídka Start\Programy\Po spuštění\
MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2012-2-13 18097128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Dio06.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Graphisoft\\ArchiCAD 11\\ArchiCAD.exe"=
"e:\\NIKA dokumenty\\Unreal Tournament 2004\\System\\UT2004.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"e:\\WOW\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe"=
"e:\\WOW\\World of Warcraft\\Launcher.exe"=
"e:\\WOW\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 Dio06;Dio06;c:\windows\system32\drivers\Dio06.sys [26.3.2012 9:48 53632]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 9:20 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [4.8.2011 9:20 103112]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [1.5.2011 23:36 9856]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 14:55 85344]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [22.9.2011 12:03 974944]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\bin\fbguard.exe -s --> c:\program files\Firebird\bin\fbguard.exe -s [?]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [23.12.2010 8:06 5120]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [1.5.2011 23:36 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [1.5.2011 23:36 167040]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [16.12.2011 22:38 1714176]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\bin\fbserver.exe -s --> c:\program files\Firebird\bin\fbserver.exe -s [?]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [1.5.2011 23:36 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [1.5.2011 23:36 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [1.5.2011 23:36 10496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.1.2012 23:53 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [20.3.2012 0:20 2348352]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 8:50 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30.3.2012 19:06 253600]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.10.2011 17:24 1691480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [14.12.2011 22:50 30312]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [23.1.2012 23:53 136176]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\MSI\Live Update 5\msibios32_100507.sys [3.10.2011 18:18 25912]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [3.10.2011 18:18 7680]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [4.10.2011 21:14 155344]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [14.12.2011 22:50 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [14.12.2011 22:50 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [14.12.2011 22:50 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [14.12.2011 22:50 114280]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [25.10.2001 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:06]
.
2012-01-21 c:\windows\Tasks\AdobeAAMUpdater-1.0-LOJZA-Nika.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-09-16 13:04]
.
2012-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-23 21:53]
.
2012-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-23 21:53]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\dn1qh2zu.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\Metapad\metapad.exe" "%1"
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-01 12:33
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-04-01 12:34:34
ComboFix-quarantined-files.txt 2012-04-01 10:34
ComboFix2.txt 2012-03-31 18:58
ComboFix3.txt 2012-03-30 22:14
.
Před spuštěním: Volných bajtů: 44 973 641 728
Po spuštění: Volných bajtů: 44 955 942 912
.
- - End Of File - - B3C0FE523E076C654B0121B90DC20F7F

Díky, jdu na to.

Předchozí log z comfixu

ComboFix 12-03-30.06 - Jirka 31.03.2012 0:08.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2646 [GMT 2:00]
Spuštěný z: e:\pc\Antiviry\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Documents
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\muzapp.exe
E:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-30 )))))))))))))))))))))))))))))))
.
.
2012-03-30 17:06 . 2012-03-30 17:06 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-28 11:21 . 2012-03-28 11:21 -------- d-----w- c:\program files\ESET
2012-03-28 11:21 . 2012-03-28 11:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2012-03-26 14:16 . 2012-03-26 14:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Protexis
2012-03-26 14:16 . 2012-03-26 14:16 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Corel
2012-03-26 14:06 . 2012-03-26 14:06 348256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2012-03-26 14:05 . 2012-03-26 14:05 348256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2012-03-26 14:04 . 2012-03-28 19:12 416 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2012-03-26 14:03 . 2012-03-26 14:03 -------- d-----w- c:\program files\Microsoft SDKs
2012-03-26 14:03 . 2012-03-26 14:03 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2012-03-26 14:02 . 2012-03-26 14:02 -------- d-----w- c:\program files\gs
2012-03-26 14:02 . 2012-03-26 14:02 -------- d-----w- c:\program files\Common Files\Corel
2012-03-26 14:01 . 2012-03-26 14:01 -------- d-----w- c:\program files\Common Files\Protexis
2012-03-26 14:01 . 2012-03-26 14:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Corel
2012-03-26 13:57 . 2012-03-26 13:57 -------- d-----w- c:\program files\Corel
2012-03-26 09:58 . 2012-03-26 09:58 -------- d-----w- c:\program files\Common Files\Skype
2012-03-26 07:48 . 2012-03-28 11:09 53632 ----a-w- c:\windows\system32\drivers\Dio06.sys
2012-03-20 23:20 . 2010-07-09 22:38 61440 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-20 23:20 . 2010-07-09 22:38 13549568 ----a-w- c:\windows\system32\nvoglnt.dll
2012-03-20 23:20 . 2010-07-09 22:38 4595712 ----a-w- c:\windows\system32\nvcuda.dll
2012-03-20 23:20 . 2010-07-09 22:38 2914408 ----a-w- c:\windows\system32\nvcuvid.dll
2012-03-20 23:20 . 2010-07-09 22:38 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-03-20 23:20 . 2010-07-09 22:38 236136 ----a-w- c:\windows\system32\nvcodins.dll
2012-03-20 23:20 . 2010-07-09 22:38 236136 ----a-w- c:\windows\system32\nvcod.dll
2012-03-20 23:20 . 2010-07-09 22:38 2195030 ----a-w- c:\windows\system32\nvdata.bin
2012-03-20 23:20 . 2010-07-09 22:38 1388544 ----a-w- c:\windows\system32\nvapi.dll
2012-03-20 23:20 . 2010-07-09 22:38 10260480 ----a-w- c:\windows\system32\nvcompiler.dll
2012-03-20 23:20 . 2012-03-20 23:20 -------- d-----w- C:\NVIDIA
2012-03-19 22:20 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2012-03-19 22:20 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\UpdatusUser
2012-03-19 21:09 . 2012-03-19 21:09 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\DDMSettings
2012-03-18 19:37 . 2012-03-18 19:37 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-18 19:37 . 2012-03-18 19:37 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-03-13 22:48 . 2012-03-13 22:48 -------- d-----w- c:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2012-03-13 22:47 . 2012-03-20 23:24 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-03-13 22:47 . 2012-03-20 23:24 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-03-13 22:47 . 2012-03-20 23:24 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-03-13 20:14 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2012-03-13 20:11 . 2012-02-29 23:58 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-03-13 20:11 . 2012-02-29 23:58 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-03-12 08:44 . 2012-03-12 08:44 -------- d-----w- c:\program files\GeoGet
2012-03-12 08:37 . 2012-03-28 17:34 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\GeoGet
2012-03-10 20:52 . 1996-09-30 17:46 24576 ------w- c:\windows\UniFISH.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-30 17:06 . 2011-10-03 14:59 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-25 09:53 . 2012-02-25 09:53 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\NewShortcut3_6D20AC6FF7844F04BE4C6D94A1805157.exe
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\NewShortcut2_6D20AC6FF7844F04BE4C6D94A1805157.exe
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\ARPPRODUCTICON.exe
2012-02-03 09:57 . 2001-10-25 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:07 . 2012-02-18 18:09 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2011-10-03 06:37 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2012-03-18 19:37 . 2011-10-03 07:35 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-05-21 561263]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 3080264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Nika\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\Jirka\Nabídka Start\Programy\Po spuštění\
MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2012-2-13 18097128]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Dio06.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Graphisoft\\ArchiCAD 11\\ArchiCAD.exe"=
"e:\\NIKA dokumenty\\Unreal Tournament 2004\\System\\UT2004.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"e:\\WOW\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe"=
"e:\\WOW\\World of Warcraft\\Launcher.exe"=
"e:\\WOW\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 Dio06;Dio06;c:\windows\system32\drivers\Dio06.sys [26.3.2012 9:48 53632]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 9:20 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [4.8.2011 9:20 103112]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [1.5.2011 23:36 9856]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 14:55 85344]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [22.9.2011 12:03 974944]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\bin\fbguard.exe -s --> c:\program files\Firebird\bin\fbguard.exe -s [?]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [23.12.2010 8:06 5120]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [1.5.2011 23:36 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [1.5.2011 23:36 167040]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [16.12.2011 22:38 1714176]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\bin\fbserver.exe -s --> c:\program files\Firebird\bin\fbserver.exe -s [?]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [1.5.2011 23:36 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [1.5.2011 23:36 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [1.5.2011 23:36 10496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.1.2012 23:53 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [20.3.2012 0:20 2348352]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 8:50 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30.3.2012 19:06 253600]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.10.2011 17:24 1691480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [14.12.2011 22:50 30312]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [23.1.2012 23:53 136176]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\MSI\Live Update 5\msibios32_100507.sys [3.10.2011 18:18 25912]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [3.10.2011 18:18 7680]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [4.10.2011 21:14 155344]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [14.12.2011 22:50 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [14.12.2011 22:50 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [14.12.2011 22:50 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [14.12.2011 22:50 114280]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [25.10.2001 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:06]
.
2012-01-21 c:\windows\Tasks\AdobeAAMUpdater-1.0-LOJZA-Nika.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-09-16 13:04]
.
2012-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-23 21:53]
.
2012-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-23 21:53]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\dn1qh2zu.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\Metapad\metapad.exe" "%1"
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{4857813C-C591-4B72-8695-91ECEA588323} - (no file)
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver - c:\program files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView - c:\program files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX - c:\program files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update - c:\program files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-31 00:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-03-31 00:14:47
ComboFix-quarantined-files.txt 2012-03-30 22:14
.
Před spuštěním: Volných bajtů: 38 153 814 016
Po spuštění: Volných bajtů: 38 223 233 024
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer
.
- - End Of File - - D43BFF75835D972D14752E08A6E18EDC

A ještě log z TDSS

23:35:04.0203 1720 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
23:35:04.0359 1720 ============================================================
23:35:04.0359 1720 Current date / time: 2012/03/30 23:35:04.0359
23:35:04.0359 1720 SystemInfo:
23:35:04.0359 1720
23:35:04.0359 1720 OS Version: 5.1.2600 ServicePack: 3.0
23:35:04.0359 1720 Product type: Workstation
23:35:04.0359 1720 ComputerName: LOJZA
23:35:04.0359 1720 UserName: Jirka
23:35:04.0359 1720 Windows directory: C:\WINDOWS
23:35:04.0359 1720 System windows directory: C:\WINDOWS
23:35:04.0359 1720 Processor architecture: Intel x86
23:35:04.0359 1720 Number of processors: 2
23:35:04.0359 1720 Page size: 0x1000
23:35:04.0359 1720 Boot type: Normal boot
23:35:04.0359 1720 ============================================================
23:35:05.0546 1720 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x271B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:35:08.0703 1720 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:35:08.0718 1720 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:35:08.0734 1720 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:35:08.0750 1720 Drive \Device\Harddisk8\DR18 - Size: 0x75E00000 (1.84 Gb), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:35:08.0750 1720 \Device\Harddisk0\DR0:
23:35:08.0750 1720 MBR used
23:35:08.0750 1720 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x995C65B
23:35:08.0750 1720 \Device\Harddisk1\DR1:
23:35:08.0750 1720 MBR used
23:35:08.0765 1720 \Device\Harddisk2\DR2:
23:35:08.0765 1720 MBR used
23:35:08.0765 1720 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
23:35:08.0765 1720 \Device\Harddisk3\DR3:
23:35:08.0781 1720 MBR used
23:35:08.0781 1720 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
23:35:08.0781 1720 \Device\Harddisk8\DR18:
23:35:08.0781 1720 MBR used
23:35:08.0781 1720 \Device\Harddisk8\DR18\Partition0: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
23:35:08.0937 1720 Initialize success
23:35:08.0937 1720 ============================================================
23:35:11.0750 3340 ============================================================
23:35:11.0750 3340 Scan started
23:35:11.0750 3340 Mode: Manual;
23:35:11.0750 3340 ============================================================
23:35:12.0093 3340 602XML Updater (f11d68e40ed62fdb7c460c445f1ec4e5) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
23:35:12.0093 3340 602XML Updater - ok
23:35:12.0140 3340 Abiosdsk - ok
23:35:12.0171 3340 abp480n5 - ok
23:35:12.0187 3340 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
23:35:12.0203 3340 ACDaemon - ok
23:35:12.0250 3340 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:35:12.0250 3340 ACPI - ok
23:35:12.0296 3340 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:35:12.0296 3340 ACPIEC - ok
23:35:12.0359 3340 ACS (5ac144f03b31afab6717ad3622d1680d) C:\WINDOWS\system32\acs.exe
23:35:12.0375 3340 ACS - ok
23:35:12.0484 3340 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:35:12.0484 3340 AdobeFlashPlayerUpdateSvc - ok
23:35:12.0500 3340 adpu160m - ok
23:35:12.0562 3340 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:35:12.0578 3340 aec - ok
23:35:12.0625 3340 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:35:12.0625 3340 AFD - ok
23:35:12.0671 3340 Aha154x - ok
23:35:12.0703 3340 aic78u2 - ok
23:35:12.0734 3340 aic78xx - ok
23:35:12.0765 3340 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
23:35:12.0765 3340 Alerter - ok
23:35:12.0796 3340 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
23:35:12.0812 3340 ALG - ok
23:35:12.0828 3340 AliIde - ok
23:35:12.0937 3340 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
23:35:13.0000 3340 Ambfilt - ok
23:35:13.0062 3340 AmdK8 (99bd5596b5d06c2ead3cecc6f11999f5) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
23:35:13.0078 3340 AmdK8 - ok
23:35:13.0093 3340 amsint - ok
23:35:13.0156 3340 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
23:35:13.0156 3340 androidusb - ok
23:35:13.0203 3340 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
23:35:13.0203 3340 AppMgmt - ok
23:35:13.0312 3340 AR9271 (8e2257584b2c52d44b4cb1949947d885) C:\WINDOWS\system32\DRIVERS\athuw.sys
23:35:13.0375 3340 AR9271 - ok
23:35:13.0421 3340 asc - ok
23:35:13.0453 3340 asc3350p - ok
23:35:13.0484 3340 asc3550 - ok
23:35:13.0531 3340 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:35:13.0546 3340 aspnet_state - ok
23:35:13.0578 3340 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:35:13.0578 3340 AsyncMac - ok
23:35:13.0609 3340 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:35:13.0609 3340 atapi - ok
23:35:13.0656 3340 Atdisk - ok
23:35:13.0718 3340 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:35:13.0734 3340 Atmarpc - ok
23:35:13.0781 3340 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
23:35:13.0781 3340 AudioSrv - ok
23:35:13.0828 3340 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:35:13.0843 3340 audstub - ok
23:35:13.0890 3340 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:35:13.0890 3340 Beep - ok
23:35:13.0984 3340 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
23:35:13.0984 3340 BITS - ok
23:35:14.0031 3340 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
23:35:14.0031 3340 Browser - ok
23:35:14.0078 3340 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
23:35:14.0093 3340 BthEnum - ok
23:35:14.0171 3340 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
23:35:14.0187 3340 BTHMODEM - ok
23:35:14.0234 3340 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
23:35:14.0250 3340 BthPan - ok
23:35:14.0296 3340 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
23:35:14.0312 3340 BTHPORT - ok
23:35:14.0359 3340 BthServ (70ca4b3f634c9dca200832f8da76e009) C:\WINDOWS\System32\bthserv.dll
23:35:14.0359 3340 BthServ - ok
23:35:14.0406 3340 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
23:35:14.0421 3340 BTHUSB - ok
23:35:14.0484 3340 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:35:14.0484 3340 cbidf2k - ok
23:35:14.0515 3340 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:35:14.0531 3340 CCDECODE - ok
23:35:14.0546 3340 cd20xrnt - ok
23:35:14.0593 3340 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:35:14.0593 3340 Cdaudio - ok
23:35:14.0640 3340 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:35:14.0640 3340 Cdfs - ok
23:35:14.0703 3340 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:35:14.0718 3340 Cdrom - ok
23:35:14.0734 3340 Changer - ok
23:35:14.0781 3340 cisvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\System32\cisvc.exe
23:35:14.0781 3340 cisvc - ok
23:35:14.0828 3340 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
23:35:14.0828 3340 ClipSrv - ok
23:35:14.0859 3340 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:35:14.0906 3340 clr_optimization_v2.0.50727_32 - ok
23:35:15.0015 3340 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:35:15.0015 3340 clr_optimization_v4.0.30319_32 - ok
23:35:15.0046 3340 CmdIde - ok
23:35:15.0062 3340 COMSysApp - ok
23:35:15.0093 3340 Cpqarray - ok
23:35:15.0140 3340 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
23:35:15.0140 3340 CryptSvc - ok
23:35:15.0171 3340 dac2w2k - ok
23:35:15.0187 3340 dac960nt - ok
23:35:15.0265 3340 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
23:35:15.0265 3340 DcomLaunch - ok
23:35:15.0312 3340 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
23:35:15.0312 3340 Dhcp - ok
23:35:15.0390 3340 Dio06 (7b8ef391d8bf6cecc8c8712cd03170ad) C:\WINDOWS\system32\Drivers\Dio06.sys
23:35:15.0390 3340 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\Dio06.sys. md5: 7b8ef391d8bf6cecc8c8712cd03170ad
23:35:15.0390 3340 Dio06 ( LockedFile.Multi.Generic ) - warning
23:35:15.0390 3340 Dio06 - detected LockedFile.Multi.Generic (1)
23:35:15.0437 3340 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:35:15.0437 3340 Disk - ok
23:35:15.0468 3340 dmadmin - ok
23:35:15.0515 3340 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
23:35:15.0562 3340 dmboot - ok
23:35:15.0609 3340 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
23:35:15.0609 3340 dmio - ok
23:35:15.0656 3340 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:35:15.0656 3340 dmload - ok
23:35:15.0703 3340 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
23:35:15.0703 3340 dmserver - ok
23:35:15.0765 3340 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:35:15.0765 3340 DMusic - ok
23:35:15.0812 3340 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
23:35:15.0812 3340 Dnscache - ok
23:35:15.0859 3340 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
23:35:15.0875 3340 Dot3svc - ok
23:35:15.0906 3340 dpti2o - ok
23:35:15.0921 3340 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:35:15.0937 3340 drmkaud - ok
23:35:15.0984 3340 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
23:35:15.0984 3340 eamon - ok
23:35:16.0015 3340 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
23:35:16.0015 3340 EapHost - ok
23:35:16.0078 3340 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
23:35:16.0093 3340 ehdrv - ok
23:35:16.0203 3340 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
23:35:16.0218 3340 ekrn - ok
23:35:16.0281 3340 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
23:35:16.0312 3340 epfwtdir - ok
23:35:16.0359 3340 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
23:35:16.0359 3340 ERSvc - ok
23:35:16.0406 3340 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
23:35:16.0406 3340 Eventlog - ok
23:35:16.0468 3340 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\System32\es.dll
23:35:16.0468 3340 EventSystem - ok
23:35:16.0546 3340 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:35:16.0546 3340 Fastfat - ok
23:35:16.0593 3340 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
23:35:16.0593 3340 FastUserSwitchingCompatibility - ok
23:35:16.0640 3340 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:35:16.0656 3340 Fdc - ok
23:35:16.0703 3340 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
23:35:16.0703 3340 Fips - ok
23:35:16.0765 3340 FirebirdGuardianDefaultInstance - ok
23:35:16.0765 3340 FirebirdServerDefaultInstance - ok
23:35:16.0796 3340 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:35:16.0812 3340 Flpydisk - ok
23:35:16.0875 3340 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:35:16.0875 3340 FltMgr - ok
23:35:16.0937 3340 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:35:16.0937 3340 FontCache3.0.0.0 - ok
23:35:16.0984 3340 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:35:16.0984 3340 Fs_Rec - ok
23:35:17.0015 3340 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:35:17.0015 3340 Ftdisk - ok
23:35:17.0062 3340 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:35:17.0078 3340 Gpc - ok
23:35:17.0187 3340 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
23:35:17.0203 3340 gupdate - ok
23:35:17.0203 3340 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
23:35:17.0203 3340 gupdatem - ok
23:35:17.0265 3340 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:35:17.0265 3340 gusvc - ok
23:35:17.0406 3340 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:35:17.0406 3340 HDAudBus - ok
23:35:17.0484 3340 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:35:17.0484 3340 helpsvc - ok
23:35:17.0515 3340 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
23:35:17.0515 3340 HidServ - ok
23:35:17.0578 3340 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:35:17.0593 3340 hidusb - ok
23:35:17.0640 3340 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
23:35:17.0640 3340 hkmsvc - ok
23:35:17.0671 3340 hpn - ok
23:35:17.0703 3340 hpt3xx - ok
23:35:17.0750 3340 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:35:17.0765 3340 HTTP - ok
23:35:17.0796 3340 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
23:35:17.0796 3340 HTTPFilter - ok
23:35:17.0828 3340 i2omgmt - ok
23:35:17.0843 3340 i2omp - ok
23:35:17.0890 3340 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:35:17.0906 3340 i8042prt - ok
23:35:18.0000 3340 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:35:18.0031 3340 idsvc - ok
23:35:18.0109 3340 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:35:18.0125 3340 Imapi - ok
23:35:18.0187 3340 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\System32\imapi.exe
23:35:18.0187 3340 ImapiService - ok
23:35:18.0218 3340 ini910u - ok
23:35:18.0484 3340 IntcAzAudAddService (09e73e7455e7eac14e25739b30e16b52) C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:35:18.0546 3340 IntcAzAudAddService - ok
23:35:18.0593 3340 IntelIde - ok
23:35:18.0656 3340 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:35:18.0687 3340 ip6fw - ok
23:35:18.0718 3340 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:35:18.0750 3340 IpFilterDriver - ok
23:35:18.0765 3340 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:35:18.0781 3340 IpInIp - ok
23:35:18.0828 3340 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:35:18.0843 3340 IpNat - ok
23:35:18.0906 3340 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:35:18.0921 3340 IPSec - ok
23:35:18.0953 3340 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:35:18.0968 3340 IRENUM - ok
23:35:19.0000 3340 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:35:19.0000 3340 isapnp - ok
23:35:19.0109 3340 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe
23:35:19.0109 3340 JavaQuickStarterService - ok
23:35:19.0187 3340 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:35:19.0203 3340 Kbdclass - ok
23:35:19.0234 3340 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:35:19.0250 3340 kbdhid - ok
23:35:19.0312 3340 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:35:19.0312 3340 kmixer - ok
23:35:19.0359 3340 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:35:19.0359 3340 KSecDD - ok
23:35:19.0453 3340 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
23:35:19.0453 3340 lanmanserver - ok
23:35:19.0515 3340 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
23:35:19.0515 3340 lanmanworkstation - ok
23:35:19.0531 3340 lbrtfdc - ok
23:35:19.0578 3340 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
23:35:19.0593 3340 LmHosts - ok
23:35:19.0640 3340 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
23:35:19.0656 3340 MDM - ok
23:35:19.0734 3340 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
23:35:19.0734 3340 Messenger - ok
23:35:19.0812 3340 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:35:19.0812 3340 Microsoft Office Groove Audit Service - ok
23:35:19.0875 3340 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:35:19.0875 3340 mnmdd - ok
23:35:19.0953 3340 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\System32\mnmsrvc.exe
23:35:19.0953 3340 mnmsrvc - ok
23:35:19.0984 3340 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
23:35:19.0984 3340 Modem - ok
23:35:20.0078 3340 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
23:35:20.0125 3340 Monfilt - ok
23:35:20.0250 3340 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:35:20.0312 3340 Mouclass - ok
23:35:20.0359 3340 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:35:20.0375 3340 mouhid - ok
23:35:20.0437 3340 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:35:20.0437 3340 MountMgr - ok
23:35:20.0484 3340 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
23:35:20.0500 3340 MPE - ok
23:35:20.0531 3340 mraid35x - ok
23:35:20.0562 3340 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:35:20.0562 3340 MRxDAV - ok
23:35:20.0625 3340 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:35:20.0640 3340 MRxSmb - ok
23:35:20.0687 3340 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\System32\msdtc.exe
23:35:20.0687 3340 MSDTC - ok
23:35:20.0750 3340 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:35:20.0750 3340 Msfs - ok
23:35:20.0765 3340 MSIServer - ok
23:35:20.0843 3340 MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\Program Files\MSI\Live Update 5\msibios32_100507.sys
23:35:20.0843 3340 MSI_MSIBIOS_010507 - ok
23:35:20.0875 3340 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:35:20.0890 3340 MSKSSRV - ok
23:35:20.0921 3340 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:35:20.0937 3340 MSPCLOCK - ok
23:35:20.0984 3340 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:35:21.0000 3340 MSPQM - ok
23:35:21.0046 3340 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:35:21.0046 3340 mssmbios - ok
23:35:21.0078 3340 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
23:35:21.0093 3340 MSTEE - ok
23:35:21.0156 3340 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:35:21.0156 3340 Mup - ok
23:35:21.0265 3340 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:35:21.0281 3340 NABTSFEC - ok
23:35:21.0359 3340 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
23:35:21.0375 3340 napagent - ok
23:35:21.0421 3340 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:35:21.0421 3340 NDIS - ok
23:35:21.0500 3340 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:35:21.0500 3340 NdisIP - ok
23:35:21.0562 3340 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:35:21.0562 3340 NdisTapi - ok
23:35:21.0593 3340 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:35:21.0609 3340 Ndisuio - ok
23:35:21.0625 3340 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:35:21.0656 3340 NdisWan - ok
23:35:21.0703 3340 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:35:21.0703 3340 NDProxy - ok
23:35:21.0781 3340 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:35:21.0781 3340 NetBIOS - ok
23:35:21.0828 3340 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:35:21.0843 3340 NetBT - ok
23:35:21.0890 3340 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
23:35:21.0890 3340 NetDDE - ok
23:35:21.0906 3340 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
23:35:21.0906 3340 NetDDEdsdm - ok
23:35:21.0953 3340 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
23:35:21.0953 3340 Netlogon - ok
23:35:22.0015 3340 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
23:35:22.0015 3340 Netman - ok
23:35:22.0062 3340 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:35:22.0062 3340 NetTcpPortSharing - ok
23:35:22.0125 3340 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
23:35:22.0125 3340 Nla - ok
23:35:22.0203 3340 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:35:22.0203 3340 Npfs - ok
23:35:22.0375 3340 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:35:22.0406 3340 Ntfs - ok
23:35:22.0484 3340 NTIOLib_1_0_4 (cd2166c9511d336a058cde91778aaa69) C:\Program Files\MSI\Live Update 5\NTIOLib.sys
23:35:22.0484 3340 NTIOLib_1_0_4 - ok
23:35:22.0578 3340 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
23:35:22.0578 3340 NtLmSsp - ok
23:35:22.0640 3340 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
23:35:22.0640 3340 NtmsSvc - ok
23:35:22.0687 3340 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:35:22.0687 3340 Null - ok
23:35:23.0109 3340 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:35:23.0546 3340 nv - ok
23:35:23.0625 3340 NVENETFD (45ba510db13a0496db1cd16826519e03) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23:35:23.0640 3340 NVENETFD - ok
23:35:23.0671 3340 nvnetbus (57cbdb934fb1afb7e03b413d151a6152) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23:35:23.0687 3340 nvnetbus - ok
23:35:23.0734 3340 nvsvc (a2322c6207ebb0761a6c8cc9003ebacf) C:\WINDOWS\system32\nvsvc32.exe
23:35:23.0734 3340 nvsvc - ok
23:35:23.0906 3340 nvUpdatusService (844a25c9e3076edef2b12e0beded755d) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:35:23.0921 3340 nvUpdatusService - ok
23:35:24.0015 3340 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:35:24.0031 3340 NwlnkFlt - ok
23:35:24.0062 3340 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:35:24.0078 3340 NwlnkFwd - ok
23:35:24.0203 3340 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:35:24.0203 3340 odserv - ok
23:35:24.0281 3340 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:35:24.0281 3340 ose - ok
23:35:24.0515 3340 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:35:24.0531 3340 osppsvc - ok
23:35:24.0625 3340 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
23:35:24.0640 3340 Parport - ok
23:35:24.0703 3340 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:35:24.0703 3340 PartMgr - ok
23:35:24.0750 3340 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
23:35:24.0750 3340 ParVdm - ok
23:35:24.0781 3340 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
23:35:24.0781 3340 PCI - ok
23:35:24.0812 3340 PCIDump - ok
23:35:24.0843 3340 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:35:24.0843 3340 PCIIde - ok
23:35:24.0890 3340 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:35:24.0890 3340 Pcmcia - ok
23:35:24.0953 3340 PDCOMP - ok
23:35:24.0984 3340 PDFRAME - ok
23:35:25.0000 3340 PDRELI - ok
23:35:25.0031 3340 PDRFRAME - ok
23:35:25.0062 3340 perc2 - ok
23:35:25.0078 3340 perc2hib - ok
23:35:25.0125 3340 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
23:35:25.0140 3340 PlugPlay - ok
23:35:25.0171 3340 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
23:35:25.0171 3340 PolicyAgent - ok
23:35:25.0218 3340 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:35:25.0234 3340 PptpMiniport - ok
23:35:25.0296 3340 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
23:35:25.0312 3340 Processor - ok
23:35:25.0359 3340 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
23:35:25.0359 3340 ProtectedStorage - ok
23:35:25.0390 3340 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:35:25.0421 3340 PSched - ok
23:35:25.0500 3340 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
23:35:25.0500 3340 PSI_SVC_2 - ok
23:35:25.0562 3340 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:35:25.0578 3340 Ptilink - ok
23:35:25.0625 3340 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:35:25.0625 3340 PxHelp20 - ok
23:35:25.0656 3340 ql1080 - ok
23:35:25.0671 3340 Ql10wnt - ok
23:35:25.0703 3340 ql12160 - ok
23:35:25.0734 3340 ql1240 - ok
23:35:25.0750 3340 ql1280 - ok
23:35:25.0781 3340 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:35:25.0796 3340 RasAcd - ok
23:35:25.0843 3340 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
23:35:25.0843 3340 RasAuto - ok
23:35:25.0921 3340 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:35:25.0937 3340 Rasl2tp - ok
23:35:26.0000 3340 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
23:35:26.0000 3340 RasMan - ok
23:35:26.0031 3340 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:35:26.0046 3340 RasPppoe - ok
23:35:26.0078 3340 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:35:26.0093 3340 Raspti - ok
23:35:26.0171 3340 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:35:26.0171 3340 Rdbss - ok
23:35:26.0250 3340 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:35:26.0265 3340 RDPCDD - ok
23:35:26.0343 3340 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:35:26.0375 3340 rdpdr - ok
23:35:26.0437 3340 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
23:35:26.0437 3340 RDPWD - ok
23:35:26.0484 3340 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
23:35:26.0484 3340 RDSessMgr - ok
23:35:26.0562 3340 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:35:26.0578 3340 redbook - ok
23:35:26.0609 3340 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
23:35:26.0625 3340 RemoteAccess - ok
23:35:26.0656 3340 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
23:35:26.0656 3340 RemoteRegistry - ok
23:35:26.0750 3340 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
23:35:26.0765 3340 RFCOMM - ok
23:35:26.0812 3340 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\System32\locator.exe
23:35:26.0812 3340 RpcLocator - ok
23:35:26.0875 3340 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
23:35:26.0890 3340 RpcSs - ok
23:35:26.0953 3340 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
23:35:26.0953 3340 RSVP - ok
23:35:26.0984 3340 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
23:35:27.0000 3340 RTL8023xp - ok
23:35:27.0046 3340 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
23:35:27.0046 3340 SamSs - ok
23:35:27.0093 3340 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
23:35:27.0109 3340 SCardSvr - ok
23:35:27.0218 3340 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
23:35:27.0218 3340 Schedule - ok
23:35:27.0343 3340 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:35:27.0359 3340 Secdrv - ok
23:35:27.0437 3340 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
23:35:27.0437 3340 seclogon - ok
23:35:27.0468 3340 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
23:35:27.0484 3340 SENS - ok
23:35:27.0515 3340 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:35:27.0531 3340 serenum - ok
23:35:27.0578 3340 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
23:35:27.0609 3340 Serial - ok
23:35:27.0687 3340 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:35:27.0687 3340 Sfloppy - ok
23:35:27.0750 3340 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
23:35:27.0750 3340 SharedAccess - ok
23:35:27.0781 3340 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
23:35:27.0781 3340 ShellHWDetection - ok
23:35:27.0812 3340 Simbad - ok
23:35:27.0875 3340 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
23:35:27.0875 3340 SkypeUpdate - ok
23:35:27.0937 3340 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:35:27.0953 3340 SLIP - ok
23:35:28.0015 3340 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
23:35:28.0015 3340 Sony Ericsson PCCompanion - ok
23:35:28.0046 3340 Sparrow - ok
23:35:28.0093 3340 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:35:28.0109 3340 splitter - ok
23:35:28.0187 3340 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
23:35:28.0187 3340 Spooler - ok
23:35:28.0265 3340 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
23:35:28.0265 3340 sr - ok
23:35:28.0343 3340 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\System32\srsvc.dll
23:35:28.0343 3340 srservice - ok
23:35:28.0406 3340 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:35:28.0421 3340 Srv - ok
23:35:28.0500 3340 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
23:35:28.0515 3340 ssadbus - ok
23:35:28.0546 3340 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
23:35:28.0562 3340 ssadmdfl - ok
23:35:28.0609 3340 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
23:35:28.0640 3340 ssadmdm - ok
23:35:28.0687 3340 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
23:35:28.0703 3340 ssadserd - ok
23:35:28.0781 3340 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
23:35:28.0796 3340 sscdbus - ok
23:35:28.0843 3340 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
23:35:28.0859 3340 sscdmdfl - ok
23:35:28.0890 3340 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
23:35:28.0906 3340 sscdmdm - ok
23:35:28.0953 3340 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
23:35:28.0953 3340 SSDPSRV - ok
23:35:29.0000 3340 SSPORT (ef3458337d7341a05169cefc73709264) C:\WINDOWS\system32\Drivers\SSPORT.sys
23:35:29.0000 3340 SSPORT - ok
23:35:29.0031 3340 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
23:35:29.0031 3340 stisvc - ok
23:35:29.0109 3340 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:35:29.0109 3340 streamip - ok
23:35:29.0171 3340 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:35:29.0203 3340 swenum - ok
23:35:29.0312 3340 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:35:29.0328 3340 SwitchBoard - ok
23:35:29.0484 3340 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:35:29.0546 3340 swmidi - ok
23:35:29.0578 3340 SwPrv - ok
23:35:29.0609 3340 symc810 - ok
23:35:29.0640 3340 symc8xx - ok
23:35:29.0656 3340 sym_hi - ok
23:35:29.0687 3340 sym_u3 - ok
23:35:29.0718 3340 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:35:29.0718 3340 sysaudio - ok
23:35:29.0765 3340 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
23:35:29.0765 3340 SysmonLog - ok
23:35:29.0812 3340 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
23:35:29.0812 3340 TapiSrv - ok
23:35:29.0875 3340 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:35:29.0890 3340 Tcpip - ok
23:35:30.0000 3340 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:35:30.0000 3340 TDPIPE - ok
23:35:30.0031 3340 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:35:30.0031 3340 TDTCP - ok
23:35:30.0062 3340 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:35:30.0109 3340 TermDD - ok
23:35:30.0171 3340 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
23:35:30.0187 3340 TermService - ok
23:35:30.0234 3340 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
23:35:30.0234 3340 Themes - ok
23:35:30.0328 3340 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\System32\tlntsvr.exe
23:35:30.0343 3340 TlntSvr - ok
23:35:30.0375 3340 TosIde - ok
23:35:30.0453 3340 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
23:35:30.0453 3340 TrkWks - ok
23:35:30.0515 3340 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:35:30.0515 3340 Udfs - ok
23:35:30.0562 3340 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
23:35:30.0562 3340 UleadBurningHelper - ok
23:35:30.0609 3340 ultra - ok
23:35:30.0671 3340 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:35:30.0718 3340 Update - ok
23:35:30.0781 3340 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
23:35:30.0781 3340 upnphost - ok
23:35:30.0812 3340 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
23:35:30.0812 3340 UPS - ok
23:35:30.0875 3340 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:35:30.0890 3340 usbccgp - ok
23:35:30.0937 3340 USBCCID (2825e0e294686a26506690059e1f437a) C:\WINDOWS\system32\DRIVERS\usbccid.sys
23:35:30.0968 3340 USBCCID - ok
23:35:31.0015 3340 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:35:31.0031 3340 usbehci - ok
23:35:31.0109 3340 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:35:31.0125 3340 usbhub - ok
23:35:31.0187 3340 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:35:31.0203 3340 usbohci - ok
23:35:31.0265 3340 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:35:31.0281 3340 usbprint - ok
23:35:31.0343 3340 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:35:31.0359 3340 usbscan - ok
23:35:31.0437 3340 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:35:31.0453 3340 USBSTOR - ok
23:35:31.0500 3340 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:35:31.0500 3340 VgaSave - ok
23:35:31.0531 3340 ViaIde - ok
23:35:31.0578 3340 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
23:35:31.0578 3340 VolSnap - ok
23:35:31.0640 3340 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
23:35:31.0640 3340 VSS - ok
23:35:31.0687 3340 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\System32\w32time.dll
23:35:31.0703 3340 W32Time - ok
23:35:31.0750 3340 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:35:31.0765 3340 Wanarp - ok
23:35:31.0843 3340 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
23:35:31.0843 3340 Wdf01000 - ok
23:35:31.0875 3340 WDICA - ok
23:35:31.0921 3340 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:35:31.0937 3340 wdmaud - ok
23:35:32.0000 3340 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
23:35:32.0000 3340 WebClient - ok
23:35:32.0062 3340 wfcxacap (0e507042ccefc40b8bb5dde75a7bd0c7) C:\WINDOWS\system32\DRIVERS\wfcxacap.sys
23:35:32.0062 3340 wfcxacap - ok
23:35:32.0109 3340 wfcxatun (b8acb6b48f928ff5e58b1a2dc3fa628c) C:\WINDOWS\system32\drivers\wfcxatun.sys
23:35:32.0125 3340 wfcxatun - ok
23:35:32.0156 3340 wfcxdtun (e32eeeac4ed0249474a2c9b71f1d5a73) C:\WINDOWS\system32\drivers\wfcxdtun.sys
23:35:32.0156 3340 wfcxdtun - ok
23:35:32.0203 3340 wfcxtcap (fc4f80b8c23dbf4d23a9a4ded38cf430) C:\WINDOWS\system32\drivers\wfcxtcap.sys
23:35:32.0203 3340 wfcxtcap - ok
23:35:32.0250 3340 WFCXVCAP (e9905845abc7b3521f642f9c8d08a03e) C:\WINDOWS\system32\drivers\wfcxvcap.sys
23:35:32.0265 3340 WFCXVCAP - ok
23:35:32.0296 3340 wfcxxbar (0aed0d6f83ade999fa6a8e485830e4c5) C:\WINDOWS\system32\drivers\wfcxxbar.sys
23:35:32.0312 3340 wfcxxbar - ok
23:35:32.0343 3340 WIBUKEY (afcea7939925378f867dde6af76f3924) C:\WINDOWS\system32\DRIVERS\WibuKey.sys
23:35:32.0375 3340 WIBUKEY - ok
23:35:32.0421 3340 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:35:32.0421 3340 winmgmt - ok
23:35:32.0500 3340 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
23:35:32.0515 3340 WinRM - ok
23:35:32.0593 3340 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
23:35:32.0593 3340 WinUSB - ok
23:35:32.0640 3340 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
23:35:32.0640 3340 WmdmPmSN - ok
23:35:32.0718 3340 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
23:35:32.0734 3340 Wmi - ok
23:35:32.0796 3340 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\System32\wbem\wmiapsrv.exe
23:35:32.0796 3340 WmiApSrv - ok
23:35:32.0906 3340 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
23:35:32.0937 3340 WMPNetworkSvc - ok
23:35:33.0015 3340 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
23:35:33.0015 3340 WpdUsb - ok
23:35:33.0125 3340 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:35:33.0125 3340 WPFFontCache_v0400 - ok
23:35:33.0250 3340 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
23:35:33.0250 3340 wscsvc - ok
23:35:33.0281 3340 WSIMD (0091d78c5f8fde0cdf2b214823de6e48) C:\WINDOWS\system32\DRIVERS\wsimd.sys
23:35:33.0312 3340 WSIMD - ok
23:35:33.0359 3340 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:35:33.0375 3340 WSTCODEC - ok
23:35:33.0421 3340 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
23:35:33.0421 3340 wuauserv - ok
23:35:33.0468 3340 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:35:33.0468 3340 WudfPf - ok
23:35:33.0546 3340 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:35:33.0546 3340 WudfRd - ok
23:35:33.0593 3340 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
23:35:33.0593 3340 WudfSvc - ok
23:35:33.0656 3340 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
23:35:33.0671 3340 WZCSVC - ok
23:35:33.0765 3340 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
23:35:33.0765 3340 xmlprov - ok
23:35:33.0796 3340 MBR (0x1B8) (faacde0542989a34aaea8650dd223935) \Device\Harddisk0\DR0
23:35:33.0812 3340 \Device\Harddisk0\DR0 - ok
23:35:33.0812 3340 MBR (0x1B8) (8548a4bd85bff9512789e36382a4c809) \Device\Harddisk1\DR1
23:35:33.0843 3340 \Device\Harddisk1\DR1 - ok
23:35:33.0843 3340 MBR (0x1B8) (faacde0542989a34aaea8650dd223935) \Device\Harddisk2\DR2
23:35:33.0875 3340 \Device\Harddisk2\DR2 - ok
23:35:33.0875 3340 MBR (0x1B8) (faacde0542989a34aaea8650dd223935) \Device\Harddisk3\DR3
23:35:34.0296 3340 \Device\Harddisk3\DR3 - ok
23:35:34.0296 3340 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk8\DR18
23:35:34.0296 3340 \Device\Harddisk8\DR18 - ok
23:35:34.0312 3340 Boot (0x1200) (33ed982f6ce5e41dc63b77efcc5b4bf9) \Device\Harddisk0\DR0\Partition0
23:35:34.0312 3340 \Device\Harddisk0\DR0\Partition0 - ok
23:35:34.0328 3340 Boot (0x1200) (7398844371f2804edac43da9e0d912b9) \Device\Harddisk2\DR2\Partition0
23:35:34.0343 3340 \Device\Harddisk2\DR2\Partition0 - ok
23:35:34.0343 3340 Boot (0x1200) (072255499779b0f88ca647eb00dcc86c) \Device\Harddisk3\DR3\Partition0
23:35:34.0343 3340 \Device\Harddisk3\DR3\Partition0 - ok
23:35:34.0343 3340 Boot (0x1200) (25d35ba80111458eb4bde85ef41a37bd) \Device\Harddisk8\DR18\Partition0
23:35:34.0343 3340 \Device\Harddisk8\DR18\Partition0 - ok
23:35:34.0343 3340 ============================================================
23:35:34.0343 3340 Scan finished
23:35:34.0343 3340 ============================================================
23:35:34.0359 3252 Detected object count: 1
23:35:34.0359 3252 Actual detected object count: 1
23:36:30.0968 3252 Dio06 ( LockedFile.Multi.Generic ) - skipped by user
23:36:30.0968 3252 Dio06 ( LockedFile.Multi.Generic ) - User select action: Skip

A současné logy z OTL

MBrscan log

Takže tu je log z Combofixu

ComboFix 12-04-01.01 - Jirka 01.04.2012 20:06:57.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2539 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jirka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Jirka\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Vytvořen nový Bod Obnovení
.
ADS - TEMP: deleted 118 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DIO06
-------\Service_Dio06
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-01 do 2012-04-01 )))))))))))))))))))))))))))))))
.
.
2012-03-31 15:40 . 2012-03-31 15:40 -------- d-----w- c:\documents and settings\Koalka\Data aplikací\OpenOffice.org
2012-03-30 17:06 . 2012-03-30 17:06 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-28 11:21 . 2012-03-28 11:21 -------- d-----w- c:\program files\ESET
2012-03-28 11:21 . 2012-03-28 11:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2012-03-26 14:16 . 2012-03-26 14:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Protexis
2012-03-26 14:16 . 2012-03-26 14:16 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Corel
2012-03-26 14:06 . 2012-03-26 14:06 348256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2012-03-26 14:05 . 2012-03-26 14:05 348256 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2012-03-26 14:04 . 2012-03-28 19:12 416 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2012-03-26 14:03 . 2012-03-26 14:03 -------- d-----w- c:\program files\Microsoft SDKs
2012-03-26 14:03 . 2012-03-26 14:03 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2012-03-26 14:02 . 2012-03-26 14:02 -------- d-----w- c:\program files\gs
2012-03-26 14:02 . 2012-03-26 14:02 -------- d-----w- c:\program files\Common Files\Corel
2012-03-26 14:01 . 2012-03-26 14:01 -------- d-----w- c:\program files\Common Files\Protexis
2012-03-26 14:01 . 2012-03-26 14:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Corel
2012-03-26 13:57 . 2012-03-26 13:57 -------- d-----w- c:\program files\Corel
2012-03-26 09:58 . 2012-03-26 09:58 -------- d-----w- c:\program files\Common Files\Skype
2012-03-20 23:20 . 2010-07-09 22:38 61440 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-20 23:20 . 2010-07-09 22:38 13549568 ----a-w- c:\windows\system32\nvoglnt.dll
2012-03-20 23:20 . 2010-07-09 22:38 4595712 ----a-w- c:\windows\system32\nvcuda.dll
2012-03-20 23:20 . 2010-07-09 22:38 2914408 ----a-w- c:\windows\system32\nvcuvid.dll
2012-03-20 23:20 . 2010-07-09 22:38 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-03-20 23:20 . 2010-07-09 22:38 236136 ----a-w- c:\windows\system32\nvcodins.dll
2012-03-20 23:20 . 2010-07-09 22:38 236136 ----a-w- c:\windows\system32\nvcod.dll
2012-03-20 23:20 . 2010-07-09 22:38 2195030 ----a-w- c:\windows\system32\nvdata.bin
2012-03-20 23:20 . 2010-07-09 22:38 1388544 ----a-w- c:\windows\system32\nvapi.dll
2012-03-20 23:20 . 2010-07-09 22:38 10260480 ----a-w- c:\windows\system32\nvcompiler.dll
2012-03-20 23:20 . 2012-03-20 23:20 -------- d-----w- C:\NVIDIA
2012-03-19 22:20 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2012-03-19 22:20 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\UpdatusUser
2012-03-19 21:09 . 2012-03-19 21:09 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\DDMSettings
2012-03-18 19:37 . 2012-03-18 19:37 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-18 19:37 . 2012-03-18 19:37 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-03-13 22:47 . 2012-03-20 23:24 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-03-13 22:47 . 2012-03-20 23:24 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-03-13 22:47 . 2012-03-20 23:24 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-03-13 20:14 . 2012-03-19 22:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2012-03-13 20:11 . 2012-02-29 23:58 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-03-13 20:11 . 2012-02-29 23:58 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-03-12 08:44 . 2012-03-12 08:44 -------- d-----w- c:\program files\GeoGet
2012-03-12 08:37 . 2012-03-28 17:34 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\GeoGet
2012-03-10 20:52 . 1996-09-30 17:46 24576 ------w- c:\windows\UniFISH.exe
2012-03-08 16:23 . 2012-03-08 16:23 -------- d-----w- c:\documents and settings\Koalka\Local Settings\Data aplikací\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-30 17:06 . 2011-10-03 14:59 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-25 09:53 . 2012-02-25 09:53 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\NewShortcut3_6D20AC6FF7844F04BE4C6D94A1805157.exe
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\NewShortcut2_6D20AC6FF7844F04BE4C6D94A1805157.exe
2012-02-15 22:02 . 2012-02-15 22:02 409600 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\ARPPRODUCTICON.exe
2012-02-03 09:57 . 2001-10-25 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:07 . 2012-02-18 18:09 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2011-10-03 06:37 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2012-03-18 19:37 . 2011-10-03 07:35 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-05-21 561263]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 3080264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Koalka\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\Nika\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\Jirka\Nabídka Start\Programy\Po spuštění\
MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2012-2-13 18097128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Graphisoft\\ArchiCAD 11\\ArchiCAD.exe"=
"e:\\NIKA dokumenty\\Unreal Tournament 2004\\System\\UT2004.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"e:\\WOW\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe"=
"e:\\WOW\\World of Warcraft\\Launcher.exe"=
"e:\\WOW\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 9:20 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [4.8.2011 9:20 103112]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [1.5.2011 23:36 9856]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 14:55 85344]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [22.9.2011 12:03 974944]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\bin\fbguard.exe -s --> c:\program files\Firebird\bin\fbguard.exe -s [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [20.3.2012 0:20 2348352]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [23.12.2010 8:06 5120]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [1.5.2011 23:36 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [1.5.2011 23:36 167040]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [16.12.2011 22:38 1714176]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\bin\fbserver.exe -s --> c:\program files\Firebird\bin\fbserver.exe -s [?]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [1.5.2011 23:36 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [1.5.2011 23:36 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [1.5.2011 23:36 10496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.1.2012 23:53 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 8:50 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30.3.2012 19:06 253600]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.10.2011 17:24 1691480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [14.12.2011 22:50 30312]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [23.1.2012 23:53 136176]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\MSI\Live Update 5\msibios32_100507.sys [3.10.2011 18:18 25912]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [3.10.2011 18:18 7680]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [4.10.2011 21:14 155344]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [14.12.2011 22:50 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [14.12.2011 22:50 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [14.12.2011 22:50 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [14.12.2011 22:50 114280]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [25.10.2001 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:06]
.
2012-01-21 c:\windows\Tasks\AdobeAAMUpdater-1.0-LOJZA-Nika.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-09-16 13:04]
.
2012-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-23 21:53]
.
2012-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-23 21:53]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\dn1qh2zu.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-01 20:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1840)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Firebird\bin\fbguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Firebird\bin\fbserver.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Celkový čas: 2012-04-01 20:20:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-01 18:20
.
Před spuštěním: Volných bajtů: 45 907 935 232
Po spuštění: Volných bajtů: 45 732 364 288
.
- - End Of File - - 5AEF5CA3357C77D389BE36DA10C6D1A8

Zatím ne, díky, sqělá práce!

Určitě vše pošlu během půl hodiny.

Tak už je uloženo na http://uloz.to/x88mMVE/dump-zip a http://uloz.to/xG5SufX/qoobox-zip .

S linoxovým bootmanagerem po nainstalování poslední verze mandrivy 2011 64bit mám trochu problém, nechce mi spustit linux . Ale je pravdou, že v poslední době nemám moc času se tomu více věnovat. Ještě jednou díky.