VIRY.CZ

Ahoj,

už nějakou dobu bylo PC značně zpomalené, ale nějak zvlášť jsem to neřešil. Od včerejška se mi několikrát totálně vyplo bez jakéhokoliv varování. Prosím tedy o kontrolu logu.

Díky.

Logfile of random's system information tool 1.09 (written by random/random)
Run by radek at 2012-04-10 15:36:28
Microsoft® Windows Vista™ Ultimate
System drive C: has 2 GB (2%) free of 153 GB
Total RAM: 2046 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:40, on 10.4.2012
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ESET\UpdateReminder.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Switcher\Switcher.exe
C:\Programs\Desktops\Desktops.exe
C:\Windows\System32\rundll32.exe
C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHAE.EXE
C:\Users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\radek\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\wuauclt.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\radek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*;127.0.0.1:9421;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Windows\WebIE.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocnik pro prihlaseni ke sluzbe Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Windows\WebIE.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKLM\..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Switcher] "C:\Program Files\Switcher\Switcher.exe" /quiet
O4 - HKCU\..\Run: [Sysinternals Desktops] C:\Programs\Desktops\Desktops.exe
O4 - HKCU\..\Run: [appHelpInterval] rundll32.exe "C:\Users\radek\AppData\Local\EapEventserv\appHelpInterval.dll",appobjUI AsyncUser80
O4 - HKCU\..\Run: [Google Update] "C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /autorun /autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [EPSONE7E783 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\radek\AppData\Local\Temp\E_SB8A1.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [RegistryWm] C:\Windows\system32\config\systemprofile\AppData\Roaming\qtwm.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RegistryWm] C:\Windows\system32\config\systemprofile\AppData\Roaming\qtwm.exe (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Startup: Dropbox.lnk = C:\Users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Windows\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit prekladac - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovnik - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Prelozit &oznaceny text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Prelozit &stranku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.vexcast.com/download/vexcast.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Sluzba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sluzba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: wampapache - Apache Software Foundation - c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\programs\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 13934 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "extensions.enabledItems" - "{ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.96, {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:1.4, {e496ecc2-92a4-48d0-a1d3-753875a6846d}:2.1.22, jsobrier@zscaler.com:1.5, {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7, {258735dc-6743-4805-95fc-f95941fffdad}:1.3.6, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.0.2, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2, firefox@ghostery.com:2.5.3, {582195F5-92E7-40a0-A127-DB71295901D7}:0.6.4.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.6, {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6, {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03, {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.6.12, moveplayer@movenetworks.com:1.0.0.%(version)s, maps@ovi.com:5.2.7.0, {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.3, xmpp4moz@hyperstruct.net:0.7.2.2010020221, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.228 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa2,version=2.0.0]
"Description"=Picasa2 plugin
"Path"=C:\Program Files\Picasa2\npPicasa2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Picasa2\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@movenetworks.com/Quantum Media Player]
"Description"=npmnqmp
"Path"=C:\Users\radek\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0]
"Description"=Rhapsody Control
"Path"=C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.16]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll

C:\Program Files\Mozilla Firefox\extensions\
adapter@babylontc.com
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIMediaPlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppl3260.dll
nppstart.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
NPTURNMED.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
quiz.txt
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default\extensions\
firefox@ghostery.com
jsobrier@zscaler.com
maps@ovi.com
xmpp4moz@hyperstruct.net
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
{1de0de3c-0b5c-4f67-90c6-689623894991}
{258735dc-6743-4805-95fc-f95941fffdad}
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
{582195F5-92E7-40a0-A127-DB71295901D7}
{61ED2A9A-39EB-4AAF-BD14-06DFBE8880C3}
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
{ca0849e8-2c76-42ae-9abe-34e14d337acf}
{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
{e496ecc2-92a4-48d0-a1d3-753875a6846d}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default\searchplugins\
hyperwords.xml
slovnk-encz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07A11D74-9D25-4fea-A833-8B0D76A5577A}]
CmjBrowserHelperObject Object - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2007-05-18 71184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Windows\WebIE.dll [2007-11-19 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-05-20 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-05 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}]
Babylon IE plugin - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2011-06-20 242288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-05 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files\Hotspot Shield\hssie\HssIE.dll [2009-09-14 218160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Windows\WebIE.dll [2007-11-19 491520]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-11-16 949376]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-05-20 185896]
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe [2011-07-18 462848]
"mumservice"=C:\Program Files\Motorola\Software Update\mumservice.exe [2011-06-03 1066304]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-11-17 171464]
"Switcher"=C:\Program Files\Switcher\Switcher.exe [2007-10-28 425984]
"Sysinternals Desktops"=C:\Programs\Desktops\Desktops.exe [2008-08-21 118824]
"appHelpInterval"=C:\Users\radek\AppData\Local\EapEventserv\appHelpInterval.dll [2010-10-28 81920]
"Google Update"=C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26 136176]
"Infium"=C:\Program Files\QIP Infium\infium.exe [2009-03-25 5245440]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"EPSONE7E783 (Epson Stylus SX430)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2012-03-02 212480]

C:\Users\radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Dropbox.lnk - C:\Users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-11-16 233888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\uusee\UUSeePlayer.exe"="C:\Program Files\uusee\UUSeePlayer.exe:*:Enabled:UUSEE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.ACDV"=ACDV.dll
"msacm.msaudio1"=msaud32.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.mjpg"=pvmjpg30.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.sl_anet"=sl_anet.acm

======File associations======

.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-04-10 15:36:28 ----D---- C:\rsit
2012-04-10 09:15:56 ----D---- C:\Users\radek\AppData\Roaming\vlc
2012-04-09 16:29:07 ----ASH---- C:\Windows\system32\dds_trash_log.cmd
2012-04-09 16:27:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-04-05 14:34:36 ----A---- C:\Windows\system32\javaws.exe
2012-04-05 14:34:36 ----A---- C:\Windows\system32\javaw.exe
2012-04-05 14:34:36 ----A---- C:\Windows\system32\java.exe
2012-03-29 13:56:40 ----D---- C:\Users\radek\AppData\Roaming\pdfforge
2012-03-29 13:56:34 ----A---- C:\Windows\system32\MSMPIDE.DLL
2012-03-28 22:57:43 ----D---- C:\Program Files\Babylon
2012-03-28 22:57:22 ----D---- C:\Users\radek\AppData\Roaming\Babylon
2012-03-28 22:57:22 ----D---- C:\ProgramData\Babylon
2012-03-28 22:57:17 ----D---- C:\Program Files\Pdf Editor
2012-03-28 22:57:10 ----A---- C:\Windows\unins000.exe
2012-03-28 22:57:10 ----A---- C:\Windows\unins000.dat
2012-03-28 22:56:23 ----D---- C:\Program Files\AVI to MP4 Converter
2012-03-22 21:12:12 ----A---- C:\Windows\system32\GPhotos.scr
2012-03-22 11:08:32 ----A---- C:\Windows\system32\pdfcmon.dll

======List of files/folders modified in the last 1 month======

2012-04-10 15:36:40 ----D---- C:\Program Files\Trend Micro
2012-04-10 15:36:31 ----D---- C:\Windows\TEMP
2012-04-10 15:36:19 ----D---- C:\Downloads
2012-04-10 15:29:48 ----D---- C:\Windows\system32\FxsTmp
2012-04-10 15:29:19 ----D---- C:\Users\radek\AppData\Roaming\Dropbox
2012-04-10 15:28:58 ----D---- C:\Users\radek\AppData\Roaming\Skype
2012-04-10 15:28:52 ----D---- C:\Windows\Prefetch
2012-04-10 15:27:44 ----D---- C:\Program Files\Common Files\Akamai
2012-04-10 15:26:39 ----D---- C:\Windows\system32\drivers
2012-04-10 15:20:35 ----AD---- C:\ProgramData\TEMP
2012-04-10 15:04:30 ----D---- C:\CAAF
2012-04-10 10:43:29 ----D---- C:\Program Files\Common Files\AVSMedia
2012-04-10 10:43:27 ----D---- C:\Program Files\AVS4YOU
2012-04-10 10:42:56 ----SHD---- C:\System Volume Information
2012-04-10 10:34:43 ----RD---- C:\Program Files
2012-04-10 10:16:33 ----D---- C:\Windows\inf
2012-04-10 09:15:24 ----D---- C:\Windows\system32\catroot2
2012-04-10 00:49:49 ----D---- C:\Windows\System32
2012-04-10 00:43:46 ----D---- C:\Programs
2012-04-10 00:33:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-10 00:29:28 ----SHD---- C:\Windows\Installer
2012-04-10 00:29:18 ----D---- C:\Users\radek\AppData\Roaming\Mozilla
2012-04-09 21:31:48 ----D---- C:\Users\radek\AppData\Roaming\Azureus
2012-04-09 19:30:03 ----D---- C:\Music
2012-04-09 18:26:05 ----HD---- C:\ProgramData
2012-04-09 18:21:51 ----D---- C:\!tisk
2012-04-09 17:39:24 ----D---- C:\Panthers
2012-04-09 17:00:25 ----D---- C:\Program Files\RapidShareManager
2012-04-09 16:27:56 ----D---- C:\Windows\system32\Tasks
2012-04-09 16:27:55 ----D---- C:\Windows\Tasks
2012-04-09 16:27:47 ----D---- C:\Program Files\Mozilla Firefox
2012-04-09 16:27:40 ----AD---- C:\Windows
2012-04-09 16:04:48 ----D---- C:\Windows\winsxs
2012-04-08 19:16:41 ----D---- C:\Program Files\ffdshow
2012-04-08 19:04:05 ----D---- C:\Other
2012-04-06 13:13:13 ----D---- C:\Program Files\Picasa2
2012-04-06 12:40:30 ----D---- C:\Users\radek\AppData\Roaming\FileZilla
2012-04-06 11:24:15 ----D---- C:\IMEX
2012-04-05 14:35:10 ----D---- C:\Program Files\Common Files\Java
2012-04-05 14:34:19 ----A---- C:\Windows\system32\deployJava1.dll
2012-04-05 14:34:08 ----D---- C:\Program Files\Java
2012-04-05 01:12:56 ----D---- C:\TASFB
2012-04-04 10:23:54 ----D---- C:\TASFBC
2012-03-29 13:56:49 ----D---- C:\Program Files\PDFCreator
2012-03-24 00:07:12 ----D---- C:\Football
2012-03-23 13:09:36 ----D---- C:\IES
2012-03-19 19:51:00 ----D---- C:\Users\radek\AppData\Roaming\Epson
2012-03-19 16:20:22 ----RD---- C:\Program Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2006-11-02 121960]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-23 43872]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2007-11-18 685816]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 nod32drv;nod32drv; C:\Windows\system32\drivers\nod32drv.sys [2007-11-16 15424]
R2 AMON;AMON; C:\Windows\system32\drivers\amon.sys [2007-11-16 512096]
R2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-10 113664]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-04 3847168]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-29 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-05-01 160768]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2009-09-15 37376]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NETw4v32;Ovladaи adaptйru Intel(R) Wireless WiFi Link pro systйm Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2007-11-18 10368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-03-28 42496]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-09-25 27632]
R3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2009-09-15 32768]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S2 TimerStop;TimerStop; \??\C:\Windows\system32\timerstop.sys [2007-01-27 3584]
S3 AF15BDA;AF9015 BDA Filter; C:\Windows\System32\Drivers\AF15BDA.sys [2006-09-28 283776]
S3 aj8gilkx;aj8gilkx; C:\Windows\system32\drivers\aj8gilkx.sys []
S3 BTCFilterService;USB Networking Driver Filter Service; C:\Windows\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-09-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-09-25 25512]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-11-30 25280]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 motccgp;Motorola USB Composite Device Driver; C:\Windows\system32\DRIVERS\motccgp.sys [2011-04-04 20480]
S3 motccgpfl;MotCcgpFlService; C:\Windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320]
S3 MotDev;Motorola Inc. USB Device; C:\Windows\system32\DRIVERS\motodrv.sys [2009-05-08 42752]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2011-03-31 24064]
S3 MotoSwitchService;MotoSwitch Service; C:\Windows\system32\DRIVERS\motswch.sys [2007-11-02 6400]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\Windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 23424]
S3 motusbdevice;Motorola USB Dev Driver; C:\Windows\system32\DRIVERS\motusbdevice.sys [2011-02-07 11008]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-01-25 42000]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-22 28592]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2006-11-02 16896]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2006-11-02 19968]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-04 692224]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2009-09-15 331824]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MotoHelper;MotoHelper Service; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [2011-04-26 223088]
R2 nipsvc;Mqdmmdm; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-11-16 552064]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-30 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-01-31 158856]
S2 vvdsvc;VJVodClientServices; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 253600]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-10 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-30 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-09-15 57640]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-01-25 93048]
S3 wampapache;wampapache; c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\programs\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

Posílám log a soubory dle instrukcí. Zabalené logy z obou programů jsou v jednom archivu, fórum mi nedovolí uploadovat více než jeden soubor.

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows Vista  (32 bit)
PROCESSOR      : x86 Family 6 Model 15 Stepping 10, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/04/10 (ISO 8601) at 16:11:58
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD1600BEVS-07RST0 (04.01G04)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	149.1 Go  [Fixed] ==> Vista MBR Code .

MBR_MD5   : 5C8EEE858A9CADDA6F54E27BF23BBB37
MBR_SHA1  : ADA2DAF1D053AC85BB6E98043B74392F0F45FED3

Device\Harddisk0\Partition1	149.0 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x89469000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_msahci.sys => Invisible on the disk
ADDRESS : 0x8ABC1000
SIZE    : 36.0 Ko

SystemStartOptions : /NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 10 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1E FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 0F 85 0C 00 80 7E 00 80 0F 84 8A 00 B2 80   N......~......².
0x000000B0   EB 82 55 32 E4 8A 56 00 CD 13 5D EB 9C 81 3E FE   ë.U2ä.V.Í.]ë..>þ
0x000000C0   7D 55 AA 75 6E FF 76 00 E8 8A 00 0F 85 15 00 B0   }Uªun.v.è......°
0x000000D0   D1 E6 64 E8 7F 00 B0 DF E6 60 E8 78 00 B0 FF E6   Ñædè..°ßæ`èx.°.æ
0x000000E0   64 E8 71 00 B8 00 BB CD 1A 66 23 C0 75 3B 66 81   dèq.¸.»Í.f#Àu;f.
0x000000F0   FB 54 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07   ûTCPAu2.ù..r,fh.
0x00000100   BB 00 00 66 68 00 02 00 00 66 68 08 00 00 00 66   »..fh....fh....f
0x00000110   53 66 53 66 55 66 68 00 00 00 00 66 68 00 7C 00   SfSfUfh....fh.|.
0x00000120   00 66 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00   .fah...Í.Z2öê.|.
0x00000130   00 CD 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07   .Í..·.ë..¶.ë..µ.
0x00000140   32 E4 05 00 07 8B F0 AC 3C 00 74 FC BB 07 00 B4   2ä....ð¬<.tü»..´
0x00000150   0E CD 10 EB F2 2B C9 E4 64 EB 00 24 02 E0 F8 24   .Í.ëò+Éädë.$.àø$
0x00000160   02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 74   .ÃInvalid partit
0x00000170   69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 20   ion table.Error 
0x00000180   6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E   loading operatin
0x00000190   67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E 67   g system.Missing
0x000001A0   20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65    operating syste
0x000001B0   6D 00 00 00 00 62 7A 99 A3 2D E3 12 00 00 80 20   m....bz.£-ã.... 
0x000001C0   21 00 07 FE FF FF 00 08 00 00 00 88 A1 12 00 00   !..þ........¡...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    33c0            XOR AX, AX   
0x0002    8ed0            MOV SS, AX   
0x0004    bc 007c         MOV SP, 0x7c00   
0x0007    8ec0            MOV ES, AX   
0x0009    8ed8            MOV DS, AX   
0x000B    be 007c         MOV SI, 0x7c00   
0x000E    bf 0006         MOV DI, 0x600   
0x0011    b9 0002         MOV CX, 0x200   
0x0014    fc              CLD   
0x0015    f3 a4           REP MOVSB   
0x0017    50              PUSH AX   
0x0018    68 1c06         PUSH 0x61c   
0x001B    cb              RETF   
0x001C    fb              STI   
0x001D    b9 0400         MOV CX, 0x4   
0x0020    bd be07         MOV BP, 0x7be   
0x0023    807e 00 00      CMP BYTE [BP+0x0], 0x0   
0x0027    7c 0b           JL 0x34   
0x0029    0f85 1001       JNZ 0x13d   
0x002D    83c5 10         ADD BP, 0x10   
0x0030    e2 f1           LOOP 0x23   
0x0032    cd 18           INT 0x18   
0x0034    8856 00         MOV [BP+0x0], DL   
0x0037    55              PUSH BP   
0x0038    c646 11 05      MOV BYTE [BP+0x11], 0x5   
0x003C    c646 10 00      MOV BYTE [BP+0x10], 0x0   
0x0040    b4 41           MOV AH, 0x41   
0x0042    bb aa55         MOV BX, 0x55aa   
0x0045    cd 13           INT 0x13   
0x0047    5d              POP BP   
0x0048    72 0f           JB 0x59   
0x004A    81fb 55aa       CMP BX, 0xaa55   
0x004E    75 09           JNZ 0x59   
0x0050    f7c1 0100       TEST CX, 0x1   
0x0054    74 03           JZ 0x59   
0x0056    fe46 10         INC BYTE [BP+0x10]   
0x0059    66 60           PUSHAD   
0x005B    807e 10 00      CMP BYTE [BP+0x10], 0x0   
0x005F    74 26           JZ 0x87   
0x0061    66 68 00000000  PUSH 0x0   
0x0067    66 ff76 08      PUSH DWORD [BP+0x8]   
0x006B    68 0000         PUSH 0x0   
0x006E    68 007c         PUSH 0x7c00   
0x0071    68 0100         PUSH 0x1   
0x0074    68 1000         PUSH 0x10   
0x0077    b4 42           MOV AH, 0x42   
0x0079    8a56 00         MOV DL, [BP+0x0]   
0x007C    8bf4            MOV SI, SP   
0x007E    cd 13           INT 0x13   
0x0080    9f              LAHF   
0x0081    83c4 10         ADD SP, 0x10   
0x0084    9e              SAHF   
0x0085    eb 14           JMP 0x9b   
0x0087    b8 0102         MOV AX, 0x201   
0x008A    bb 007c         MOV BX, 0x7c00   
0x008D    8a56 00         MOV DL, [BP+0x0]   
0x0090    8a76 01         MOV DH, [BP+0x1]   
0x0093    8a4e 02         MOV CL, [BP+0x2]   
0x0096    8a6e 03         MOV CH, [BP+0x3]   
0x0099    cd 13           INT 0x13   
0x009B    66 61           POPAD   
0x009D    73 1e           JAE 0xbd   
0x009F    fe4e 11         DEC BYTE [BP+0x11]   
0x00A2    0f85 0c00       JNZ 0xb2   
0x00A6    807e 00 80      CMP BYTE [BP+0x0], 0x80   
0x00AA    0f84 8a00       JZ 0x138   
0x00AE    b2 80           MOV DL, 0x80   
0x00B0    eb 82           JMP 0x34   
0x00B2    55              PUSH BP   
0x00B3    32e4            XOR AH, AH   
0x00B5    8a56 00         MOV DL, [BP+0x0]   
0x00B8    cd 13           INT 0x13   
0x00BA    5d              POP BP   
0x00BB    eb 9c           JMP 0x59   
0x00BD    813e fe7d 55aa  CMP WORD [0x7dfe], 0xaa55   
0x00C3    75 6e           JNZ 0x133   
0x00C5    ff76 00         PUSH WORD [BP+0x0]   
0x00C8    e8 8a00         CALL 0x155   
0x00CB    0f85 1500       JNZ 0xe4   
0x00CF    b0 d1           MOV AL, 0xd1   
0x00D1    e6 64           OUT 0x64, AL   
0x00D3    e8 7f00         CALL 0x155   
0x00D6    b0 df           MOV AL, 0xdf   
0x00D8    e6 60           OUT 0x60, AL   
0x00DA    e8 7800         CALL 0x155   
0x00DD    b0 ff           MOV AL, 0xff   
0x00DF    e6 64           OUT 0x64, AL   
0x00E1    e8 7100         CALL 0x155   
0x00E4    b8 00bb         MOV AX, 0xbb00   
0x00E7    cd 1a           INT 0x1a   
0x00E9    66 23c0         AND EAX, EAX   
0x00EC    75 3b           JNZ 0x129   
0x00EE    66 81fb 54435041CMP EBX, 0x41504354   
0x00F5    75 32           JNZ 0x129   
0x00F7    81f9 0201       CMP CX, 0x102   
0x00FB    72 2c           JB 0x129   
0x00FD    66 68 07bb0000  PUSH 0xbb07   
0x0103    66 68 00020000  PUSH 0x200   
0x0109    66 68 08000000  PUSH 0x8   
0x010F    66 53           PUSH EBX   
0x0111    66 53           PUSH EBX   
0x0113    66 55           PUSH EBP   
0x0115    66 68 00000000  PUSH 0x0   
0x011B    66 68 007c0000  PUSH 0x7c00   
0x0121    66 61           POPAD   
0x0123    68 0000         PUSH 0x0   
0x0126    07              POP ES   
0x0127    cd 1a           INT 0x1a   
0x0129    5a              POP DX   
0x012A    32f6            XOR DH, DH   
0x012C    ea 007c 0000    JMP FAR 0x0:0x7c00   
0x0131    cd 18           INT 0x18   
0x0133    a0 b707         MOV AL, [0x7b7]   
0x0136    eb 08           JMP 0x140   
0x0138    a0 b607         MOV AL, [0x7b6]   
0x013B    eb 03           JMP 0x140   
0x013D    a0 b507         MOV AL, [0x7b5]   
0x0140    32e4            XOR AH, AH   
0x0142    05 0007         ADD AX, 0x700   
0x0145    8bf0            MOV SI, AX   
0x0147    ac              LODSB   
0x0148    3c 00           CMP AL, 0x0   
0x014A    74 fc           JZ 0x148   
0x014C    bb 0700         MOV BX, 0x7   
0x014F    b4 0e           MOV AH, 0xe   
0x0151    cd 10           INT 0x10   
0x0153    eb f2           JMP 0x147   
0x0155    2bc9            SUB CX, CX   
0x0157    e4 64           IN AL, 0x64   
0x0159    eb 00           JMP 0x15b   
0x015B    24 02           AND AL, 0x2   
0x015D    e0 f8           LOOPNZ 0x157   
0x015F    24 02           AND AL, 0x2   
0x0161    c3              RET   
0x0162    49              DEC CX   
0x0163    6e              OUTSB   
0x0164    76 61           JBE 0x1c7   
0x0166    6c              INSB   
0x0167    6964 20 7061    IMUL SP, [SI+0x20], 0x6170   
0x016C    72 74           JB 0x1e2   
0x016E    6974 69 6f6e    IMUL SI, [SI+0x69], 0x6e6f   
0x0173    2074 61         AND [SI+0x61], DH   
0x0176    626c 65         BOUND BP, [SI+0x65]   
0x0179    0045 72         ADD [DI+0x72], AL   
0x017C    72 6f           JB 0x1ed   
0x017E    72 20           JB 0x1a0   
0x0180    6c              INSB   
0x0181    6f              OUTSW   
0x0182    61              POPA   
0x0183    64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20   
0x0189    70 65           JO 0x1f0   
0x018B    72 61           JB 0x1ee   
0x018D    74 69           JZ 0x1f8   
0x018F    6e              OUTSB   
0x0190    67 2073 79      AND [EBX+0x79], DH   
0x0194    73 74           JAE 0x20a   
0x0196    65 6d           INS WORD GS:[DI], DX   
0x0198    004d 69         ADD [DI+0x69], CL   
0x019B    73 73           JAE 0x210   
0x019D    696e 67 206f    IMUL BP, [BP+0x67], 0x6f20   
0x01A2    70 65           JO 0x209   
0x01A4    72 61           JB 0x207   
0x01A6    74 69           JZ 0x211   
0x01A8    6e              OUTSB   
0x01A9    67 2073 79      AND [EBX+0x79], DH   
0x01AD    73 74           JAE 0x223   
0x01AF    65 6d           INS WORD GS:[DI], DX   
0x01B1    0000            ADD [BX+SI], AL   
0x01B3    0000            ADD [BX+SI], AL   
0x01B5    627a 99         BOUND DI, [BP+SI-0x67]   
0x01B8    a3 2de3         MOV [0xe32d], AX   
0x01BB    1200            ADC AL, [BX+SI]   
0x01BD    0080 2021       ADD [BX+SI+0x2120], AL   
0x01C1    0007            ADD [BX], AL   
0x01C3    fe              DB 0xfe   
0x01C4    ff              DB 0xff   
0x01C5    ff00            INC WORD [BX+SI]   
0x01C7    0800            OR [BX+SI], AL   
0x01C9    0000            ADD [BX+SI], AL   
0x01CB    88a1 1200       MOV [BX+DI+0x12], AH   
0x01CF    0000            ADD [BX+SI], AL   
0x01D1    0000            ADD [BX+SI], AL   
0x01D3    0000            ADD [BX+SI], AL   
0x01D5    0000            ADD [BX+SI], AL   
0x01D7    0000            ADD [BX+SI], AL   
0x01D9    0000            ADD [BX+SI], AL   
0x01DB    0000            ADD [BX+SI], AL   
0x01DD    0000            ADD [BX+SI], AL   
0x01DF    0000            ADD [BX+SI], AL   
0x01E1    0000            ADD [BX+SI], AL   
0x01E3    0000            ADD [BX+SI], AL   
0x01E5    0000            ADD [BX+SI], AL   
0x01E7    0000            ADD [BX+SI], AL   
0x01E9    0000            ADD [BX+SI], AL   
0x01EB    0000            ADD [BX+SI], AL   
0x01ED    0000            ADD [BX+SI], AL   
0x01EF    0000            ADD [BX+SI], AL   
0x01F1    0000            ADD [BX+SI], AL   
0x01F3    0000            ADD [BX+SI], AL   
0x01F5    0000            ADD [BX+SI], AL   
0x01F7    0000            ADD [BX+SI], AL   
0x01F9    0000            ADD [BX+SI], AL   
0x01FB    0000            ADD [BX+SI], AL   
0x01FD    0055 aa         ADD [DI-0x56], DL

S Matlabem si poslední dva měsíce intenzivně hraju, je to vpohodě, ale nedá se říct, že by mě to nějak extrémně bavilo

Log:

Kód: Vybrat vše


16:16:06.0265 1908	TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
16:16:06.0518 1908	============================================================
16:16:06.0518 1908	Current date / time: 2012/04/11 16:16:06.0518
16:16:06.0518 1908	SystemInfo:
16:16:06.0518 1908	
16:16:06.0519 1908	OS Version: 6.0.6000 ServicePack: 0.0
16:16:06.0519 1908	Product type: Workstation
16:16:06.0519 1908	ComputerName: SALAT-V5545
16:16:06.0519 1908	UserName: radek
16:16:06.0519 1908	Windows directory: C:\Windows
16:16:06.0519 1908	System windows directory: C:\Windows
16:16:06.0519 1908	Processor architecture: Intel x86
16:16:06.0519 1908	Number of processors: 2
16:16:06.0519 1908	Page size: 0x1000
16:16:06.0519 1908	Boot type: Normal boot
16:16:06.0519 1908	============================================================
16:16:10.0221 1908	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:16:10.0233 1908	\Device\Harddisk0\DR0:
16:16:10.0234 1908	MBR used
16:16:10.0234 1908	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
16:16:10.0291 1908	Initialize success
16:16:10.0291 1908	============================================================
16:16:41.0731 5232	============================================================
16:16:41.0731 5232	Scan started
16:16:41.0731 5232	Mode: Manual; SigCheck; TDLFS; 
16:16:41.0731 5232	============================================================
16:16:46.0015 5232	ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
16:16:46.0319 5232	ABBYY.Licensing.FineReader.Sprint.9.0 - ok
16:16:46.0493 5232	ACPI            (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
16:16:46.0529 5232	ACPI - ok
16:16:46.0613 5232	AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:16:46.0625 5232	AdobeFlashPlayerUpdateSvc - ok
16:16:46.0704 5232	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
16:16:46.0749 5232	adp94xx - ok
16:16:46.0819 5232	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
16:16:46.0839 5232	adpahci - ok
16:16:46.0869 5232	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
16:16:46.0881 5232	adpu160m - ok
16:16:46.0908 5232	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
16:16:46.0922 5232	adpu320 - ok
16:16:46.0972 5232	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:16:47.0374 5232	AeLookupSvc - ok
16:16:47.0585 5232	AF15BDA         (639a9c2dab390769be8fa23854435876) C:\Windows\system32\Drivers\AF15BDA.sys
16:16:47.0711 5232	AF15BDA - ok
16:16:47.0783 5232	Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
16:16:47.0809 5232	Afc ( UnsignedFile.Multi.Generic ) - warning
16:16:47.0809 5232	Afc - detected UnsignedFile.Multi.Generic (1)
16:16:47.0873 5232	AFD             (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
16:16:47.0951 5232	AFD - ok
16:16:47.0996 5232	agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
16:16:48.0007 5232	agp440 - ok
16:16:48.0049 5232	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:16:48.0060 5232	aic78xx - ok
16:16:48.0259 5232	Akamai          (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll
16:16:48.0260 5232	Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
16:16:48.0270 5232	Akamai ( HiddenFile.Multi.Generic ) - warning
16:16:48.0270 5232	Akamai - detected HiddenFile.Multi.Generic (1)
16:16:48.0440 5232	ALG             (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
16:16:48.0482 5232	ALG - ok
16:16:48.0540 5232	aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
16:16:48.0550 5232	aliide - ok
16:16:48.0636 5232	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
16:16:48.0648 5232	amdagp - ok
16:16:48.0664 5232	amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
16:16:48.0675 5232	amdide - ok
16:16:48.0711 5232	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
16:16:48.0772 5232	AmdK7 - ok
16:16:48.0796 5232	AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
16:16:48.0856 5232	AmdK8 - ok
16:16:48.0917 5232	AMON            (687c3f2e78aeb209ade1cc265a2560bb) C:\Windows\system32\drivers\amon.sys
16:16:48.0961 5232	AMON - ok
16:16:49.0013 5232	Appinfo         (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
16:16:49.0078 5232	Appinfo - ok
16:16:49.0232 5232	Apple Mobile Device (a8aa9d47f971570a5162b862b80f87e8) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
16:16:49.0269 5232	Apple Mobile Device - ok
16:16:49.0539 5232	AppMgmt         (051e86735b71e8402aebc1d662f26ba2) C:\Windows\System32\appmgmts.dll
16:16:49.0617 5232	AppMgmt - ok
16:16:49.0693 5232	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
16:16:49.0705 5232	arc - ok
16:16:49.0786 5232	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
16:16:49.0797 5232	arcsas - ok
16:16:49.0848 5232	AsyncMac        (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
16:16:49.0905 5232	AsyncMac - ok
16:16:49.0952 5232	atapi           (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
16:16:49.0960 5232	atapi - ok
16:16:50.0033 5232	Ati External Event Utility (4604db6d5eca6362873cc3a76d2204ba) C:\Windows\system32\Ati2evxx.exe
16:16:50.0134 5232	Ati External Event Utility - ok
16:16:50.0305 5232	atikmdag        (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys
16:16:50.0604 5232	atikmdag - ok
16:16:50.0800 5232	AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
16:16:50.0891 5232	AudioEndpointBuilder - ok
16:16:50.0932 5232	Audiosrv        (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
16:16:50.0976 5232	Audiosrv - ok
16:16:51.0047 5232	Beep            (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
16:16:51.0117 5232	Beep - ok
16:16:51.0203 5232	BITS            (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
16:16:51.0464 5232	BITS - ok
16:16:51.0561 5232	blbdrive - ok
16:16:51.0640 5232	Bonjour Service (9efe4236f8670846b6e7c5b0eff6e715) C:\Program Files\Bonjour\mDNSResponder.exe
16:16:51.0655 5232	Bonjour Service - ok
16:16:51.0721 5232	bowser          (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
16:16:51.0783 5232	bowser - ok
16:16:51.0825 5232	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:16:51.0884 5232	BrFiltLo - ok
16:16:51.0908 5232	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:16:51.0980 5232	BrFiltUp - ok
16:16:52.0047 5232	Browser         (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
16:16:52.0108 5232	Browser - ok
16:16:52.0155 5232	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:16:52.0226 5232	Brserid - ok
16:16:52.0255 5232	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:16:52.0325 5232	BrSerWdm - ok
16:16:52.0360 5232	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:16:52.0411 5232	BrUsbMdm - ok
16:16:52.0438 5232	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
16:16:52.0515 5232	BrUsbSer - ok
16:16:52.0600 5232	BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
16:16:52.0704 5232	BTCFilterService - ok
16:16:52.0885 5232	BthEnum         (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
16:16:52.0960 5232	BthEnum - ok
16:16:53.0077 5232	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\DRIVERS\bthmodem.sys
16:16:53.0134 5232	BTHMODEM - ok
16:16:53.0174 5232	BthPan          (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
16:16:53.0266 5232	BthPan - ok
16:16:53.0320 5232	BTHPORT         (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
16:16:53.0351 5232	BTHPORT - ok
16:16:53.0389 5232	BthServ         (58ee7f5e68310bc8d4e7cebd8358c12e) C:\Windows\System32\bthserv.dll
16:16:53.0479 5232	BthServ - ok
16:16:53.0522 5232	BTHUSB          (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
16:16:53.0548 5232	BTHUSB - ok
16:16:53.0597 5232	cdfs            (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
16:16:53.0658 5232	cdfs - ok
16:16:53.0691 5232	cdrom           (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
16:16:53.0736 5232	cdrom - ok
16:16:53.0792 5232	CertPropSvc     (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
16:16:53.0851 5232	CertPropSvc - ok
16:16:53.0876 5232	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
16:16:53.0958 5232	circlass - ok
16:16:54.0002 5232	CLFS            (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
16:16:54.0020 5232	CLFS - ok
16:16:54.0097 5232	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:16:54.0112 5232	clr_optimization_v2.0.50727_32 - ok
16:16:54.0149 5232	CmBatt          (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
16:16:54.0207 5232	CmBatt - ok
16:16:54.0250 5232	cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
16:16:54.0261 5232	cmdide - ok
16:16:54.0288 5232	Compbatt        (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
16:16:54.0298 5232	Compbatt - ok
16:16:54.0312 5232	COMSysApp - ok
16:16:54.0329 5232	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
16:16:54.0341 5232	crcdisk - ok
16:16:54.0369 5232	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
16:16:54.0424 5232	Crusoe - ok
16:16:54.0474 5232	CryptSvc        (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
16:16:54.0530 5232	CryptSvc - ok
16:16:54.0575 5232	CSC             (ee95a5f89766f199557e5900ce6b2d7d) C:\Windows\system32\drivers\csc.sys
16:16:54.0629 5232	CSC - ok
16:16:54.0697 5232	CscService      (68131a9a8e3f0ab5136bf386f02a3fc7) C:\Windows\System32\cscsvc.dll
16:16:54.0781 5232	CscService - ok
16:16:54.0844 5232	DcomLaunch      (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
16:16:54.0960 5232	DcomLaunch - ok
16:16:55.0035 5232	DfsC            (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
16:16:55.0098 5232	DfsC - ok
16:16:55.0211 5232	DFSR            (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
16:16:55.0416 5232	DFSR - ok
16:16:55.0520 5232	Dhcp            (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
16:16:55.0577 5232	Dhcp - ok
16:16:55.0638 5232	disk            (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
16:16:55.0650 5232	disk - ok
16:16:55.0693 5232	Dnscache        (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
16:16:55.0779 5232	Dnscache - ok
16:16:55.0823 5232	dot3svc         (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
16:16:55.0880 5232	dot3svc - ok
16:16:55.0949 5232	DPS             (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
16:16:56.0009 5232	DPS - ok
16:16:56.0070 5232	drmkaud         (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
16:16:56.0127 5232	drmkaud - ok
16:16:56.0169 5232	DXGKrnl         (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
16:16:56.0238 5232	DXGKrnl - ok
16:16:56.0289 5232	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:16:56.0347 5232	E1G60 - ok
16:16:56.0387 5232	EapHost         (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
16:16:56.0447 5232	EapHost - ok
16:16:56.0487 5232	Ecache          (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
16:16:56.0501 5232	Ecache - ok
16:16:56.0607 5232	ehRecvr         (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
16:16:56.0672 5232	ehRecvr - ok
16:16:56.0693 5232	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
16:16:56.0719 5232	ehSched - ok
16:16:56.0751 5232	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
16:16:56.0776 5232	ehstart - ok
16:16:56.0852 5232	ElbyCDFL        (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
16:16:56.0879 5232	ElbyCDFL - ok
16:16:56.0925 5232	ElbyCDIO        (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
16:16:56.0935 5232	ElbyCDIO - ok
16:16:56.0995 5232	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
16:16:57.0015 5232	elxstor - ok
16:16:57.0101 5232	EMDMgmt         (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
16:16:57.0231 5232	EMDMgmt - ok
16:16:57.0310 5232	EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
16:16:57.0345 5232	EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
16:16:57.0345 5232	EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
16:16:57.0568 5232	EventSystem     (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
16:16:57.0620 5232	EventSystem - ok
16:16:57.0713 5232	fastfat         (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
16:16:57.0806 5232	fastfat - ok
16:16:57.0888 5232	Fax             (93f75490b02033df8edf4d7089c7e1d8) C:\Windows\system32\fxssvc.exe
16:16:57.0954 5232	Fax - ok
16:16:58.0023 5232	fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
16:16:58.0086 5232	fdc - ok
16:16:58.0141 5232	fdPHost         (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
16:16:58.0193 5232	fdPHost - ok
16:16:58.0229 5232	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:16:58.0285 5232	FDResPub - ok
16:16:58.0338 5232	FileInfo        (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
16:16:58.0349 5232	FileInfo - ok
16:16:58.0372 5232	Filetrace       (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
16:16:58.0415 5232	Filetrace - ok
16:16:58.0570 5232	FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe
16:16:58.0725 5232	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
16:16:58.0726 5232	FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
16:16:58.0808 5232	FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:16:58.0870 5232	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
16:16:58.0870 5232	FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
16:16:59.0040 5232	flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
16:16:59.0112 5232	flpydisk - ok
16:16:59.0159 5232	FltMgr          (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
16:16:59.0175 5232	FltMgr - ok
16:16:59.0250 5232	FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:16:59.0261 5232	FontCache3.0.0.0 - ok
16:16:59.0302 5232	Fs_Rec          (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
16:16:59.0346 5232	Fs_Rec - ok
16:16:59.0371 5232	fvevol          (06a1cf72fbe3b50035fbff428c8d84b4) C:\Windows\system32\DRIVERS\fvevol.sys
16:16:59.0384 5232	fvevol - ok
16:16:59.0417 5232	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
16:16:59.0429 5232	gagp30kx - ok
16:16:59.0511 5232	GEARAspiWDM     (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\Drivers\GEARAspiWDM.sys
16:16:59.0520 5232	GEARAspiWDM - ok
16:16:59.0585 5232	ggflt           (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
16:16:59.0594 5232	ggflt - ok
16:16:59.0611 5232	ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
16:16:59.0620 5232	ggsemc - ok
16:16:59.0675 5232	gpsvc           (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
16:16:59.0826 5232	gpsvc - ok
16:16:59.0963 5232	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:16:59.0973 5232	gupdate - ok
16:16:59.0995 5232	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:17:00.0003 5232	gupdatem - ok
16:17:00.0069 5232	gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:17:00.0084 5232	gusvc - ok
16:17:00.0280 5232	hamachi         (7929a161f9951d173ca9900fe7067391) C:\Windows\system32\DRIVERS\hamachi.sys
16:17:00.0289 5232	hamachi - ok
16:17:00.0345 5232	HdAudAddService (743e5199a34101a3ee444df5f74d0311) C:\Windows\system32\drivers\CHDART.sys
16:17:00.0423 5232	HdAudAddService - ok
16:17:00.0466 5232	HDAudBus        (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:17:00.0511 5232	HDAudBus - ok
16:17:00.0559 5232	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\DRIVERS\hidbth.sys
16:17:00.0618 5232	HidBth - ok
16:17:00.0655 5232	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:17:00.0733 5232	HidIr - ok
16:17:00.0789 5232	hidserv         (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
16:17:00.0845 5232	hidserv - ok
16:17:00.0883 5232	HidUsb          (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
16:17:00.0940 5232	HidUsb - ok
16:17:00.0980 5232	hkmsvc          (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
16:17:01.0059 5232	hkmsvc - ok
16:17:01.0106 5232	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
16:17:01.0117 5232	HpCISSs - ok
16:17:01.0196 5232	HssDrv          (30858b2d6dc0d8ed044dc28011ade6a2) C:\Windows\system32\DRIVERS\HssDrv.sys
16:17:01.0206 5232	HssDrv - ok
16:17:01.0337 5232	HssSrv          (d5687c8c02df0eb4687b044a10df5cb4) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
16:17:01.0387 5232	HssSrv ( UnsignedFile.Multi.Generic ) - warning
16:17:01.0388 5232	HssSrv - detected UnsignedFile.Multi.Generic (1)
16:17:01.0443 5232	HssTrayService  (e77759a567c903fa719a4396135c7373) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
16:17:01.0479 5232	HssTrayService ( UnsignedFile.Multi.Generic ) - warning
16:17:01.0479 5232	HssTrayService - detected UnsignedFile.Multi.Generic (1)
16:17:01.0662 5232	HTTP            (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
16:17:01.0758 5232	HTTP - ok
16:17:01.0825 5232	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
16:17:01.0836 5232	i2omp - ok
16:17:01.0964 5232	i8042prt        (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
16:17:02.0024 5232	i8042prt - ok
16:17:02.0059 5232	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
16:17:02.0076 5232	iaStorV - ok
16:17:02.0202 5232	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:17:02.0237 5232	IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:17:02.0237 5232	IDriverT - detected UnsignedFile.Multi.Generic (1)
16:17:02.0331 5232	idsvc           (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:17:02.0415 5232	idsvc - ok
16:17:02.0500 5232	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:17:02.0511 5232	iirsp - ok
16:17:02.0574 5232	IKEEXT          (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
16:17:02.0639 5232	IKEEXT - ok
16:17:02.0683 5232	intelide        (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
16:17:02.0694 5232	intelide - ok
16:17:02.0730 5232	intelppm        (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
16:17:02.0786 5232	intelppm - ok
16:17:02.0825 5232	IPBusEnum       (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
16:17:02.0885 5232	IPBusEnum - ok
16:17:02.0913 5232	IpFilterDriver  (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:17:02.0998 5232	IpFilterDriver - ok
16:17:03.0012 5232	IpInIp - ok
16:17:03.0042 5232	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
16:17:03.0087 5232	IPMIDRV - ok
16:17:03.0117 5232	IPNAT           (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
16:17:03.0177 5232	IPNAT - ok
16:17:03.0293 5232	iPod Service    (62937a89470af8ff172f0980ca8aefc9) C:\Program Files\iPod\bin\iPodService.exe
16:17:03.0327 5232	iPod Service - ok
16:17:03.0363 5232	IRENUM          (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
16:17:03.0406 5232	IRENUM - ok
16:17:03.0437 5232	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
16:17:03.0448 5232	isapnp - ok
16:17:03.0475 5232	iScsiPrt        (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
16:17:03.0505 5232	iScsiPrt - ok
16:17:03.0544 5232	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:17:03.0555 5232	iteatapi - ok
16:17:03.0581 5232	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:17:03.0593 5232	iteraid - ok
16:17:03.0652 5232	k750bus         (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
16:17:03.0707 5232	k750bus - ok
16:17:03.0746 5232	kbdclass        (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
16:17:03.0776 5232	kbdclass - ok
16:17:03.0814 5232	kbdhid          (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
16:17:03.0855 5232	kbdhid - ok
16:17:03.0880 5232	KeyIso          (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
16:17:03.0952 5232	KeyIso - ok
16:17:04.0014 5232	KSecDD          (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
16:17:04.0064 5232	KSecDD - ok
16:17:04.0118 5232	KtmRm           (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
16:17:04.0205 5232	KtmRm - ok
16:17:04.0254 5232	LanmanServer    (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
16:17:04.0349 5232	LanmanServer - ok
16:17:04.0407 5232	LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
16:17:04.0494 5232	LanmanWorkstation - ok
16:17:04.0547 5232	lltdio          (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
16:17:04.0602 5232	lltdio - ok
16:17:04.0643 5232	lltdsvc         (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
16:17:04.0692 5232	lltdsvc - ok
16:17:04.0725 5232	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:17:04.0778 5232	lmhosts - ok
16:17:04.0805 5232	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
16:17:04.0817 5232	LSI_FC - ok
16:17:04.0837 5232	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
16:17:04.0849 5232	LSI_SAS - ok
16:17:04.0886 5232	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
16:17:04.0898 5232	LSI_SCSI - ok
16:17:04.0919 5232	luafv           (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
16:17:04.0982 5232	luafv - ok
16:17:05.0039 5232	MarvinBus       (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
16:17:05.0074 5232	MarvinBus - ok
16:17:05.0114 5232	Mcx2Svc         (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
16:17:05.0179 5232	Mcx2Svc - ok
16:17:05.0274 5232	MDM             (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:17:05.0330 5232	MDM ( UnsignedFile.Multi.Generic ) - warning
16:17:05.0330 5232	MDM - detected UnsignedFile.Multi.Generic (1)
16:17:05.0483 5232	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
16:17:05.0493 5232	megasas - ok
16:17:05.0580 5232	MMCSS           (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
16:17:05.0632 5232	MMCSS - ok
16:17:05.0680 5232	Modem           (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
16:17:05.0722 5232	Modem - ok
16:17:05.0768 5232	monitor         (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
16:17:05.0818 5232	monitor - ok
16:17:05.0877 5232	motccgp         (f4ea1193a52c8fe4b8a135e210abe546) C:\Windows\system32\DRIVERS\motccgp.sys
16:17:05.0980 5232	motccgp - ok
16:17:06.0014 5232	motccgpfl       (b812da6605caf02641312f1f65c75419) C:\Windows\system32\DRIVERS\motccgpfl.sys
16:17:06.0033 5232	motccgpfl - ok
16:17:06.0059 5232	MotDev          (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
16:17:06.0113 5232	MotDev - ok
16:17:06.0187 5232	motmodem        (69814acd50a9d6d28296050ef6215d46) C:\Windows\system32\DRIVERS\motmodem.sys
16:17:06.0262 5232	motmodem - ok
16:17:06.0349 5232	MotoHelper      (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
16:17:06.0362 5232	MotoHelper - ok
16:17:06.0553 5232	MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
16:17:06.0609 5232	MotoSwitchService - ok
16:17:06.0642 5232	Motousbnet      (ddc489d40b49f443787e7ffa75373522) C:\Windows\system32\DRIVERS\Motousbnet.sys
16:17:06.0687 5232	Motousbnet - ok
16:17:06.0751 5232	motusbdevice    (f18898d418f43e74a93edc57e1f28bc9) C:\Windows\system32\DRIVERS\motusbdevice.sys
16:17:06.0796 5232	motusbdevice - ok
16:17:06.0845 5232	mouclass        (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
16:17:06.0856 5232	mouclass - ok
16:17:06.0881 5232	mouhid          (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
16:17:06.0905 5232	mouhid - ok
16:17:06.0942 5232	MountMgr        (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
16:17:06.0953 5232	MountMgr - ok
16:17:06.0986 5232	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
16:17:06.0998 5232	mpio - ok
16:17:07.0081 5232	mpsdrv          (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
16:17:07.0120 5232	mpsdrv - ok
16:17:07.0149 5232	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:17:07.0160 5232	Mraid35x - ok
16:17:07.0222 5232	MRxDAV          (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
16:17:07.0311 5232	MRxDAV - ok
16:17:07.0390 5232	mrxsmb          (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:17:07.0430 5232	mrxsmb - ok
16:17:07.0468 5232	mrxsmb10        (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:17:07.0522 5232	mrxsmb10 - ok
16:17:07.0569 5232	mrxsmb20        (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:17:07.0592 5232	mrxsmb20 - ok
16:17:07.0645 5232	msahci          (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
16:17:07.0656 5232	msahci - ok
16:17:07.0694 5232	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
16:17:07.0706 5232	msdsm - ok
16:17:07.0752 5232	MSDTC           (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
16:17:07.0784 5232	MSDTC - ok
16:17:07.0820 5232	Msfs            (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
16:17:07.0864 5232	Msfs - ok
16:17:07.0908 5232	msisadrv        (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
16:17:07.0918 5232	msisadrv - ok
16:17:07.0980 5232	MSiSCSI         (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
16:17:08.0041 5232	MSiSCSI - ok
16:17:08.0057 5232	msiserver - ok
16:17:08.0087 5232	MSKSSRV         (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
16:17:08.0147 5232	MSKSSRV - ok
16:17:08.0163 5232	MSPCLOCK        (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
16:17:08.0237 5232	MSPCLOCK - ok
16:17:08.0253 5232	MSPQM           (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
16:17:08.0327 5232	MSPQM - ok
16:17:08.0359 5232	MsRPC           (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
16:17:08.0374 5232	MsRPC - ok
16:17:08.0401 5232	mssmbios        (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
16:17:08.0434 5232	mssmbios - ok
16:17:08.0472 5232	MSTEE           (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
16:17:08.0525 5232	MSTEE - ok
16:17:08.0566 5232	Mup             (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
16:17:08.0577 5232	Mup - ok
16:17:08.0628 5232	napagent        (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
16:17:08.0677 5232	napagent - ok
16:17:08.0757 5232	NativeWifiP     (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
16:17:08.0806 5232	NativeWifiP - ok
16:17:08.0867 5232	NDIS            (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
16:17:08.0892 5232	NDIS - ok
16:17:08.0960 5232	NdisTapi        (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
16:17:08.0991 5232	NdisTapi - ok
16:17:09.0021 5232	Ndisuio         (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
16:17:09.0066 5232	Ndisuio - ok
16:17:09.0093 5232	NdisWan         (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
16:17:09.0154 5232	NdisWan - ok
16:17:09.0213 5232	NDProxy         (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
16:17:09.0235 5232	NDProxy - ok
16:17:09.0268 5232	NetBIOS         (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
16:17:09.0312 5232	NetBIOS - ok
16:17:09.0337 5232	netbt           (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
16:17:09.0387 5232	netbt - ok
16:17:09.0429 5232	Netlogon        (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
16:17:09.0461 5232	Netlogon - ok
16:17:09.0530 5232	Netman          (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
16:17:09.0597 5232	Netman - ok
16:17:09.0637 5232	netprofm        (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
16:17:09.0685 5232	netprofm - ok
16:17:09.0766 5232	NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:17:09.0778 5232	NetTcpPortSharing - ok
16:17:09.0910 5232	NETw4v32        (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
16:17:10.0085 5232	NETw4v32 - ok
16:17:10.0127 5232	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:17:10.0161 5232	nfrd960 - ok
16:17:10.0206 5232	nipsvc          (11028c6a84a967070cb1286550f2058f) C:\Windows\system32\remoteregistry.dll
16:17:10.0209 5232	nipsvc ( Backdoor.Multi.ZAccess.gen ) - infected
16:17:10.0209 5232	nipsvc - detected Backdoor.Multi.ZAccess.gen (0)
16:17:10.0245 5232	NlaSvc          (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
16:17:10.0300 5232	NlaSvc - ok
16:17:10.0362 5232	NMIndexingService - ok
16:17:10.0558 5232	nod32drv        (b4ea8cba9a69d0921b7bd89c8cf9e032) C:\Windows\system32\drivers\nod32drv.sys
16:17:10.0567 5232	nod32drv - ok
16:17:10.0618 5232	NOD32krn        (7da9d9593081cb76fccdab3f14438370) C:\Program Files\Eset\nod32krn.exe
16:17:10.0644 5232	NOD32krn ( UnsignedFile.Multi.Generic ) - warning
16:17:10.0644 5232	NOD32krn - detected UnsignedFile.Multi.Generic (1)
16:17:10.0861 5232	NPF             (b15e0180c43d8b5219196d76878cc2dd) C:\Windows\system32\drivers\npf.sys
16:17:10.0871 5232	NPF - ok
16:17:10.0934 5232	Npfs            (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
16:17:10.0994 5232	Npfs - ok
16:17:11.0051 5232	nsi             (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
16:17:11.0111 5232	nsi - ok
16:17:11.0145 5232	nsiproxy        (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
16:17:11.0215 5232	nsiproxy - ok
16:17:11.0307 5232	Ntfs            (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
16:17:11.0405 5232	Ntfs - ok
16:17:11.0455 5232	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:17:11.0511 5232	ntrigdigi - ok
16:17:11.0547 5232	Null            (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
16:17:11.0606 5232	Null - ok
16:17:11.0636 5232	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
16:17:11.0661 5232	nvraid - ok
16:17:11.0709 5232	nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
16:17:11.0778 5232	nvstor - ok
16:17:11.0905 5232	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
16:17:11.0921 5232	nv_agp - ok
16:17:11.0945 5232	NwlnkFlt - ok
16:17:11.0960 5232	NwlnkFwd - ok
16:17:12.0095 5232	odserv          (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:17:12.0123 5232	odserv - ok
16:17:12.0177 5232	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
16:17:12.0226 5232	ohci1394 - ok
16:17:12.0288 5232	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:17:12.0303 5232	ose - ok
16:17:12.0399 5232	p2pimsvc        (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
16:17:12.0477 5232	p2pimsvc - ok
16:17:12.0493 5232	p2psvc          (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
16:17:12.0517 5232	p2psvc - ok
16:17:12.0599 5232	PAC207          (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
16:17:12.0658 5232	PAC207 - ok
16:17:12.0703 5232	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:17:12.0755 5232	Parport - ok
16:17:12.0789 5232	partmgr         (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
16:17:12.0800 5232	partmgr - ok
16:17:12.0821 5232	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:17:12.0877 5232	Parvdm - ok
16:17:12.0909 5232	PcaSvc          (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
16:17:12.0974 5232	PcaSvc - ok
16:17:13.0013 5232	pci             (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
16:17:13.0023 5232	pci - ok
16:17:13.0046 5232	pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
16:17:13.0057 5232	pciide - ok
16:17:13.0090 5232	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
16:17:13.0106 5232	pcmcia - ok
16:17:13.0164 5232	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:17:13.0265 5232	PEAUTH - ok
16:17:13.0331 5232	pfc             (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys
16:17:13.0337 5232	pfc ( UnsignedFile.Multi.Generic ) - warning
16:17:13.0337 5232	pfc - detected UnsignedFile.Multi.Generic (1)
16:17:13.0420 5232	pla             (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
16:17:13.0614 5232	pla - ok
16:17:13.0649 5232	PlugPlay        (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
16:17:13.0675 5232	PlugPlay - ok
16:17:13.0721 5232	PNRPAutoReg     (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
16:17:13.0789 5232	PNRPAutoReg - ok
16:17:13.0833 5232	PNRPsvc         (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
16:17:13.0872 5232	PNRPsvc - ok
16:17:13.0940 5232	PolicyAgent     (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
16:17:14.0012 5232	PolicyAgent - ok
16:17:14.0092 5232	PptpMiniport    (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
16:17:14.0136 5232	PptpMiniport - ok
16:17:14.0206 5232	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
16:17:14.0250 5232	Processor - ok
16:17:14.0298 5232	ProfSvc         (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
16:17:14.0375 5232	ProfSvc - ok
16:17:14.0415 5232	ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
16:17:14.0428 5232	ProtectedStorage - ok
16:17:14.0481 5232	PSched          (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
16:17:14.0513 5232	PSched - ok
16:17:14.0582 5232	PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
16:17:14.0592 5232	PxHelp20 - ok
16:17:14.0658 5232	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
16:17:14.0742 5232	ql2300 - ok
16:17:14.0779 5232	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:17:14.0791 5232	ql40xx - ok
16:17:14.0834 5232	QWAVE           (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
16:17:14.0870 5232	QWAVE - ok
16:17:14.0896 5232	QWAVEdrv        (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
16:17:14.0920 5232	QWAVEdrv - ok
16:17:14.0967 5232	RasAcd          (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
16:17:15.0017 5232	RasAcd - ok
16:17:15.0101 5232	RasAuto         (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
16:17:15.0147 5232	RasAuto - ok
16:17:15.0198 5232	Rasl2tp         (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:17:15.0257 5232	Rasl2tp - ok
16:17:15.0301 5232	RasMan          (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
16:17:15.0367 5232	RasMan - ok
16:17:15.0394 5232	RasPppoe        (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
16:17:15.0464 5232	RasPppoe - ok
16:17:15.0507 5232	rdbss           (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
16:17:15.0572 5232	rdbss - ok
16:17:15.0607 5232	RDPCDD          (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:17:15.0661 5232	RDPCDD - ok
16:17:15.0698 5232	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\DRIVERS\rdpdr.sys
16:17:15.0788 5232	rdpdr - ok
16:17:15.0816 5232	RDPENCDD        (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
16:17:15.0870 5232	RDPENCDD - ok
16:17:15.0905 5232	RDPWD           (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
16:17:15.0952 5232	RDPWD - ok
16:17:16.0025 5232	RemoteAccess    (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
16:17:16.0081 5232	RemoteAccess - ok
16:17:16.0126 5232	RemoteRegistry  (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
16:17:16.0185 5232	RemoteRegistry - ok
16:17:16.0257 5232	Revoflt         (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
16:17:16.0266 5232	Revoflt - ok
16:17:16.0309 5232	RFCOMM          (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
16:17:16.0371 5232	RFCOMM - ok
16:17:16.0436 5232	RMCAST          (8804bcb4383859f66ffd51f049a1d744) C:\Windows\system32\DRIVERS\RMCAST.sys
16:17:16.0481 5232	RMCAST - ok
16:17:16.0544 5232	rpcapd          (9ed13880478f14900a5840ff048d174c) C:\Program Files\WinPcap\rpcapd.exe
16:17:16.0556 5232	rpcapd - ok
16:17:16.0593 5232	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:17:16.0622 5232	RpcLocator - ok
16:17:16.0681 5232	RpcSs           (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
16:17:16.0752 5232	RpcSs - ok
16:17:16.0817 5232	rspndr          (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
16:17:16.0864 5232	rspndr - ok
16:17:16.0913 5232	RTL8169         (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys
16:17:16.0966 5232	RTL8169 - ok
16:17:17.0030 5232	RTSTOR          (e845f4d709c456992f11d2acf321bced) C:\Windows\system32\drivers\RTSTOR.SYS
16:17:17.0076 5232	RTSTOR - ok
16:17:17.0115 5232	s115bus         (e1ab463b36a7ef31d8a73a97a9b57afa) C:\Windows\system32\DRIVERS\s115bus.sys
16:17:17.0126 5232	s115bus - ok
16:17:17.0190 5232	s115mdfl        (e24113fc13b8737c94cf4e3415488c76) C:\Windows\system32\DRIVERS\s115mdfl.sys
16:17:17.0199 5232	s115mdfl - ok
16:17:17.0267 5232	s115mdm         (4029e49e7c673aa0670bd206b0af1b5b) C:\Windows\system32\DRIVERS\s115mdm.sys
16:17:17.0278 5232	s115mdm - ok
16:17:17.0308 5232	s115mgmt        (eb02ab4ca8bccecfde236cad8fc6e135) C:\Windows\system32\DRIVERS\s115mgmt.sys
16:17:17.0319 5232	s115mgmt - ok
16:17:17.0376 5232	s115obex        (089869db9ffd2ac807fa87fe82ac7761) C:\Windows\system32\DRIVERS\s115obex.sys
16:17:17.0388 5232	s115obex - ok
16:17:17.0425 5232	SamSs           (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
16:17:17.0458 5232	SamSs - ok
16:17:17.0504 5232	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:17:17.0541 5232	sbp2port - ok
16:17:17.0593 5232	SCardSvr        (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
16:17:17.0656 5232	SCardSvr - ok
16:17:17.0723 5232	Schedule        (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
16:17:17.0782 5232	Schedule - ok
16:17:17.0862 5232	SCPolicySvc     (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
16:17:17.0902 5232	SCPolicySvc - ok
16:17:17.0942 5232	SDRSVC          (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
16:17:18.0023 5232	SDRSVC - ok
16:17:18.0077 5232	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:17:18.0120 5232	secdrv - ok
16:17:18.0140 5232	seclogon        (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
16:17:18.0187 5232	seclogon - ok
16:17:18.0232 5232	seehcri         (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
16:17:18.0270 5232	seehcri - ok
16:17:18.0310 5232	SENS            (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
16:17:18.0369 5232	SENS - ok
16:17:18.0520 5232	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:17:18.0571 5232	Serenum - ok
16:17:18.0604 5232	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:17:18.0680 5232	Serial - ok
16:17:18.0736 5232	sermouse        (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
16:17:18.0760 5232	sermouse - ok
16:17:18.0804 5232	SessionEnv      (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
16:17:18.0859 5232	SessionEnv - ok
16:17:18.0883 5232	sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
16:17:18.0926 5232	sffdisk - ok
16:17:18.0943 5232	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
16:17:18.0987 5232	sffp_mmc - ok
16:17:19.0008 5232	sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
16:17:19.0065 5232	sffp_sd - ok
16:17:19.0082 5232	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
16:17:19.0143 5232	sfloppy - ok
16:17:19.0187 5232	SharedAccess    (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
16:17:19.0221 5232	SharedAccess - ok
16:17:19.0253 5232	ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
16:17:19.0337 5232	ShellHWDetection - ok
16:17:19.0366 5232	sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
16:17:19.0378 5232	sisagp - ok
16:17:19.0397 5232	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
16:17:19.0409 5232	SiSRaid2 - ok
16:17:19.0436 5232	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
16:17:19.0448 5232	SiSRaid4 - ok
16:17:19.0541 5232	SkypeUpdate     (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
16:17:19.0569 5232	SkypeUpdate - ok
16:17:19.0672 5232	slsvc           (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
16:17:20.0094 5232	slsvc - ok
16:17:20.0249 5232	SLUINotify      (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
16:17:20.0276 5232	SLUINotify - ok
16:17:20.0345 5232	Smb             (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
16:17:20.0415 5232	Smb - ok
16:17:20.0493 5232	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:17:20.0508 5232	SNMPTRAP - ok
16:17:20.0529 5232	spldr           (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
16:17:20.0539 5232	spldr - ok
16:17:20.0573 5232	Spooler         (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
16:17:20.0590 5232	Spooler - ok
16:17:20.0643 5232	sptd            (d390675b8ce45e5fb359338e5e649329) C:\Windows\system32\Drivers\sptd.sys
16:17:20.0643 5232	Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
16:17:20.0645 5232	sptd ( LockedFile.Multi.Generic ) - warning
16:17:20.0646 5232	sptd - detected LockedFile.Multi.Generic (1)
16:17:20.0707 5232	srv             (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
16:17:20.0770 5232	srv - ok
16:17:20.0828 5232	srv2            (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
16:17:20.0887 5232	srv2 - ok
16:17:20.0935 5232	srvnet          (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
16:17:20.0950 5232	srvnet - ok
16:17:20.0991 5232	SSDPSRV         (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
16:17:21.0039 5232	SSDPSRV - ok
16:17:21.0079 5232	stisvc          (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
16:17:21.0111 5232	stisvc - ok
16:17:21.0161 5232	swenum          (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
16:17:21.0172 5232	swenum - ok
16:17:21.0215 5232	swprv           (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
16:17:21.0282 5232	swprv - ok
16:17:21.0309 5232	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:17:21.0321 5232	Symc8xx - ok
16:17:21.0351 5232	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:17:21.0363 5232	Sym_hi - ok
16:17:21.0392 5232	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:17:21.0403 5232	Sym_u3 - ok
16:17:21.0466 5232	SysMain         (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
16:17:21.0559 5232	SysMain - ok
16:17:21.0641 5232	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:17:21.0658 5232	TabletInputService - ok
16:17:21.0712 5232	tap0901         (34f1bcb847a924a161422f106a79b9ff) C:\Windows\system32\DRIVERS\tap0901.sys
16:17:21.0769 5232	tap0901 ( UnsignedFile.Multi.Generic ) - warning
16:17:21.0769 5232	tap0901 - detected UnsignedFile.Multi.Generic (1)
16:17:21.0833 5232	taphss          (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
16:17:21.0841 5232	taphss - ok
16:17:21.0870 5232	TapiSrv         (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
16:17:21.0917 5232	TapiSrv - ok
16:17:21.0939 5232	TBS             (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
16:17:21.0999 5232	TBS - ok
16:17:22.0053 5232	Tcpip           (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
16:17:22.0137 5232	Tcpip - ok
16:17:22.0168 5232	Tcpip6          (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
16:17:22.0195 5232	Tcpip6 - ok
16:17:22.0256 5232	tcpipreg        (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
16:17:22.0315 5232	tcpipreg - ok
16:17:22.0342 5232	TDPIPE          (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
16:17:22.0398 5232	TDPIPE - ok
16:17:22.0425 5232	TDTCP           (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
16:17:22.0470 5232	TDTCP - ok
16:17:22.0498 5232	tdx             (f330bfc88cc2d714ea317590b9445723) C:\Windows\system32\DRIVERS\tdx.sys
16:17:22.0503 5232	tdx ( Virus.Win32.ZAccess.k ) - infected
16:17:22.0503 5232	tdx - detected Virus.Win32.ZAccess.k (0)
16:17:22.0528 5232	TermDD          (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
16:17:22.0541 5232	TermDD - ok
16:17:22.0600 5232	TermService     (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
16:17:22.0658 5232	TermService - ok
16:17:22.0697 5232	Themes          (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
16:17:22.0714 5232	Themes - ok
16:17:22.0752 5232	THREADORDER     (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
16:17:22.0796 5232	THREADORDER - ok
16:17:22.0878 5232	TimerStop       (6a4e028caa0723b293b26cd3a55a888b) C:\Windows\system32\timerstop.sys
16:17:22.0885 5232	TimerStop ( UnsignedFile.Multi.Generic ) - warning
16:17:22.0885 5232	TimerStop - detected UnsignedFile.Multi.Generic (1)
16:17:22.0915 5232	TrkWks          (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
16:17:22.0967 5232	TrkWks - ok
16:17:23.0024 5232	TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
16:17:23.0051 5232	TrustedInstaller - ok
16:17:23.0131 5232	tssecsrv        (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:17:23.0193 5232	tssecsrv - ok
16:17:23.0245 5232	tunmp           (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
16:17:23.0259 5232	tunmp - ok
16:17:23.0290 5232	tunnel          (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
16:17:23.0321 5232	tunnel - ok
16:17:23.0356 5232	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
16:17:23.0369 5232	uagp35 - ok
16:17:23.0396 5232	udfs            (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
16:17:23.0445 5232	udfs - ok
16:17:23.0489 5232	UI0Detect       (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
16:17:23.0505 5232	UI0Detect - ok
16:17:23.0527 5232	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
16:17:23.0539 5232	uliagpkx - ok
16:17:23.0567 5232	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
16:17:23.0586 5232	uliahci - ok
16:17:23.0620 5232	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:17:23.0632 5232	UlSata - ok
16:17:23.0656 5232	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:17:23.0669 5232	ulsata2 - ok
16:17:23.0692 5232	umbus           (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
16:17:23.0736 5232	umbus - ok
16:17:23.0768 5232	UmRdpService    (cfbb746c889b9223d2ac268cf283a93e) C:\Windows\System32\umrdp.dll
16:17:23.0827 5232	UmRdpService - ok
16:17:23.0864 5232	upnphost        (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
16:17:23.0931 5232	upnphost - ok
16:17:24.0000 5232	USBAAPL         (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\Windows\system32\Drivers\usbaapl.sys
16:17:24.0051 5232	USBAAPL - ok
16:17:24.0118 5232	usbaudio        (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
16:17:24.0176 5232	usbaudio - ok
16:17:24.0225 5232	usbccgp         (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
16:17:24.0301 5232	usbccgp - ok
16:17:24.0392 5232	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:17:24.0446 5232	usbcir - ok
16:17:24.0498 5232	usbehci         (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
16:17:24.0527 5232	usbehci - ok
16:17:24.0573 5232	usbhub          (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
16:17:24.0591 5232	usbhub - ok
16:17:24.0621 5232	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
16:17:24.0665 5232	usbohci - ok
16:17:24.0688 5232	usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
16:17:24.0746 5232	usbprint - ok
16:17:24.0781 5232	USBSTOR         (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:17:24.0828 5232	USBSTOR - ok
16:17:24.0863 5232	usbuhci         (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:17:24.0886 5232	usbuhci - ok
16:17:24.0932 5232	usbvideo        (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
16:17:24.0979 5232	usbvideo - ok
16:17:25.0033 5232	UxSms           (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
16:17:25.0087 5232	UxSms - ok
16:17:25.0126 5232	UxTuneUp        (d3986793dedc6bb93db4da5a793e42ce) C:\Windows\System32\uxtuneup.dll
16:17:25.0137 5232	UxTuneUp - ok
16:17:25.0201 5232	vds             (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
16:17:25.0229 5232	vds - ok
16:17:25.0312 5232	vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
16:17:25.0370 5232	vga - ok
16:17:25.0410 5232	VgaSave         (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
16:17:25.0455 5232	VgaSave - ok
16:17:25.0489 5232	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
16:17:25.0500 5232	viaagp - ok
16:17:25.0527 5232	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
16:17:25.0584 5232	ViaC7 - ok
16:17:25.0613 5232	viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
16:17:25.0624 5232	viaide - ok
16:17:25.0648 5232	volmgr          (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
16:17:25.0659 5232	volmgr - ok
16:17:25.0695 5232	volmgrx         (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
16:17:25.0713 5232	volmgrx - ok
16:17:25.0753 5232	volsnap         (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
16:17:25.0771 5232	volsnap - ok
16:17:25.0802 5232	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
16:17:25.0815 5232	vsmraid - ok
16:17:25.0881 5232	VSS             (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
16:17:25.0934 5232	VSS - ok
16:17:26.0056 5232	vvdsvc          (9e8c7a7b8a98e4f6ccbbf9f88a1c111f) C:\Windows\system32\nagasoft\vjocx.dll
16:17:26.0315 5232	vvdsvc - ok
16:17:26.0378 5232	W32Time         (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
16:17:26.0428 5232	W32Time - ok
16:17:26.0475 5232	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:17:26.0520 5232	WacomPen - ok
16:17:26.0646 5232	wampapache      (375640f39f2d613b6fdcf8c2f956205a) c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
16:17:26.0681 5232	wampapache ( UnsignedFile.Multi.Generic ) - warning
16:17:26.0681 5232	wampapache - detected UnsignedFile.Multi.Generic (1)
16:17:26.0723 5232	wampmysqld - ok
16:17:26.0898 5232	Wanarp          (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
16:17:26.0928 5232	Wanarp - ok
16:17:26.0933 5232	Wanarpv6        (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
16:17:26.0944 5232	Wanarpv6 - ok
16:17:27.0018 5232	wbengine        (6d2f099d4ce88777e46cb1808c87b132) C:\Windows\system32\wbengine.exe
16:17:27.0133 5232	wbengine - ok
16:17:27.0195 5232	wcncsvc         (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
16:17:27.0216 5232	wcncsvc - ok
16:17:27.0242 5232	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:17:27.0290 5232	WcsPlugInService - ok
16:17:27.0341 5232	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
16:17:27.0352 5232	Wd - ok
16:17:27.0406 5232	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
16:17:27.0435 5232	Wdf01000 - ok
16:17:27.0482 5232	WdiServiceHost  (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
16:17:27.0524 5232	WdiServiceHost - ok
16:17:27.0529 5232	WdiSystemHost   (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
16:17:27.0544 5232	WdiSystemHost - ok
16:17:27.0598 5232	WebClient       (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
16:17:27.0626 5232	WebClient - ok
16:17:27.0661 5232	Wecsvc          (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
16:17:27.0709 5232	Wecsvc - ok
16:17:27.0730 5232	wercplsupport   (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
16:17:27.0804 5232	wercplsupport - ok
16:17:27.0856 5232	WerSvc          (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
16:17:27.0903 5232	WerSvc - ok
16:17:27.0911 5232	WinHttpAutoProxySvc - ok
16:17:27.0986 5232	Winmgmt         (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
16:17:28.0032 5232	Winmgmt - ok
16:17:28.0080 5232	WinRM           (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
16:17:28.0192 5232	WinRM - ok
16:17:28.0265 5232	Wlansvc         (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
16:17:28.0407 5232	Wlansvc - ok
16:17:28.0470 5232	WmiAcpi         (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:17:28.0497 5232	WmiAcpi - ok
16:17:28.0570 5232	wmiApSrv        (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
16:17:28.0584 5232	wmiApSrv - ok
16:17:28.0671 5232	WMPNetworkSvc   (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:17:28.0824 5232	WMPNetworkSvc - ok
16:17:28.0996 5232	WPCSvc          (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
16:17:29.0069 5232	WPCSvc - ok
16:17:29.0133 5232	WPDBusEnum      (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
16:17:29.0186 5232	WPDBusEnum - ok
16:17:29.0287 5232	WpdUsb          (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
16:17:29.0347 5232	WpdUsb - ok
16:17:29.0387 5232	ws2ifsl         (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
16:17:29.0446 5232	ws2ifsl - ok
16:17:29.0520 5232	WSDPrintDevice  (f01f25b4227ad8d717c21f25f62b43c8) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:17:29.0564 5232	WSDPrintDevice - ok
16:17:29.0620 5232	WSDScan         (ff6e0448dc0d2b588e9300fc474558fd) C:\Windows\system32\DRIVERS\WSDScan.sys
16:17:29.0667 5232	WSDScan - ok
16:17:29.0683 5232	WSearch - ok
16:17:29.0774 5232	wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
16:17:29.0926 5232	wuauserv - ok
16:17:29.0988 5232	WUDFRd          (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:17:30.0043 5232	WUDFRd - ok
16:17:30.0085 5232	wudfsvc         (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
16:17:30.0146 5232	wudfsvc - ok
16:17:30.0176 5232	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:17:30.0355 5232	\Device\Harddisk0\DR0 - ok
16:17:30.0359 5232	Boot (0x1200)   (74616604de750d65da10dd5ec44b0e52) \Device\Harddisk0\DR0\Partition0
16:17:30.0361 5232	\Device\Harddisk0\DR0\Partition0 - ok
16:17:30.0361 5232	============================================================
16:17:30.0361 5232	Scan finished
16:17:30.0361 5232	============================================================
16:17:30.0372 6108	Detected object count: 17
16:17:30.0372 6108	Actual detected object count: 17
16:18:40.0231 6108	Afc ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0231 6108	Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0231 6108	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:18:40.0232 6108	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
16:18:40.0233 6108	EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0233 6108	EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0234 6108	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0234 6108	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0236 6108	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0236 6108	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0237 6108	HssSrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0237 6108	HssSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0238 6108	HssTrayService ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0238 6108	HssTrayService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0240 6108	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0240 6108	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0241 6108	MDM ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0241 6108	MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0242 6108	nipsvc ( Backdoor.Multi.ZAccess.gen ) - skipped by user
16:18:40.0243 6108	nipsvc ( Backdoor.Multi.ZAccess.gen ) - User select action: Skip 
16:18:40.0244 6108	NOD32krn ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0244 6108	NOD32krn ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0245 6108	pfc ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0245 6108	pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0247 6108	sptd ( LockedFile.Multi.Generic ) - skipped by user
16:18:40.0247 6108	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0248 6108	tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0248 6108	tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0249 6108	tdx ( Virus.Win32.ZAccess.k ) - skipped by user
16:18:40.0250 6108	tdx ( Virus.Win32.ZAccess.k ) - User select action: Skip 
16:18:40.0251 6108	TimerStop ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0251 6108	TimerStop ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:18:40.0252 6108	wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:40.0253 6108	wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip

U nipsvc ( Backdoor.Multi.ZAccess.gen ) mám na výběr jenom Delete, Cure tam není. Mám to vymazat?

Kde jsem chytl parazita vůbec netuším, víš, kde orientačně většinou bývá? A dá se z logů vyčíst, kdy asi jsem ho chytl?

Provedeno, zde log po restartu:

19:51:54.0357 5628 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
19:51:54.0502 5628 ============================================================
19:51:54.0502 5628 Current date / time: 2012/04/11 19:51:54.0502
19:51:54.0502 5628 SystemInfo:
19:51:54.0502 5628
19:51:54.0502 5628 OS Version: 6.0.6000 ServicePack: 0.0
19:51:54.0502 5628 Product type: Workstation
19:51:54.0502 5628 ComputerName: SALAT-V5545
19:51:54.0502 5628 UserName: radek
19:51:54.0502 5628 Windows directory: C:\Windows
19:51:54.0502 5628 System windows directory: C:\Windows
19:51:54.0502 5628 Processor architecture: Intel x86
19:51:54.0502 5628 Number of processors: 2
19:51:54.0502 5628 Page size: 0x1000
19:51:54.0502 5628 Boot type: Normal boot
19:51:54.0502 5628 ============================================================
19:51:55.0614 5628 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:51:55.0616 5628 \Device\Harddisk0\DR0:
19:51:55.0616 5628 MBR used
19:51:55.0616 5628 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
19:51:55.0650 5628 Initialize success
19:51:55.0650 5628 ============================================================
19:52:04.0183 6064 ============================================================
19:52:04.0183 6064 Scan started
19:52:04.0183 6064 Mode: Manual; SigCheck; TDLFS;
19:52:04.0183 6064 ============================================================
19:52:06.0304 6064 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
19:52:06.0426 6064 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
19:52:06.0594 6064 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
19:52:06.0629 6064 ACPI - ok
19:52:06.0714 6064 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:06.0726 6064 AdobeFlashPlayerUpdateSvc - ok
19:52:06.0804 6064 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:52:06.0828 6064 adp94xx - ok
19:52:06.0897 6064 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:52:06.0912 6064 adpahci - ok
19:52:06.0936 6064 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:52:06.0946 6064 adpu160m - ok
19:52:06.0975 6064 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:52:06.0986 6064 adpu320 - ok
19:52:07.0028 6064 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:52:07.0136 6064 AeLookupSvc - ok
19:52:07.0208 6064 AF15BDA (639a9c2dab390769be8fa23854435876) C:\Windows\system32\Drivers\AF15BDA.sys
19:52:07.0287 6064 AF15BDA - ok
19:52:07.0351 6064 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
19:52:07.0377 6064 Afc ( UnsignedFile.Multi.Generic ) - warning
19:52:07.0377 6064 Afc - detected UnsignedFile.Multi.Generic (1)
19:52:07.0441 6064 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
19:52:07.0516 6064 AFD - ok
19:52:07.0563 6064 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:52:07.0574 6064 agp440 - ok
19:52:07.0616 6064 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:52:07.0627 6064 aic78xx - ok
19:52:07.0827 6064 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll
19:52:07.0827 6064 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
19:52:07.0834 6064 Akamai ( HiddenFile.Multi.Generic ) - warning
19:52:07.0834 6064 Akamai - detected HiddenFile.Multi.Generic (1)
19:52:08.0163 6064 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
19:52:08.0216 6064 ALG - ok
19:52:08.0274 6064 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
19:52:08.0281 6064 aliide - ok
19:52:08.0315 6064 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:52:08.0326 6064 amdagp - ok
19:52:08.0342 6064 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
19:52:08.0352 6064 amdide - ok
19:52:08.0379 6064 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:52:08.0426 6064 AmdK7 - ok
19:52:08.0452 6064 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
19:52:08.0510 6064 AmdK8 - ok
19:52:08.0585 6064 AMON (687c3f2e78aeb209ade1cc265a2560bb) C:\Windows\system32\drivers\amon.sys
19:52:08.0627 6064 AMON - ok
19:52:08.0719 6064 AMService - ok
19:52:08.0803 6064 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
19:52:08.0866 6064 Appinfo - ok
19:52:09.0022 6064 Apple Mobile Device (a8aa9d47f971570a5162b862b80f87e8) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
19:52:09.0047 6064 Apple Mobile Device - ok
19:52:09.0237 6064 AppMgmt (051e86735b71e8402aebc1d662f26ba2) C:\Windows\System32\appmgmts.dll
19:52:09.0285 6064 AppMgmt - ok
19:52:09.0361 6064 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:52:09.0371 6064 arc - ok
19:52:09.0409 6064 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:52:09.0419 6064 arcsas - ok
19:52:09.0471 6064 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:09.0528 6064 AsyncMac - ok
19:52:09.0575 6064 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
19:52:09.0583 6064 atapi - ok
19:52:09.0655 6064 Ati External Event Utility (4604db6d5eca6362873cc3a76d2204ba) C:\Windows\system32\Ati2evxx.exe
19:52:09.0768 6064 Ati External Event Utility - ok
19:52:09.0927 6064 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys
19:52:10.0249 6064 atikmdag - ok
19:52:10.0323 6064 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
19:52:10.0403 6064 AudioEndpointBuilder - ok
19:52:10.0444 6064 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
19:52:10.0486 6064 Audiosrv - ok
19:52:10.0548 6064 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
19:52:10.0605 6064 Beep - ok
19:52:10.0693 6064 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
19:52:10.0776 6064 BITS - ok
19:52:10.0806 6064 blbdrive - ok
19:52:10.0896 6064 Bonjour Service (9efe4236f8670846b6e7c5b0eff6e715) C:\Program Files\Bonjour\mDNSResponder.exe
19:52:10.0910 6064 Bonjour Service - ok
19:52:10.0967 6064 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
19:52:11.0025 6064 bowser - ok
19:52:11.0071 6064 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:52:11.0129 6064 BrFiltLo - ok
19:52:11.0154 6064 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:52:11.0223 6064 BrFiltUp - ok
19:52:11.0271 6064 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
19:52:11.0330 6064 Browser - ok
19:52:11.0378 6064 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:52:11.0437 6064 Brserid - ok
19:52:11.0478 6064 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:52:11.0546 6064 BrSerWdm - ok
19:52:11.0583 6064 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:52:11.0632 6064 BrUsbMdm - ok
19:52:11.0661 6064 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:52:11.0735 6064 BrUsbSer - ok
19:52:11.0801 6064 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
19:52:11.0871 6064 BTCFilterService - ok
19:52:11.0942 6064 BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
19:52:11.0982 6064 BthEnum - ok
19:52:12.0034 6064 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\DRIVERS\bthmodem.sys
19:52:12.0089 6064 BTHMODEM - ok
19:52:12.0130 6064 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
19:52:12.0188 6064 BthPan - ok
19:52:12.0254 6064 BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
19:52:12.0285 6064 BTHPORT - ok
19:52:12.0346 6064 BthServ (58ee7f5e68310bc8d4e7cebd8358c12e) C:\Windows\System32\bthserv.dll
19:52:12.0423 6064 BthServ - ok
19:52:12.0468 6064 BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
19:52:12.0493 6064 BTHUSB - ok
19:52:12.0542 6064 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
19:52:12.0591 6064 cdfs - ok
19:52:12.0629 6064 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
19:52:12.0672 6064 cdrom - ok
19:52:12.0704 6064 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
19:52:12.0762 6064 CertPropSvc - ok
19:52:12.0788 6064 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:52:12.0837 6064 circlass - ok
19:52:12.0881 6064 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
19:52:12.0895 6064 CLFS - ok
19:52:12.0987 6064 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:12.0998 6064 clr_optimization_v2.0.50727_32 - ok
19:52:13.0039 6064 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
19:52:13.0064 6064 CmBatt - ok
19:52:13.0107 6064 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
19:52:13.0115 6064 cmdide - ok
19:52:13.0269 6064 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
19:52:13.0278 6064 Compbatt - ok
19:52:13.0290 6064 COMSysApp - ok
19:52:13.0308 6064 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:52:13.0318 6064 crcdisk - ok
19:52:13.0348 6064 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:52:13.0401 6064 Crusoe - ok
19:52:13.0453 6064 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
19:52:13.0505 6064 CryptSvc - ok
19:52:13.0553 6064 CSC (ee95a5f89766f199557e5900ce6b2d7d) C:\Windows\system32\drivers\csc.sys
19:52:13.0586 6064 CSC - ok
19:52:13.0654 6064 CscService (68131a9a8e3f0ab5136bf386f02a3fc7) C:\Windows\System32\cscsvc.dll
19:52:13.0704 6064 CscService - ok
19:52:13.0778 6064 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
19:52:13.0884 6064 DcomLaunch - ok
19:52:14.0002 6064 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
19:52:14.0047 6064 DfsC - ok
19:52:14.0167 6064 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
19:52:14.0328 6064 DFSR - ok
19:52:14.0399 6064 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
19:52:14.0458 6064 Dhcp - ok
19:52:14.0517 6064 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
19:52:14.0528 6064 disk - ok
19:52:14.0572 6064 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
19:52:14.0603 6064 Dnscache - ok
19:52:14.0627 6064 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
19:52:14.0679 6064 dot3svc - ok
19:52:14.0728 6064 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
19:52:14.0754 6064 DPS - ok
19:52:14.0816 6064 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
19:52:14.0871 6064 drmkaud - ok
19:52:14.0914 6064 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
19:52:14.0983 6064 DXGKrnl - ok
19:52:15.0045 6064 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:52:15.0104 6064 E1G60 - ok
19:52:15.0155 6064 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
19:52:15.0212 6064 EapHost - ok
19:52:15.0266 6064 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
19:52:15.0278 6064 Ecache - ok
19:52:15.0344 6064 ehRecvr (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
19:52:15.0395 6064 ehRecvr - ok
19:52:15.0417 6064 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:52:15.0442 6064 ehSched - ok
19:52:15.0475 6064 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:52:15.0499 6064 ehstart - ok
19:52:15.0587 6064 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
19:52:15.0597 6064 ElbyCDFL - ok
19:52:15.0637 6064 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
19:52:15.0647 6064 ElbyCDIO - ok
19:52:15.0696 6064 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:52:15.0716 6064 elxstor - ok
19:52:15.0780 6064 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
19:52:15.0866 6064 EMDMgmt - ok
19:52:15.0956 6064 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
19:52:15.0979 6064 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
19:52:15.0980 6064 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
19:52:16.0136 6064 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
19:52:16.0166 6064 EventSystem - ok
19:52:16.0226 6064 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
19:52:16.0317 6064 fastfat - ok
19:52:16.0390 6064 Fax (93f75490b02033df8edf4d7089c7e1d8) C:\Windows\system32\fxssvc.exe
19:52:16.0466 6064 Fax - ok
19:52:16.0535 6064 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:52:16.0585 6064 fdc - ok
19:52:16.0653 6064 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
19:52:16.0707 6064 fdPHost - ok
19:52:16.0730 6064 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:52:16.0784 6064 FDResPub - ok
19:52:16.0828 6064 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
19:52:16.0837 6064 FileInfo - ok
19:52:16.0862 6064 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
19:52:16.0901 6064 Filetrace - ok
19:52:17.0058 6064 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe
19:52:17.0291 6064 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:52:17.0291 6064 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:52:17.0374 6064 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:52:17.0448 6064 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:52:17.0448 6064 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:52:17.0618 6064 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:17.0778 6064 flpydisk - ok
19:52:17.0837 6064 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
19:52:17.0849 6064 FltMgr - ok
19:52:17.0928 6064 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:52:17.0938 6064 FontCache3.0.0.0 - ok
19:52:17.0980 6064 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
19:52:18.0001 6064 Fs_Rec - ok
19:52:18.0026 6064 fvevol (06a1cf72fbe3b50035fbff428c8d84b4) C:\Windows\system32\DRIVERS\fvevol.sys
19:52:18.0036 6064 fvevol - ok
19:52:18.0062 6064 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:52:18.0070 6064 gagp30kx - ok
19:52:18.0144 6064 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:52:18.0152 6064 GEARAspiWDM - ok
19:52:18.0219 6064 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
19:52:18.0225 6064 ggflt - ok
19:52:18.0245 6064 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
19:52:18.0251 6064 ggsemc - ok
19:52:18.0375 6064 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
19:52:18.0515 6064 gpsvc - ok
19:52:18.0641 6064 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:18.0651 6064 gupdate - ok
19:52:18.0672 6064 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:18.0679 6064 gupdatem - ok
19:52:18.0736 6064 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:52:18.0746 6064 gusvc - ok
19:52:18.0914 6064 hamachi (7929a161f9951d173ca9900fe7067391) C:\Windows\system32\DRIVERS\hamachi.sys
19:52:18.0920 6064 hamachi - ok
19:52:18.0979 6064 HdAudAddService (743e5199a34101a3ee444df5f74d0311) C:\Windows\system32\drivers\CHDART.sys
19:52:19.0023 6064 HdAudAddService - ok
19:52:19.0066 6064 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:52:19.0089 6064 HDAudBus - ok
19:52:19.0126 6064 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\DRIVERS\hidbth.sys
19:52:19.0184 6064 HidBth - ok
19:52:19.0211 6064 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:52:19.0277 6064 HidIr - ok
19:52:19.0333 6064 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
19:52:19.0385 6064 hidserv - ok
19:52:19.0417 6064 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
19:52:19.0470 6064 HidUsb - ok
19:52:19.0492 6064 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
19:52:19.0565 6064 hkmsvc - ok
19:52:19.0606 6064 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:52:19.0614 6064 HpCISSs - ok
19:52:19.0663 6064 HssDrv (30858b2d6dc0d8ed044dc28011ade6a2) C:\Windows\system32\DRIVERS\HssDrv.sys
19:52:19.0670 6064 HssDrv - ok
19:52:19.0792 6064 HssSrv (d5687c8c02df0eb4687b044a10df5cb4) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
19:52:19.0832 6064 HssSrv ( UnsignedFile.Multi.Generic ) - warning
19:52:19.0832 6064 HssSrv - detected UnsignedFile.Multi.Generic (1)
19:52:19.0888 6064 HssTrayService (e77759a567c903fa719a4396135c7373) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
19:52:19.0913 6064 HssTrayService ( UnsignedFile.Multi.Generic ) - warning
19:52:19.0913 6064 HssTrayService - detected UnsignedFile.Multi.Generic (1)
19:52:20.0095 6064 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
19:52:20.0136 6064 HTTP - ok
19:52:20.0226 6064 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:52:20.0236 6064 i2omp - ok
19:52:20.0309 6064 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
19:52:20.0347 6064 i8042prt - ok
19:52:20.0382 6064 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:52:20.0398 6064 iaStorV - ok
19:52:20.0514 6064 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:52:20.0537 6064 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:52:20.0537 6064 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:52:20.0631 6064 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:52:20.0699 6064 idsvc - ok
19:52:20.0778 6064 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:52:20.0789 6064 iirsp - ok
19:52:20.0852 6064 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
19:52:20.0916 6064 IKEEXT - ok
19:52:20.0961 6064 intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
19:52:20.0972 6064 intelide - ok
19:52:21.0019 6064 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
19:52:21.0073 6064 intelppm - ok
19:52:21.0114 6064 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
19:52:21.0174 6064 IPBusEnum - ok
19:52:21.0202 6064 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:21.0253 6064 IpFilterDriver - ok
19:52:21.0267 6064 IpInIp - ok
19:52:21.0298 6064 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:52:21.0341 6064 IPMIDRV - ok
19:52:21.0383 6064 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
19:52:21.0433 6064 IPNAT - ok
19:52:21.0526 6064 iPod Service (62937a89470af8ff172f0980ca8aefc9) C:\Program Files\iPod\bin\iPodService.exe
19:52:21.0545 6064 iPod Service - ok
19:52:21.0585 6064 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
19:52:21.0626 6064 IRENUM - ok
19:52:21.0649 6064 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:52:21.0656 6064 isapnp - ok
19:52:21.0686 6064 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
19:52:21.0698 6064 iScsiPrt - ok
19:52:21.0722 6064 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:52:21.0732 6064 iteatapi - ok
19:52:21.0771 6064 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:52:21.0778 6064 iteraid - ok
19:52:21.0830 6064 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
19:52:21.0862 6064 k750bus - ok
19:52:21.0902 6064 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:21.0912 6064 kbdclass - ok
19:52:21.0936 6064 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:21.0956 6064 kbdhid - ok
19:52:21.0997 6064 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:22.0031 6064 KeyIso - ok
19:52:22.0078 6064 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
19:52:22.0102 6064 KSecDD - ok
19:52:22.0174 6064 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
19:52:22.0239 6064 KtmRm - ok
19:52:22.0276 6064 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
19:52:22.0346 6064 LanmanServer - ok
19:52:22.0407 6064 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
19:52:22.0450 6064 LanmanWorkstation - ok
19:52:22.0526 6064 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
19:52:22.0580 6064 lltdio - ok
19:52:22.0621 6064 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
19:52:22.0668 6064 lltdsvc - ok
19:52:22.0692 6064 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:52:22.0744 6064 lmhosts - ok
19:52:22.0772 6064 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:52:22.0783 6064 LSI_FC - ok
19:52:22.0805 6064 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:52:22.0815 6064 LSI_SAS - ok
19:52:22.0853 6064 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:52:22.0865 6064 LSI_SCSI - ok
19:52:22.0886 6064 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
19:52:22.0936 6064 luafv - ok
19:52:22.0995 6064 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
19:52:23.0029 6064 MarvinBus - ok
19:52:23.0070 6064 Mcx2Svc (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
19:52:23.0104 6064 Mcx2Svc - ok
19:52:23.0208 6064 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
19:52:23.0242 6064 MDM ( UnsignedFile.Multi.Generic ) - warning
19:52:23.0242 6064 MDM - detected UnsignedFile.Multi.Generic (1)
19:52:23.0305 6064 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:52:23.0314 6064 megasas - ok
19:52:23.0369 6064 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
19:52:23.0420 6064 MMCSS - ok
19:52:23.0447 6064 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
19:52:23.0493 6064 Modem - ok
19:52:23.0746 6064 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
19:52:23.0818 6064 monitor - ok
19:52:23.0889 6064 motccgp (f4ea1193a52c8fe4b8a135e210abe546) C:\Windows\system32\DRIVERS\motccgp.sys
19:52:23.0969 6064 motccgp - ok
19:52:24.0004 6064 motccgpfl (b812da6605caf02641312f1f65c75419) C:\Windows\system32\DRIVERS\motccgpfl.sys
19:52:24.0021 6064 motccgpfl - ok
19:52:24.0049 6064 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
19:52:24.0102 6064 MotDev - ok
19:52:24.0143 6064 motmodem (69814acd50a9d6d28296050ef6215d46) C:\Windows\system32\DRIVERS\motmodem.sys
19:52:24.0218 6064 motmodem - ok
19:52:24.0304 6064 MotoHelper (3bbc6c2402242401f791548aaebf3d39) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
19:52:24.0318 6064 MotoHelper - ok
19:52:24.0464 6064 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
19:52:24.0499 6064 MotoSwitchService - ok
19:52:24.0532 6064 Motousbnet (ddc489d40b49f443787e7ffa75373522) C:\Windows\system32\DRIVERS\Motousbnet.sys
19:52:24.0558 6064 Motousbnet - ok
19:52:24.0630 6064 motusbdevice (f18898d418f43e74a93edc57e1f28bc9) C:\Windows\system32\DRIVERS\motusbdevice.sys
19:52:24.0673 6064 motusbdevice - ok
19:52:24.0800 6064 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
19:52:24.0809 6064 mouclass - ok
19:52:24.0882 6064 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
19:52:24.0905 6064 mouhid - ok
19:52:24.0942 6064 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
19:52:24.0952 6064 MountMgr - ok
19:52:24.0987 6064 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:52:24.0998 6064 mpio - ok
19:52:25.0037 6064 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
19:52:25.0076 6064 mpsdrv - ok
19:52:25.0116 6064 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:52:25.0126 6064 Mraid35x - ok
19:52:25.0178 6064 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
19:52:25.0233 6064 MRxDAV - ok
19:52:25.0290 6064 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:25.0320 6064 mrxsmb - ok
19:52:25.0361 6064 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:25.0390 6064 mrxsmb10 - ok
19:52:25.0458 6064 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:25.0488 6064 mrxsmb20 - ok
19:52:25.0545 6064 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
19:52:25.0554 6064 msahci - ok
19:52:25.0605 6064 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:52:25.0615 6064 msdsm - ok
19:52:25.0652 6064 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
19:52:25.0685 6064 MSDTC - ok
19:52:25.0721 6064 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
19:52:25.0764 6064 Msfs - ok
19:52:25.0808 6064 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
19:52:25.0817 6064 msisadrv - ok
19:52:25.0858 6064 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
19:52:25.0921 6064 MSiSCSI - ok
19:52:25.0938 6064 msiserver - ok
19:52:25.0965 6064 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
19:52:26.0017 6064 MSKSSRV - ok
19:52:26.0059 6064 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:26.0126 6064 MSPCLOCK - ok
19:52:26.0143 6064 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
19:52:26.0217 6064 MSPQM - ok
19:52:26.0249 6064 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
19:52:26.0261 6064 MsRPC - ok
19:52:26.0290 6064 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
19:52:26.0300 6064 mssmbios - ok
19:52:26.0314 6064 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
19:52:26.0394 6064 MSTEE - ok
19:52:26.0433 6064 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
19:52:26.0441 6064 Mup - ok
19:52:26.0483 6064 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
19:52:26.0539 6064 napagent - ok
19:52:26.0590 6064 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
19:52:26.0628 6064 NativeWifiP - ok
19:52:26.0690 6064 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
19:52:26.0710 6064 NDIS - ok
19:52:26.0760 6064 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:26.0790 6064 NdisTapi - ok
19:52:26.0832 6064 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:26.0871 6064 Ndisuio - ok
19:52:26.0893 6064 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:26.0952 6064 NdisWan - ok
19:52:26.0992 6064 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
19:52:27.0013 6064 NDProxy - ok
19:52:27.0046 6064 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
19:52:27.0086 6064 NetBIOS - ok
19:52:27.0115 6064 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
19:52:27.0161 6064 netbt - ok
19:52:27.0207 6064 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:27.0219 6064 Netlogon - ok
19:52:27.0264 6064 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
19:52:27.0330 6064 Netman - ok
19:52:27.0360 6064 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
19:52:27.0406 6064 netprofm - ok
19:52:27.0477 6064 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:52:27.0486 6064 NetTcpPortSharing - ok
19:52:27.0610 6064 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
19:52:27.0774 6064 NETw4v32 - ok
19:52:27.0816 6064 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:52:27.0824 6064 nfrd960 - ok
19:52:27.0868 6064 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
19:52:27.0921 6064 NlaSvc - ok
19:52:27.0973 6064 NMIndexingService - ok
19:52:28.0036 6064 nod32drv (b4ea8cba9a69d0921b7bd89c8cf9e032) C:\Windows\system32\drivers\nod32drv.sys
19:52:28.0044 6064 nod32drv - ok
19:52:28.0096 6064 NOD32krn (7da9d9593081cb76fccdab3f14438370) C:\Program Files\Eset\nod32krn.exe
19:52:28.0126 6064 NOD32krn ( UnsignedFile.Multi.Generic ) - warning
19:52:28.0126 6064 NOD32krn - detected UnsignedFile.Multi.Generic (1)
19:52:28.0173 6064 NPF (b15e0180c43d8b5219196d76878cc2dd) C:\Windows\system32\drivers\npf.sys
19:52:28.0182 6064 NPF - ok
19:52:28.0214 6064 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
19:52:28.0268 6064 Npfs - ok
19:52:28.0297 6064 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
19:52:28.0352 6064 nsi - ok
19:52:28.0380 6064 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
19:52:28.0446 6064 nsiproxy - ok
19:52:28.0552 6064 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
19:52:28.0618 6064 Ntfs - ok
19:52:28.0645 6064 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:52:28.0695 6064 ntrigdigi - ok
19:52:28.0726 6064 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
19:52:28.0782 6064 Null - ok
19:52:28.0993 6064 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:52:29.0003 6064 nvraid - ok
19:52:29.0032 6064 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:52:29.0040 6064 nvstor - ok
19:52:29.0062 6064 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:52:29.0073 6064 nv_agp - ok
19:52:29.0087 6064 NwlnkFlt - ok
19:52:29.0105 6064 NwlnkFwd - ok
19:52:29.0241 6064 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:52:29.0265 6064 odserv - ok
19:52:29.0323 6064 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
19:52:29.0365 6064 ohci1394 - ok
19:52:29.0523 6064 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:29.0533 6064 ose - ok
19:52:29.0678 6064 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:29.0768 6064 p2pimsvc - ok
19:52:29.0781 6064 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:29.0804 6064 p2psvc - ok
19:52:29.0901 6064 PAC207 (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
19:52:29.0949 6064 PAC207 - ok
19:52:30.0016 6064 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:52:30.0071 6064 Parport - ok
19:52:30.0102 6064 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
19:52:30.0110 6064 partmgr - ok
19:52:30.0133 6064 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:52:30.0186 6064 Parvdm - ok
19:52:30.0222 6064 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
19:52:30.0277 6064 PcaSvc - ok
19:52:30.0304 6064 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
19:52:30.0314 6064 pci - ok
19:52:30.0337 6064 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
19:52:30.0346 6064 pciide - ok
19:52:30.0380 6064 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:52:30.0395 6064 pcmcia - ok
19:52:30.0444 6064 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:52:30.0558 6064 PEAUTH - ok
19:52:30.0622 6064 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys
19:52:30.0627 6064 pfc ( UnsignedFile.Multi.Generic ) - warning
19:52:30.0627 6064 pfc - detected UnsignedFile.Multi.Generic (1)
19:52:30.0710 6064 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
19:52:30.0868 6064 pla - ok
19:52:30.0906 6064 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
19:52:30.0932 6064 PlugPlay - ok
19:52:30.0978 6064 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:31.0001 6064 PNRPAutoReg - ok
19:52:31.0067 6064 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
19:52:31.0090 6064 PNRPsvc - ok
19:52:31.0164 6064 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
19:52:31.0213 6064 PolicyAgent - ok
19:52:31.0304 6064 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
19:52:31.0344 6064 PptpMiniport - ok
19:52:31.0363 6064 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:52:31.0405 6064 Processor - ok
19:52:31.0456 6064 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
19:52:31.0531 6064 ProfSvc - ok
19:52:31.0572 6064 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:31.0584 6064 ProtectedStorage - ok
19:52:31.0638 6064 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
19:52:31.0661 6064 PSched - ok
19:52:31.0706 6064 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
19:52:31.0715 6064 PxHelp20 - ok
19:52:31.0782 6064 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:52:31.0853 6064 ql2300 - ok
19:52:31.0891 6064 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:52:31.0902 6064 ql40xx - ok
19:52:31.0947 6064 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
19:52:31.0982 6064 QWAVE - ok
19:52:32.0008 6064 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
19:52:32.0033 6064 QWAVEdrv - ok
19:52:32.0057 6064 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
19:52:32.0107 6064 RasAcd - ok
19:52:32.0136 6064 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
19:52:32.0179 6064 RasAuto - ok
19:52:32.0211 6064 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:32.0269 6064 Rasl2tp - ok
19:52:32.0303 6064 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
19:52:32.0366 6064 RasMan - ok
19:52:32.0396 6064 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:32.0465 6064 RasPppoe - ok
19:52:32.0509 6064 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
19:52:32.0555 6064 rdbss - ok
19:52:32.0575 6064 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:32.0626 6064 RDPCDD - ok
19:52:32.0666 6064 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\DRIVERS\rdpdr.sys
19:52:32.0720 6064 rdpdr - ok
19:52:32.0736 6064 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
19:52:32.0782 6064 RDPENCDD - ok
19:52:32.0818 6064 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
19:52:32.0864 6064 RDPWD - ok
19:52:32.0938 6064 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
19:52:32.0992 6064 RemoteAccess - ok
19:52:33.0027 6064 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
19:52:33.0084 6064 RemoteRegistry - ok
19:52:33.0147 6064 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
19:52:33.0154 6064 Revoflt - ok
19:52:33.0200 6064 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
19:52:33.0247 6064 RFCOMM - ok
19:52:33.0315 6064 RMCAST (8804bcb4383859f66ffd51f049a1d744) C:\Windows\system32\DRIVERS\RMCAST.sys
19:52:33.0338 6064 RMCAST - ok
19:52:33.0401 6064 rpcapd (9ed13880478f14900a5840ff048d174c) C:\Program Files\WinPcap\rpcapd.exe
19:52:33.0409 6064 rpcapd - ok
19:52:33.0450 6064 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:52:33.0479 6064 RpcLocator - ok
19:52:33.0538 6064 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
19:52:33.0560 6064 RpcSs - ok
19:52:33.0619 6064 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
19:52:33.0659 6064 rspndr - ok
19:52:33.0715 6064 RTL8169 (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:52:33.0757 6064 RTL8169 - ok
19:52:33.0821 6064 RTSTOR (e845f4d709c456992f11d2acf321bced) C:\Windows\system32\drivers\RTSTOR.SYS
19:52:33.0866 6064 RTSTOR - ok
19:52:33.0906 6064 s115bus (e1ab463b36a7ef31d8a73a97a9b57afa) C:\Windows\system32\DRIVERS\s115bus.sys
19:52:33.0916 6064 s115bus - ok
19:52:33.0980 6064 s115mdfl (e24113fc13b8737c94cf4e3415488c76) C:\Windows\system32\DRIVERS\s115mdfl.sys
19:52:34.0023 6064 s115mdfl - ok
19:52:34.0168 6064 s115mdm (4029e49e7c673aa0670bd206b0af1b5b) C:\Windows\system32\DRIVERS\s115mdm.sys
19:52:34.0179 6064 s115mdm - ok
19:52:34.0209 6064 s115mgmt (eb02ab4ca8bccecfde236cad8fc6e135) C:\Windows\system32\DRIVERS\s115mgmt.sys
19:52:34.0219 6064 s115mgmt - ok
19:52:34.0278 6064 s115obex (089869db9ffd2ac807fa87fe82ac7761) C:\Windows\system32\DRIVERS\s115obex.sys
19:52:34.0289 6064 s115obex - ok
19:52:34.0338 6064 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
19:52:34.0350 6064 SamSs - ok
19:52:34.0383 6064 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:52:34.0395 6064 sbp2port - ok
19:52:34.0439 6064 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
19:52:34.0492 6064 SCardSvr - ok
19:52:34.0557 6064 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
19:52:34.0593 6064 Schedule - ok
19:52:34.0641 6064 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
19:52:34.0682 6064 SCPolicySvc - ok
19:52:34.0710 6064 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
19:52:34.0747 6064 SDRSVC - ok
19:52:34.0801 6064 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:52:34.0840 6064 secdrv - ok
19:52:34.0864 6064 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
19:52:34.0905 6064 seclogon - ok
19:52:34.0945 6064 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
19:52:34.0982 6064 seehcri - ok
19:52:35.0012 6064 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
19:52:35.0065 6064 SENS - ok
19:52:35.0089 6064 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:52:35.0139 6064 Serenum - ok
19:52:35.0173 6064 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:52:35.0248 6064 Serial - ok
19:52:35.0304 6064 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
19:52:35.0328 6064 sermouse - ok
19:52:35.0372 6064 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
19:52:35.0437 6064 SessionEnv - ok
19:52:35.0463 6064 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
19:52:35.0504 6064 sffdisk - ok
19:52:35.0519 6064 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
19:52:35.0561 6064 sffp_mmc - ok
19:52:35.0588 6064 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
19:52:35.0642 6064 sffp_sd - ok
19:52:35.0658 6064 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:52:35.0711 6064 sfloppy - ok
19:52:35.0756 6064 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
19:52:35.0789 6064 SharedAccess - ok
19:52:35.0822 6064 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
19:52:35.0854 6064 ShellHWDetection - ok
19:52:35.0879 6064 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:52:35.0888 6064 sisagp - ok
19:52:35.0910 6064 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:52:35.0919 6064 SiSRaid2 - ok
19:52:35.0949 6064 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:52:35.0960 6064 SiSRaid4 - ok
19:52:36.0054 6064 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
19:52:36.0063 6064 SkypeUpdate - ok
19:52:36.0173 6064 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
19:52:36.0373 6064 slsvc - ok
19:52:36.0428 6064 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
19:52:36.0455 6064 SLUINotify - ok
19:52:36.0513 6064 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
19:52:36.0581 6064 Smb - ok
19:52:36.0639 6064 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:52:36.0654 6064 SNMPTRAP - ok
19:52:36.0675 6064 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
19:52:36.0684 6064 spldr - ok
19:52:36.0708 6064 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
19:52:36.0722 6064 Spooler - ok
19:52:36.0778 6064 sptd (d390675b8ce45e5fb359338e5e649329) C:\Windows\system32\Drivers\sptd.sys
19:52:36.0779 6064 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
19:52:36.0781 6064 sptd ( LockedFile.Multi.Generic ) - warning
19:52:36.0781 6064 sptd - detected LockedFile.Multi.Generic (1)
19:52:36.0842 6064 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
19:52:36.0872 6064 srv - ok
19:52:36.0930 6064 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
19:52:36.0977 6064 srv2 - ok
19:52:37.0026 6064 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
19:52:37.0041 6064 srvnet - ok
19:52:37.0082 6064 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
19:52:37.0127 6064 SSDPSRV - ok
19:52:37.0159 6064 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
19:52:37.0186 6064 stisvc - ok
19:52:37.0241 6064 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
19:52:37.0250 6064 swenum - ok
19:52:37.0283 6064 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
19:52:37.0338 6064 swprv - ok
19:52:37.0367 6064 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:52:37.0375 6064 Symc8xx - ok
19:52:37.0397 6064 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:52:37.0405 6064 Sym_hi - ok
19:52:37.0427 6064 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:52:37.0435 6064 Sym_u3 - ok
19:52:37.0490 6064 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
19:52:37.0550 6064 SysMain - ok
19:52:37.0588 6064 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:52:37.0605 6064 TabletInputService - ok
19:52:37.0659 6064 tap0901 (34f1bcb847a924a161422f106a79b9ff) C:\Windows\system32\DRIVERS\tap0901.sys
19:52:37.0715 6064 tap0901 ( UnsignedFile.Multi.Generic ) - warning
19:52:37.0715 6064 tap0901 - detected UnsignedFile.Multi.Generic (1)
19:52:37.0757 6064 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
19:52:37.0765 6064 taphss - ok
19:52:37.0794 6064 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
19:52:37.0838 6064 TapiSrv - ok
19:52:37.0863 6064 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
19:52:37.0922 6064 TBS - ok
19:52:37.0977 6064 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
19:52:38.0061 6064 Tcpip - ok
19:52:38.0090 6064 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
19:52:38.0114 6064 Tcpip6 - ok
19:52:38.0180 6064 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
19:52:38.0237 6064 tcpipreg - ok
19:52:38.0266 6064 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
19:52:38.0320 6064 TDPIPE - ok
19:52:38.0349 6064 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
19:52:38.0392 6064 TDTCP - ok
19:52:38.0411 6064 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
19:52:38.0452 6064 tdx - ok
19:52:38.0475 6064 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
19:52:38.0483 6064 TermDD - ok
19:52:38.0535 6064 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
19:52:38.0590 6064 TermService - ok
19:52:38.0632 6064 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
19:52:38.0648 6064 Themes - ok
19:52:38.0688 6064 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
19:52:38.0728 6064 THREADORDER - ok
19:52:38.0791 6064 TimerStop (6a4e028caa0723b293b26cd3a55a888b) C:\Windows\system32\timerstop.sys
19:52:38.0798 6064 TimerStop ( UnsignedFile.Multi.Generic ) - warning
19:52:38.0798 6064 TimerStop - detected UnsignedFile.Multi.Generic (1)
19:52:38.0828 6064 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
19:52:38.0879 6064 TrkWks - ok
19:52:38.0937 6064 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
19:52:38.0964 6064 TrustedInstaller - ok
19:52:39.0022 6064 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:39.0075 6064 tssecsrv - ok
19:52:39.0124 6064 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
19:52:39.0136 6064 tunmp - ok
19:52:39.0192 6064 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
19:52:39.0212 6064 tunnel - ok
19:52:39.0236 6064 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:52:39.0245 6064 uagp35 - ok
19:52:39.0276 6064 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
19:52:39.0322 6064 udfs - ok
19:52:39.0369 6064 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
19:52:39.0383 6064 UI0Detect - ok
19:52:39.0406 6064 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:52:39.0417 6064 uliagpkx - ok
19:52:39.0447 6064 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:52:39.0461 6064 uliahci - ok
19:52:39.0489 6064 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:52:39.0500 6064 UlSata - ok
19:52:39.0524 6064 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:52:39.0537 6064 ulsata2 - ok
19:52:39.0560 6064 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
19:52:39.0601 6064 umbus - ok
19:52:39.0636 6064 UmRdpService (cfbb746c889b9223d2ac268cf283a93e) C:\Windows\System32\umrdp.dll
19:52:39.0674 6064 UmRdpService - ok
19:52:39.0710 6064 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
19:52:39.0776 6064 upnphost - ok
19:52:39.0835 6064 USBAAPL (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\Windows\system32\Drivers\usbaapl.sys
19:52:39.0875 6064 USBAAPL - ok
19:52:39.0942 6064 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
19:52:39.0998 6064 usbaudio - ok
19:52:40.0038 6064 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:40.0103 6064 usbccgp - ok
19:52:40.0138 6064 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:52:40.0190 6064 usbcir - ok
19:52:40.0245 6064 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
19:52:40.0273 6064 usbehci - ok
19:52:40.0320 6064 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
19:52:40.0337 6064 usbhub - ok
19:52:40.0356 6064 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:52:40.0395 6064 usbohci - ok
19:52:40.0423 6064 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
19:52:40.0490 6064 usbprint - ok
19:52:40.0528 6064 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:40.0553 6064 USBSTOR - ok
19:52:40.0586 6064 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
19:52:40.0610 6064 usbuhci - ok
19:52:40.0668 6064 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
19:52:40.0710 6064 usbvideo - ok
19:52:40.0746 6064 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
19:52:40.0799 6064 UxSms - ok
19:52:40.0840 6064 UxTuneUp (d3986793dedc6bb93db4da5a793e42ce) C:\Windows\System32\uxtuneup.dll
19:52:40.0848 6064 UxTuneUp - ok
19:52:40.0881 6064 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
19:52:40.0907 6064 vds - ok
19:52:40.0969 6064 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:41.0024 6064 vga - ok
19:52:41.0057 6064 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
19:52:41.0097 6064 VgaSave - ok
19:52:41.0124 6064 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:52:41.0135 6064 viaagp - ok
19:52:41.0162 6064 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:52:41.0215 6064 ViaC7 - ok
19:52:41.0249 6064 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
19:52:41.0256 6064 viaide - ok
19:52:41.0283 6064 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
19:52:41.0292 6064 volmgr - ok
19:52:41.0319 6064 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
19:52:41.0336 6064 volmgrx - ok
19:52:41.0377 6064 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
19:52:41.0393 6064 volsnap - ok
19:52:41.0426 6064 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:52:41.0436 6064 vsmraid - ok
19:52:41.0505 6064 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
19:52:41.0581 6064 VSS - ok
19:52:41.0680 6064 vvdsvc (9e8c7a7b8a98e4f6ccbbf9f88a1c111f) C:\Windows\system32\nagasoft\vjocx.dll
19:52:41.0840 6064 vvdsvc - ok
19:52:41.0902 6064 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
19:52:41.0950 6064 W32Time - ok
19:52:41.0999 6064 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:52:42.0040 6064 WacomPen - ok
19:52:42.0159 6064 wampapache (375640f39f2d613b6fdcf8c2f956205a) c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
19:52:42.0183 6064 wampapache ( UnsignedFile.Multi.Generic ) - warning
19:52:42.0183 6064 wampapache - detected UnsignedFile.Multi.Generic (1)
19:52:42.0225 6064 wampmysqld - ok
19:52:42.0266 6064 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
19:52:42.0297 6064 Wanarp - ok
19:52:42.0301 6064 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
19:52:42.0311 6064 Wanarpv6 - ok
19:52:42.0375 6064 wbengine (6d2f099d4ce88777e46cb1808c87b132) C:\Windows\system32\wbengine.exe
19:52:42.0435 6064 wbengine - ok
19:52:42.0475 6064 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
19:52:42.0493 6064 wcncsvc - ok
19:52:42.0511 6064 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:52:42.0555 6064 WcsPlugInService - ok
19:52:42.0586 6064 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:52:42.0594 6064 Wd - ok
19:52:42.0653 6064 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:52:42.0680 6064 Wdf01000 - ok
19:52:42.0706 6064 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
19:52:42.0746 6064 WdiServiceHost - ok
19:52:42.0751 6064 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
19:52:42.0765 6064 WdiSystemHost - ok
19:52:42.0822 6064 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
19:52:42.0851 6064 WebClient - ok
19:52:42.0885 6064 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
19:52:42.0930 6064 Wecsvc - ok
19:52:42.0954 6064 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
19:52:43.0026 6064 wercplsupport - ok
19:52:43.0070 6064 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
19:52:43.0114 6064 WerSvc - ok
19:52:43.0119 6064 WinHttpAutoProxySvc - ok
19:52:43.0188 6064 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
19:52:43.0231 6064 Winmgmt - ok
19:52:43.0282 6064 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
19:52:43.0383 6064 WinRM - ok
19:52:43.0456 6064 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
19:52:43.0553 6064 Wlansvc - ok
19:52:43.0616 6064 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:52:43.0627 6064 WmiAcpi - ok
19:52:43.0694 6064 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
19:52:43.0707 6064 wmiApSrv - ok
19:52:43.0795 6064 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:52:43.0904 6064 WMPNetworkSvc - ok
19:52:44.0076 6064 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
19:52:44.0105 6064 WPCSvc - ok
19:52:44.0168 6064 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
19:52:44.0322 6064 WPDBusEnum - ok
19:52:44.0456 6064 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
19:52:44.0503 6064 WpdUsb - ok
19:52:44.0545 6064 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
19:52:44.0602 6064 ws2ifsl - ok
19:52:44.0678 6064 WSDPrintDevice (f01f25b4227ad8d717c21f25f62b43c8) C:\Windows\system32\DRIVERS\WSDPrint.sys
19:52:44.0717 6064 WSDPrintDevice - ok
19:52:44.0766 6064 WSDScan (ff6e0448dc0d2b588e9300fc474558fd) C:\Windows\system32\DRIVERS\WSDScan.sys
19:52:44.0806 6064 WSDScan - ok
19:52:44.0820 6064 WSearch - ok
19:52:44.0920 6064 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:52:45.0061 6064 wuauserv - ok
19:52:45.0123 6064 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:45.0178 6064 WUDFRd - ok
19:52:45.0221 6064 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
19:52:45.0280 6064 wudfsvc - ok
19:52:45.0311 6064 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:52:45.0480 6064 \Device\Harddisk0\DR0 - ok
19:52:45.0483 6064 Boot (0x1200) (74616604de750d65da10dd5ec44b0e52) \Device\Harddisk0\DR0\Partition0
19:52:45.0485 6064 \Device\Harddisk0\DR0\Partition0 - ok
19:52:45.0485 6064 ============================================================
19:52:45.0485 6064 Scan finished
19:52:45.0485 6064 ============================================================
19:52:45.0494 5640 Detected object count: 15
19:52:45.0494 5640 Actual detected object count: 15
19:52:59.0089 5640 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0090 5640 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0090 5640 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:52:59.0090 5640 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
19:52:59.0091 5640 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0091 5640 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0093 5640 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0093 5640 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0094 5640 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0095 5640 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0096 5640 HssSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0096 5640 HssSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0097 5640 HssTrayService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0097 5640 HssTrayService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0098 5640 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0098 5640 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0100 5640 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0100 5640 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0101 5640 NOD32krn ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0101 5640 NOD32krn ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0102 5640 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0102 5640 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0104 5640 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:52:59.0104 5640 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:52:59.0105 5640 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0105 5640 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0106 5640 TimerStop ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0106 5640 TimerStop ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:59.0107 5640 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:59.0107 5640 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip

Připomínám se.

Zde log, který se otevřel po restartu:

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Log z OTL je přiložený.

Výsledky z VT (tučně tam, kde to našlo nějakou infekci):

C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
https://www.virustotal.com/file/df72d03 ... 334273899/

C:\Windows\system32\deployJava1.dll
https://www.virustotal.com/file/2de3461 ... 334274117/

C:\Windows\system32\FlashPlayerApp.exe
https://www.virustotal.com/file/fce2fba ... 334274504/

C:\Windows\system32\FlashPlayerCPLApp.cpl
https://www.virustotal.com/file/353152e ... 334274859/

c:\program files\common files\akamai\netsession_win_6c825ce.dll
https://www.virustotal.com/file/b17a731 ... 334275086/

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
https://www.virustotal.com/file/d33a9a2 ... 334275295/

C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
https://www.virustotal.com/file/6108912 ... 334275425/

C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
https://www.virustotal.com/file/c017c24 ... 334275638/

C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
https://www.virustotal.com/file/ff1b104 ... 334275926/

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
https://www.virustotal.com/file/0d70a7a ... 334276063/

C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
https://www.virustotal.com/file/2f23b09 ... 334276454/

C:\Program Files\Eset\nod32krn.exe
https://www.virustotal.com/file/8e36f18 ... 334303509/

C:\Windows\system32\drivers\pfc.sys
https://www.virustotal.com/file/2485243 ... 334303975/

C:\Windows\system32\DRIVERS\tap0901.sys
https://www.virustotal.com/file/4d10383 ... 334304831/

C:\Windows\system32\timerstop.sys
https://www.virustotal.com/file/9529d01 ... 334276850/

c:\programs\wamp\bin\apache\apache2.2.11\bin\httpd.exe
https://www.virustotal.com/file/c036bf7 ... 334305094/

Flashplayer jsem myslím vždy stahoval přímo z Adobe, ale teď jak jsi to napsal, tak si vlastně uvědomuju, že se mi jednou na nějaké podezřelé stránce instalace spustila a já ji odklikl, protože jsem si myslel, že to je ten automatický update...

Akamai už jsem dlouho nepoužil, před několika lety jsem ho používal na příjem streamovaného videa, ale teď už ho nepotřebuju.

Btw, včera jsem měl puštěný kód v Matlabu, po 4 a půl hodinách výpočtu jsem pustil Winamp a do dvou minut se to vyplo

. Laptop se taky dost přehřívá, příští týden to někam zajdu vyčistit.

Posílám report z Combofixu. Píše to, že rezidentní ochrana ESET je aktivní, nevím vůbec proč, pamatuju si na 100%, že jsem ji vypínal

. Vadí to?

ComboFix 12-04-13.01 - radek 14.04.2012 3:00.1.2 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1250.420.1029.18.2046.1384 [GMT 2:00]
Spuљtмnэ z: c:\users\radek\Desktop\ComboFix.exe
* Rezidentnн љtнt AV je zapnutэ
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatnн vэmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Hotspot Shield\hssie\HsSIe.dll
c:\users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
c:\users\radek\AppData\Local\EapEventserv\appHelpInterval.dll
c:\users\radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\radek\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
c:\users\radek\AppData\Roaming\Microsoft\Windows\Recent\caaf.docx
c:\windows\$NtUninstallKB50272$
c:\windows\$NtUninstallKB50272$\1481612335\L\fomtmfeh
c:\windows\system32\AF15BDAEX.dll
c:\windows\system32\Nagasoft
c:\windows\system32\Nagasoft\Codecs\asyncflt.ax
c:\windows\system32\Nagasoft\Codecs\atrc.dll
c:\windows\system32\Nagasoft\Codecs\cook.dll
c:\windows\system32\Nagasoft\Codecs\drvc.dll
c:\windows\system32\Nagasoft\Codecs\raac.dll
c:\windows\system32\Nagasoft\Codecs\RealMediaSplitter.ax
c:\windows\system32\Nagasoft\Codecs\WMFDemux.dll
c:\windows\system32\Nagasoft\GifShower.dll
c:\windows\system32\Nagasoft\vjocx.dll
c:\windows\system32\spsys.log
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Ovladaиe/Sluћby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AMService
-------\Service_vvdsvc
-------\Service_vvdsvc
.
.
((((((((((((((((((((((((( Soubory vytvoшenй od 2012-03-14 do 2012-04-14 )))))))))))))))))))))))))))))))
.
.
2012-04-14 01:15 . 2012-04-14 07:37 -------- d-----w- c:\users\radek\AppData\Local\temp
2012-04-12 21:57 . 2012-04-12 21:57 -------- d-----w- C:\_OTL
2012-04-11 17:36 . 2012-04-11 17:36 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-10 14:45 . 2012-04-13 00:30 512 ----a-w- C:\PhysicalMBR.bin
2012-04-10 13:36 . 2012-04-10 13:36 -------- d-----w- C:\rsit
2012-04-09 14:27 . 2012-04-14 00:35 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-29 11:56 . 2012-03-29 11:56 -------- d-----w- c:\users\radek\AppData\Roaming\pdfforge
2012-03-29 11:56 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-03-29 11:56 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-03-28 20:57 . 2012-03-28 21:00 -------- d-----w- c:\users\radek\AppData\Local\Babylon
2012-03-28 20:57 . 2011-06-20 13:41 142336 ----a-w- c:\program files\Mozilla Firefox\BabyFox.dll
2012-03-28 20:57 . 2012-03-28 20:57 -------- d-----w- c:\program files\Babylon
2012-03-28 20:57 . 2012-03-28 21:01 -------- d-----w- c:\users\radek\AppData\Roaming\Babylon
2012-03-28 20:57 . 2012-03-28 21:01 -------- d-----w- c:\programdata\Babylon
2012-03-28 20:57 . 2012-03-28 20:57 -------- d-----w- c:\program files\Pdf Editor
2012-03-28 20:57 . 2012-03-28 20:56 723294 ----a-w- c:\windows\unins000.exe
2012-03-28 20:56 . 2012-03-28 20:56 -------- d-----w- c:\program files\AVI to MP4 Converter
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-22 09:08 . 2012-03-14 16:23 54784 ----a-w- c:\windows\system32\pdfcmon.dll
2012-03-17 17:24 . 2012-03-17 17:24 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-03-17 17:24 . 2012-03-17 17:24 45016 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-03-17 17:24 . 2012-03-17 17:24 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-03-17 17:24 . 2012-03-17 17:24 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M vэpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 00:35 . 2011-07-11 18:01 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 17:39 . 2006-11-02 08:57 68096 ----a-w- c:\windows\system32\drivers\tdx.sys
2012-04-05 12:34 . 2010-08-15 20:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-02 15:01 . 2012-03-02 15:08 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2012-03-02 15:01 . 2012-03-02 15:08 93696 ----a-w- c:\windows\system32\E_FLBHAE.DLL
2012-03-02 15:01 . 2012-03-02 15:08 63488 ----a-w- c:\windows\system32\E_FD4BHAE.DLL
2012-03-17 17:24 . 2011-07-11 17:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouљtмcн body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznбmka* prбzdnй zбznamy a legitimnн vэchozн ъdaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-11-17 171464]
"Switcher"="c:\program files\Switcher\Switcher.exe" [2007-10-28 425984]
"Sysinternals Desktops"="c:\programs\Desktops\Desktops.exe" [2008-08-21 118824]
"Infium"="c:\program files\QIP Infium\infium.exe" [2009-03-25 5245440]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-11-16 949376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-20 185896]
"UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-07-18 462848]
"mumservice"="c:\program files\Motorola\Software Update\mumservice.exe" [2011-06-03 1066304]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\radek\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
c:\users\radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
C-Organizer Pro.lnk - c:\program files\C-Organizer Pro\C-OrganizerPro.exe [2008-5-13 18546688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AdobeUpdater"=c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
vvdsvc REG_MULTI_SZ vvdsvc
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 08:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Obsah adresбшe 'Naplбnovanй ъlohy'
.
2012-04-13 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 20:51]
.
2012-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 00:35]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 21:30]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 21:30]
.
2012-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000Core.job
- c:\users\radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26 18:41]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-375337239-1711731820-815350120-1000UA.job
- c:\users\radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-26 18:41]
.
.
------- Doplтkovэ sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local;192.168.*.*;127.0.0.1:9421;
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\pvfdkeei.default\
FF - prefs.js: browser.startup.homepage - about:blank
.
- - - - NEPLATNЙ POLOЋKY ODSTRANМNЙ Z REGISTRU - - - -
.
HKCU-Run-appHelpInterval - c:\users\radek\AppData\Local\EapEventserv\appHelpInterval.dll
SafeBoot-66662549.sys
HKLM_ActiveSetup-{26AC2EC6-37B3-F6AA-28B0-9BE785507068} - C:\Windows:svhosts.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\radek\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-14 09:36
Windows 6.0.6000 NTFS
.
skenovбnн skrytэch procesщ ...
.
skenovбnн skrytэch poloћek 'Po spuљtмnн' ...
.
skenovбnн skrytэch souborщ ...
.
sken byl ъspeљnм dokonиen
skrytй soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_6c825ce.dll"
.
--------------------- ZAMKNUTЙ KLНИE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-375337239-1711731820-815350120-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{27AA0F38-7ED0-4668-C242-C72BFBAA87C9}*]
"kaeghfminbbgefcnfcmbjm"=hex:66,61,65,62,67,6e,6e,62,6f,6d,70,61,00,61
"maehlgkongfkgkmjeohcoadnln"=hex:62,61,6f,69,00,01
"kaeghfminbbgefcnfcmbgm"=hex:67,61,65,67,6c,66,6e,61,70,66,64,6b,6c,6e,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navбzanй na bмћнcн procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(576)
c:\users\radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Jinй spuљtenй procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Motorola\MotoHelper\MotoHelperService.exe
c:\program files\Eset\nod32krn.exe
c:\program files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\program files\Motorola\MotoHelper\MotoHelperAgent.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkovэ иas: 2012-04-14 09:41:37 - poинtaи byl restartovбn
ComboFix-quarantined-files.txt 2012-04-14 07:41
.
Pred spustenim: Volnэch bajtщ: 12,975,071,232
Po spusteni: Volnэch bajtщ: 12,032,196,608
.
- - End Of File - - E14EFDB0B9EA5CEA9311195FC8737FE2

Nějaké zlepšení určitě je, to přehřívání ještě musím nějak spravit.

Klíč v registru jsem vymazal, složky jsem chtěl zabalit, ale nejde to, píše to:

! Cannot read contents of C:\Qoobox\BackEnv\*
! Cannot create Slozky.rar
! Pristup byl odepren.

Máš ideu, jak na to?

Odkaz už jsem do zpráv poslal předevčírem, tak se připomínám, jestli jsi náhodou nezapomněl

. (navíc jsem nevěděl, jestli pak mám sem psát nebo ne).

Díky, teď jsem ty programy odinstaloval, snad to zatím vypadá dobře, kdyby byly nějaké další problémy, tak bych se ozval.

Počítač po vyčištění evidentně reaguje o hodně líp, tolik se nepřehřívá a odezvy jsou o něco rychlejší (kromě toho, když je puštěný ten Matlab a počítá si nějaké smyčky se 4D maticemi

).

VIRY.CZ

Prosím o kontrolu logu - vypínání PC

Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC

Re: Prosím o kontrolu logu - vypínání PC