neznámy problé na pc

[martin1973]

Minidump som uploadol na james 008.Rsit je v sekcii problémy s pc.Dúfam že to bude dobre.

[Rudy]

Minidump som uploadol na james 008.Rsit je v sekcii problémy s pc.Dúfam že to bude dobre.

To v pořádku není, tam ho nikdo řešit nebude. Ten upload slouží na infikované soubory. Vložte je sem zabalené do raru, nebo podobného archivu.

[martin1973]

http://leteckaposta.cz/656689231

[Rudy]

Problém může být jak hardwarový, tak softwarový. Nejprve zkontrolujeme disk pomocí CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... oz]=4.2.0a .Stáhněte, nainstalujte a spusťte. Přes Úpravy>kopírovat sem dejte log.

[MiliNess]

Ahoj, omluva za vstup.
Mohla by v tom hrát roli chyba ve filtru MpFilter.sys (Microsoft antimalware file system filter)
Disk ale určitě prověřte.

[martin1973]

----------------------------------------------------------------------------
CrystalDiskInfo 4.6.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/04/18 7:08:48

-- Controller Map ----------------------------------------------------------
+ VIA Bus Master IDE Controller [ATA]
- Primary IDE Channel (0)
+ Secondary IDE Channel (1)
- TSSTcorp CD/DVDW SH-S182M
+ VIA SATA RAID Controller [SCSI]
- SAMSUNG HD200HJ SCSI Disk Device

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD200HJ : 200.0 GB [0/2/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD200HJ
----------------------------------------------------------------------------
Model : SAMSUNG HD200HJ
Firmware : KF100-06
Serial Number : S16KJDWPB38473
Disk Size : 200.0 GB (8.4/137.4/200.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 390721968
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 8226 hours
Power On Count : 2888 count
Temparature : 30 C (86 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _99 _51 000000000000 Read Error Rate
03 253 253 _25 000000001140 Spin-Up Time
04 _98 _98 __0 000000000B50 Start/Stop Count
05 253 253 _10 000000000000 Reallocated Sectors Count
07 253 253 _51 000000000000 Seek Error Rate
08 253 253 _15 000000000000 Seek Time Performance
09 100 100 __0 000000002022 Power-On Hours
0A 253 253 _51 000000000000 Spin Retry Count
0B 253 100 __0 000000000000 Recalibration Retries
0C _98 _98 __0 000000000B48 Power Cycle Count
0D 100 100 __0 0000000177C1 Soft Read Error Rate stab
B8 253 253 _99 000000000000 End-to-End Error
BB 253 253 __0 000000710000 Reported Uncorrectable Errors
BC 253 253 __0 000000000000 Command Timeout
BE 163 109 __0 00002B020019 Airflow Temperature
C2 148 109 __0 00002B02001E Temperature
C3 100 100 __0 0000000177C1 Hardware ECC recovered
C4 253 253 __0 000000000000 Reallocation Event Count
C5 253 253 __0 000000000000 Current Pending Sector Count
C6 253 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 100 __0 000000000000 Write Error Rate
C9 253 100 __0 000000000000 Soft Read Error Rate
CA 253 253 __0 000000000000 Data Address Mark Error

[Rudy]

Disk je OK. Zkuste přeinstalovat MS security Essential. Viz poznámka od Milinesse.

[martin1973]

Preinštalované.Ešte pred reinstalom mi vyhodilo chybu aplikácie dwwin.exe (0xc0000005( a tak iso chybu explorer.exe.
Pri inštalácii crystal disku som naištaloval aj nejaky pc tool hkey machine Bude robiť problemy,hneď som odinštaloval,ale stihol sa spustiť našiel nejakých 1600 chýb?
Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin Čigaš at 2012-04-18 20:07:16
WIN_XP Service Pack 3
System drive C: has 4 GB (14%) free of 30 GB
Total RAM: 1535 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:40, on 18.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\explorer.exe
D:\Inštalačky\RSIT.exe
C:\Program Files\trend micro\Martin Čigaš.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-21-436374069-1177238915-839522115-1004\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" (User '?')
O4 - HKUS\S-1-5-21-436374069-1177238915-839522115-1004\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?')
O4 - HKUS\S-1-5-21-436374069-1177238915-839522115-1004\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s (User '?')
O4 - HKUS\S-1-5-21-436374069-1177238915-839522115-1004\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1177238915-839522115-1004\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6276 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\RMSchedule.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-01-29 888120]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-01-29 3372856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2012-04-18 19:49:54 ----D---- C:\Program Files\Microsoft Security Client
2012-04-18 07:02:18 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2012-04-18 07:00:50 ----D---- C:\Program Files\CrystalDiskInfo
2012-04-18 07:00:50 ----D---- C:\Documents and Settings\Martin Čigaš\Application Data\OpenCandy
2012-04-17 15:47:48 ----D---- C:\Program Files\7-Zip
2012-04-17 14:42:05 ----A---- C:\WINDOWS\imsins.BAK
2012-04-17 13:05:06 ----ASH---- C:\hiberfil.sys
2012-04-16 18:37:48 ----A---- C:\WINDOWS\ntbtlog.txt
2012-04-16 13:49:29 ----D---- C:\rsit
2012-04-16 13:48:11 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-15 20:16:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-04-15 20:04:07 ----D---- C:\WINDOWS\system36
2012-04-12 19:57:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2675157$
2012-04-12 19:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$

======List of files/folders modified in the last 1 months======

2012-04-18 20:07:33 ----D---- C:\Program Files\trend micro
2012-04-18 20:07:24 ----D---- C:\WINDOWS\Prefetch
2012-04-18 20:06:37 ----D---- C:\WINDOWS\Temp
2012-04-18 19:58:46 ----SD---- C:\WINDOWS\Tasks
2012-04-18 19:50:30 ----SHD---- C:\WINDOWS\Installer
2012-04-18 19:50:30 ----D---- C:\Config.Msi
2012-04-18 19:50:15 ----D---- C:\WINDOWS\system32\drivers
2012-04-18 19:50:14 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-18 19:49:54 ----RD---- C:\Program Files
2012-04-18 19:48:15 ----D---- C:\Documents and Settings\Martin Čigaš\Application Data\Skype
2012-04-18 19:43:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-18 19:39:54 ----D---- C:\Program Files\Common Files\System
2012-04-18 19:39:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-04-18 19:39:48 ----D---- C:\WINDOWS\system32
2012-04-18 19:39:48 ----D---- C:\WINDOWS
2012-04-18 19:31:12 ----D---- C:\Program Files\Common Files
2012-04-17 15:01:45 ----D---- C:\WINDOWS\Minidump
2012-04-17 14:59:35 ----D---- C:\WINDOWS\Debug
2012-04-17 14:59:33 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-17 14:42:37 ----HD---- C:\WINDOWS\inf
2012-04-17 14:42:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-04-16 18:41:03 ----D---- C:\Program Files\Opera
2012-04-15 20:20:20 ----SD---- C:\WINDOWS\Temporary Internet Files
2012-04-15 20:19:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-04-15 20:03:11 ----D---- C:\WINDOWS\system32\config
2012-04-15 20:02:53 ----D---- C:\WINDOWS\system32\wbem
2012-04-15 20:02:53 ----D---- C:\WINDOWS\Registration
2012-04-15 20:02:14 ----D---- C:\WINDOWS\WinSxS
2012-04-13 14:18:39 ----D---- C:\WINDOWS\Microsoft.NET
2012-04-13 14:18:38 ----RSD---- C:\WINDOWS\assembly
2012-04-12 13:44:11 ----HD---- C:\WINDOWS\$hf_mig$
2012-03-25 09:05:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 uagp35;Microsoft AGPv3.5 Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2005-04-26 60928]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-04-18 805440]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-14 10496]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-01-29 20032]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-11-12 41984]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\WINDOWS\system32\DRIVERS\sscebus.sys [2010-12-21 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\WINDOWS\system32\DRIVERS\sscemdfl.sys [2010-12-21 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\WINDOWS\system32\DRIVERS\sscemdm.sys [2010-12-21 123648]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-25 6912]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 253088]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

[Rudy]

Poprosím o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[martin1973]

Počas práce comba vyodilu chybu grep.exeže treba ukončiť aplikáciu a tu je log:
ComboFix 12-04-18.02 - Martin Čigaš 18.04.2012 20:27:56.2.1 - x86
Running from: c:\documents and settings\Martin Čigaš\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
c:\documents and settings\Pokemon Online\libgcc_s_dw2-1.dll
c:\documents and settings\Pokemon Online\mingwm10.dll
c:\documents and settings\Pokemon Online\MoveMachine.exe
c:\documents and settings\Pokemon Online\Pokemon-Online.exe
c:\documents and settings\Pokemon Online\pokemonlib.dll
c:\documents and settings\Pokemon Online\QtCore4.dll
c:\documents and settings\Pokemon Online\utilities.dll
c:\documents and settings\Pokemon Online\zip.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-03-18 to 2012-04-18 )))))))))))))))))))))))))))))))
.
.
2012-04-18 18:09 . 2012-04-18 18:09 56200 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB18CDAA-96E7-47E2-95B9-E4B00469A994}\offreg.dll
2012-04-18 18:09 . 2012-04-18 18:09 29904 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB18CDAA-96E7-47E2-95B9-E4B00469A994}\MpKsl35deabb1.sys
2012-04-18 17:58 . 2012-03-20 01:53 6582328 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB18CDAA-96E7-47E2-95B9-E4B00469A994}\mpengine.dll
2012-04-18 17:49 . 2012-04-18 17:50 -------- d-----w- c:\program files\Microsoft Security Client
2012-04-18 05:00 . 2012-04-18 05:01 -------- d-----w- c:\program files\CrystalDiskInfo
2012-04-18 05:00 . 2012-04-18 05:00 -------- d-----w- c:\documents and settings\Martin Čigaš\Application Data\OpenCandy
2012-04-17 13:47 . 2012-04-17 13:47 -------- d-----w- c:\program files\7-Zip
2012-04-16 11:49 . 2012-04-16 11:49 -------- d-----w- C:\rsit
2012-04-16 11:48 . 2012-04-16 12:33 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-16 11:47 . 2012-02-29 14:10 148480 -c----w- c:\windows\system32\dllcache\imagehlp.dll
2012-04-15 18:16 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-15 18:04 . 2012-04-15 18:04 -------- d-----w- c:\windows\system36
2012-04-15 18:02 . 2012-04-15 18:02 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-16 12:33 . 2011-05-19 13:08 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-29 14:10 . 2010-08-06 15:54 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 14:10 . 2006-02-28 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-28 18:50 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 18:50 . 2006-02-28 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2012-02-28 18:50 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2012-02-28 13:50 . 2006-02-28 12:00 369664 ----a-w- c:\windows\system32\html.iec
2012-02-23 08:18 . 2011-03-15 18:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-03 09:22 . 2010-08-06 15:54 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-03-18 17:07 . 2011-05-12 14:12 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 0FF993DEBFD8EE0D48BBC71817B99692 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[7] 2006-02-28 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[7] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 1E0FE45FA26F12C5D13B1083C5461DE1 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[7] 2006-02-28 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[7] 2011-10-25 . DB19FFF0C805664CB95062C027B11FE9 . 2069376 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[7] 2011-10-25 . CE1A2FEDBD001ECDC5AD1975AFAD040A . 2069376 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2011-10-25 . 10FBCC330BA8990DE4FE548E45EFB98A . 2069376 . . [5.1.2600.6165] . . c:\windows\system32\ntkrnlpa.exe
[7] 2011-10-25 . CE1A2FEDBD001ECDC5AD1975AFAD040A . 2069376 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-12-09 . F67CD97282E0ABFAF91A9A1359B16F2D . 2069376 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 84FF488E249DBD2050EB39EA81C6F5C2 . 2069376 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[7] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2010-02-17 . 1811AFC2FADB60B88947E3D08E250860 . 2063744 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[7] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-06 . 3006410E24772CC6953F0B5C01BEB35F . 2057728 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[7] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[7] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[7] 2006-02-28 . 947FB1D86D14AFCFFDB54BF837EC25D0 . 2056832 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-01-29 888120]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-01-29 3372856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-04-26 589824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 253088]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-01-29 20032]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2011-01-20 36640]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2010-12-21 98560]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2010-12-21 14848]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2010-12-21 123648]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 MpKsl35deabb1;MpKsl35deabb1;c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB18CDAA-96E7-47E2-95B9-E4B00469A994}\MpKsl35deabb1.sys [2012-04-18 29904]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPFILTER
*NewlyCreated* - MPKSL35DEABB1
*NewlyCreated* - MSMPSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 12:33]
.
2012-04-18 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
2012-04-18 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Martin Čigaš\Application Data\Mozilla\Firefox\Profiles\winhpedy.default\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-18 20:35
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-04-18 20:38:38
ComboFix-quarantined-files.txt 2012-04-18 18:38
.
Pre-Run: 4 228 526 080 bytes free
Post-Run: 4 709 826 560 voľných bajtov
.
- - End Of File - - 7DF5F63763D688C2955D157DAB5E9536

[Rudy]

Několik položek CF smazal, zbytek logu vypadá čistý. Vzhedem k těm chybám ještě poprosím o kontrolu na rootkit. Udělejte sken GMER: http://forum.viry.cz/viewtopic.php?f=29&t=62878 a dejte oby logy.

[martin1973]

Log vložím zajtra,deti idú spinkať

[martin1973]

Okamžitý Bsod po spustení Gmeru.Píše že je tam nejaký rootkit a ďalej nič sa nedeje

[JaRon]

jednorazovo zaskocim:
ked pises rootkit, vloz log z TDSSKiller

[martin1973]

19:51:14.0265 3356 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
19:51:14.0421 3356 ============================================================
19:51:14.0421 3356 Current date / time: 2012/04/19 19:51:14.0421
19:51:14.0421 3356 SystemInfo:
19:51:14.0421 3356
19:51:14.0421 3356 OS Version: 5.1.2600 ServicePack: 3.0
19:51:14.0421 3356 Product type: Workstation
19:51:14.0421 3356 ComputerName: MARTIN-83EDE3FA
19:51:14.0421 3356 UserName: Martin Čigaš
19:51:14.0421 3356 Windows directory: C:\WINDOWS
19:51:14.0421 3356 System windows directory: C:\WINDOWS
19:51:14.0421 3356 Processor architecture: Intel x86
19:51:14.0421 3356 Number of processors: 1
19:51:14.0421 3356 Page size: 0x1000
19:51:14.0421 3356 Boot type: Normal boot
19:51:14.0421 3356 ============================================================
19:51:20.0265 3356 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
19:51:20.0562 3356 \Device\Harddisk0\DR0:
19:51:20.0562 3356 MBR partitions:
19:51:20.0562 3356 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A962B1
19:51:20.0578 3356 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0x13A03BD1
19:51:20.0609 3356 C: <-> \Device\Harddisk0\DR0\Partition0
19:51:20.0640 3356 D: <-> \Device\Harddisk0\DR0\Partition1
19:51:20.0640 3356 Initialize success
19:51:20.0640 3356 ============================================================
19:51:23.0578 0192 ============================================================
19:51:23.0578 0192 Scan started
19:51:23.0578 0192 Mode: Manual;
19:51:23.0578 0192 ============================================================
19:51:24.0312 0192 Abiosdsk - ok
19:51:24.0421 0192 abp480n5 - ok
19:51:24.0515 0192 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:51:24.0593 0192 ACPI - ok
19:51:24.0718 0192 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:51:24.0734 0192 ACPIEC - ok
19:51:24.0890 0192 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:25.0218 0192 AdobeFlashPlayerUpdateSvc - ok
19:51:25.0281 0192 adpu160m - ok
19:51:25.0390 0192 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:51:25.0750 0192 aec - ok
19:51:25.0906 0192 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:51:25.0906 0192 AFD - ok
19:51:26.0375 0192 Aha154x - ok
19:51:26.0781 0192 aic78u2 - ok
19:51:26.0890 0192 aic78xx - ok
19:51:26.0953 0192 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
19:51:27.0062 0192 Alerter - ok
19:51:27.0156 0192 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
19:51:27.0156 0192 ALG - ok
19:51:27.0234 0192 AliIde - ok
19:51:27.0296 0192 amsint - ok
19:51:27.0343 0192 AppMgmt - ok
19:51:27.0406 0192 asc - ok
19:51:27.0500 0192 asc3350p - ok
19:51:27.0562 0192 asc3550 - ok
19:51:27.0750 0192 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:51:27.0812 0192 aspnet_state - ok
19:51:27.0890 0192 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:51:27.0921 0192 AsyncMac - ok
19:51:28.0000 0192 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:51:28.0125 0192 atapi - ok
19:51:28.0218 0192 Atdisk - ok
19:51:28.0312 0192 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:51:28.0390 0192 Atmarpc - ok
19:51:28.0671 0192 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
19:51:28.0718 0192 AudioSrv - ok
19:51:28.0843 0192 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:51:28.0875 0192 audstub - ok
19:51:28.0937 0192 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:51:28.0984 0192 Beep - ok
19:51:29.0140 0192 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
19:51:29.0406 0192 BITS - ok
19:51:29.0531 0192 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
19:51:29.0531 0192 Browser - ok
19:51:29.0671 0192 catchme - ok
19:51:29.0765 0192 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:51:29.0796 0192 cbidf2k - ok
19:51:29.0843 0192 cd20xrnt - ok
19:51:29.0953 0192 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:51:29.0968 0192 Cdaudio - ok
19:51:30.0062 0192 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:51:30.0156 0192 Cdfs - ok
19:51:30.0234 0192 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:51:30.0328 0192 Cdrom - ok
19:51:30.0421 0192 Changer - ok
19:51:30.0515 0192 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
19:51:30.0562 0192 CiSvc - ok
19:51:30.0640 0192 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
19:51:30.0718 0192 ClipSrv - ok
19:51:30.0843 0192 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:51:30.0968 0192 clr_optimization_v2.0.50727_32 - ok
19:51:31.0062 0192 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:51:31.0140 0192 clr_optimization_v4.0.30319_32 - ok
19:51:31.0203 0192 CmdIde - ok
19:51:31.0328 0192 cmuda (9776539378fd13c76c8dc982ed8608e3) C:\WINDOWS\system32\drivers\cmuda.sys
19:51:31.0390 0192 cmuda - ok
19:51:31.0421 0192 COMSysApp - ok
19:51:31.0515 0192 Cpqarray - ok
19:51:31.0593 0192 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
19:51:31.0640 0192 CryptSvc - ok
19:51:31.0671 0192 dac2w2k - ok
19:51:31.0718 0192 dac960nt - ok
19:51:31.0828 0192 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:51:31.0843 0192 DcomLaunch - ok
19:51:31.0921 0192 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
19:51:31.0953 0192 dgderdrv - ok
19:51:32.0031 0192 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
19:51:32.0078 0192 Dhcp - ok
19:51:32.0156 0192 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:51:32.0218 0192 Disk - ok
19:51:32.0265 0192 dmadmin - ok
19:51:32.0375 0192 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:51:32.0453 0192 dmboot - ok
19:51:32.0531 0192 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:51:32.0593 0192 dmio - ok
19:51:32.0671 0192 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:51:32.0687 0192 dmload - ok
19:51:32.0765 0192 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
19:51:32.0812 0192 dmserver - ok
19:51:32.0890 0192 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:51:32.0953 0192 DMusic - ok
19:51:33.0031 0192 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
19:51:33.0031 0192 Dnscache - ok
19:51:33.0140 0192 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
19:51:33.0218 0192 Dot3svc - ok
19:51:33.0265 0192 dpti2o - ok
19:51:33.0328 0192 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:51:33.0343 0192 drmkaud - ok
19:51:33.0437 0192 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
19:51:33.0484 0192 EapHost - ok
19:51:33.0562 0192 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
19:51:33.0593 0192 ERSvc - ok
19:51:33.0703 0192 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:51:33.0718 0192 Eventlog - ok
19:51:33.0796 0192 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
19:51:33.0796 0192 EventSystem - ok
19:51:33.0875 0192 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:51:33.0921 0192 Fastfat - ok
19:51:33.0984 0192 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:51:33.0984 0192 FastUserSwitchingCompatibility - ok
19:51:34.0031 0192 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:51:34.0093 0192 Fdc - ok
19:51:34.0187 0192 FETND5BV (cfc4cc73c903152a23e1db28eaba1f03) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
19:51:34.0234 0192 FETND5BV - ok
19:51:34.0312 0192 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
19:51:34.0343 0192 FETNDIS - ok
19:51:34.0421 0192 FETNDISB (b7186b33b6cf3a23841015531e6e7d68) C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
19:51:34.0484 0192 FETNDISB - ok
19:51:34.0546 0192 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:51:34.0593 0192 Fips - ok
19:51:34.0671 0192 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:51:34.0718 0192 Flpydisk - ok
19:51:34.0796 0192 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:51:34.0843 0192 FltMgr - ok
19:51:34.0953 0192 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:51:35.0000 0192 FontCache3.0.0.0 - ok
19:51:35.0062 0192 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS
19:51:35.0109 0192 FsUsbExDisk - ok
19:51:35.0171 0192 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:51:35.0203 0192 Fs_Rec - ok
19:51:35.0281 0192 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:51:35.0312 0192 Ftdisk - ok
19:51:35.0375 0192 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:51:35.0421 0192 Gpc - ok
19:51:35.0468 0192 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
19:51:35.0531 0192 hamachi - ok
19:51:35.0703 0192 Hamachi2Svc (fa89c0429821c7c429eec7a0ce1c02d3) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
19:51:35.0718 0192 Hamachi2Svc - ok
19:51:35.0796 0192 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:51:35.0859 0192 helpsvc - ok
19:51:35.0937 0192 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
19:51:35.0968 0192 HidServ - ok
19:51:36.0062 0192 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:51:36.0093 0192 HidUsb - ok
19:51:36.0171 0192 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
19:51:36.0250 0192 hkmsvc - ok
19:51:36.0296 0192 hpn - ok
19:51:36.0390 0192 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:51:36.0453 0192 HPZid412 - ok
19:51:36.0531 0192 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:51:36.0562 0192 HPZipr12 - ok
19:51:36.0671 0192 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:51:36.0718 0192 HPZius12 - ok
19:51:36.0796 0192 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:51:36.0812 0192 HTTP - ok
19:51:36.0875 0192 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
19:51:36.0890 0192 HTTPFilter - ok
19:51:36.0953 0192 i2omgmt - ok
19:51:37.0000 0192 i2omp - ok
19:51:37.0078 0192 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:51:37.0171 0192 i8042prt - ok
19:51:37.0328 0192 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:51:37.0406 0192 IDriverT - ok
19:51:37.0625 0192 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:51:38.0109 0192 idsvc - ok
19:51:38.0218 0192 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:51:38.0296 0192 Imapi - ok
19:51:38.0390 0192 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
19:51:38.0390 0192 ImapiService - ok
19:51:38.0468 0192 ini910u - ok
19:51:38.0562 0192 IntelIde - ok
19:51:38.0640 0192 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:51:38.0687 0192 intelppm - ok
19:51:38.0765 0192 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:51:38.0843 0192 Ip6Fw - ok
19:51:38.0953 0192 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:51:39.0046 0192 IpFilterDriver - ok
19:51:39.0093 0192 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:51:39.0156 0192 IpInIp - ok
19:51:39.0281 0192 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:51:39.0406 0192 IpNat - ok
19:51:39.0484 0192 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:51:39.0625 0192 IPSec - ok
19:51:39.0734 0192 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:51:39.0750 0192 IRENUM - ok
19:51:39.0828 0192 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:51:39.0937 0192 isapnp - ok
19:51:40.0015 0192 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:51:40.0171 0192 Kbdclass - ok
19:51:40.0265 0192 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:51:40.0328 0192 kbdhid - ok
19:51:40.0390 0192 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:51:40.0421 0192 kmixer - ok
19:51:40.0515 0192 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:51:40.0515 0192 KSecDD - ok
19:51:40.0609 0192 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
19:51:40.0609 0192 lanmanserver - ok
19:51:40.0703 0192 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
19:51:40.0703 0192 lanmanworkstation - ok
19:51:40.0781 0192 lbrtfdc - ok
19:51:40.0968 0192 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:51:41.0140 0192 LightScribeService - ok
19:51:41.0218 0192 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
19:51:41.0281 0192 LmHosts - ok
19:51:41.0359 0192 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
19:51:41.0406 0192 Messenger - ok
19:51:41.0484 0192 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:51:41.0531 0192 mnmdd - ok
19:51:41.0609 0192 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
19:51:41.0812 0192 mnmsrvc - ok
19:51:41.0890 0192 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:51:41.0968 0192 Modem - ok
19:51:42.0031 0192 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:51:42.0109 0192 Mouclass - ok
19:51:42.0171 0192 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:51:42.0218 0192 mouhid - ok
19:51:42.0343 0192 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:51:42.0437 0192 MountMgr - ok
19:51:42.0531 0192 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:51:42.0703 0192 MpFilter - ok
19:51:42.0906 0192 MpKsl68da7359 (a69630d039c38018689190234f866d77) C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF849BB7-2EF6-4936-B585-5FC26513DE26}\MpKsl68da7359.sys
19:51:42.0906 0192 MpKsl68da7359 - ok
19:51:42.0937 0192 mraid35x - ok
19:51:43.0015 0192 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:51:43.0031 0192 MRxDAV - ok
19:51:43.0156 0192 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:51:43.0171 0192 MRxSmb - ok
19:51:43.0234 0192 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
19:51:43.0296 0192 MSDTC - ok
19:51:43.0406 0192 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:51:43.0656 0192 Msfs - ok
19:51:43.0734 0192 MSIServer - ok
19:51:43.0843 0192 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:51:43.0859 0192 MSKSSRV - ok
19:51:44.0046 0192 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
19:51:44.0046 0192 MsMpSvc - ok
19:51:44.0109 0192 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:51:44.0156 0192 MSPCLOCK - ok
19:51:44.0218 0192 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:51:44.0343 0192 MSPQM - ok
19:51:44.0406 0192 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:51:44.0484 0192 mssmbios - ok
19:51:44.0593 0192 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:51:44.0609 0192 Mup - ok
19:51:44.0718 0192 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
19:51:44.0890 0192 napagent - ok
19:51:44.0984 0192 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:51:45.0171 0192 NDIS - ok
19:51:45.0265 0192 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:51:45.0281 0192 NdisTapi - ok
19:51:45.0375 0192 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:51:45.0421 0192 Ndisuio - ok
19:51:45.0500 0192 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:51:45.0750 0192 NdisWan - ok
19:51:45.0843 0192 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:51:45.0843 0192 NDProxy - ok
19:51:45.0921 0192 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:51:46.0015 0192 NetBIOS - ok
19:51:46.0062 0192 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:51:46.0156 0192 NetBT - ok
19:51:46.0312 0192 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:51:46.0484 0192 NetDDE - ok
19:51:46.0531 0192 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:51:46.0531 0192 NetDDEdsdm - ok
19:51:46.0578 0192 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:51:46.0578 0192 Netlogon - ok
19:51:46.0640 0192 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
19:51:46.0750 0192 Netman - ok
19:51:46.0953 0192 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:51:47.0250 0192 NetTcpPortSharing - ok
19:51:47.0390 0192 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
19:51:47.0406 0192 Nla - ok
19:51:47.0515 0192 NMIndexingService - ok
19:51:47.0640 0192 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:51:47.0734 0192 Npfs - ok
19:51:47.0875 0192 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:51:48.0015 0192 Ntfs - ok
19:51:48.0140 0192 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:51:48.0140 0192 NtLmSsp - ok
19:51:48.0234 0192 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
19:51:48.0390 0192 NtmsSvc - ok
19:51:48.0468 0192 NTSIM (a568b9a9ffe2d9387222a5c90f86d731) C:\WINDOWS\system32\ntsim.sys
19:51:48.0562 0192 NTSIM - ok
19:51:48.0640 0192 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:51:48.0687 0192 Null - ok
19:51:49.0031 0192 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:51:49.0500 0192 nv - ok
19:51:49.0640 0192 NVSvc (0febe37db6650faa5965c00545009d1d) C:\WINDOWS\system32\nvsvc32.exe
19:51:49.0656 0192 NVSvc - ok
19:51:49.0750 0192 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:51:49.0875 0192 NwlnkFlt - ok
19:51:49.0984 0192 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:51:50.0046 0192 NwlnkFwd - ok
19:51:50.0140 0192 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:51:50.0265 0192 Parport - ok
19:51:50.0343 0192 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:51:50.0390 0192 PartMgr - ok
19:51:50.0500 0192 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:51:50.0546 0192 ParVdm - ok
19:51:50.0593 0192 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:51:50.0796 0192 PCI - ok
19:51:50.0859 0192 PCIDump - ok
19:51:50.0937 0192 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:51:50.0953 0192 PCIIde - ok
19:51:51.0031 0192 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:51:51.0109 0192 Pcmcia - ok
19:51:51.0171 0192 PDCOMP - ok
19:51:51.0234 0192 PDFRAME - ok
19:51:51.0312 0192 PDRELI - ok
19:51:51.0359 0192 PDRFRAME - ok
19:51:51.0421 0192 perc2 - ok
19:51:51.0484 0192 perc2hib - ok
19:51:51.0687 0192 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:51:51.0687 0192 PlugPlay - ok
19:51:51.0781 0192 Pml Driver HPZ12 (d31f88c5f19eefa366a415d6bc5f2abc) C:\WINDOWS\system32\HPZipm12.exe
19:51:51.0781 0192 Pml Driver HPZ12 - ok
19:51:51.0859 0192 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:51:51.0859 0192 PolicyAgent - ok
19:51:52.0000 0192 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:51:52.0078 0192 PptpMiniport - ok
19:51:52.0140 0192 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:51:52.0140 0192 ProtectedStorage - ok
19:51:52.0250 0192 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:51:52.0343 0192 PSched - ok
19:51:52.0453 0192 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:51:52.0531 0192 Ptilink - ok
19:51:52.0609 0192 ql1080 - ok
19:51:52.0687 0192 Ql10wnt - ok
19:51:52.0750 0192 ql12160 - ok
19:51:52.0828 0192 ql1240 - ok
19:51:52.0890 0192 ql1280 - ok
19:51:52.0984 0192 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:51:52.0984 0192 RasAcd - ok
19:51:53.0062 0192 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
19:51:53.0109 0192 RasAuto - ok
19:51:53.0156 0192 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:51:53.0265 0192 Rasl2tp - ok
19:51:53.0359 0192 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
19:51:53.0515 0192 RasMan - ok
19:51:53.0562 0192 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:51:53.0640 0192 RasPppoe - ok
19:51:53.0718 0192 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:51:53.0812 0192 Raspti - ok
19:51:53.0890 0192 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:51:54.0062 0192 Rdbss - ok
19:51:54.0140 0192 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:51:54.0187 0192 RDPCDD - ok
19:51:54.0312 0192 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:51:54.0312 0192 RDPWD - ok
19:51:54.0375 0192 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
19:51:54.0625 0192 RDSessMgr - ok
19:51:54.0718 0192 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:51:54.0796 0192 redbook - ok
19:51:54.0937 0192 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
19:51:55.0000 0192 RemoteAccess - ok
19:51:55.0062 0192 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
19:51:55.0156 0192 RpcLocator - ok
19:51:55.0234 0192 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
19:51:55.0250 0192 RpcSs - ok
19:51:55.0359 0192 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
19:51:55.0468 0192 RSVP - ok
19:51:55.0578 0192 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys
19:51:55.0703 0192 s0016bus - ok
19:51:55.0765 0192 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
19:51:55.0812 0192 s0016mdfl - ok
19:51:55.0906 0192 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
19:51:56.0046 0192 s0016mdm - ok
19:51:56.0125 0192 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
19:51:56.0265 0192 s0016mgmt - ok
19:51:56.0343 0192 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
19:51:56.0375 0192 s0016nd5 - ok
19:51:56.0453 0192 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys
19:51:56.0593 0192 s0016obex - ok
19:51:56.0687 0192 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys
19:51:56.0859 0192 s0016unic - ok
19:51:56.0968 0192 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:51:56.0968 0192 SamSs - ok
19:51:57.0093 0192 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
19:51:57.0218 0192 SCardSvr - ok
19:51:57.0328 0192 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
19:51:57.0328 0192 Schedule - ok
19:51:57.0421 0192 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:51:57.0500 0192 Secdrv - ok
19:51:57.0562 0192 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
19:51:57.0562 0192 seclogon - ok
19:51:57.0687 0192 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
19:51:57.0687 0192 SENS - ok
19:51:57.0750 0192 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:51:57.0781 0192 serenum - ok
19:51:57.0843 0192 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:51:58.0093 0192 Serial - ok
19:51:58.0343 0192 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:51:58.0375 0192 Sfloppy - ok
19:51:58.0453 0192 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
19:51:58.0453 0192 SharedAccess - ok
19:51:58.0531 0192 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:51:58.0546 0192 ShellHWDetection - ok
19:51:58.0593 0192 Simbad - ok
19:51:58.0734 0192 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
19:51:58.0750 0192 SkypeUpdate - ok
19:51:58.0859 0192 Sparrow - ok
19:51:58.0937 0192 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:51:58.0937 0192 splitter - ok
19:51:59.0000 0192 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:51:59.0000 0192 Spooler - ok
19:51:59.0062 0192 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:51:59.0312 0192 sr - ok
19:51:59.0406 0192 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
19:51:59.0406 0192 srservice - ok
19:51:59.0562 0192 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:51:59.0562 0192 Srv - ok
19:51:59.0656 0192 sscebus (b2063ce662af3ab20045121a5b716df6) C:\WINDOWS\system32\DRIVERS\sscebus.sys
19:51:59.0765 0192 sscebus - ok
19:51:59.0875 0192 sscemdfl (66799dc0afe3dcaf8368cae17394a762) C:\WINDOWS\system32\DRIVERS\sscemdfl.sys
19:51:59.0890 0192 sscemdfl - ok
19:51:59.0968 0192 sscemdm (cbf03ffc08f8db547bab2f79aa663d16) C:\WINDOWS\system32\DRIVERS\sscemdm.sys
19:52:00.0109 0192 sscemdm - ok
19:52:00.0203 0192 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
19:52:00.0203 0192 SSDPSRV - ok
19:52:00.0265 0192 StarOpen - ok
19:52:00.0375 0192 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
19:52:00.0375 0192 stisvc - ok
19:52:00.0453 0192 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:52:00.0484 0192 swenum - ok
19:52:00.0562 0192 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:52:00.0640 0192 swmidi - ok
19:52:00.0718 0192 SwPrv - ok
19:52:00.0796 0192 symc810 - ok
19:52:00.0875 0192 symc8xx - ok
19:52:00.0968 0192 sym_hi - ok
19:52:01.0031 0192 sym_u3 - ok
19:52:01.0109 0192 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:52:01.0265 0192 sysaudio - ok
19:52:01.0343 0192 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
19:52:01.0500 0192 SysmonLog - ok
19:52:01.0593 0192 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
19:52:01.0687 0192 TapiSrv - ok
19:52:01.0781 0192 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:52:01.0812 0192 Tcpip - ok
19:52:01.0906 0192 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:52:01.0984 0192 TDPIPE - ok
19:52:02.0062 0192 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:52:02.0125 0192 TDTCP - ok
19:52:02.0203 0192 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:52:02.0281 0192 TermDD - ok
19:52:02.0453 0192 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
19:52:02.0453 0192 TermService - ok
19:52:02.0546 0192 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:52:02.0546 0192 Themes - ok
19:52:02.0609 0192 TosIde - ok
19:52:02.0671 0192 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
19:52:02.0671 0192 TrkWks - ok
19:52:02.0750 0192 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
19:52:02.0859 0192 uagp35 - ok
19:52:02.0968 0192 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:52:03.0078 0192 Udfs - ok
19:52:03.0140 0192 ultra - ok
19:52:03.0250 0192 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:52:03.0250 0192 Update - ok
19:52:03.0375 0192 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
19:52:03.0375 0192 upnphost - ok
19:52:03.0468 0192 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
19:52:03.0671 0192 UPS - ok
19:52:03.0750 0192 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:52:03.0812 0192 usbccgp - ok
19:52:03.0906 0192 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:52:03.0953 0192 usbehci - ok
19:52:04.0062 0192 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:52:04.0156 0192 usbhub - ok
19:52:04.0281 0192 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:52:04.0328 0192 usbprint - ok
19:52:04.0390 0192 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:52:04.0437 0192 usbscan - ok
19:52:04.0531 0192 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:52:04.0578 0192 usbstor - ok
19:52:04.0656 0192 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:52:04.0703 0192 usbuhci - ok
19:52:04.0765 0192 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:52:04.0796 0192 VgaSave - ok
19:52:04.0890 0192 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:52:04.0937 0192 ViaIde - ok
19:52:05.0000 0192 viamraid (0363e216e4eb5052969c96608934dbde) C:\WINDOWS\system32\DRIVERS\viamraid.sys
19:52:05.0140 0192 viamraid - ok
19:52:05.0187 0192 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:52:05.0328 0192 VolSnap - ok
19:52:05.0437 0192 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
19:52:05.0562 0192 VSS - ok
19:52:05.0656 0192 vulfnths (16409c468ceee99b6b129fcaa5c0f206) C:\WINDOWS\System32\Drivers\vulfnth.sys
19:52:05.0687 0192 vulfnths - ok
19:52:05.0765 0192 vulfntrs (541447e05eddd1164a5ea925778b209d) C:\WINDOWS\System32\Drivers\vulfntr.sys
19:52:05.0796 0192 vulfntrs - ok
19:52:05.0921 0192 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
19:52:05.0921 0192 W32Time - ok
19:52:06.0031 0192 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:52:06.0109 0192 Wanarp - ok
19:52:06.0171 0192 WDICA - ok
19:52:06.0281 0192 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:52:06.0390 0192 wdmaud - ok
19:52:06.0468 0192 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
19:52:06.0546 0192 WebClient - ok
19:52:06.0703 0192 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:52:06.0703 0192 winmgmt - ok
19:52:06.0906 0192 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:52:06.0968 0192 WmdmPmSN - ok
19:52:07.0078 0192 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:52:07.0250 0192 WmiApSrv - ok
19:52:07.0312 0192 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:52:07.0375 0192 WpdUsb - ok
19:52:07.0578 0192 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:52:07.0796 0192 WPFFontCache_v0400 - ok
19:52:07.0921 0192 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:52:07.0968 0192 WS2IFSL - ok
19:52:08.0062 0192 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
19:52:08.0062 0192 wscsvc - ok
19:52:08.0125 0192 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
19:52:08.0125 0192 wuauserv - ok
19:52:08.0250 0192 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:52:08.0343 0192 WudfPf - ok
19:52:08.0468 0192 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:52:08.0593 0192 WudfRd - ok
19:52:08.0671 0192 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:52:08.0812 0192 WudfSvc - ok
19:52:08.0906 0192 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
19:52:09.0015 0192 WZCSVC - ok
19:52:09.0125 0192 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
19:52:09.0406 0192 xmlprov - ok
19:52:09.0515 0192 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:52:09.0687 0192 \Device\Harddisk0\DR0 - ok
19:52:09.0734 0192 Boot (0x1200) (f94fbc81f0c54817b076fdb60ab8a726) \Device\Harddisk0\DR0\Partition0
19:52:09.0734 0192 \Device\Harddisk0\DR0\Partition0 - ok
19:52:09.0781 0192 Boot (0x1200) (cce026173c0bd20e38545918ce9239b3) \Device\Harddisk0\DR0\Partition1
19:52:09.0796 0192 \Device\Harddisk0\DR0\Partition1 - ok
19:52:09.0812 0192 ============================================================
19:52:09.0812 0192 Scan finished
19:52:09.0812 0192 ============================================================
19:52:09.0875 3576 Detected object count: 0
19:52:09.0875 3576 Actual detected object count: 0