Presmerovavani na jine www stranky a nekolik trojanu, pomoc!

Zpráva

sartaj · #1 Příspěvek od **sartaj** » 02 dub 2012 08:55

Ahoj

uz jednou jste mi pomohli a ja jsem vas financne podporil, doufam, ze se to podari opet.

Pocitak mi nahodile presmerovava stranky na porno nebo jine reklamni stranky. Pri startu NOD obcas napise ze je aktivni nejaky trojan v knihovnach a źe jej nemuze vylecit. Zkusil jsem kde co a porad je ta v pocitaci.

Prosim o pomoc

Zde je log RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Standa at 2012-04-02 09:37:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 379 GB (79%) free of 477 GB
Total RAM: 3292 MB (88% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:36:30, on 29.3.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\A lek\RSIT.exe
C:\Program Files\trend micro\Standa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Windows Update Server] C:\Documents and Settings\Standa\5abef36f-5689.exe
O4 - HKCU\..\Policies\Explorer\Run: [Microsoft] C:\Documents and Settings\Standa\Data aplikací\1D1BA0.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DOSPRN.lnk = C:\Program Files\DOSPRN\DOSprn.exe
O4 - Startup: RT-Updater.lnk = C:\Auto-diagnostika\vagcom.exe
O4 - Global Startup: ADnews.lnk = C:\Auto-diagnostika\ADnews.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.caminova.net/en/downloads/ge ... px?lang=en
O16 - DPF: {336C9D79-263A-4D75-AA7C-60DAF945AE67} (OvisLink IPCamera Control) - http://178.72.207.174/classes/OvisLinkCamV_H264.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\APP\FIREBIRD\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\APP\FIREBIRD\bin\fbserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: WorkshopDBService - Acresso - C:\PROGRA~1\VIVIDW~1\WORKSH~1.EXE

--
End of file - 8321 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At48.job
C:\WINDOWS\tasks\FMYGONIYV.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-02-25 18791456]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-04-23 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-04-23 174104]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-04-23 144920]
"BCU"=C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-01-13 460872]
"IntelAgent"=C:\WINDOWS\Temp\temp68.exe [2012-04-02 832512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
""= []
"mcennpurvlkp"=C:\DOCUME~1\Standa\LOCALS~1\Temp\6729171.exe []
"Antivirus Protection"=C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\AntivirusProtection2012.exe [2012-04-01 2328576]
"Antivirus Protection 2012 SM"=C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\securitymanager.exe [2012-04-01 107008]
"Antivirus Protection 2012 SH"=C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\securityhelper.exe [2012-04-02 3911683]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Malwarebytes' Anti-Malware"=C:\Documents and Settings\Standa\Data aplikací\1D1BA0.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-10-19 190768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Service Manager.lnk]
C:\PROGRA~1\MI6841~1\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
ADnews.lnk - C:\Auto-diagnostika\ADnews.exe

C:\Documents and Settings\Standa\Nabídka Start\Programy\Po spuštění
DOSPRN.lnk - C:\Program Files\DOSPRN\DOSprn.exe
RT-Updater.lnk - C:\Auto-diagnostika\vagcom.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-04-21 213504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"\\Dlink-ffcb80\Volume_1\Aristot\PROGS\ARISTOT.BAT"="\\Dlink-ffcb80\Volume_1\Aristot\PROGS\ARISTOT.BAT:*:Enabled:ARISTOT"
"C:\APP\PPS\mozilla.exe"="C:\APP\PPS\mozilla.exe:*:Enabled:Mozilla"
"C:\APPLIC\Portail\mozilla.exe"="C:\APPLIC\Portail\mozilla.exe:*:Enabled:Mozilla"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"="C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server"
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"="C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\pemicro\prog08sz\prog08sz.exe"="C:\pemicro\prog08sz\prog08sz.exe:*:Enabled:prog08sz"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Air Live IP Wizard II\IPWizardII.exe"="C:\Program Files\Air Live IP Wizard II\IPWizardII.exe:*:Enabled:IP Wizard II"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2012-04-02 09:14:31 ----D---- C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection
2012-04-02 07:12:18 ----A---- C:\WINDOWS\fonts\QyEUT.com
2012-04-02 07:12:18 ----A---- C:\Documents and Settings\All Users\Data aplikací\NDxKPvISr.dat
2012-03-30 14:16:10 ----ASH---- C:\WINDOWS\system32\dds_trash_log.cmd
2012-03-29 07:34:27 ----SHD---- C:\WINDOWS\CSC
2012-03-29 07:34:22 ----A---- C:\WINDOWS\ntbtlog.txt
2012-03-28 13:45:49 ----A---- C:\WINDOWS\system32\drivers\RT-USB.SYS
2012-03-28 13:44:39 ----D---- C:\Auto-diagnostika
2012-03-27 16:31:00 ----A---- C:\WINDOWS\system32\wpcap.dll
2012-03-27 16:31:00 ----A---- C:\WINDOWS\system32\Packet.dll
2012-03-27 16:31:00 ----A---- C:\WINDOWS\system32\drivers\npf.sys
2012-03-26 13:11:09 ----A---- C:\WINDOWS\hc912.ini
2012-03-14 17:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-03-14 17:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2012-03-14 17:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$
2012-03-06 09:17:51 ----D---- C:\rsit
2012-03-06 09:17:51 ----D---- C:\Program Files\trend micro
2012-03-05 13:26:39 ----A---- C:\WINDOWS\system32\lsdelete.exe
2012-03-05 12:44:34 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2012-03-05 12:40:17 ----A---- C:\WINDOWS\system32\rp_stats.dat
2012-03-05 12:40:17 ----A---- C:\WINDOWS\system32\rp_rules.dat
2012-03-05 12:40:03 ----A---- C:\WINDOWS\system32\drivers\Lbd.sys
2012-03-05 12:39:38 ----D---- C:\Program Files\Lavasoft
2012-03-05 12:39:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2012-03-05 12:06:19 ----D---- C:\Documents and Settings\Standa\Data aplikací\Malwarebytes
2012-03-05 12:06:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-03-05 12:06:15 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-03-05 12:06:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of files/folders modified in the last 1 month======

2012-04-02 09:32:02 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-02 09:31:57 ----SD---- C:\WINDOWS\Tasks
2012-04-02 09:26:29 ----D---- C:\WINDOWS\network diagnostic
2012-04-02 09:22:46 ----D---- C:\WINDOWS\system32
2012-04-02 09:21:51 ----D---- C:\Documents and Settings
2012-04-02 09:15:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-02 09:15:17 ----D---- C:\Documents and Settings\Standa\Data aplikací\Skype
2012-04-02 09:14:44 ----D---- C:\WINDOWS\Prefetch
2012-04-02 09:14:41 ----D---- C:\WINDOWS\Temp
2012-04-02 08:20:20 ----D---- C:\Firma
2012-04-02 07:25:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\organiser
2012-04-02 07:23:49 ----A---- C:\WINDOWS\win.ini
2012-04-02 07:22:51 ----A---- C:\WINDOWS\BRMFBIDI.INI
2012-04-02 07:22:33 ----D---- C:\WINDOWS\system32\drivers
2012-04-02 07:12:18 ----RSD---- C:\WINDOWS\Fonts
2012-03-30 14:15:24 ----D---- C:\WINDOWS
2012-03-29 16:01:19 ----A---- C:\WINDOWS\uPD78dash.ini
2012-03-29 08:07:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-03-29 07:27:20 ----A---- C:\WINDOWS\system32\userinit.exe
2012-03-28 13:46:07 ----HD---- C:\WINDOWS\inf
2012-03-28 13:45:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-03-28 09:24:03 ----A---- C:\WINDOWS\etlunip.ini
2012-03-27 16:31:34 ----D---- C:\WINDOWS\system32\drivers\etc
2012-03-26 11:30:30 ----D---- C:\Program Files\ETL
2012-03-26 11:30:29 ----HD---- C:\Program Files\InstallShield Installation Information
2012-03-20 14:12:44 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-03-19 14:46:45 ----A---- C:\WINDOWS\PP2CAN.INI
2012-03-14 17:06:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-03-14 17:06:09 ----HD---- C:\WINDOWS\$hf_mig$
2012-03-14 17:06:06 ----A---- C:\WINDOWS\system32\MRT.exe
2012-03-14 17:05:57 ----A---- C:\WINDOWS\imsins.BAK
2012-03-14 17:05:16 ----D---- C:\Config.Msi
2012-03-14 17:05:15 ----SHD---- C:\WINDOWS\Installer
2012-03-14 17:05:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-03-06 09:17:51 ----RD---- C:\Program Files
2012-03-05 13:12:45 ----D---- C:\Program Files\Immo Cleaner 2
2012-03-05 12:48:20 ----D---- C:\ADCDA2
2012-03-05 12:39:40 ----D---- C:\WINDOWS\WinSxS
2012-03-05 11:11:35 ----A---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-12-23 64512]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2011-07-19 158272]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\WINDOWS\system32\DRIVERS\tdrpm258.sys [2011-07-19 911680]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2011-07-19 581984]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-11 232512]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 adatadrv;Autodata Protection Service; C:\WINDOWS\system32\DRIVERS\adatadrv.sys [2009-07-01 762112]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-07-22 26240]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-01-08 33096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 SNTNLUSB;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2008-07-11 37088]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2010-04-27 19496]
S1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2010-03-19 23360]
S1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S2 DS1410D;DS1410D; C:\WINDOWS\SYSTEM32\drivers\DS1410D.SYS [2005-07-07 6689]
S2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
S2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-12-18 135048]
S2 pardrv;pardrv; C:\WINDOWS\system32\drivers\pardrv.sys [2011-10-12 9728]
S2 PEDRV;P&E Microcomputer System PCI Driver.; C:\WINDOWS\system32\drivers\PEDRV.sys [2009-10-16 28080]
S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
S2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\drivers\zntport.sys []
S3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2011-07-19 160288]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AMTCAR;Amt-Cartech System Driver (AmtCar.Sys); C:\WINDOWS\System32\Drivers\AmtCar.sys [2009-11-25 31712]
S3 BrUsbScn;Ovladač skeneru Brother MFC USB; C:\WINDOWS\System32\Drivers\BrUsbScn.sys [2001-08-17 10368]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CTU2K;CTU2K.SYS CTU2K device driver; C:\WINDOWS\System32\Drivers\CTU2K.sys [2007-07-21 24197]
S3 ezusb;ezusb; C:\WINDOWS\system32\DRIVERS\ezusb.sys [2007-02-24 15360]
S3 FTD2XX;VAGUSB.sys VAG-Com USB driver; C:\WINDOWS\System32\Drivers\VAGUSB.sys [2003-10-30 25596]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2010-07-12 73032]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GIVEIO;GIVEIO; \??\C:\WINDOWS\SYSTEM32\DRIVERS\GIVEIO.SYS []
S3 HS4l;Handyscope HS4 driver (before renumeration); C:\WINDOWS\system32\DRIVERS\HS4l.sys [2010-02-26 18944]
S3 HS4r;Handyscope HS4 driver; C:\WINDOWS\system32\DRIVERS\HS4r.sys [2010-02-26 19840]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-04-21 1917344]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-02-25 5864480]
S3 jlink;J-Link driver; C:\WINDOWS\System32\Drivers\jlink.sys [2009-10-12 14208]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys [2012-03-27 50704]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PciPPorts;PCI ECP Parallel Port; C:\WINDOWS\system32\DRIVERS\PciPPorts.sys [2009-07-23 82944]
S3 PciSPorts;High-Speed PCI Serial Port; C:\WINDOWS\system32\DRIVERS\PciSPorts.sys [2008-12-19 115200]
S3 RT-USB;Ross-Tech USB driver; C:\WINDOWS\system32\drivers\RT-USB.SYS [2010-06-16 59464]
S3 SIUSBXP;SIUSBXP; C:\WINDOWS\system32\drivers\SiUSBXp.sys [2011-10-10 14592]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VCommUSB;Service for ACTIA USB Devices; C:\WINDOWS\System32\Drivers\VCommUSB.sys [2008-12-15 40576]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2010-11-08 199912]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zlportio;zlportio; \??\Z:\Car\Dashboard\Utility\Calculators\Licznik 8 novy !!!!\Licznik 8\licznic686\licznik8\zlportio.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2012-03-05 2152152]
S2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [2009-11-26 661008]
S2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-19 2480048]
S2 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2010-03-18 126976]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 emu10k;Contentindex; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\APP\FIREBIRD\bin\fbguard.exe [2007-01-31 65536]
S2 ivscheduler;Mcontrol; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 MegaSR;Se58unic; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 MSSQL$SFN;MSSQL$SFN; C:\Program Files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlservr.exe [2002-12-17 7520337]
S2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2008-07-11 328992]
S2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2008-07-11 226592]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 W8335XP;Hsfhwazl; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 WorkshopDBService;WorkshopDBService; C:\PROGRA~1\VIVIDW~1\WORKSH~1.EXE [2011-11-28 114688]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\APP\FIREBIRD\bin\fbserver.exe [2007-01-31 1527893]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 SQLAgent$SFN;SQLAgent$SFN; C:\Program Files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlagent.EXE [2002-12-17 311872]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-01-24 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 02 dub 2012 09:11

Zdravim a pekny den preji

Cela zoo i s babkou pokladni

Je tam toho dost, vcetne nejnovejsich druhu haveti

Uvidime co se da delat

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost 2 a potvrte enterem
Utilita provede svou cinnost a da log - ten sem vlozte
Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

sartaj · #3 Příspěvek od **sartaj** » 02 dub 2012 09:16

Super, diky za ochotu

dady je log

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Nouzový režim s prací v síti
Uživatel: Standa [Práva správce]
Mód: Kontrola -- Datum: 04/02/2012 10:14:21

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 10 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : mcennpurvlkp (C:\DOCUME~1\Standa\LOCALS~1\Temp\6729171.exe) -> FOUND
[SUSP PATH] HKCU\[...]\Run : Antivirus Protection ("C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\AntivirusProtection2012.exe" /STARTUP) -> FOUND
[SUSP PATH] HKCU\[...]\Run : Antivirus Protection 2012 SM (C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\securitymanager.exe) -> FOUND
[SUSP PATH] HKCU\[...]\Run : Antivirus Protection 2012 SH (C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\securityhelper.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : IntelAgent (C:\WINDOWS\Temp\temp68.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-854245398-1450960922-682003330-1003[...]\Run : mcennpurvlkp (C:\DOCUME~1\Standa\LOCALS~1\Temp\6729171.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-854245398-1450960922-682003330-1003[...]\Run : Antivirus Protection ("C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\AntivirusProtection2012.exe" /STARTUP) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-854245398-1450960922-682003330-1003[...]\Run : Antivirus Protection 2012 SM (C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\securitymanager.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-854245398-1450960922-682003330-1003[...]\Run : Antivirus Protection 2012 SH (C:\Documents and Settings\Standa\Data aplikací\Antivirus Protection\securityhelper.exe) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[FAKED] cdrom.sys : c:\windows\system32\drivers\cdrom.sys --> CANNOT FIX

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ZeroAccess ¤¤¤
[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD502HJ +++++
--- User ---
[MBR] 752f40d564026e005e5c13a636055ff8
[BSP] 75604eced01c0b04be0d431056a523e5 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476929 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

sartaj · #4 Příspěvek od **sartaj** » 02 dub 2012 09:18

Pouzivam XP tak jsem dal jen volbu prohledat. Je to spravne ??

#5 Příspěvek od **vyosek** » 02 dub 2012 09:22

Ano, udelala jste to dobre

Spustte znovu RogueKiller

Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

sartaj · #6 Příspěvek od **sartaj** » 02 dub 2012 09:39

Dala jsem znovu prohledat, pak smazat a pocitac se sam restartoval. Tak jsem dala znovu prohledat, smazat, ted cekam uz nekolikm minut podad projizdi modre ctverecky pod tlacitekm prohledat a nic se nedeji, v seznamu je videt 6 smazanych veci ale zbytek tlacitek, je svetlych a nic nelze stsknout.

Co s tim ??

#7 Příspěvek od **vyosek** » 02 dub 2012 09:41

Pokud prestane odpovidat, tak PC restartujte a pokracujte TDSSKillerem

sartaj · #8 Příspěvek od **sartaj** » 02 dub 2012 09:54

Posilam dva logy, ten prvni je po restartu a pak jsem dala znovu skenovat a naslo to jeste jednu spinu, ta zatim ceka na vase rozhodnuti.

Log 1

10:46:24.0750 0900 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
10:46:24.0843 0900 ============================================================
10:46:24.0843 0900 Current date / time: 2012/04/02 10:46:24.0843
10:46:24.0843 0900 SystemInfo:
10:46:24.0843 0900
10:46:24.0843 0900 OS Version: 5.1.2600 ServicePack: 3.0
10:46:24.0843 0900 Product type: Workstation
10:46:24.0843 0900 ComputerName: STANIK
10:46:24.0843 0900 UserName: Standa
10:46:24.0843 0900 Windows directory: C:\WINDOWS
10:46:24.0843 0900 System windows directory: C:\WINDOWS
10:46:24.0843 0900 Processor architecture: Intel x86
10:46:24.0843 0900 Number of processors: 2
10:46:24.0843 0900 Page size: 0x1000
10:46:24.0843 0900 Boot type: Safe boot with network
10:46:24.0843 0900 ============================================================
10:46:25.0984 0900 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:46:25.0984 0900 \Device\Harddisk0\DR0:
10:46:25.0984 0900 MBR used
10:46:25.0984 0900 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
10:46:26.0031 0900 Initialize success
10:46:26.0031 0900 ============================================================
10:46:28.0515 0920 ============================================================
10:46:28.0515 0920 Scan started
10:46:28.0515 0920 Mode: Manual;
10:46:28.0515 0920 ============================================================
10:46:29.0156 0920 Abiosdsk - ok
10:46:29.0187 0920 abp480n5 - ok
10:46:29.0234 0920 ACPI (7a2a462b010b4e4af79a1b5d42d33d06) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:46:29.0234 0920 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: 7a2a462b010b4e4af79a1b5d42d33d06, Fake md5: 4fe34f1f3126b61fcc6b2043aa8112c9
10:46:29.0234 0920 ACPI ( Virus.Win32.Rloader.a ) - infected
10:46:29.0234 0920 ACPI - detected Virus.Win32.Rloader.a (0)
10:46:29.0265 0920 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:46:29.0265 0920 ACPIEC - ok
10:46:29.0328 0920 AcrSch2Svc (f6a4bc03dd6ef8a5794a865dede28b23) C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
10:46:29.0328 0920 AcrSch2Svc - ok
10:46:29.0390 0920 adatadrv (5ee8aaa16951e46d197392ba6f2402ea) C:\WINDOWS\system32\DRIVERS\adatadrv.sys
10:46:29.0406 0920 adatadrv - ok
10:46:29.0406 0920 adpu160m - ok
10:46:29.0437 0920 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:46:29.0437 0920 aec - ok
10:46:29.0468 0920 afcdp (ef1afa9752e468013584585666a3b119) C:\WINDOWS\system32\DRIVERS\afcdp.sys
10:46:29.0484 0920 afcdp - ok
10:46:29.0546 0920 afcdpsrv (b8c03e224e49e0f9726cddef872237eb) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
10:46:29.0578 0920 afcdpsrv - ok
10:46:29.0625 0920 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:46:29.0625 0920 AFD - ok
10:46:29.0640 0920 Aha154x - ok
10:46:29.0656 0920 aic78u2 - ok
10:46:29.0687 0920 aic78xx - ok
10:46:29.0734 0920 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
10:46:29.0734 0920 Alerter - ok
10:46:29.0765 0920 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
10:46:29.0765 0920 ALG - ok
10:46:29.0781 0920 AliIde - ok
10:46:29.0843 0920 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
10:46:29.0859 0920 Ambfilt - ok
10:46:29.0875 0920 amsint - ok
10:46:29.0921 0920 AMTCAR (3cea8dbb1e1bbff633ddf72a924e91fe) C:\WINDOWS\system32\Drivers\AmtCar.sys
10:46:29.0921 0920 AMTCAR - ok
10:46:29.0937 0920 AppleCharger (75a8b998eb259dd512f01ea25bec7f3b) C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
10:46:29.0937 0920 AppleCharger - ok
10:46:29.0968 0920 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\WINDOWS\system32\AppleChargerSrv.exe
10:46:29.0968 0920 AppleChargerSrv - ok
10:46:29.0984 0920 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
10:46:29.0984 0920 AppMgmt - ok
10:46:30.0000 0920 asc - ok
10:46:30.0015 0920 asc3350p - ok
10:46:30.0046 0920 asc3550 - ok
10:46:30.0125 0920 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:46:30.0125 0920 aspnet_state - ok
10:46:30.0140 0920 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:46:30.0140 0920 AsyncMac - ok
10:46:30.0187 0920 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:46:30.0187 0920 atapi - ok
10:46:30.0187 0920 Atdisk - ok
10:46:30.0218 0920 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:46:30.0218 0920 Atmarpc - ok
10:46:30.0250 0920 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
10:46:30.0250 0920 AudioSrv - ok
10:46:30.0296 0920 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:46:30.0296 0920 audstub - ok
10:46:30.0406 0920 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
10:46:30.0406 0920 BCUService - ok
10:46:30.0453 0920 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:46:30.0453 0920 Beep - ok
10:46:30.0468 0920 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
10:46:30.0531 0920 BITS - ok
10:46:30.0562 0920 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
10:46:30.0562 0920 Browser - ok
10:46:30.0609 0920 BrUsbScn (1c5f014048e5b2748c1a8ad297c50b6f) C:\WINDOWS\system32\Drivers\BrUsbScn.sys
10:46:30.0609 0920 BrUsbScn - ok
10:46:30.0656 0920 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:46:30.0656 0920 cbidf2k - ok
10:46:30.0687 0920 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:46:30.0687 0920 CCDECODE - ok
10:46:30.0703 0920 cd20xrnt - ok
10:46:30.0718 0920 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:46:30.0718 0920 Cdaudio - ok
10:46:30.0750 0920 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:46:30.0750 0920 Cdfs - ok
10:46:30.0781 0920 Cdrom (0d4b95c4060cfa8b52b470c176ac4b18) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:46:30.0781 0920 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\cdrom.sys. Real md5: 0d4b95c4060cfa8b52b470c176ac4b18, Fake md5: 1f4260cc5b42272d71f79e570a27a4fe
10:46:30.0781 0920 Cdrom ( Virus.Win32.ZAccess.aml ) - infected
10:46:30.0781 0920 Cdrom - detected Virus.Win32.ZAccess.aml (0)
10:46:30.0796 0920 Changer - ok
10:46:30.0828 0920 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
10:46:30.0828 0920 CiSvc - ok
10:46:30.0843 0920 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
10:46:30.0843 0920 ClipSrv - ok
10:46:30.0875 0920 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:46:30.0875 0920 clr_optimization_v2.0.50727_32 - ok
10:46:30.0890 0920 CmdIde - ok
10:46:30.0906 0920 COMSysApp - ok
10:46:30.0953 0920 Cpqarray - ok
10:46:30.0968 0920 Crypkey License - ok
10:46:31.0000 0920 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
10:46:31.0000 0920 CryptSvc - ok
10:46:31.0031 0920 CTU2K (b907d2b20db2f6392995f5379e2a9666) C:\WINDOWS\system32\Drivers\CTU2K.sys
10:46:31.0031 0920 CTU2K - ok
10:46:31.0062 0920 dac2w2k - ok
10:46:31.0078 0920 dac960nt - ok
10:46:31.0109 0920 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
10:46:31.0125 0920 DcomLaunch - ok
10:46:31.0140 0920 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
10:46:31.0140 0920 Dhcp - ok
10:46:31.0156 0920 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:46:31.0156 0920 Disk - ok
10:46:31.0171 0920 dmadmin - ok
10:46:31.0218 0920 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
10:46:31.0218 0920 dmboot - ok
10:46:31.0234 0920 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
10:46:31.0234 0920 dmio - ok
10:46:31.0250 0920 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:46:31.0250 0920 dmload - ok
10:46:31.0296 0920 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
10:46:31.0296 0920 dmserver - ok
10:46:31.0312 0920 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:46:31.0312 0920 DMusic - ok
10:46:31.0359 0920 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
10:46:31.0359 0920 Dnscache - ok
10:46:31.0421 0920 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
10:46:31.0421 0920 Dot3svc - ok
10:46:31.0437 0920 dpti2o - ok
10:46:31.0453 0920 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:46:31.0453 0920 drmkaud - ok
10:46:31.0515 0920 DS1410D (20747e2cd3ae1f390feb8b18b522aac8) C:\WINDOWS\system32\drivers\DS1410D.SYS
10:46:31.0515 0920 DS1410D - ok
10:46:31.0562 0920 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
10:46:31.0562 0920 dtsoftbus01 - ok
10:46:31.0578 0920 eamon (af82dc664e3d8e2cba3b95e68f6448a7) C:\WINDOWS\system32\DRIVERS\eamon.sys
10:46:31.0593 0920 eamon - ok
10:46:31.0609 0920 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
10:46:31.0609 0920 EapHost - ok
10:46:31.0656 0920 ehdrv (686a799c1bf1b18941994daf9f45db06) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
10:46:31.0656 0920 ehdrv - ok
10:46:31.0750 0920 EhttpSrv (9329ba45c8b97485926a171e34c2abb8) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
10:46:31.0750 0920 EhttpSrv - ok
10:46:31.0812 0920 ekrn (3543c6195d5ed4eda0316d3e1ba0e6ee) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
10:46:31.0828 0920 ekrn - ok
10:46:31.0859 0920 ElbyCDFL (fde8e895abe0859fb031f7aec455765f) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
10:46:31.0859 0920 ElbyCDFL - ok
10:46:31.0890 0920 ElbyCDIO (e4788e5b3e5f0a0bbb318a9c426c2812) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
10:46:31.0890 0920 ElbyCDIO - ok
10:46:31.0937 0920 emu10k (11028c6a84a967070cb1286550f2058f) C:\WINDOWS\system32\elbydelay.dll
10:46:31.0937 0920 emu10k ( Backdoor.Multi.ZAccess.gen ) - infected
10:46:31.0937 0920 emu10k - detected Backdoor.Multi.ZAccess.gen (0)
10:46:31.0968 0920 epfw (39f48a0784be8465cd1ac80b36d61613) C:\WINDOWS\system32\DRIVERS\epfw.sys
10:46:31.0968 0920 epfw - ok
10:46:31.0984 0920 Epfwndis (3b47010b2425b69826004767e59045ba) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
10:46:31.0984 0920 Epfwndis - ok
10:46:32.0046 0920 epfwtdi (763c43360a541c92ef6c97452b312f3b) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
10:46:32.0046 0920 epfwtdi - ok
10:46:32.0062 0920 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
10:46:32.0062 0920 ERSvc - ok
10:46:32.0109 0920 ES lite Service (b8fa96995726d1fa58476e352c02ad82) C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
10:46:32.0109 0920 ES lite Service - ok
10:46:32.0156 0920 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
10:46:32.0156 0920 Eventlog - ok
10:46:32.0203 0920 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
10:46:32.0203 0920 EventSystem - ok
10:46:32.0250 0920 ezusb (330451cbab2ab9c7561f2b9fa75058e3) C:\WINDOWS\system32\DRIVERS\ezusb.sys
10:46:32.0250 0920 ezusb - ok
10:46:32.0281 0920 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:46:32.0281 0920 Fastfat - ok
10:46:32.0312 0920 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:46:32.0312 0920 FastUserSwitchingCompatibility - ok
10:46:32.0343 0920 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
10:46:32.0343 0920 Fdc - ok
10:46:32.0359 0920 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
10:46:32.0359 0920 Fips - ok
10:46:32.0437 0920 FirebirdGuardianDefaultInstance - ok
10:46:32.0453 0920 FirebirdServerDefaultInstance - ok
10:46:32.0468 0920 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
10:46:32.0468 0920 Flpydisk - ok
10:46:32.0531 0920 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:46:32.0531 0920 FltMgr - ok
10:46:32.0625 0920 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:46:32.0625 0920 FontCache3.0.0.0 - ok
10:46:32.0640 0920 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:46:32.0640 0920 Fs_Rec - ok
10:46:32.0671 0920 FTD2XX (7b8d8f52675c0b699fa42dd235a4421c) C:\WINDOWS\system32\Drivers\VAGUSB.sys
10:46:32.0671 0920 FTD2XX - ok
10:46:32.0703 0920 FTDIBUS (aae37f0f2f613218dce17b42a18c38db) C:\WINDOWS\system32\drivers\ftdibus.sys
10:46:32.0703 0920 FTDIBUS - ok
10:46:32.0734 0920 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:46:32.0734 0920 Ftdisk - ok
10:46:32.0765 0920 FTSER2K (63d72a4cf9f163b59db0ceed940a7d76) C:\WINDOWS\system32\drivers\ftser2k.sys
10:46:32.0765 0920 FTSER2K - ok
10:46:32.0796 0920 gdrv (d556cb79967e92b5cc69686d16c1d846) C:\WINDOWS\gdrv.sys
10:46:32.0796 0920 gdrv - ok
10:46:32.0843 0920 GIVEIO (6914627bb24739b1dc1d3c03aa24833d) C:\WINDOWS\SYSTEM32\DRIVERS\GIVEIO.SYS
10:46:32.0843 0920 GIVEIO - ok
10:46:32.0875 0920 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:46:32.0875 0920 Gpc - ok
10:46:32.0890 0920 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:46:32.0890 0920 HDAudBus - ok
10:46:32.0968 0920 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:46:32.0968 0920 helpsvc - ok
10:46:33.0000 0920 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
10:46:33.0000 0920 HidServ - ok
10:46:33.0046 0920 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:46:33.0046 0920 HidUsb - ok
10:46:33.0093 0920 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
10:46:33.0093 0920 hkmsvc - ok
10:46:33.0109 0920 hpn - ok
10:46:33.0125 0920 HS4l (1b0e22b35fc20868e2542afa4a5b778e) C:\WINDOWS\system32\DRIVERS\HS4l.sys
10:46:33.0125 0920 HS4l - ok
10:46:33.0171 0920 HS4r (394c9f8d2e0932987e877b344dbe406a) C:\WINDOWS\system32\DRIVERS\HS4r.sys
10:46:33.0171 0920 HS4r - ok
10:46:33.0218 0920 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:46:33.0218 0920 HTTP - ok
10:46:33.0234 0920 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
10:46:33.0234 0920 HTTPFilter - ok
10:46:33.0265 0920 i2omgmt - ok
10:46:33.0281 0920 i2omp - ok
10:46:33.0312 0920 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:46:33.0312 0920 i8042prt - ok
10:46:33.0375 0920 ialm (0a50599e2afecc2142329bdd7a137463) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
10:46:33.0390 0920 ialm - ok
10:46:33.0500 0920 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:46:33.0500 0920 idsvc - ok
10:46:33.0515 0920 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:46:33.0515 0920 Imapi - ok
10:46:33.0562 0920 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
10:46:33.0562 0920 ImapiService - ok
10:46:33.0593 0920 ini910u - ok
10:46:33.0734 0920 IntcAzAudAddService (991f90d02ec0ec6a425e1c0b1d822562) C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:46:33.0781 0920 IntcAzAudAddService - ok
10:46:33.0796 0920 IntelIde - ok
10:46:33.0828 0920 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:46:33.0828 0920 intelppm - ok
10:46:33.0859 0920 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:46:33.0859 0920 Ip6Fw - ok
10:46:33.0875 0920 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:46:33.0875 0920 IpFilterDriver - ok
10:46:33.0890 0920 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:46:33.0890 0920 IpInIp - ok
10:46:33.0953 0920 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:46:33.0953 0920 IpNat - ok
10:46:33.0968 0920 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:46:33.0968 0920 IPSec - ok
10:46:34.0000 0920 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:46:34.0000 0920 IRENUM - ok
10:46:34.0031 0920 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:46:34.0031 0920 isapnp - ok
10:46:34.0046 0920 ivscheduler - ok
10:46:34.0203 0920 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
10:46:34.0203 0920 JavaQuickStarterService - ok
10:46:34.0234 0920 jlink (2a2b575b66e9843c55a7e63218b4ef9f) C:\WINDOWS\system32\Drivers\jlink.sys
10:46:34.0234 0920 jlink - ok
10:46:34.0265 0920 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:46:34.0265 0920 Kbdclass - ok
10:46:34.0296 0920 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:46:34.0296 0920 kbdhid - ok
10:46:34.0328 0920 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:46:34.0328 0920 kmixer - ok
10:46:34.0359 0920 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:46:34.0359 0920 KSecDD - ok
10:46:34.0390 0920 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
10:46:34.0390 0920 lanmanserver - ok
10:46:34.0406 0920 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
10:46:34.0421 0920 lanmanworkstation - ok
10:46:34.0484 0920 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
10:46:34.0484 0920 Lavasoft Ad-Aware Service - ok
10:46:34.0531 0920 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
10:46:34.0531 0920 Lavasoft Kernexplorer - ok
10:46:34.0562 0920 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
10:46:34.0562 0920 Lbd - ok
10:46:34.0578 0920 lbrtfdc - ok
10:46:34.0640 0920 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
10:46:34.0640 0920 LmHosts - ok
10:46:34.0687 0920 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
10:46:34.0687 0920 LmHosts - ok
10:46:34.0906 0920 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
10:46:34.0906 0920 MBAMProtector - ok
10:46:35.0031 0920 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:46:35.0031 0920 MBAMService - ok
10:46:35.0078 0920 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
10:46:35.0078 0920 Messenger - ok
10:46:35.0140 0920 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:46:35.0140 0920 mnmdd - ok
10:46:35.0171 0920 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
10:46:35.0171 0920 mnmsrvc - ok
10:46:35.0203 0920 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
10:46:35.0203 0920 Modem - ok
10:46:35.0250 0920 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
10:46:35.0265 0920 Monfilt - ok
10:46:35.0281 0920 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:46:35.0281 0920 Mouclass - ok
10:46:35.0328 0920 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:46:35.0328 0920 mouhid - ok
10:46:35.0343 0920 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:46:35.0343 0920 MountMgr - ok
10:46:35.0359 0920 mraid35x - ok
10:46:35.0375 0920 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:46:35.0375 0920 MRxDAV - ok
10:46:35.0437 0920 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:46:35.0437 0920 MRxSmb - ok
10:46:35.0468 0920 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
10:46:35.0468 0920 MSDTC - ok
10:46:35.0500 0920 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:46:35.0500 0920 Msfs - ok
10:46:35.0515 0920 MSIServer - ok
10:46:35.0562 0920 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:46:35.0562 0920 MSKSSRV - ok
10:46:35.0578 0920 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:46:35.0578 0920 MSPCLOCK - ok
10:46:35.0593 0920 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:46:35.0593 0920 MSPQM - ok
10:46:35.0609 0920 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:46:35.0609 0920 mssmbios - ok
10:46:35.0718 0920 MSSQL$SFN - ok
10:46:35.0812 0920 MSSQLServerADHelper (cb7524c21727404bd3140dca32deb7de) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
10:46:35.0828 0920 MSSQLServerADHelper - ok
10:46:35.0843 0920 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
10:46:35.0843 0920 MSTEE - ok
10:46:35.0859 0920 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:46:35.0859 0920 Mup - ok
10:46:35.0890 0920 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:46:35.0890 0920 NABTSFEC - ok
10:46:35.0921 0920 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
10:46:35.0937 0920 napagent - ok
10:46:35.0937 0920 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:46:35.0953 0920 NDIS - ok
10:46:35.0984 0920 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:46:35.0984 0920 NdisIP - ok
10:46:36.0000 0920 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:46:36.0000 0920 NdisTapi - ok
10:46:36.0015 0920 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:46:36.0015 0920 Ndisuio - ok
10:46:36.0046 0920 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:46:36.0046 0920 NdisWan - ok
10:46:36.0093 0920 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:46:36.0093 0920 NDProxy - ok
10:46:36.0125 0920 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:46:36.0125 0920 NetBIOS - ok
10:46:36.0156 0920 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:46:36.0156 0920 NetBT - ok
10:46:36.0187 0920 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
10:46:36.0187 0920 NetDDE - ok
10:46:36.0203 0920 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
10:46:36.0203 0920 NetDDEdsdm - ok
10:46:36.0234 0920 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:46:36.0250 0920 Netlogon - ok
10:46:36.0265 0920 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
10:46:36.0281 0920 Netman - ok
10:46:36.0343 0920 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:46:36.0343 0920 NetTcpPortSharing - ok
10:46:36.0390 0920 NetworkX (9446d03271baf3496bbd2957d2732fd2) C:\WINDOWS\system32\ckldrv.sys
10:46:36.0390 0920 NetworkX - ok
10:46:36.0421 0920 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
10:46:36.0437 0920 Nla - ok
10:46:36.0500 0920 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:46:36.0500 0920 NMIndexingService - ok
10:46:36.0531 0920 nmwcd (b0a67de1a128389aea4d42c5a56215fd) C:\WINDOWS\system32\drivers\ccdcmb.sys
10:46:36.0531 0920 nmwcd - ok
10:46:36.0562 0920 nmwcdc (025c54f9f8c8bc1894ea38529c742c54) C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:46:36.0562 0920 nmwcdc - ok
10:46:36.0609 0920 nmwcdnsu (4f0de685a96dc843ccc8a861b3fac12d) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
10:46:36.0609 0920 nmwcdnsu - ok
10:46:36.0640 0920 nmwcdnsuc (578117c0c0cf10d99c8853e83c4bc63c) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
10:46:36.0640 0920 nmwcdnsuc - ok
10:46:36.0656 0920 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
10:46:36.0671 0920 NPF - ok
10:46:36.0687 0920 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:46:36.0687 0920 Npfs - ok
10:46:36.0718 0920 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:46:36.0718 0920 Ntfs - ok
10:46:36.0734 0920 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:46:36.0734 0920 NtLmSsp - ok
10:46:36.0781 0920 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
10:46:36.0781 0920 NtmsSvc - ok
10:46:36.0812 0920 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:46:36.0812 0920 Null - ok
10:46:36.0843 0920 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:46:36.0843 0920 NwlnkFlt - ok
10:46:36.0859 0920 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:46:36.0859 0920 NwlnkFwd - ok
10:46:36.0953 0920 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:46:36.0968 0920 odserv - ok
10:46:37.0000 0920 oreans32 (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
10:46:37.0000 0920 oreans32 - ok
10:46:37.0031 0920 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:46:37.0031 0920 ose - ok
10:46:37.0109 0920 pardrv (6775738192f4d3e13ac68aca3565d239) C:\WINDOWS\system32\drivers\pardrv.sys
10:46:37.0109 0920 pardrv - ok
10:46:37.0125 0920 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
10:46:37.0125 0920 Parport - ok
10:46:37.0140 0920 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:46:37.0140 0920 PartMgr - ok
10:46:37.0156 0920 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
10:46:37.0156 0920 ParVdm - ok
10:46:37.0203 0920 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:46:37.0203 0920 pccsmcfd - ok
10:46:37.0234 0920 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
10:46:37.0234 0920 PCI - ok
10:46:37.0250 0920 PCIDump - ok
10:46:37.0265 0920 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:46:37.0281 0920 PCIIde - ok
10:46:37.0312 0920 PciPPorts (86f4acf0eab9b275d1d71e3a6540d2f5) C:\WINDOWS\system32\DRIVERS\PciPPorts.sys
10:46:37.0312 0920 PciPPorts - ok
10:46:37.0343 0920 PciSPorts (f1cd23597c138f9d5d87cebd7cf59771) C:\WINDOWS\system32\DRIVERS\PciSPorts.sys
10:46:37.0343 0920 PciSPorts - ok
10:46:37.0375 0920 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:46:37.0375 0920 Pcmcia - ok
10:46:37.0390 0920 PDCOMP - ok
10:46:37.0406 0920 PDFRAME - ok
10:46:37.0421 0920 PDRELI - ok
10:46:37.0437 0920 PDRFRAME - ok
10:46:37.0484 0920 PEDRV (ec726effe5e7736f555b864e21a121d9) C:\WINDOWS\system32\drivers\PEDRV.sys
10:46:37.0484 0920 PEDRV - ok
10:46:37.0484 0920 perc2 - ok
10:46:37.0515 0920 perc2hib - ok
10:46:37.0609 0920 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
10:46:37.0609 0920 PlugPlay - ok
10:46:37.0656 0920 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:46:37.0656 0920 PolicyAgent - ok
10:46:37.0703 0920 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:46:37.0703 0920 PptpMiniport - ok
10:46:37.0734 0920 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:46:37.0734 0920 ProtectedStorage - ok
10:46:37.0750 0920 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:46:37.0750 0920 PSched - ok
10:46:37.0765 0920 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:46:37.0765 0920 Ptilink - ok
10:46:37.0796 0920 ql1080 - ok
10:46:37.0843 0920 Ql10wnt - ok
10:46:37.0859 0920 ql12160 - ok
10:46:37.0875 0920 ql1240 - ok
10:46:37.0890 0920 ql1280 - ok
10:46:37.0953 0920 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:46:37.0953 0920 RasAcd - ok
10:46:37.0984 0920 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
10:46:37.0984 0920 RasAuto - ok
10:46:38.0015 0920 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:46:38.0015 0920 Rasl2tp - ok
10:46:38.0062 0920 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
10:46:38.0062 0920 RasMan - ok
10:46:38.0078 0920 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:46:38.0078 0920 RasPppoe - ok
10:46:38.0093 0920 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:46:38.0093 0920 Raspti - ok
10:46:38.0125 0920 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:46:38.0125 0920 Rdbss - ok
10:46:38.0140 0920 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:46:38.0140 0920 RDPCDD - ok
10:46:38.0171 0920 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:46:38.0171 0920 rdpdr - ok
10:46:38.0234 0920 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
10:46:38.0234 0920 RDPWD - ok
10:46:38.0250 0920 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
10:46:38.0250 0920 RDSessMgr - ok
10:46:38.0265 0920 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:46:38.0265 0920 redbook - ok
10:46:38.0312 0920 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
10:46:38.0312 0920 RemoteAccess - ok
10:46:38.0359 0920 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
10:46:38.0359 0920 RemoteRegistry - ok
10:46:38.0375 0920 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
10:46:38.0375 0920 RpcLocator - ok
10:46:38.0406 0920 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
10:46:38.0406 0920 RpcSs - ok
10:46:38.0437 0920 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
10:46:38.0437 0920 RSVP - ok
10:46:38.0468 0920 RT-USB (f1813d9e031b0e2e090ac6489ffd1007) C:\WINDOWS\system32\drivers\RT-USB.SYS
10:46:38.0468 0920 RT-USB - ok
10:46:38.0500 0920 RTLE8023xp (a1ad65718870dbf2bcb81e3c1406469e) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
10:46:38.0500 0920 RTLE8023xp - ok
10:46:38.0515 0920 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:46:38.0515 0920 SamSs - ok
10:46:38.0531 0920 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
10:46:38.0531 0920 SCardSvr - ok
10:46:38.0562 0920 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
10:46:38.0562 0920 Schedule - ok
10:46:38.0593 0920 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:46:38.0593 0920 Secdrv - ok
10:46:38.0625 0920 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
10:46:38.0625 0920 seclogon - ok
10:46:38.0640 0920 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
10:46:38.0640 0920 SENS - ok
10:46:38.0687 0920 Sentinel (a2cc81c30bef6ac9f27055490eef6de3) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
10:46:38.0703 0920 Sentinel - ok
10:46:38.0781 0920 SentinelKeysServer (a9eeb7b09b898a53ec8b7063b923ac32) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
10:46:38.0781 0920 SentinelKeysServer - ok
10:46:38.0828 0920 SentinelProtectionServer (fd8723219c907c7ab753c93334fa4610) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
10:46:38.0828 0920 SentinelProtectionServer - ok
10:46:38.0843 0920 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:46:38.0843 0920 serenum - ok
10:46:38.0859 0920 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
10:46:38.0859 0920 Serial - ok
10:46:38.0953 0920 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:46:38.0953 0920 ServiceLayer - ok
10:46:39.0015 0920 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:46:39.0015 0920 Sfloppy - ok
10:46:39.0062 0920 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
10:46:39.0062 0920 SharedAccess - ok
10:46:39.0109 0920 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:46:39.0109 0920 ShellHWDetection - ok
10:46:39.0140 0920 Simbad - ok
10:46:39.0187 0920 SIUSBXP (599f3715602f4cb09ad0fdc606e3b9d9) C:\WINDOWS\system32\drivers\SiUSBXp.sys
10:46:39.0187 0920 SIUSBXP - ok
10:46:39.0203 0920 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:46:39.0218 0920 SLIP - ok
10:46:39.0250 0920 snapman (5bceb1b306878035dacba6dd18366eda) C:\WINDOWS\system32\DRIVERS\snapman.sys
10:46:39.0265 0920 snapman - ok
10:46:39.0281 0920 SNTNLUSB (9de6e60ce7fd82b4985de5d9c22265ad) C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
10:46:39.0281 0920 SNTNLUSB - ok
10:46:39.0296 0920 Sparrow - ok
10:46:39.0343 0920 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:46:39.0343 0920 splitter - ok
10:46:39.0375 0920 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
10:46:39.0375 0920 Spooler - ok
10:46:39.0421 0920 SQLAgent$SFN - ok
10:46:39.0437 0920 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
10:46:39.0437 0920 sr - ok
10:46:39.0484 0920 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
10:46:39.0484 0920 srservice - ok
10:46:39.0515 0920 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:46:39.0515 0920 Srv - ok
10:46:39.0562 0920 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
10:46:39.0562 0920 SSDPSRV - ok
10:46:39.0578 0920 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
10:46:39.0578 0920 stisvc - ok
10:46:39.0609 0920 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:46:39.0609 0920 streamip - ok
10:46:39.0640 0920 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:46:39.0640 0920 swenum - ok
10:46:39.0640 0920 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:46:39.0640 0920 swmidi - ok
10:46:39.0671 0920 SwPrv - ok
10:46:39.0703 0920 symc810 - ok
10:46:39.0734 0920 symc8xx - ok
10:46:39.0750 0920 sym_hi - ok
10:46:39.0765 0920 sym_u3 - ok
10:46:39.0796 0920 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:46:39.0796 0920 sysaudio - ok
10:46:39.0828 0920 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
10:46:39.0828 0920 SysmonLog - ok
10:46:39.0843 0920 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
10:46:39.0843 0920 TapiSrv - ok
10:46:39.0875 0920 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:46:39.0890 0920 Tcpip - ok
10:46:39.0906 0920 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:46:39.0921 0920 TDPIPE - ok
10:46:39.0953 0920 tdrpman258 (8de3e45000ba8c9ebb16737d3f83e216) C:\WINDOWS\system32\DRIVERS\tdrpm258.sys
10:46:39.0968 0920 tdrpman258 - ok
10:46:39.0984 0920 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:46:39.0984 0920 TDTCP - ok
10:46:40.0000 0920 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:46:40.0000 0920 TermDD - ok
10:46:40.0031 0920 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
10:46:40.0031 0920 TermService - ok
10:46:40.0062 0920 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:46:40.0062 0920 Themes - ok
10:46:40.0093 0920 timounter (3e06987fedbcdfbff8e85ef8108565f9) C:\WINDOWS\system32\DRIVERS\timntr.sys
10:46:40.0109 0920 timounter - ok
10:46:40.0109 0920 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
10:46:40.0125 0920 TlntSvr - ok
10:46:40.0140 0920 TosIde - ok
10:46:40.0156 0920 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
10:46:40.0156 0920 TrkWks - ok
10:46:40.0250 0920 TuneUp.Defrag (e2ed90e8e36f6429402ac5831bbdaf82) C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
10:46:40.0250 0920 TuneUp.Defrag - ok
10:46:40.0296 0920 TuneUp.UtilitiesSvc (edec295f4ecf35c1fa475f24148f3b41) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
10:46:40.0312 0920 TuneUp.UtilitiesSvc - ok
10:46:40.0343 0920 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
10:46:40.0343 0920 TuneUpUtilitiesDrv - ok
10:46:40.0375 0920 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:46:40.0375 0920 Udfs - ok
10:46:40.0390 0920 ultra - ok
10:46:40.0437 0920 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:46:40.0437 0920 Update - ok
10:46:40.0468 0920 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
10:46:40.0484 0920 upnphost - ok
10:46:40.0515 0920 upperdev (78b74af8727a28c128e164e9b53a5413) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:46:40.0515 0920 upperdev - ok
10:46:40.0531 0920 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
10:46:40.0531 0920 UPS - ok
10:46:40.0593 0920 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:46:40.0593 0920 usbccgp - ok
10:46:40.0609 0920 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:46:40.0609 0920 usbehci - ok
10:46:40.0640 0920 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:46:40.0640 0920 usbhub - ok
10:46:40.0640 0920 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:46:40.0640 0920 usbprint - ok
10:46:40.0687 0920 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:46:40.0687 0920 usbscan - ok
10:46:40.0718 0920 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
10:46:40.0718 0920 usbser - ok
10:46:40.0750 0920 UsbserFilt (4f8fbc51a1c0a17310846b417a447f91) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:46:40.0750 0920 UsbserFilt - ok
10:46:40.0796 0920 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:46:40.0796 0920 USBSTOR - ok
10:46:40.0859 0920 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:46:40.0859 0920 usbuhci - ok
10:46:40.0906 0920 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
10:46:40.0906 0920 usbvideo - ok
10:46:40.0937 0920 UxTuneUp (f92a5abad86324c5d12a1973c91657f3) C:\WINDOWS\System32\uxtuneup.dll
10:46:40.0937 0920 UxTuneUp - ok
10:46:40.0984 0920 VCommUSB (b6d792be5f3eb7680f5bfcc2e679832e) C:\WINDOWS\system32\Drivers\VCommUSB.sys
10:46:40.0984 0920 VCommUSB - ok
10:46:41.0015 0920 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:46:41.0015 0920 VgaSave - ok
10:46:41.0031 0920 ViaIde - ok
10:46:41.0078 0920 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
10:46:41.0078 0920 VolSnap - ok
10:46:41.0093 0920 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
10:46:41.0109 0920 VSS - ok
10:46:41.0156 0920 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
10:46:41.0156 0920 W32Time - ok
10:46:41.0171 0920 W8335XP - ok
10:46:41.0218 0920 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:46:41.0218 0920 Wanarp - ok
10:46:41.0234 0920 wceusbsh (a2a8cacb5b80ac45cc69692e60621864) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
10:46:41.0234 0920 wceusbsh - ok
10:46:41.0281 0920 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
10:46:41.0281 0920 Wdf01000 - ok
10:46:41.0296 0920 WDICA - ok
10:46:41.0328 0920 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:46:41.0328 0920 wdmaud - ok
10:46:41.0359 0920 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
10:46:41.0359 0920 WebClient - ok
10:46:41.0421 0920 WinDriver6 (60c9339b020054ac604569ec7f4c995e) C:\WINDOWS\system32\drivers\windrvr6.sys
10:46:41.0421 0920 WinDriver6 - ok
10:46:41.0468 0920 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
10:46:41.0468 0920 winmgmt - ok
10:46:41.0515 0920 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
10:46:41.0515 0920 WmdmPmSN - ok
10:46:41.0562 0920 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
10:46:41.0562 0920 Wmi - ok
10:46:41.0593 0920 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:46:41.0593 0920 WmiApSrv - ok
10:46:41.0703 0920 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
10:46:41.0703 0920 WMPNetworkSvc - ok
10:46:41.0718 0920 WorkshopDBService - ok
10:46:41.0750 0920 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:46:41.0765 0920 WpdUsb - ok
10:46:41.0796 0920 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:46:41.0796 0920 WSTCODEC - ok
10:46:41.0828 0920 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
10:46:41.0828 0920 wuauserv - ok
10:46:41.0875 0920 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:46:41.0875 0920 WudfPf - ok
10:46:41.0890 0920 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:46:41.0890 0920 WudfRd - ok
10:46:41.0921 0920 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
10:46:41.0921 0920 WudfSvc - ok
10:46:41.0968 0920 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
10:46:41.0968 0920 WZCSVC - ok
10:46:41.0984 0920 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
10:46:41.0984 0920 xmlprov - ok
10:46:42.0000 0920 zlportio - ok
10:46:42.0031 0920 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\WINDOWS\system32\drivers\zntport.sys
10:46:42.0031 0920 zntport - ok
10:46:42.0078 0920 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
10:46:42.0171 0920 \Device\Harddisk0\DR0 - ok
10:46:42.0187 0920 Boot (0x1200) (ca73c1dc64f9547ae2a9df312be9c042) \Device\Harddisk0\DR0\Partition0
10:46:42.0187 0920 \Device\Harddisk0\DR0\Partition0 - ok
10:46:42.0187 0920 ============================================================
10:46:42.0187 0920 Scan finished
10:46:42.0187 0920 ============================================================
10:46:42.0218 1688 Detected object count: 3
10:46:42.0218 1688 Actual detected object count: 3
10:47:10.0937 1688 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
10:47:11.0140 1688 Backup copy found, using it..
10:47:11.0140 1688 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
10:47:11.0140 1688 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
10:47:11.0203 1688 C:\WINDOWS\system32\DRIVERS\cdrom.sys - copied to quarantine
10:47:11.0218 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\@ - copied to quarantine
10:47:11.0218 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\cfg.ini - copied to quarantine
10:47:11.0218 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\Desktop.ini - copied to quarantine
10:47:11.0234 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\L\fqifncma - copied to quarantine
10:47:11.0281 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\oemid - copied to quarantine
10:47:11.0328 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\twl.dll - copied to quarantine
10:47:11.0343 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\00000001.@ - copied to quarantine
10:47:11.0375 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\00000002.@ - copied to quarantine
10:47:11.0390 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\00000004.@ - copied to quarantine
10:47:11.0421 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\80000000.@ - copied to quarantine
10:47:11.0437 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\80000004.@ - copied to quarantine
10:47:11.0437 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\80000032.@ - copied to quarantine
10:47:11.0437 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\version - copied to quarantine
10:47:11.0562 1688 Backup copy found, using it..
10:47:11.0562 1688 C:\WINDOWS\system32\DRIVERS\cdrom.sys - will be cured on reboot
10:47:12.0593 1688 C:\WINDOWS\$NtUninstallKB13534$\1410479551 - will be deleted on reboot
10:47:12.0593 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\@ - will be deleted on reboot
10:47:12.0593 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\cfg.ini - will be deleted on reboot
10:47:12.0593 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\Desktop.ini - will be deleted on reboot
10:47:12.0625 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\oemid - will be deleted on reboot
10:47:12.0625 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\twl.dll - will be deleted on reboot
10:47:12.0656 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\00000001.@ - will be deleted on reboot
10:47:12.0656 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\00000002.@ - will be deleted on reboot
10:47:12.0656 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\00000004.@ - will be deleted on reboot
10:47:12.0656 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\80000000.@ - will be deleted on reboot
10:47:12.0656 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\80000004.@ - will be deleted on reboot
10:47:12.0656 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\U\80000032.@ - will be deleted on reboot
10:47:12.0656 1688 C:\WINDOWS\$NtUninstallKB13534$\1813534918\version - will be deleted on reboot
10:47:12.0656 1688 Cdrom ( Virus.Win32.ZAccess.aml ) - User select action: Cure
10:47:12.0671 1688 C:\WINDOWS\system32\elbydelay.dll - copied to quarantine
10:47:12.0671 1688 HKLM\SYSTEM\ControlSet001\services\emu10k - will be deleted on reboot
10:47:12.0703 1688 C:\WINDOWS\system32\elbydelay.dll - will be deleted on reboot
10:47:12.0703 1688 emu10k ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete
10:47:51.0859 0828 Deinitialize success

sartaj · #9 Příspěvek od **sartaj** » 02 dub 2012 09:55

A posledni log zde

10:49:53.0765 0500 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
10:49:53.0875 0500 ============================================================
10:49:53.0875 0500 Current date / time: 2012/04/02 10:49:53.0875
10:49:53.0875 0500 SystemInfo:
10:49:53.0875 0500
10:49:53.0875 0500 OS Version: 5.1.2600 ServicePack: 3.0
10:49:53.0875 0500 Product type: Workstation
10:49:53.0875 0500 ComputerName: STANIK
10:49:53.0875 0500 UserName: Standa
10:49:53.0875 0500 Windows directory: C:\WINDOWS
10:49:53.0875 0500 System windows directory: C:\WINDOWS
10:49:53.0875 0500 Processor architecture: Intel x86
10:49:53.0875 0500 Number of processors: 2
10:49:53.0875 0500 Page size: 0x1000
10:49:53.0875 0500 Boot type: Safe boot with network
10:49:53.0875 0500 ============================================================
10:49:54.0953 0500 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:49:54.0953 0500 \Device\Harddisk0\DR0:
10:49:54.0953 0500 MBR used
10:49:54.0953 0500 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
10:49:55.0015 0500 Initialize success
10:49:55.0015 0500 ============================================================
10:49:55.0890 0924 ============================================================
10:49:55.0890 0924 Scan started
10:49:55.0890 0924 Mode: Manual;
10:49:55.0890 0924 ============================================================
10:49:56.0531 0924 Abiosdsk - ok
10:49:56.0546 0924 abp480n5 - ok
10:49:56.0609 0924 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:49:56.0609 0924 ACPI - ok
10:49:56.0625 0924 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:49:56.0625 0924 ACPIEC - ok
10:49:56.0703 0924 AcrSch2Svc (f6a4bc03dd6ef8a5794a865dede28b23) C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
10:49:56.0718 0924 AcrSch2Svc - ok
10:49:56.0765 0924 adatadrv (5ee8aaa16951e46d197392ba6f2402ea) C:\WINDOWS\system32\DRIVERS\adatadrv.sys
10:49:56.0781 0924 adatadrv - ok
10:49:56.0781 0924 adpu160m - ok
10:49:56.0828 0924 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:49:56.0828 0924 aec - ok
10:49:56.0875 0924 afcdp (ef1afa9752e468013584585666a3b119) C:\WINDOWS\system32\DRIVERS\afcdp.sys
10:49:56.0875 0924 afcdp - ok
10:49:56.0953 0924 afcdpsrv (b8c03e224e49e0f9726cddef872237eb) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
10:49:56.0968 0924 afcdpsrv - ok
10:49:57.0015 0924 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:49:57.0015 0924 AFD - ok
10:49:57.0031 0924 Aha154x - ok
10:49:57.0046 0924 aic78u2 - ok
10:49:57.0062 0924 aic78xx - ok
10:49:57.0109 0924 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
10:49:57.0109 0924 Alerter - ok
10:49:57.0140 0924 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
10:49:57.0140 0924 ALG - ok
10:49:57.0156 0924 AliIde - ok
10:49:57.0218 0924 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
10:49:57.0234 0924 Ambfilt - ok
10:49:57.0250 0924 amsint - ok
10:49:57.0281 0924 AMTCAR (3cea8dbb1e1bbff633ddf72a924e91fe) C:\WINDOWS\system32\Drivers\AmtCar.sys
10:49:57.0281 0924 AMTCAR - ok
10:49:57.0312 0924 AppleCharger (75a8b998eb259dd512f01ea25bec7f3b) C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
10:49:57.0312 0924 AppleCharger - ok
10:49:57.0343 0924 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\WINDOWS\system32\AppleChargerSrv.exe
10:49:57.0343 0924 AppleChargerSrv - ok
10:49:57.0359 0924 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
10:49:57.0359 0924 AppMgmt - ok
10:49:57.0375 0924 asc - ok
10:49:57.0406 0924 asc3350p - ok
10:49:57.0421 0924 asc3550 - ok
10:49:57.0515 0924 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:49:57.0515 0924 aspnet_state - ok
10:49:57.0531 0924 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:49:57.0531 0924 AsyncMac - ok
10:49:57.0562 0924 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:49:57.0562 0924 atapi - ok
10:49:57.0578 0924 Atdisk - ok
10:49:57.0593 0924 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:49:57.0593 0924 Atmarpc - ok
10:49:57.0640 0924 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
10:49:57.0640 0924 AudioSrv - ok
10:49:57.0687 0924 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:49:57.0687 0924 audstub - ok
10:49:57.0796 0924 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
10:49:57.0796 0924 BCUService - ok
10:49:57.0843 0924 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:49:57.0843 0924 Beep - ok
10:49:57.0859 0924 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
10:49:57.0906 0924 BITS - ok
10:49:57.0937 0924 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
10:49:57.0937 0924 Browser - ok
10:49:57.0968 0924 BrUsbScn (1c5f014048e5b2748c1a8ad297c50b6f) C:\WINDOWS\system32\Drivers\BrUsbScn.sys
10:49:57.0968 0924 BrUsbScn - ok
10:49:58.0015 0924 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:49:58.0015 0924 cbidf2k - ok
10:49:58.0046 0924 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:49:58.0046 0924 CCDECODE - ok
10:49:58.0062 0924 cd20xrnt - ok
10:49:58.0078 0924 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:49:58.0078 0924 Cdaudio - ok
10:49:58.0109 0924 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:49:58.0109 0924 Cdfs - ok
10:49:58.0140 0924 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:49:58.0140 0924 Cdrom - ok
10:49:58.0140 0924 Changer - ok
10:49:58.0187 0924 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
10:49:58.0187 0924 CiSvc - ok
10:49:58.0187 0924 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
10:49:58.0203 0924 ClipSrv - ok
10:49:58.0234 0924 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:49:58.0234 0924 clr_optimization_v2.0.50727_32 - ok
10:49:58.0250 0924 CmdIde - ok
10:49:58.0265 0924 COMSysApp - ok
10:49:58.0296 0924 Cpqarray - ok
10:49:58.0328 0924 Crypkey License - ok
10:49:58.0359 0924 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
10:49:58.0359 0924 CryptSvc - ok
10:49:58.0375 0924 CTU2K (b907d2b20db2f6392995f5379e2a9666) C:\WINDOWS\system32\Drivers\CTU2K.sys
10:49:58.0375 0924 CTU2K - ok
10:49:58.0406 0924 dac2w2k - ok
10:49:58.0421 0924 dac960nt - ok
10:49:58.0453 0924 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
10:49:58.0468 0924 DcomLaunch - ok
10:49:58.0484 0924 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
10:49:58.0484 0924 Dhcp - ok
10:49:58.0500 0924 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:49:58.0500 0924 Disk - ok
10:49:58.0515 0924 dmadmin - ok
10:49:58.0562 0924 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
10:49:58.0562 0924 dmboot - ok
10:49:58.0578 0924 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
10:49:58.0578 0924 dmio - ok
10:49:58.0593 0924 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:49:58.0593 0924 dmload - ok
10:49:58.0625 0924 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
10:49:58.0625 0924 dmserver - ok
10:49:58.0656 0924 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:49:58.0656 0924 DMusic - ok
10:49:58.0687 0924 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
10:49:58.0687 0924 Dnscache - ok
10:49:58.0750 0924 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
10:49:58.0750 0924 Dot3svc - ok
10:49:58.0765 0924 dpti2o - ok
10:49:58.0781 0924 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:49:58.0781 0924 drmkaud - ok
10:49:58.0843 0924 DS1410D (20747e2cd3ae1f390feb8b18b522aac8) C:\WINDOWS\system32\drivers\DS1410D.SYS
10:49:58.0859 0924 DS1410D - ok
10:49:58.0890 0924 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
10:49:58.0890 0924 dtsoftbus01 - ok
10:49:58.0937 0924 eamon (af82dc664e3d8e2cba3b95e68f6448a7) C:\WINDOWS\system32\DRIVERS\eamon.sys
10:49:58.0937 0924 eamon - ok
10:49:58.0953 0924 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
10:49:58.0968 0924 EapHost - ok
10:49:58.0984 0924 ehdrv (686a799c1bf1b18941994daf9f45db06) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
10:49:58.0984 0924 ehdrv - ok
10:49:59.0078 0924 EhttpSrv (9329ba45c8b97485926a171e34c2abb8) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
10:49:59.0078 0924 EhttpSrv - ok
10:49:59.0156 0924 ekrn (3543c6195d5ed4eda0316d3e1ba0e6ee) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
10:49:59.0171 0924 ekrn - ok
10:49:59.0203 0924 ElbyCDFL (fde8e895abe0859fb031f7aec455765f) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
10:49:59.0203 0924 ElbyCDFL - ok
10:49:59.0234 0924 ElbyCDIO (e4788e5b3e5f0a0bbb318a9c426c2812) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
10:49:59.0234 0924 ElbyCDIO - ok
10:49:59.0265 0924 epfw (39f48a0784be8465cd1ac80b36d61613) C:\WINDOWS\system32\DRIVERS\epfw.sys
10:49:59.0265 0924 epfw - ok
10:49:59.0281 0924 Epfwndis (3b47010b2425b69826004767e59045ba) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
10:49:59.0281 0924 Epfwndis - ok
10:49:59.0328 0924 epfwtdi (763c43360a541c92ef6c97452b312f3b) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
10:49:59.0343 0924 epfwtdi - ok
10:49:59.0359 0924 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
10:49:59.0359 0924 ERSvc - ok
10:49:59.0390 0924 ES lite Service (b8fa96995726d1fa58476e352c02ad82) C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
10:49:59.0406 0924 ES lite Service - ok
10:49:59.0453 0924 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
10:49:59.0453 0924 Eventlog - ok
10:49:59.0500 0924 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
10:49:59.0500 0924 EventSystem - ok
10:49:59.0546 0924 ezusb (330451cbab2ab9c7561f2b9fa75058e3) C:\WINDOWS\system32\DRIVERS\ezusb.sys
10:49:59.0546 0924 ezusb - ok
10:49:59.0578 0924 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:49:59.0578 0924 Fastfat - ok
10:49:59.0609 0924 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:49:59.0609 0924 FastUserSwitchingCompatibility - ok
10:49:59.0640 0924 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
10:49:59.0640 0924 Fdc - ok
10:49:59.0656 0924 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
10:49:59.0656 0924 Fips - ok
10:49:59.0734 0924 FirebirdGuardianDefaultInstance - ok
10:49:59.0750 0924 FirebirdServerDefaultInstance - ok
10:49:59.0765 0924 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
10:49:59.0765 0924 Flpydisk - ok
10:49:59.0828 0924 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:49:59.0828 0924 FltMgr - ok
10:49:59.0921 0924 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:49:59.0921 0924 FontCache3.0.0.0 - ok
10:49:59.0937 0924 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:49:59.0937 0924 Fs_Rec - ok
10:49:59.0968 0924 FTD2XX (7b8d8f52675c0b699fa42dd235a4421c) C:\WINDOWS\system32\Drivers\VAGUSB.sys
10:49:59.0968 0924 FTD2XX - ok
10:50:00.0000 0924 FTDIBUS (aae37f0f2f613218dce17b42a18c38db) C:\WINDOWS\system32\drivers\ftdibus.sys
10:50:00.0000 0924 FTDIBUS - ok
10:50:00.0031 0924 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:50:00.0031 0924 Ftdisk - ok
10:50:00.0078 0924 FTSER2K (63d72a4cf9f163b59db0ceed940a7d76) C:\WINDOWS\system32\drivers\ftser2k.sys
10:50:00.0078 0924 FTSER2K - ok
10:50:00.0109 0924 gdrv (d556cb79967e92b5cc69686d16c1d846) C:\WINDOWS\gdrv.sys
10:50:00.0781 0924 gdrv - ok
10:50:00.0859 0924 GIVEIO (6914627bb24739b1dc1d3c03aa24833d) C:\WINDOWS\SYSTEM32\DRIVERS\GIVEIO.SYS
10:50:00.0859 0924 GIVEIO - ok
10:50:00.0890 0924 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:50:00.0890 0924 Gpc - ok
10:50:00.0937 0924 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:50:00.0937 0924 HDAudBus - ok
10:50:00.0984 0924 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:50:00.0984 0924 helpsvc - ok
10:50:01.0015 0924 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
10:50:01.0015 0924 HidServ - ok
10:50:01.0078 0924 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:50:01.0078 0924 HidUsb - ok
10:50:01.0109 0924 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
10:50:01.0125 0924 hkmsvc - ok
10:50:01.0140 0924 hpn - ok
10:50:01.0187 0924 HS4l (1b0e22b35fc20868e2542afa4a5b778e) C:\WINDOWS\system32\DRIVERS\HS4l.sys
10:50:01.0187 0924 HS4l - ok
10:50:01.0203 0924 HS4r (394c9f8d2e0932987e877b344dbe406a) C:\WINDOWS\system32\DRIVERS\HS4r.sys
10:50:01.0203 0924 HS4r - ok
10:50:01.0250 0924 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:50:01.0250 0924 HTTP - ok
10:50:01.0265 0924 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
10:50:01.0265 0924 HTTPFilter - ok
10:50:01.0296 0924 i2omgmt - ok
10:50:01.0312 0924 i2omp - ok
10:50:01.0343 0924 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:50:01.0343 0924 i8042prt - ok
10:50:01.0406 0924 ialm (0a50599e2afecc2142329bdd7a137463) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
10:50:01.0421 0924 ialm - ok
10:50:01.0531 0924 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:50:01.0531 0924 idsvc - ok
10:50:01.0546 0924 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:50:01.0546 0924 Imapi - ok
10:50:01.0593 0924 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
10:50:01.0593 0924 ImapiService - ok
10:50:01.0625 0924 ini910u - ok
10:50:01.0765 0924 IntcAzAudAddService (991f90d02ec0ec6a425e1c0b1d822562) C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:50:01.0828 0924 IntcAzAudAddService - ok
10:50:01.0843 0924 IntelIde - ok
10:50:01.0875 0924 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:50:01.0875 0924 intelppm - ok
10:50:01.0906 0924 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:50:01.0906 0924 Ip6Fw - ok
10:50:01.0937 0924 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:50:01.0937 0924 IpFilterDriver - ok
10:50:01.0953 0924 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:50:01.0953 0924 IpInIp - ok
10:50:01.0984 0924 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:50:01.0984 0924 IpNat - ok
10:50:02.0000 0924 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:50:02.0015 0924 IPSec - ok
10:50:02.0031 0924 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:50:02.0031 0924 IRENUM - ok
10:50:02.0078 0924 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:50:02.0078 0924 isapnp - ok
10:50:02.0093 0924 ivscheduler - ok
10:50:02.0234 0924 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
10:50:02.0250 0924 JavaQuickStarterService - ok
10:50:02.0265 0924 jlink (2a2b575b66e9843c55a7e63218b4ef9f) C:\WINDOWS\system32\Drivers\jlink.sys
10:50:02.0265 0924 jlink - ok
10:50:02.0312 0924 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:50:02.0312 0924 Kbdclass - ok
10:50:02.0328 0924 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:50:02.0328 0924 kbdhid - ok
10:50:02.0375 0924 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:50:02.0375 0924 kmixer - ok
10:50:02.0406 0924 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:50:02.0406 0924 KSecDD - ok
10:50:02.0437 0924 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
10:50:02.0437 0924 lanmanserver - ok
10:50:02.0468 0924 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
10:50:02.0468 0924 lanmanworkstation - ok
10:50:02.0562 0924 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
10:50:02.0578 0924 Lavasoft Ad-Aware Service - ok
10:50:02.0609 0924 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
10:50:02.0609 0924 Lavasoft Kernexplorer - ok
10:50:02.0656 0924 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
10:50:02.0656 0924 Lbd - ok
10:50:02.0656 0924 lbrtfdc - ok
10:50:02.0750 0924 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
10:50:02.0750 0924 LmHosts - ok
10:50:02.0765 0924 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
10:50:02.0765 0924 MBAMProtector - ok
10:50:02.0828 0924 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:50:02.0828 0924 MBAMService - ok
10:50:02.0875 0924 MegaSR (11028c6a84a967070cb1286550f2058f) C:\WINDOWS\system32\SNMP.dll
10:50:02.0875 0924 MegaSR ( Backdoor.Multi.ZAccess.gen ) - infected
10:50:02.0875 0924 MegaSR - detected Backdoor.Multi.ZAccess.gen (0)
10:50:02.0890 0924 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
10:50:02.0890 0924 Messenger - ok
10:50:02.0937 0924 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:50:02.0937 0924 mnmdd - ok
10:50:02.0953 0924 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
10:50:02.0953 0924 mnmsrvc - ok
10:50:03.0000 0924 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
10:50:03.0000 0924 Modem - ok
10:50:03.0046 0924 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
10:50:03.0062 0924 Monfilt - ok
10:50:03.0093 0924 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:50:03.0093 0924 Mouclass - ok
10:50:03.0140 0924 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:50:03.0140 0924 mouhid - ok
10:50:03.0140 0924 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:50:03.0140 0924 MountMgr - ok
10:50:03.0171 0924 mraid35x - ok
10:50:03.0187 0924 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:50:03.0187 0924 MRxDAV - ok
10:50:03.0250 0924 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:50:03.0250 0924 MRxSmb - ok
10:50:03.0281 0924 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
10:50:03.0281 0924 MSDTC - ok
10:50:03.0312 0924 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:50:03.0312 0924 Msfs - ok
10:50:03.0328 0924 MSIServer - ok
10:50:03.0375 0924 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:50:03.0375 0924 MSKSSRV - ok
10:50:03.0390 0924 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:50:03.0390 0924 MSPCLOCK - ok
10:50:03.0421 0924 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:50:03.0421 0924 MSPQM - ok
10:50:03.0437 0924 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:50:03.0437 0924 mssmbios - ok
10:50:03.0500 0924 MSSQL$SFN - ok
10:50:03.0562 0924 MSSQLServerADHelper (cb7524c21727404bd3140dca32deb7de) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
10:50:03.0562 0924 MSSQLServerADHelper - ok
10:50:03.0578 0924 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
10:50:03.0578 0924 MSTEE - ok
10:50:03.0593 0924 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:50:03.0609 0924 Mup - ok
10:50:03.0625 0924 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:50:03.0625 0924 NABTSFEC - ok
10:50:03.0656 0924 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
10:50:03.0671 0924 napagent - ok
10:50:03.0671 0924 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:50:03.0687 0924 NDIS - ok
10:50:03.0734 0924 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:50:03.0734 0924 NdisIP - ok
10:50:03.0750 0924 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:50:03.0750 0924 NdisTapi - ok
10:50:03.0765 0924 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:50:03.0765 0924 Ndisuio - ok
10:50:03.0781 0924 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:50:03.0781 0924 NdisWan - ok
10:50:03.0828 0924 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:50:03.0828 0924 NDProxy - ok
10:50:03.0859 0924 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:50:03.0859 0924 NetBIOS - ok
10:50:03.0890 0924 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:50:03.0890 0924 NetBT - ok
10:50:03.0921 0924 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
10:50:03.0921 0924 NetDDE - ok
10:50:03.0937 0924 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
10:50:03.0937 0924 NetDDEdsdm - ok
10:50:03.0968 0924 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:50:03.0968 0924 Netlogon - ok
10:50:04.0000 0924 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
10:50:04.0000 0924 Netman - ok
10:50:04.0062 0924 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:50:04.0062 0924 NetTcpPortSharing - ok
10:50:04.0109 0924 NetworkX (9446d03271baf3496bbd2957d2732fd2) C:\WINDOWS\system32\ckldrv.sys
10:50:04.0109 0924 NetworkX - ok
10:50:04.0156 0924 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
10:50:04.0156 0924 Nla - ok
10:50:04.0250 0924 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:50:04.0250 0924 NMIndexingService - ok
10:50:04.0281 0924 nmwcd (b0a67de1a128389aea4d42c5a56215fd) C:\WINDOWS\system32\drivers\ccdcmb.sys
10:50:04.0281 0924 nmwcd - ok
10:50:04.0312 0924 nmwcdc (025c54f9f8c8bc1894ea38529c742c54) C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:50:04.0312 0924 nmwcdc - ok
10:50:04.0359 0924 nmwcdnsu (4f0de685a96dc843ccc8a861b3fac12d) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
10:50:04.0359 0924 nmwcdnsu - ok
10:50:04.0390 0924 nmwcdnsuc (578117c0c0cf10d99c8853e83c4bc63c) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
10:50:04.0390 0924 nmwcdnsuc - ok
10:50:04.0421 0924 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
10:50:04.0421 0924 NPF - ok
10:50:04.0437 0924 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:50:04.0437 0924 Npfs - ok
10:50:04.0468 0924 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:50:04.0468 0924 Ntfs - ok
10:50:04.0484 0924 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:50:04.0484 0924 NtLmSsp - ok
10:50:04.0515 0924 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
10:50:04.0531 0924 NtmsSvc - ok
10:50:04.0562 0924 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:50:04.0562 0924 Null - ok
10:50:04.0578 0924 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:50:04.0593 0924 NwlnkFlt - ok
10:50:04.0609 0924 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:50:04.0609 0924 NwlnkFwd - ok
10:50:04.0703 0924 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:50:04.0703 0924 odserv - ok
10:50:04.0734 0924 oreans32 (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
10:50:04.0734 0924 oreans32 - ok
10:50:04.0765 0924 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:50:04.0765 0924 ose - ok
10:50:04.0843 0924 pardrv (6775738192f4d3e13ac68aca3565d239) C:\WINDOWS\system32\drivers\pardrv.sys
10:50:04.0843 0924 pardrv - ok
10:50:04.0875 0924 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
10:50:04.0875 0924 Parport - ok
10:50:04.0890 0924 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:50:04.0890 0924 PartMgr - ok
10:50:04.0906 0924 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
10:50:04.0906 0924 ParVdm - ok
10:50:04.0937 0924 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:50:04.0937 0924 pccsmcfd - ok
10:50:04.0953 0924 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
10:50:04.0953 0924 PCI - ok
10:50:04.0968 0924 PCIDump - ok
10:50:05.0000 0924 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:50:05.0000 0924 PCIIde - ok
10:50:05.0031 0924 PciPPorts (86f4acf0eab9b275d1d71e3a6540d2f5) C:\WINDOWS\system32\DRIVERS\PciPPorts.sys
10:50:05.0031 0924 PciPPorts - ok
10:50:05.0046 0924 PciSPorts (f1cd23597c138f9d5d87cebd7cf59771) C:\WINDOWS\system32\DRIVERS\PciSPorts.sys
10:50:05.0046 0924 PciSPorts - ok
10:50:05.0078 0924 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:50:05.0078 0924 Pcmcia - ok
10:50:05.0093 0924 PDCOMP - ok
10:50:05.0109 0924 PDFRAME - ok
10:50:05.0125 0924 PDRELI - ok
10:50:05.0156 0924 PDRFRAME - ok
10:50:05.0203 0924 PEDRV (ec726effe5e7736f555b864e21a121d9) C:\WINDOWS\system32\drivers\PEDRV.sys
10:50:05.0203 0924 PEDRV - ok
10:50:05.0203 0924 perc2 - ok
10:50:05.0234 0924 perc2hib - ok
10:50:05.0312 0924 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
10:50:05.0312 0924 PlugPlay - ok
10:50:05.0328 0924 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:50:05.0328 0924 PolicyAgent - ok
10:50:05.0359 0924 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:50:05.0359 0924 PptpMiniport - ok
10:50:05.0375 0924 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:50:05.0375 0924 ProtectedStorage - ok
10:50:05.0390 0924 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:50:05.0390 0924 PSched - ok
10:50:05.0406 0924 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:50:05.0406 0924 Ptilink - ok
10:50:05.0437 0924 ql1080 - ok
10:50:05.0453 0924 Ql10wnt - ok
10:50:05.0484 0924 ql12160 - ok
10:50:05.0500 0924 ql1240 - ok
10:50:05.0515 0924 ql1280 - ok
10:50:05.0546 0924 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:50:05.0546 0924 RasAcd - ok
10:50:05.0593 0924 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
10:50:05.0593 0924 RasAuto - ok
10:50:05.0609 0924 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:50:05.0609 0924 Rasl2tp - ok
10:50:05.0656 0924 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
10:50:05.0656 0924 RasMan - ok
10:50:05.0671 0924 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:50:05.0671 0924 RasPppoe - ok
10:50:05.0687 0924 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:50:05.0687 0924 Raspti - ok
10:50:05.0734 0924 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:50:05.0734 0924 Rdbss - ok
10:50:05.0734 0924 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:50:05.0750 0924 RDPCDD - ok
10:50:05.0765 0924 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:50:05.0781 0924 rdpdr - ok
10:50:05.0828 0924 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
10:50:05.0828 0924 RDPWD - ok
10:50:05.0843 0924 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
10:50:05.0843 0924 RDSessMgr - ok
10:50:05.0859 0924 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:50:05.0859 0924 redbook - ok
10:50:05.0906 0924 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
10:50:05.0906 0924 RemoteAccess - ok
10:50:05.0953 0924 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
10:50:05.0953 0924 RemoteRegistry - ok
10:50:05.0968 0924 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
10:50:05.0968 0924 RpcLocator - ok
10:50:06.0000 0924 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
10:50:06.0000 0924 RpcSs - ok
10:50:06.0031 0924 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
10:50:06.0031 0924 RSVP - ok
10:50:06.0062 0924 RT-USB (f1813d9e031b0e2e090ac6489ffd1007) C:\WINDOWS\system32\drivers\RT-USB.SYS
10:50:06.0062 0924 RT-USB - ok
10:50:06.0093 0924 RTLE8023xp (a1ad65718870dbf2bcb81e3c1406469e) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
10:50:06.0093 0924 RTLE8023xp - ok
10:50:06.0109 0924 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:50:06.0109 0924 SamSs - ok
10:50:06.0125 0924 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
10:50:06.0125 0924 SCardSvr - ok
10:50:06.0156 0924 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
10:50:06.0156 0924 Schedule - ok
10:50:06.0203 0924 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:50:06.0203 0924 Secdrv - ok
10:50:06.0234 0924 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
10:50:06.0234 0924 seclogon - ok
10:50:06.0250 0924 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
10:50:06.0250 0924 SENS - ok
10:50:06.0296 0924 Sentinel (a2cc81c30bef6ac9f27055490eef6de3) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
10:50:06.0296 0924 Sentinel - ok
10:50:06.0390 0924 SentinelKeysServer (a9eeb7b09b898a53ec8b7063b923ac32) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
10:50:06.0390 0924 SentinelKeysServer - ok
10:50:06.0421 0924 SentinelProtectionServer (fd8723219c907c7ab753c93334fa4610) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
10:50:06.0421 0924 SentinelProtectionServer - ok
10:50:06.0437 0924 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:50:06.0437 0924 serenum - ok
10:50:06.0453 0924 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
10:50:06.0453 0924 Serial - ok
10:50:06.0531 0924 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:50:06.0546 0924 ServiceLayer - ok
10:50:06.0593 0924 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:50:06.0593 0924 Sfloppy - ok
10:50:06.0640 0924 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
10:50:06.0640 0924 SharedAccess - ok
10:50:06.0687 0924 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:50:06.0687 0924 ShellHWDetection - ok
10:50:06.0703 0924 Simbad - ok
10:50:06.0781 0924 SIUSBXP (599f3715602f4cb09ad0fdc606e3b9d9) C:\WINDOWS\system32\drivers\SiUSBXp.sys
10:50:06.0781 0924 SIUSBXP - ok
10:50:06.0828 0924 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:50:06.0828 0924 SLIP - ok
10:50:06.0875 0924 snapman (5bceb1b306878035dacba6dd18366eda) C:\WINDOWS\system32\DRIVERS\snapman.sys
10:50:06.0875 0924 snapman - ok
10:50:06.0890 0924 SNTNLUSB (9de6e60ce7fd82b4985de5d9c22265ad) C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
10:50:06.0890 0924 SNTNLUSB - ok
10:50:06.0906 0924 Sparrow - ok
10:50:06.0953 0924 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:50:06.0953 0924 splitter - ok
10:50:06.0984 0924 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
10:50:07.0000 0924 Spooler - ok
10:50:07.0031 0924 SQLAgent$SFN - ok
10:50:07.0046 0924 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
10:50:07.0046 0924 sr - ok
10:50:07.0109 0924 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
10:50:07.0109 0924 srservice - ok
10:50:07.0140 0924 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:50:07.0140 0924 Srv - ok
10:50:07.0171 0924 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
10:50:07.0171 0924 SSDPSRV - ok
10:50:07.0187 0924 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
10:50:07.0187 0924 stisvc - ok
10:50:07.0218 0924 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:50:07.0218 0924 streamip - ok
10:50:07.0250 0924 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:50:07.0250 0924 swenum - ok
10:50:07.0265 0924 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:50:07.0265 0924 swmidi - ok
10:50:07.0281 0924 SwPrv - ok
10:50:07.0312 0924 symc810 - ok
10:50:07.0328 0924 symc8xx - ok
10:50:07.0359 0924 sym_hi - ok
10:50:07.0375 0924 sym_u3 - ok
10:50:07.0406 0924 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:50:07.0406 0924 sysaudio - ok
10:50:07.0437 0924 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
10:50:07.0437 0924 SysmonLog - ok
10:50:07.0453 0924 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
10:50:07.0453 0924 TapiSrv - ok
10:50:07.0484 0924 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:50:07.0500 0924 Tcpip - ok
10:50:07.0515 0924 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:50:07.0531 0924 TDPIPE - ok
10:50:07.0562 0924 tdrpman258 (8de3e45000ba8c9ebb16737d3f83e216) C:\WINDOWS\system32\DRIVERS\tdrpm258.sys
10:50:07.0578 0924 tdrpman258 - ok
10:50:07.0593 0924 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:50:07.0593 0924 TDTCP - ok
10:50:07.0609 0924 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:50:07.0609 0924 TermDD - ok
10:50:07.0640 0924 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
10:50:07.0640 0924 TermService - ok
10:50:07.0687 0924 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:50:07.0687 0924 Themes - ok
10:50:07.0718 0924 timounter (3e06987fedbcdfbff8e85ef8108565f9) C:\WINDOWS\system32\DRIVERS\timntr.sys
10:50:07.0718 0924 timounter - ok
10:50:07.0734 0924 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
10:50:07.0734 0924 TlntSvr - ok
10:50:07.0765 0924 TosIde - ok
10:50:07.0781 0924 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
10:50:07.0781 0924 TrkWks - ok
10:50:07.0875 0924 TuneUp.Defrag (e2ed90e8e36f6429402ac5831bbdaf82) C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
10:50:07.0875 0924 TuneUp.Defrag - ok
10:50:07.0921 0924 TuneUp.UtilitiesSvc (edec295f4ecf35c1fa475f24148f3b41) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
10:50:07.0937 0924 TuneUp.UtilitiesSvc - ok
10:50:07.0953 0924 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
10:50:07.0953 0924 TuneUpUtilitiesDrv - ok
10:50:07.0984 0924 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:50:07.0984 0924 Udfs - ok
10:50:08.0000 0924 ultra - ok
10:50:08.0046 0924 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:50:08.0046 0924 Update - ok
10:50:08.0078 0924 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
10:50:08.0093 0924 upnphost - ok
10:50:08.0125 0924 upperdev (78b74af8727a28c128e164e9b53a5413) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:50:08.0125 0924 upperdev - ok
10:50:08.0140 0924 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
10:50:08.0140 0924 UPS - ok
10:50:08.0203 0924 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:50:08.0203 0924 usbccgp - ok
10:50:08.0234 0924 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:50:08.0234 0924 usbehci - ok
10:50:08.0250 0924 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:50:08.0250 0924 usbhub - ok
10:50:08.0265 0924 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:50:08.0265 0924 usbprint - ok
10:50:08.0296 0924 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:50:08.0296 0924 usbscan - ok
10:50:08.0343 0924 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
10:50:08.0343 0924 usbser - ok
10:50:08.0359 0924 UsbserFilt (4f8fbc51a1c0a17310846b417a447f91) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:50:08.0359 0924 UsbserFilt - ok
10:50:08.0390 0924 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:50:08.0390 0924 USBSTOR - ok
10:50:08.0421 0924 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:50:08.0421 0924 usbuhci - ok
10:50:08.0453 0924 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
10:50:08.0453 0924 usbvideo - ok
10:50:08.0484 0924 UxTuneUp (f92a5abad86324c5d12a1973c91657f3) C:\WINDOWS\System32\uxtuneup.dll
10:50:08.0484 0924 UxTuneUp - ok
10:50:08.0515 0924 VCommUSB (b6d792be5f3eb7680f5bfcc2e679832e) C:\WINDOWS\system32\Drivers\VCommUSB.sys
10:50:08.0515 0924 VCommUSB - ok
10:50:08.0546 0924 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:50:08.0546 0924 VgaSave - ok
10:50:08.0562 0924 ViaIde - ok
10:50:08.0578 0924 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
10:50:08.0578 0924 VolSnap - ok
10:50:08.0593 0924 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
10:50:08.0609 0924 VSS - ok
10:50:08.0625 0924 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
10:50:08.0625 0924 W32Time - ok
10:50:08.0656 0924 W8335XP - ok
10:50:08.0687 0924 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:50:08.0687 0924 Wanarp - ok
10:50:08.0703 0924 wceusbsh (a2a8cacb5b80ac45cc69692e60621864) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
10:50:08.0703 0924 wceusbsh - ok
10:50:08.0750 0924 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
10:50:08.0750 0924 Wdf01000 - ok
10:50:08.0765 0924 WDICA - ok
10:50:08.0796 0924 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:50:08.0796 0924 wdmaud - ok
10:50:08.0828 0924 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
10:50:08.0828 0924 WebClient - ok
10:50:08.0890 0924 WinDriver6 (60c9339b020054ac604569ec7f4c995e) C:\WINDOWS\system32\drivers\windrvr6.sys
10:50:08.0890 0924 WinDriver6 - ok
10:50:08.0953 0924 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
10:50:08.0953 0924 winmgmt - ok
10:50:09.0015 0924 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
10:50:09.0015 0924 WmdmPmSN - ok
10:50:09.0062 0924 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
10:50:09.0062 0924 Wmi - ok
10:50:09.0093 0924 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:50:09.0093 0924 WmiApSrv - ok
10:50:09.0187 0924 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
10:50:09.0203 0924 WMPNetworkSvc - ok
10:50:09.0203 0924 WorkshopDBService - ok
10:50:09.0250 0924 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:50:09.0250 0924 WpdUsb - ok
10:50:09.0281 0924 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:50:09.0281 0924 WSTCODEC - ok
10:50:09.0312 0924 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
10:50:09.0312 0924 wuauserv - ok
10:50:09.0359 0924 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:50:09.0359 0924 WudfPf - ok
10:50:09.0375 0924 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:50:09.0375 0924 WudfRd - ok
10:50:09.0406 0924 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
10:50:09.0406 0924 WudfSvc - ok
10:50:09.0468 0924 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
10:50:09.0468 0924 WZCSVC - ok
10:50:09.0484 0924 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
10:50:09.0484 0924 xmlprov - ok
10:50:09.0500 0924 zlportio - ok
10:50:09.0531 0924 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\WINDOWS\system32\drivers\zntport.sys
10:50:09.0531 0924 zntport - ok
10:50:09.0609 0924 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
10:50:09.0703 0924 \Device\Harddisk0\DR0 - ok
10:50:09.0703 0924 Boot (0x1200) (ca73c1dc64f9547ae2a9df312be9c042) \Device\Harddisk0\DR0\Partition0
10:50:09.0703 0924 \Device\Harddisk0\DR0\Partition0 - ok
10:50:09.0718 0924 ============================================================
10:50:09.0718 0924 Scan finished
10:50:09.0718 0924 ============================================================
10:50:09.0750 0900 Detected object count: 1
10:50:09.0750 0900 Actual detected object count: 1

#10 Příspěvek od **vyosek** » 02 dub 2012 09:57

Vyyyyborne, TDSSKiller nam toho dost polecil

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

sartaj · #11 Příspěvek od **sartaj** » 02 dub 2012 10:02

maly problemek kdyz startuju v nouzaku tak mi to nabidne uzivatele admin a administrator, ktery je ten spravny??

#12 Příspěvek od **vyosek** » 02 dub 2012 10:04

Ono neni treba CF delat v nouzovem rezimu. CF je tez v nouzaku malinko omezen, plna funkcnost je v normlanim rezimu

Spravny by mel byt administrator, ale pripadne zkuste oba

sartaj · #13 Příspěvek od **sartaj** » 02 dub 2012 10:12

Nevim jak vypnout Nod aby zmizela i jeho ikona vpravo dole u hodin. Slo udelat jen vypnout antivirovou atd.... ochranu. Staci to??

#14 Příspěvek od **vyosek** » 02 dub 2012 10:36

Staci vypnout jeho rezidentni ochranu, tak jak jste udelala. Pripadne kuk sem http://www.bleepingcomputer.com/forums/topic114351.html

sartaj · #15 Příspěvek od **sartaj** » 02 dub 2012 10:43

Prikladam log z kompo fixu. A jeste jedna vec, kdyz system po testech naskocil tak nod hned zahlasil infekci v run32.dll ale ze ji nemuze vylecit.

ComboFix 12-04-01.01 - Standa 02.04.2012 11:25:33.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3292.2766 [GMT 2:00]
Spuštěný z: c:\a lek\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Standa\WINDOWS
C:\Install.exe
c:\windows\Fonts\QyEUT.com
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\system32\allegro.dll
c:\windows\system32\dds_trash_log.cmd
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\GT680x.dll
c:\windows\system32\nalntservice.dll
c:\windows\system32\Packet.dll
c:\windows\system32\pktfilter.dll
c:\windows\system32\sit_mdm.dll
c:\windows\system32\sonicwall_netextender.dll
c:\windows\system32\sqlagent$soshome22.dll
c:\windows\system32\websensecamserver.dll
c:\windows\system32\wpcap.dll
c:\windows\Tasks\At25.job
c:\windows\Tasks\At28.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-02 do 2012-04-02 )))))))))))))))))))))))))))))))
.
.
2012-04-02 08:47 . 2012-04-02 08:47 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-02 07:21 . 2012-04-02 07:24 -------- d-----w- c:\documents and settings\Administrator
2012-04-02 07:14 . 2012-04-02 07:14 -------- d-----w- c:\documents and settings\Standa\Data aplikací\Antivirus Protection
2012-03-28 11:45 . 2010-06-16 15:01 59464 ----a-w- c:\windows\system32\drivers\RT-USB.SYS
2012-03-28 11:44 . 2012-03-29 11:54 -------- d-----w- C:\Auto-diagnostika
2012-03-06 07:17 . 2012-04-02 07:37 -------- d-----w- c:\program files\trend micro
2012-03-06 07:17 . 2012-03-06 07:18 -------- d-----w- C:\rsit
2012-03-05 11:26 . 2012-03-05 10:44 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-03-05 10:46 . 2012-03-05 10:46 -------- d-----w- c:\documents and settings\LocalService\Plocha
2012-03-05 10:44 . 2012-03-05 10:44 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-03-05 10:40 . 2011-12-23 06:12 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-03-05 10:39 . 2012-03-05 10:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2012-03-05 10:39 . 2012-03-05 10:39 -------- d-----w- c:\program files\Lavasoft
2012-03-05 10:06 . 2012-03-05 10:06 -------- d-----w- c:\documents and settings\Standa\Data aplikací\Malwarebytes
2012-03-05 10:06 . 2012-03-05 10:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-03-05 10:06 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-05 10:06 . 2012-03-05 10:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-02 09:34 . 2011-01-23 21:03 17488 ----a-w- c:\windows\gdrv.sys
2012-04-02 08:48 . 2004-08-17 13:43 188288 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-04-02 08:48 . 2004-08-03 20:59 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2012-03-29 05:27 . 2004-08-17 13:49 26112 ----a-w- c:\windows\system32\userinit.exe
2012-02-21 06:38 . 2011-05-18 05:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:57 . 2004-08-17 13:44 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:07 . 2012-02-15 06:12 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2011-01-21 20:45 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-02-25 18791456]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 144920]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Standa\Nabídka Start\Programy\Po spuštění\
DOSPRN.lnk - c:\program files\DOSPRN\DOSprn.exe [2011-1-24 815104]
RT-Updater.lnk - c:\auto-diagnostika\vagcom.exe [2012-3-1 1278272]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
ADnews.lnk - c:\auto-diagnostika\ADnews.exe [2012-2-2 739200]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Service Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2011-11-01 14:40 1053056 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
2011-10-19 13:53 190768 ----a-w- c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Služba Acronis Scheduler2"="c:\program files\Common Files\Acronis\Plán2\schedhlp.exe"
"TrueImageMonitor.exe"=c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe"
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"PsaStart"=c:\applic\ddc\bin\psastart.exe c:\applic\ddc\bin\psaagent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\APP\\PPS\\mozilla.exe"=
"c:\\APPLIC\\Portail\\mozilla.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"=
"c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\pemicro\\prog08sz\\prog08sz.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Air Live IP Wizard II\\IPWizardII.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5.3.2012 12:40 64512]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [19.7.2011 7:42 911680]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [23.1.2011 22:53 19496]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [11.10.2011 7:42 232512]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [27.1.2011 11:58 33824]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [19.7.2011 7:42 2480048]
R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [15.10.2009 15:06 223464]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [23.1.2011 22:44 68136]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\app\FIREBIRD\bin\fbguard.exe -s --> c:\app\FIREBIRD\bin\fbguard.exe -s [?]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [23.12.2011 8:12 2152152]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5.3.2012 12:06 652360]
R2 MSSQL$SFN;MSSQL$SFN;c:\program files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlservr.exe -sSFN --> c:\program files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlservr.exe -sSFN [?]
R2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [24.1.2011 8:11 9728]
R2 PEDRV;P&E Microcomputer System PCI Driver.;c:\windows\system32\drivers\pedrv.sys [16.10.2009 16:28 28080]
R2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [11.7.2008 2:02 328992]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [25.2.2010 11:59 1047880]
R2 WorkshopDBService;WorkshopDBService;c:\progra~1\VIVIDW~1\WORKSH~1.EXE -zglaxservice WorkshopDBService --> c:\progra~1\VIVIDW~1\WORKSH~1.EXE -zglaxservice WorkshopDBService [?]
R3 adatadrv;Autodata Protection Service;c:\windows\system32\drivers\adatadrv.sys [15.2.2011 15:09 762112]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [19.7.2011 7:42 160288]
R3 BrUsbScn;Ovladač skeneru Brother MFC USB;c:\windows\system32\drivers\BrUsbScn.sys [24.1.2011 9:27 10368]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\app\FIREBIRD\bin\fbserver.exe -s --> c:\app\FIREBIRD\bin\fbserver.exe -s [?]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5.3.2012 12:06 20464]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\drivers\PciPPorts.sys [23.1.2011 23:00 82944]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\drivers\PciSPorts.sys [23.1.2011 23:00 115200]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25.2.2010 11:18 10064]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [23.1.2011 22:41 1691480]
S3 AMTCAR;Amt-Cartech System Driver (AmtCar.Sys);c:\windows\system32\drivers\AmtCar.sys [14.5.2010 12:40 31712]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 CTU2K;CTU2K.SYS CTU2K device driver;c:\windows\system32\drivers\CTU2K.sys [24.1.2011 12:20 24197]
S3 ezusb;ezusb;c:\windows\system32\drivers\ezusb.sys [16.9.2002 12:43 15360]
S3 FTD2XX;VAGUSB.sys VAG-Com USB driver;c:\windows\system32\drivers\VAGUSB.sys [24.1.2011 12:19 25596]
S3 HS4l;Handyscope HS4 driver (before renumeration);c:\windows\system32\drivers\HS4l.sys [12.5.2011 13:37 18944]
S3 HS4r;Handyscope HS4 driver;c:\windows\system32\drivers\HS4r.sys [12.5.2011 13:37 19840]
S3 jlink;J-Link driver;c:\windows\system32\drivers\jlink.sys [7.10.2011 8:15 14208]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [23.12.2011 8:12 15232]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [13.12.2011 8:16 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [13.12.2011 8:16 8576]
S3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [28.3.2012 13:45 59464]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [20.1.2012 12:10 14592]
S3 SQLAgent$SFN;SQLAgent$SFN;c:\program files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlagent.EXE -i SFN --> c:\program files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlagent.EXE -i SFN [?]
S3 VCommUSB;Service for ACTIA USB Devices;c:\windows\system32\drivers\VCommUSB.sys [24.1.2011 13:57 40576]
S3 zlportio;zlportio;\??\z:\car\Dashboard\Utility\Calculators\Licznik 8 novy !!!!\Licznik 8\licznic686\licznik8\zlportio.sys --> z:\car\Dashboard\Utility\Calculators\Licznik 8 novy !!!!\Licznik 8\licznic686\licznik8\zlportio.sys [?]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
W8335XP
emu10k
NOWMEMDF
c-dillacdac11ba
s217unic
pdlncbas
MegaSR
ivscheduler
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-12-23 10:44]
.
2012-04-02 c:\windows\Tasks\FMYGONIYV.job
- c:\windows\system32\ati2dvaak.dll [2012-02-08 06:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: {336C9D79-263A-4D75-AA7C-60DAF945AE67} - hxxp://178.72.207.174/classes/OvisLinkCamV_H264.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-29681327.sys
SafeBoot-65430799.sys
AddRemove-JOVYUSB&10C4&EA61 - c:\program files\jovy\usb\DriverUninstaller.exe USBXpress\JOVYUSB&10C4&EA61
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-02 11:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-854245398-1450960922-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{442806E0-DBCA-6158-9848-EA2FB23525C5}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abonfjpdhepeklgdbmdpgkfkoofamjcebj"=hex:61,61,00,a7
"majngadppkejafbpbgdjbaiakl"=hex:61,61,00,a7
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3976)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Acronis\Plán2\schedul2.exe
c:\windows\system32\crypserv.exe
c:\app\FIREBIRD\bin\fbguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft SQL Server\MSSQL$SFN\Binn\sqlservr.exe
c:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
c:\progra~1\VIVIDW~1\WORKSH~1.EXE
c:\program files\Vivid WorkshopData ATI\jre\bin\java.exe
c:\windows\system32\BRMFRSMG.EXE
c:\windows\RTHDCPL.EXE
c:\app\FIREBIRD\bin\fbserver.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2012-04-02 11:40:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-02 09:40
.
Před spuštěním: Volných bajtů: 397 262 442 496
Po spuštění: Volných bajtů: 393 962 856 448
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 505115F90E9F0FC65C12A9EA668C3AF6

VIRY.CZ

Presmerovavani na jine www stranky a nekolik trojanu, pomoc!

Presmerovavani na jine www stranky a nekolik trojanu, pomoc!

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po

Re: Presmerovavani na jine www stranky a nekolik trojanu, po