Prosím o kontrolu logu Vyřešeno

[dvorak.josef01]

Dobrý večer. Prosím o kontrolu logu. PC je pomalý a značně zasekaný. MALWARE nic nenašel. PC sem pročistil CCleaner a ATF-Cleanerem. Bohužel ani jedno nepomohlo. Děkuji Posílám log z Hijack
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:03:32, on 30.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Josef\Dokumenty\Stažené soubory\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6542 bytes

[Reklama]

[Žbeky]

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[dvorak.josef01]

Posilám logy TDS vyskočili dva tak posilam oba +conbofix děkuji
20:07:30.0765 3800 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:07:32.0781 3800 ============================================================
20:07:32.0781 3800 Current date / time: 2012/10/31 20:07:32.0781
20:07:32.0781 3800 SystemInfo:
20:07:32.0781 3800
20:07:32.0781 3800 OS Version: 5.1.2600 ServicePack: 3.0
20:07:32.0781 3800 Product type: Workstation
20:07:32.0781 3800 ComputerName: PCDVORAK
20:07:32.0781 3800 UserName: Josef
20:07:32.0781 3800 Windows directory: C:\WINDOWS
20:07:32.0781 3800 System windows directory: C:\WINDOWS
20:07:32.0781 3800 Processor architecture: Intel x86
20:07:32.0781 3800 Number of processors: 1
20:07:32.0781 3800 Page size: 0x1000
20:07:32.0781 3800 Boot type: Normal boot
20:07:32.0781 3800 ============================================================
20:07:35.0437 3800 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:07:35.0515 3800 ============================================================
20:07:35.0515 3800 \Device\Harddisk0\DR0:
20:07:35.0515 3800 MBR partitions:
20:07:35.0515 3800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
20:07:35.0515 3800 ============================================================
20:07:35.0578 3800 C: <-> \Device\Harddisk0\DR0\Partition1
20:07:35.0593 3800 ============================================================
20:07:35.0593 3800 Initialize success
20:07:35.0593 3800 ============================================================
20:07:40.0187 3984 ============================================================
20:07:40.0187 3984 Scan started
20:07:40.0187 3984 Mode: Manual;
20:07:40.0187 3984 ============================================================
20:07:41.0250 3984 ================ Scan system memory ========================
20:07:41.0281 3984 System memory - ok
20:07:41.0296 3984 ================ Scan services =============================
20:07:41.0375 3984 Abiosdsk - ok
20:07:41.0390 3984 abp480n5 - ok
20:07:41.0468 3984 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:07:41.0468 3984 ACDaemon - ok
20:07:41.0515 3984 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:07:41.0515 3984 ACPI - ok
20:07:41.0546 3984 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:07:41.0546 3984 ACPIEC - ok
20:07:41.0625 3984 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:07:41.0640 3984 AdobeFlashPlayerUpdateSvc - ok
20:07:41.0640 3984 adpu160m - ok
20:07:41.0687 3984 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:07:41.0703 3984 aec - ok
20:07:41.0734 3984 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:07:41.0734 3984 AFD - ok
20:07:41.0750 3984 Aha154x - ok
20:07:41.0765 3984 aic78u2 - ok
20:07:41.0781 3984 aic78xx - ok
20:07:41.0796 3984 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:07:41.0796 3984 Alerter - ok
20:07:41.0828 3984 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
20:07:41.0828 3984 ALG - ok
20:07:41.0843 3984 AliIde - ok
20:07:41.0875 3984 [ 0A4D13B388C814560BD69C3A496ECFA8 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:07:41.0875 3984 AmdK8 - ok
20:07:41.0890 3984 amsint - ok
20:07:41.0906 3984 AppMgmt - ok
20:07:41.0921 3984 asc - ok
20:07:41.0921 3984 asc3350p - ok
20:07:41.0937 3984 asc3550 - ok
20:07:42.0046 3984 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:07:42.0062 3984 aspnet_state - ok
20:07:42.0093 3984 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:07:42.0093 3984 AsyncMac - ok
20:07:42.0109 3984 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:07:42.0109 3984 atapi - ok
20:07:42.0125 3984 Atdisk - ok
20:07:42.0140 3984 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:07:42.0140 3984 Atmarpc - ok
20:07:42.0156 3984 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:07:42.0156 3984 AudioSrv - ok
20:07:42.0187 3984 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:07:42.0187 3984 audstub - ok
20:07:42.0234 3984 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:07:42.0234 3984 Beep - ok
20:07:42.0281 3984 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
20:07:42.0343 3984 BITS - ok
20:07:42.0375 3984 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
20:07:42.0375 3984 Browser - ok
20:07:42.0421 3984 [ DF863A3F97A8CBF9E7FBBC2A0854F582 ] BT848 C:\WINDOWS\system32\drivers\wf2kvcap.sys
20:07:42.0421 3984 BT848 - ok
20:07:42.0453 3984 catchme - ok
20:07:42.0484 3984 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:07:42.0500 3984 cbidf2k - ok
20:07:42.0531 3984 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:07:42.0531 3984 CCDECODE - ok
20:07:42.0546 3984 cd20xrnt - ok
20:07:42.0562 3984 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:07:42.0562 3984 Cdaudio - ok
20:07:42.0609 3984 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:07:42.0609 3984 Cdfs - ok
20:07:42.0625 3984 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:07:42.0625 3984 Cdrom - ok
20:07:42.0625 3984 Changer - ok
20:07:42.0656 3984 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:07:42.0656 3984 CiSvc - ok
20:07:42.0671 3984 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:07:42.0671 3984 ClipSrv - ok
20:07:42.0734 3984 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:07:42.0765 3984 clr_optimization_v2.0.50727_32 - ok
20:07:42.0812 3984 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:07:42.0828 3984 clr_optimization_v4.0.30319_32 - ok
20:07:42.0843 3984 CmdIde - ok
20:07:42.0859 3984 COMSysApp - ok
20:07:42.0875 3984 Cpqarray - ok
20:07:42.0906 3984 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:07:42.0906 3984 CryptSvc - ok
20:07:42.0921 3984 dac2w2k - ok
20:07:42.0937 3984 dac960nt - ok
20:07:42.0984 3984 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:07:43.0000 3984 DcomLaunch - ok
20:07:43.0046 3984 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:07:43.0046 3984 Dhcp - ok
20:07:43.0062 3984 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:07:43.0062 3984 Disk - ok
20:07:43.0078 3984 dmadmin - ok
20:07:43.0125 3984 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:07:43.0140 3984 dmboot - ok
20:07:43.0156 3984 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:07:43.0156 3984 dmio - ok
20:07:43.0187 3984 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:07:43.0187 3984 dmload - ok
20:07:43.0203 3984 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:07:43.0218 3984 dmserver - ok
20:07:43.0250 3984 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:07:43.0265 3984 DMusic - ok
20:07:43.0281 3984 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:07:43.0281 3984 Dnscache - ok
20:07:43.0296 3984 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:07:43.0296 3984 Dot3svc - ok
20:07:43.0312 3984 dpti2o - ok
20:07:43.0328 3984 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:07:43.0328 3984 drmkaud - ok
20:07:43.0359 3984 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:07:43.0375 3984 EapHost - ok
20:07:43.0375 3984 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:07:43.0390 3984 ERSvc - ok
20:07:43.0421 3984 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
20:07:43.0421 3984 Eventlog - ok
20:07:43.0468 3984 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
20:07:43.0484 3984 EventSystem - ok
20:07:43.0500 3984 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:07:43.0500 3984 Fastfat - ok
20:07:43.0546 3984 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:07:43.0546 3984 FastUserSwitchingCompatibility - ok
20:07:43.0562 3984 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:07:43.0562 3984 Fdc - ok
20:07:43.0578 3984 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:07:43.0578 3984 Fips - ok
20:07:43.0593 3984 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:07:43.0593 3984 Flpydisk - ok
20:07:43.0625 3984 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:07:43.0640 3984 FltMgr - ok
20:07:43.0703 3984 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:07:43.0703 3984 FontCache3.0.0.0 - ok
20:07:43.0734 3984 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:07:43.0750 3984 Fs_Rec - ok
20:07:43.0765 3984 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:07:43.0765 3984 Ftdisk - ok
20:07:43.0796 3984 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:07:43.0796 3984 Gpc - ok
20:07:43.0890 3984 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:07:43.0890 3984 gupdate - ok
20:07:43.0906 3984 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:07:43.0906 3984 gupdatem - ok
20:07:43.0937 3984 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:07:43.0937 3984 HDAudBus - ok
20:07:43.0984 3984 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:07:43.0984 3984 helpsvc - ok
20:07:44.0031 3984 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:07:44.0031 3984 HidServ - ok
20:07:44.0078 3984 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:07:44.0078 3984 HidUsb - ok
20:07:44.0093 3984 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:07:44.0093 3984 hkmsvc - ok
20:07:44.0109 3984 hpn - ok
20:07:44.0156 3984 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:07:44.0156 3984 HPZid412 - ok
20:07:44.0171 3984 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:07:44.0171 3984 HPZipr12 - ok
20:07:44.0203 3984 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:07:44.0203 3984 HPZius12 - ok
20:07:44.0250 3984 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:07:44.0250 3984 HTTP - ok
20:07:44.0265 3984 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:07:44.0265 3984 HTTPFilter - ok
20:07:44.0281 3984 i2omgmt - ok
20:07:44.0281 3984 i2omp - ok
20:07:44.0312 3984 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:07:44.0312 3984 i8042prt - ok
20:07:44.0375 3984 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:07:44.0406 3984 idsvc - ok
20:07:44.0406 3984 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:07:44.0421 3984 Imapi - ok
20:07:44.0437 3984 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:07:44.0437 3984 ImapiService - ok
20:07:44.0453 3984 ini910u - ok
20:07:44.0578 3984 [ B2957D6C1226F029230DAC2C46D34286 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:07:44.0671 3984 IntcAzAudAddService - ok
20:07:44.0687 3984 IntelIde - ok
20:07:44.0703 3984 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:07:44.0703 3984 Ip6Fw - ok
20:07:44.0750 3984 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:07:44.0750 3984 IpFilterDriver - ok
20:07:44.0750 3984 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:07:44.0750 3984 IpInIp - ok
20:07:44.0765 3984 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:07:44.0765 3984 IpNat - ok
20:07:44.0781 3984 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:07:44.0781 3984 IPSec - ok
20:07:44.0812 3984 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:07:44.0812 3984 IRENUM - ok
20:07:44.0843 3984 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:07:44.0843 3984 isapnp - ok
20:07:44.0906 3984 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:07:44.0906 3984 JavaQuickStarterService - ok
20:07:44.0921 3984 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:07:44.0921 3984 Kbdclass - ok
20:07:44.0953 3984 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:07:44.0953 3984 kbdhid - ok
20:07:44.0984 3984 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:07:44.0984 3984 kmixer - ok
20:07:45.0031 3984 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:07:45.0031 3984 KSecDD - ok
20:07:45.0046 3984 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
20:07:45.0062 3984 LanmanServer - ok
20:07:45.0078 3984 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:07:45.0093 3984 lanmanworkstation - ok
20:07:45.0093 3984 lbrtfdc - ok
20:07:45.0156 3984 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:07:45.0156 3984 LmHosts - ok
20:07:45.0171 3984 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:07:45.0187 3984 Messenger - ok
20:07:45.0218 3984 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:07:45.0218 3984 mnmdd - ok
20:07:45.0250 3984 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:07:45.0250 3984 mnmsrvc - ok
20:07:45.0296 3984 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:07:45.0296 3984 Modem - ok
20:07:45.0328 3984 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:07:45.0328 3984 Mouclass - ok
20:07:45.0343 3984 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:07:45.0343 3984 mouhid - ok
20:07:45.0375 3984 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:07:45.0375 3984 MountMgr - ok
20:07:45.0437 3984 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:07:45.0437 3984 MozillaMaintenance - ok
20:07:45.0453 3984 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:07:45.0453 3984 MpFilter - ok
20:07:45.0468 3984 mraid35x - ok
20:07:45.0484 3984 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:07:45.0484 3984 MRxDAV - ok
20:07:45.0515 3984 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:07:45.0515 3984 MRxSmb - ok
20:07:45.0546 3984 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:07:45.0546 3984 MSDTC - ok
20:07:45.0562 3984 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:07:45.0562 3984 Msfs - ok
20:07:45.0578 3984 MSIServer - ok
20:07:45.0609 3984 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:07:45.0609 3984 MSKSSRV - ok
20:07:45.0625 3984 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:07:45.0625 3984 MsMpSvc - ok
20:07:45.0640 3984 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:07:45.0640 3984 MSPCLOCK - ok
20:07:45.0671 3984 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:07:45.0671 3984 MSPQM - ok
20:07:45.0703 3984 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:07:45.0703 3984 mssmbios - ok
20:07:45.0734 3984 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:07:45.0734 3984 MSTEE - ok
20:07:45.0765 3984 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:07:45.0781 3984 Mup - ok
20:07:45.0796 3984 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:07:45.0796 3984 NABTSFEC - ok
20:07:45.0828 3984 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:07:45.0828 3984 napagent - ok
20:07:45.0859 3984 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:07:45.0859 3984 NDIS - ok
20:07:45.0890 3984 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:07:45.0890 3984 NdisIP - ok
20:07:45.0921 3984 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:07:45.0921 3984 NdisTapi - ok
20:07:45.0937 3984 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:07:45.0937 3984 Ndisuio - ok
20:07:45.0953 3984 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:07:45.0953 3984 NdisWan - ok
20:07:45.0968 3984 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:07:45.0968 3984 NDProxy - ok
20:07:45.0984 3984 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:07:45.0984 3984 NetBIOS - ok
20:07:46.0015 3984 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:07:46.0015 3984 NetBT - ok
20:07:46.0046 3984 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:07:46.0046 3984 NetDDE - ok
20:07:46.0062 3984 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:07:46.0062 3984 NetDDEdsdm - ok
20:07:46.0093 3984 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:07:46.0093 3984 Netlogon - ok
20:07:46.0109 3984 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
20:07:46.0125 3984 Netman - ok
20:07:46.0156 3984 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:07:46.0156 3984 NetTcpPortSharing - ok
20:07:46.0187 3984 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
20:07:46.0203 3984 Nla - ok
20:07:46.0203 3984 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:07:46.0203 3984 Npfs - ok
20:07:46.0234 3984 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:07:46.0234 3984 Ntfs - ok
20:07:46.0250 3984 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:07:46.0250 3984 NtLmSsp - ok
20:07:46.0281 3984 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:07:46.0296 3984 NtmsSvc - ok
20:07:46.0343 3984 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:07:46.0343 3984 Null - ok
20:07:46.0500 3984 [ 70CB8915895CCB92DDF23CE890C4F5BE ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:07:46.0625 3984 nv - ok
20:07:46.0625 3984 [ 4D6F0D3FB17C1BA64942F415C73ADCDB ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
20:07:46.0625 3984 NVENETFD - ok
20:07:46.0656 3984 [ 921E63AA1E1A20302223D016ACAFB52B ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
20:07:46.0656 3984 nvnetbus - ok
20:07:46.0671 3984 [ F96DF45CFBDC670584293E03C2AB602A ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
20:07:46.0687 3984 NVSvc - ok
20:07:46.0703 3984 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:07:46.0703 3984 NwlnkFlt - ok
20:07:46.0718 3984 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:07:46.0718 3984 NwlnkFwd - ok
20:07:46.0828 3984 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:07:46.0828 3984 odserv - ok
20:07:46.0875 3984 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:07:46.0875 3984 ose - ok
20:07:46.0921 3984 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
20:07:46.0921 3984 Parport - ok
20:07:46.0937 3984 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:07:46.0937 3984 PartMgr - ok
20:07:46.0968 3984 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:07:46.0968 3984 ParVdm - ok
20:07:46.0984 3984 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:07:46.0984 3984 PCI - ok
20:07:46.0984 3984 PCIDump - ok
20:07:47.0000 3984 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:07:47.0000 3984 PCIIde - ok
20:07:47.0031 3984 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:07:47.0031 3984 Pcmcia - ok
20:07:47.0046 3984 PDCOMP - ok
20:07:47.0046 3984 PDFRAME - ok
20:07:47.0062 3984 PDRELI - ok
20:07:47.0078 3984 PDRFRAME - ok
20:07:47.0093 3984 perc2 - ok
20:07:47.0109 3984 perc2hib - ok
20:07:47.0140 3984 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
20:07:47.0156 3984 PlugPlay - ok
20:07:47.0156 3984 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:07:47.0171 3984 PolicyAgent - ok
20:07:47.0203 3984 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:07:47.0203 3984 PptpMiniport - ok
20:07:47.0218 3984 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:07:47.0218 3984 ProtectedStorage - ok
20:07:47.0234 3984 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:07:47.0234 3984 PSched - ok
20:07:47.0234 3984 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:07:47.0234 3984 Ptilink - ok
20:07:47.0250 3984 ql1080 - ok
20:07:47.0265 3984 Ql10wnt - ok
20:07:47.0281 3984 ql12160 - ok
20:07:47.0281 3984 ql1240 - ok
20:07:47.0296 3984 ql1280 - ok
20:07:47.0312 3984 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:07:47.0328 3984 RasAcd - ok
20:07:47.0359 3984 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:07:47.0359 3984 RasAuto - ok
20:07:47.0390 3984 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:07:47.0390 3984 Rasl2tp - ok
20:07:47.0406 3984 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:07:47.0421 3984 RasMan - ok
20:07:47.0421 3984 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:07:47.0421 3984 RasPppoe - ok
20:07:47.0437 3984 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:07:47.0437 3984 Raspti - ok
20:07:47.0468 3984 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:07:47.0468 3984 Rdbss - ok
20:07:47.0484 3984 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:07:47.0484 3984 RDPCDD - ok
20:07:47.0531 3984 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:07:47.0531 3984 RDPWD - ok
20:07:47.0578 3984 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:07:47.0578 3984 RDSessMgr - ok
20:07:47.0609 3984 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:07:47.0609 3984 redbook - ok
20:07:47.0656 3984 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:07:47.0656 3984 RemoteAccess - ok
20:07:47.0687 3984 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:07:47.0687 3984 RpcLocator - ok
20:07:47.0718 3984 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:07:47.0734 3984 RpcSs - ok
20:07:47.0765 3984 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:07:47.0765 3984 RSVP - ok
20:07:47.0796 3984 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
20:07:47.0796 3984 SamSs - ok
20:07:47.0828 3984 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:07:47.0843 3984 SCardSvr - ok
20:07:47.0890 3984 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:07:47.0906 3984 Schedule - ok
20:07:47.0921 3984 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:07:47.0937 3984 Secdrv - ok
20:07:47.0953 3984 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:07:47.0953 3984 seclogon - ok
20:07:47.0968 3984 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
20:07:47.0968 3984 SENS - ok
20:07:47.0984 3984 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:07:47.0984 3984 serenum - ok
20:07:48.0000 3984 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:07:48.0000 3984 Serial - ok
20:07:48.0046 3984 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:07:48.0062 3984 Sfloppy - ok
20:07:48.0093 3984 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:07:48.0093 3984 SharedAccess - ok
20:07:48.0125 3984 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:07:48.0125 3984 ShellHWDetection - ok
20:07:48.0140 3984 Simbad - ok
20:07:48.0187 3984 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:07:48.0187 3984 SkypeUpdate - ok
20:07:48.0234 3984 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:07:48.0234 3984 SLIP - ok
20:07:48.0250 3984 Sparrow - ok
20:07:48.0265 3984 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:07:48.0265 3984 splitter - ok
20:07:48.0312 3984 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:07:48.0312 3984 Spooler - ok
20:07:48.0343 3984 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:07:48.0359 3984 sr - ok
20:07:48.0375 3984 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
20:07:48.0390 3984 srservice - ok
20:07:48.0421 3984 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:07:48.0437 3984 Srv - ok
20:07:48.0453 3984 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:07:48.0453 3984 SSDPSRV - ok
20:07:48.0500 3984 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:07:48.0515 3984 stisvc - ok
20:07:48.0515 3984 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:07:48.0515 3984 streamip - ok
20:07:48.0562 3984 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:07:48.0562 3984 swenum - ok
20:07:48.0578 3984 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:07:48.0578 3984 swmidi - ok
20:07:48.0593 3984 SwPrv - ok
20:07:48.0609 3984 symc810 - ok
20:07:48.0625 3984 symc8xx - ok
20:07:48.0640 3984 sym_hi - ok
20:07:48.0640 3984 sym_u3 - ok
20:07:48.0671 3984 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:07:48.0671 3984 sysaudio - ok
20:07:48.0703 3984 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:07:48.0718 3984 SysmonLog - ok
20:07:48.0734 3984 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:07:48.0734 3984 TapiSrv - ok
20:07:48.0765 3984 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:07:48.0781 3984 Tcpip - ok
20:07:48.0812 3984 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:07:48.0812 3984 TDPIPE - ok
20:07:48.0828 3984 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:07:48.0843 3984 TDTCP - ok
20:07:48.0890 3984 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:07:48.0890 3984 TermDD - ok
20:07:48.0906 3984 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
20:07:48.0921 3984 TermService - ok
20:07:48.0937 3984 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:07:48.0953 3984 Themes - ok
20:07:48.0968 3984 TosIde - ok
20:07:48.0984 3984 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:07:49.0000 3984 TrkWks - ok
20:07:49.0031 3984 [ DEC0E131B20F36246549C0DB2B23A677 ] tv2ktunr C:\WINDOWS\system32\drivers\wf2ktunr.sys
20:07:49.0031 3984 tv2ktunr - ok
20:07:49.0062 3984 [ 53DB0D251B022C034A1EB0B8B7264CC5 ] Tv2kXbar C:\WINDOWS\system32\drivers\wf2kxbar.sys
20:07:49.0062 3984 Tv2kXbar - ok
20:07:49.0078 3984 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:07:49.0093 3984 Udfs - ok
20:07:49.0140 3984 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
20:07:49.0140 3984 UleadBurningHelper - ok
20:07:49.0156 3984 ultra - ok
20:07:49.0187 3984 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:07:49.0187 3984 Update - ok
20:07:49.0218 3984 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
20:07:49.0218 3984 upnphost - ok
20:07:49.0234 3984 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
20:07:49.0234 3984 UPS - ok
20:07:49.0265 3984 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:07:49.0265 3984 usbccgp - ok
20:07:49.0296 3984 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:07:49.0296 3984 usbehci - ok
20:07:49.0312 3984 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:07:49.0312 3984 usbhub - ok
20:07:49.0328 3984 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:07:49.0328 3984 usbohci - ok
20:07:49.0343 3984 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:07:49.0343 3984 usbprint - ok
20:07:49.0390 3984 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:07:49.0390 3984 usbscan - ok
20:07:49.0406 3984 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:07:49.0406 3984 usbstor - ok
20:07:49.0421 3984 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:07:49.0421 3984 VgaSave - ok
20:07:49.0437 3984 ViaIde - ok
20:07:49.0453 3984 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:07:49.0453 3984 VolSnap - ok
20:07:49.0484 3984 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
20:07:49.0500 3984 VSS - ok
20:07:49.0531 3984 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
20:07:49.0531 3984 W32Time - ok
20:07:49.0562 3984 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:07:49.0562 3984 Wanarp - ok
20:07:49.0578 3984 WDICA - ok
20:07:49.0593 3984 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:07:49.0593 3984 wdmaud - ok
20:07:49.0609 3984 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:07:49.0625 3984 WebClient - ok
20:07:49.0750 3984 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:07:49.0781 3984 winmgmt - ok
20:07:50.0062 3984 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:07:50.0156 3984 WinRM - ok
20:07:50.0218 3984 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:07:50.0218 3984 WmdmPmSN - ok
20:07:50.0296 3984 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:07:50.0296 3984 WmiApSrv - ok
20:07:50.0593 3984 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:07:50.0625 3984 WMPNetworkSvc - ok
20:07:50.0875 3984 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:07:50.0937 3984 WPFFontCache_v0400 - ok
20:07:51.0000 3984 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:07:51.0000 3984 WS2IFSL - ok
20:07:51.0046 3984 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:07:51.0062 3984 wscsvc - ok
20:07:51.0078 3984 WSearch - ok
20:07:51.0125 3984 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:07:51.0125 3984 WSTCODEC - ok
20:07:51.0156 3984 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:07:51.0171 3984 wuauserv - ok
20:07:51.0203 3984 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:07:51.0203 3984 WudfPf - ok
20:07:51.0218 3984 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:07:51.0218 3984 WudfRd - ok
20:07:51.0250 3984 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:07:51.0250 3984 WudfSvc - ok
20:07:51.0281 3984 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:07:51.0296 3984 WZCSVC - ok
20:07:51.0328 3984 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:07:51.0359 3984 xmlprov - ok
20:07:51.0375 3984 ================ Scan global ===============================
20:07:51.0421 3984 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
20:07:51.0437 3984 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
20:07:51.0453 3984 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
20:07:51.0484 3984 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
20:07:51.0484 3984 [Global] - ok
20:07:51.0484 3984 ================ Scan MBR ==================================
20:07:51.0500 3984 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
20:07:51.0687 3984 \Device\Harddisk0\DR0 - ok
20:07:51.0703 3984 ================ Scan VBR ==================================
20:07:51.0703 3984 [ 0C6D3C2A512729E8ED686DD06FF635C5 ] \Device\Harddisk0\DR0\Partition1
20:07:51.0703 3984 \Device\Harddisk0\DR0\Partition1 - ok
20:07:51.0703 3984 ============================================================
20:07:51.0703 3984 Scan finished
20:07:51.0703 3984 ============================================================
20:07:51.0734 3924 Detected object count: 0
20:07:51.0734 3924 Actual detected object count: 0
20:08:19.0812 2380 Deinitialize success

[dvorak.josef01]

20:07:54.0515 1164 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
20:07:54.0656 1164 ============================================================
20:07:54.0656 1164 Current date / time: 2012/06/26 20:07:54.0656
20:07:54.0656 1164 SystemInfo:
20:07:54.0656 1164
20:07:54.0656 1164 OS Version: 5.1.2600 ServicePack: 3.0
20:07:54.0656 1164 Product type: Workstation
20:07:54.0656 1164 ComputerName: PCDVORAK
20:07:54.0656 1164 UserName: Josef
20:07:54.0656 1164 Windows directory: C:\WINDOWS
20:07:54.0656 1164 System windows directory: C:\WINDOWS
20:07:54.0656 1164 Processor architecture: Intel x86
20:07:54.0656 1164 Number of processors: 1
20:07:54.0656 1164 Page size: 0x1000
20:07:54.0656 1164 Boot type: Normal boot
20:07:54.0656 1164 ============================================================
20:07:58.0093 1164 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:07:58.0250 1164 ============================================================
20:07:58.0250 1164 \Device\Harddisk0\DR0:
20:07:58.0343 1164 MBR partitions:
20:07:58.0343 1164 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
20:07:58.0343 1164 ============================================================
20:07:58.0406 1164 C: <-> \Device\Harddisk0\DR0\Partition0
20:07:58.0406 1164 ============================================================
20:07:58.0406 1164 Initialize success
20:07:58.0406 1164 ============================================================
20:08:01.0468 3804 ============================================================
20:08:01.0468 3804 Scan started
20:08:01.0468 3804 Mode: Manual;
20:08:01.0468 3804 ============================================================
20:08:02.0328 3804 Abiosdsk - ok
20:08:02.0328 3804 abp480n5 - ok
20:08:02.0437 3804 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:08:02.0437 3804 ACDaemon - ok
20:08:02.0500 3804 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:08:02.0515 3804 ACPI - ok
20:08:02.0562 3804 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:08:02.0562 3804 ACPIEC - ok
20:08:02.0718 3804 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:08:02.0734 3804 AdobeFlashPlayerUpdateSvc - ok
20:08:02.0750 3804 adpu160m - ok
20:08:02.0812 3804 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:08:02.0812 3804 aec - ok
20:08:02.0890 3804 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:08:02.0890 3804 AFD - ok
20:08:02.0906 3804 Aha154x - ok
20:08:02.0906 3804 aic78u2 - ok
20:08:02.0921 3804 aic78xx - ok
20:08:02.0937 3804 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
20:08:02.0937 3804 Alerter - ok
20:08:02.0968 3804 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
20:08:02.0968 3804 ALG - ok
20:08:02.0984 3804 AliIde - ok
20:08:03.0031 3804 AmdK8 (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:08:03.0203 3804 AmdK8 - ok
20:08:03.0203 3804 amsint - ok
20:08:03.0218 3804 AppMgmt - ok
20:08:03.0234 3804 asc - ok
20:08:03.0234 3804 asc3350p - ok
20:08:03.0250 3804 asc3550 - ok
20:08:03.0421 3804 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:08:03.0437 3804 aspnet_state - ok
20:08:03.0468 3804 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:08:03.0484 3804 AsyncMac - ok
20:08:03.0500 3804 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:08:03.0515 3804 atapi - ok
20:08:03.0546 3804 Atdisk - ok
20:08:03.0578 3804 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:08:03.0578 3804 Atmarpc - ok
20:08:03.0625 3804 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
20:08:03.0625 3804 AudioSrv - ok
20:08:03.0671 3804 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:08:03.0671 3804 audstub - ok
20:08:03.0718 3804 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:08:03.0718 3804 Beep - ok
20:08:03.0796 3804 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
20:08:03.0984 3804 BITS - ok
20:08:04.0031 3804 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
20:08:04.0031 3804 Browser - ok
20:08:04.0093 3804 BT848 (df863a3f97a8cbf9e7fbbc2a0854f582) C:\WINDOWS\system32\drivers\wf2kvcap.sys
20:08:04.0234 3804 BT848 - ok
20:08:04.0265 3804 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:08:04.0265 3804 cbidf2k - ok
20:08:04.0296 3804 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:08:04.0296 3804 CCDECODE - ok
20:08:04.0312 3804 cd20xrnt - ok
20:08:04.0343 3804 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:08:04.0343 3804 Cdaudio - ok
20:08:04.0390 3804 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:08:04.0390 3804 Cdfs - ok
20:08:04.0421 3804 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:08:04.0421 3804 Cdrom - ok
20:08:04.0437 3804 Changer - ok
20:08:04.0453 3804 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
20:08:04.0468 3804 CiSvc - ok
20:08:04.0500 3804 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
20:08:04.0500 3804 ClipSrv - ok
20:08:04.0593 3804 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:08:04.0640 3804 clr_optimization_v2.0.50727_32 - ok
20:08:04.0671 3804 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:08:04.0703 3804 clr_optimization_v4.0.30319_32 - ok
20:08:04.0718 3804 CmdIde - ok
20:08:04.0734 3804 COMSysApp - ok
20:08:04.0750 3804 Cpqarray - ok
20:08:04.0796 3804 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
20:08:04.0796 3804 CryptSvc - ok
20:08:04.0812 3804 dac2w2k - ok
20:08:04.0828 3804 dac960nt - ok
20:08:04.0890 3804 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
20:08:04.0984 3804 DcomLaunch - ok
20:08:05.0343 3804 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
20:08:05.0343 3804 Dhcp - ok
20:08:05.0375 3804 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:08:05.0375 3804 Disk - ok
20:08:05.0375 3804 dmadmin - ok
20:08:05.0453 3804 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
20:08:05.0468 3804 dmboot - ok
20:08:05.0500 3804 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
20:08:05.0500 3804 dmio - ok
20:08:05.0531 3804 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:08:05.0531 3804 dmload - ok
20:08:05.0546 3804 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
20:08:05.0546 3804 dmserver - ok
20:08:05.0593 3804 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:08:05.0593 3804 DMusic - ok
20:08:05.0640 3804 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
20:08:05.0640 3804 Dnscache - ok
20:08:05.0687 3804 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
20:08:05.0687 3804 Dot3svc - ok
20:08:05.0703 3804 dpti2o - ok
20:08:05.0734 3804 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:08:05.0750 3804 drmkaud - ok
20:08:05.0781 3804 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
20:08:05.0781 3804 EapHost - ok
20:08:05.0812 3804 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
20:08:05.0812 3804 ERSvc - ok
20:08:05.0875 3804 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
20:08:05.0875 3804 Eventlog - ok
20:08:05.0937 3804 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
20:08:05.0953 3804 EventSystem - ok
20:08:06.0000 3804 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:08:06.0000 3804 Fastfat - ok
20:08:06.0046 3804 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:08:06.0062 3804 FastUserSwitchingCompatibility - ok
20:08:06.0078 3804 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:08:06.0078 3804 Fdc - ok
20:08:06.0093 3804 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
20:08:06.0109 3804 Fips - ok
20:08:06.0125 3804 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:08:06.0125 3804 Flpydisk - ok
20:08:06.0187 3804 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:08:06.0187 3804 FltMgr - ok
20:08:06.0359 3804 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:08:06.0375 3804 FontCache3.0.0.0 - ok
20:08:06.0406 3804 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:08:06.0406 3804 Fs_Rec - ok
20:08:06.0421 3804 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:08:06.0421 3804 Ftdisk - ok
20:08:06.0437 3804 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:08:06.0437 3804 Gpc - ok
20:08:06.0546 3804 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:08:06.0546 3804 gupdate - ok
20:08:06.0562 3804 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:08:06.0562 3804 gupdatem - ok
20:08:06.0609 3804 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:08:06.0625 3804 gusvc - ok
20:08:06.0656 3804 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:08:06.0656 3804 HDAudBus - ok
20:08:06.0734 3804 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:08:06.0750 3804 helpsvc - ok
20:08:06.0750 3804 HidServ - ok
20:08:06.0796 3804 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:08:06.0796 3804 HidUsb - ok
20:08:06.0843 3804 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
20:08:06.0843 3804 hkmsvc - ok
20:08:06.0859 3804 hpn - ok
20:08:06.0953 3804 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:08:06.0953 3804 HPZid412 - ok
20:08:06.0953 3804 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:08:06.0968 3804 HPZipr12 - ok
20:08:07.0015 3804 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:08:07.0015 3804 HPZius12 - ok
20:08:07.0062 3804 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:08:07.0093 3804 HTTP - ok
20:08:07.0125 3804 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
20:08:07.0140 3804 HTTPFilter - ok
20:08:07.0140 3804 i2omgmt - ok
20:08:07.0156 3804 i2omp - ok
20:08:07.0187 3804 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:08:07.0187 3804 i8042prt - ok
20:08:07.0328 3804 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:08:07.0375 3804 idsvc - ok
20:08:07.0421 3804 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:08:07.0421 3804 Imapi - ok
20:08:07.0453 3804 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
20:08:07.0453 3804 ImapiService - ok
20:08:07.0468 3804 ini910u - ok
20:08:07.0734 3804 IntcAzAudAddService (b2957d6c1226f029230dac2c46d34286) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:08:07.0843 3804 IntcAzAudAddService - ok
20:08:07.0953 3804 IntelIde - ok
20:08:08.0000 3804 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:08:08.0000 3804 Ip6Fw - ok
20:08:08.0031 3804 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:08:08.0031 3804 IpFilterDriver - ok
20:08:08.0046 3804 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:08:08.0046 3804 IpInIp - ok
20:08:08.0062 3804 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:08:08.0062 3804 IpNat - ok
20:08:08.0109 3804 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:08:08.0109 3804 IPSec - ok
20:08:08.0140 3804 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:08:08.0171 3804 IRENUM - ok
20:08:08.0218 3804 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:08:08.0218 3804 isapnp - ok
20:08:08.0328 3804 JavaQuickStarterService (0a5709543986843d37a92290b7838340) c:\Program Files\Java\jre6\bin\jqs.exe
20:08:08.0328 3804 JavaQuickStarterService - ok
20:08:08.0343 3804 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:08:08.0359 3804 Kbdclass - ok
20:08:08.0421 3804 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:08:08.0421 3804 kmixer - ok
20:08:08.0468 3804 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:08:08.0468 3804 KSecDD - ok
20:08:08.0500 3804 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
20:08:08.0515 3804 LanmanServer - ok
20:08:08.0562 3804 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
20:08:08.0578 3804 lanmanworkstation - ok
20:08:08.0593 3804 lbrtfdc - ok
20:08:08.0656 3804 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
20:08:08.0656 3804 LmHosts - ok
20:08:08.0687 3804 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
20:08:08.0687 3804 Messenger - ok
20:08:08.0718 3804 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:08:08.0718 3804 mnmdd - ok
20:08:08.0765 3804 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
20:08:08.0765 3804 mnmsrvc - ok
20:08:08.0781 3804 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
20:08:08.0781 3804 Modem - ok
20:08:08.0828 3804 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:08:08.0828 3804 Mouclass - ok
20:08:08.0890 3804 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:08:08.0890 3804 mouhid - ok
20:08:08.0953 3804 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:08:08.0953 3804 MountMgr - ok
20:08:09.0015 3804 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:08:09.0015 3804 MozillaMaintenance - ok
20:08:09.0078 3804 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:08:09.0078 3804 MpFilter - ok
20:08:09.0093 3804 mraid35x - ok
20:08:09.0109 3804 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:08:09.0125 3804 MRxDAV - ok
20:08:09.0187 3804 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:08:09.0187 3804 MRxSmb - ok
20:08:09.0234 3804 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
20:08:09.0234 3804 MSDTC - ok
20:08:09.0265 3804 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:08:09.0265 3804 Msfs - ok
20:08:09.0281 3804 MSIServer - ok
20:08:09.0328 3804 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:08:09.0328 3804 MSKSSRV - ok
20:08:09.0406 3804 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:08:09.0421 3804 MsMpSvc - ok
20:08:09.0437 3804 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:08:09.0437 3804 MSPCLOCK - ok
20:08:09.0484 3804 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:08:09.0484 3804 MSPQM - ok
20:08:09.0500 3804 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:08:09.0500 3804 mssmbios - ok
20:08:09.0531 3804 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:08:09.0531 3804 MSTEE - ok
20:08:09.0578 3804 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:08:09.0578 3804 Mup - ok
20:08:09.0609 3804 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:08:09.0609 3804 NABTSFEC - ok
20:08:09.0656 3804 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
20:08:09.0671 3804 napagent - ok
20:08:09.0703 3804 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:08:09.0718 3804 NDIS - ok
20:08:09.0750 3804 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:08:09.0750 3804 NdisIP - ok
20:08:09.0796 3804 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:08:09.0796 3804 NdisTapi - ok
20:08:09.0812 3804 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:08:09.0812 3804 Ndisuio - ok
20:08:09.0875 3804 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:08:09.0875 3804 NdisWan - ok
20:08:09.0921 3804 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:08:09.0921 3804 NDProxy - ok
20:08:09.0968 3804 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:08:09.0968 3804 NetBIOS - ok
20:08:10.0000 3804 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:08:10.0000 3804 NetBT - ok
20:08:10.0046 3804 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
20:08:10.0046 3804 NetDDE - ok
20:08:10.0062 3804 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
20:08:10.0062 3804 NetDDEdsdm - ok
20:08:10.0093 3804 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:08:10.0093 3804 Netlogon - ok
20:08:10.0125 3804 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
20:08:10.0140 3804 Netman - ok
20:08:10.0296 3804 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:08:10.0312 3804 NetTcpPortSharing - ok
20:08:10.0359 3804 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
20:08:10.0375 3804 Nla - ok
20:08:10.0390 3804 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:08:10.0390 3804 Npfs - ok
20:08:10.0421 3804 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:08:10.0437 3804 Ntfs - ok
20:08:10.0453 3804 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:08:10.0453 3804 NtLmSsp - ok
20:08:10.0500 3804 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
20:08:10.0515 3804 NtmsSvc - ok
20:08:10.0562 3804 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:08:10.0562 3804 Null - ok
20:08:10.0875 3804 nv (70cb8915895ccb92ddf23ce890c4f5be) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:08:11.0046 3804 nv - ok
20:08:11.0187 3804 NVENETFD (4d6f0d3fb17c1ba64942f415c73adcdb) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
20:08:11.0187 3804 NVENETFD - ok
20:08:11.0203 3804 nvnetbus (921e63aa1e1a20302223d016acafb52b) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
20:08:11.0203 3804 nvnetbus - ok
20:08:11.0281 3804 NVSvc (f96df45cfbdc670584293e03c2ab602a) C:\WINDOWS\system32\nvsvc32.exe
20:08:11.0281 3804 NVSvc - ok
20:08:11.0328 3804 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:08:11.0328 3804 NwlnkFlt - ok
20:08:11.0343 3804 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:08:11.0343 3804 NwlnkFwd - ok
20:08:11.0718 3804 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:08:11.0796 3804 odserv - ok
20:08:11.0968 3804 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:08:11.0984 3804 ose - ok
20:08:12.0046 3804 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
20:08:12.0062 3804 Parport - ok
20:08:12.0109 3804 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:08:12.0109 3804 PartMgr - ok
20:08:12.0140 3804 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
20:08:12.0140 3804 ParVdm - ok
20:08:12.0203 3804 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
20:08:12.0203 3804 PCI - ok
20:08:12.0218 3804 PCIDump - ok
20:08:12.0250 3804 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:08:12.0250 3804 PCIIde - ok
20:08:12.0296 3804 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:08:12.0296 3804 Pcmcia - ok
20:08:12.0312 3804 PDCOMP - ok
20:08:12.0328 3804 PDFRAME - ok
20:08:12.0343 3804 PDRELI - ok
20:08:12.0343 3804 PDRFRAME - ok
20:08:12.0359 3804 perc2 - ok
20:08:12.0375 3804 perc2hib - ok
20:08:12.0453 3804 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
20:08:12.0468 3804 PlugPlay - ok
20:08:12.0500 3804 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:08:12.0500 3804 PolicyAgent - ok
20:08:12.0546 3804 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:08:12.0546 3804 PptpMiniport - ok
20:08:12.0562 3804 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:08:12.0562 3804 ProtectedStorage - ok
20:08:12.0578 3804 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:08:12.0593 3804 PSched - ok
20:08:12.0640 3804 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:08:12.0640 3804 Ptilink - ok
20:08:12.0656 3804 ql1080 - ok
20:08:12.0671 3804 Ql10wnt - ok
20:08:12.0687 3804 ql12160 - ok
20:08:12.0687 3804 ql1240 - ok
20:08:12.0703 3804 ql1280 - ok
20:08:12.0750 3804 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:08:12.0750 3804 RasAcd - ok
20:08:12.0781 3804 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
20:08:12.0796 3804 RasAuto - ok
20:08:12.0843 3804 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:08:12.0843 3804 Rasl2tp - ok
20:08:12.0906 3804 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
20:08:12.0921 3804 RasMan - ok
20:08:12.0937 3804 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:08:12.0937 3804 RasPppoe - ok
20:08:12.0984 3804 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:08:12.0984 3804 Raspti - ok
20:08:13.0109 3804 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:08:13.0125 3804 Rdbss - ok
20:08:13.0156 3804 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:08:13.0156 3804 RDPCDD - ok
20:08:13.0281 3804 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
20:08:13.0296 3804 RDPWD - ok
20:08:13.0593 3804 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
20:08:13.0609 3804 RDSessMgr - ok
20:08:13.0703 3804 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:08:13.0703 3804 redbook - ok
20:08:13.0890 3804 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
20:08:13.0890 3804 RemoteAccess - ok
20:08:14.0125 3804 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
20:08:14.0187 3804 RpcLocator - ok
20:08:15.0296 3804 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
20:08:15.0562 3804 RpcSs - ok
20:08:15.0953 3804 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
20:08:16.0015 3804 RSVP - ok
20:08:16.0109 3804 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
20:08:16.0125 3804 SamSs - ok
20:08:16.0250 3804 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
20:08:16.0250 3804 SCardSvr - ok
20:08:16.0343 3804 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
20:08:16.0375 3804 Schedule - ok
20:08:16.0437 3804 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:08:16.0437 3804 Secdrv - ok
20:08:16.0468 3804 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
20:08:16.0468 3804 seclogon - ok
20:08:16.0500 3804 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
20:08:16.0500 3804 SENS - ok
20:08:16.0531 3804 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:08:16.0531 3804 serenum - ok
20:08:16.0562 3804 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
20:08:16.0562 3804 Serial - ok
20:08:16.0625 3804 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:08:16.0625 3804 Sfloppy - ok
20:08:16.0734 3804 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
20:08:16.0765 3804 SharedAccess - ok
20:08:16.0843 3804 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:08:16.0859 3804 ShellHWDetection - ok
20:08:16.0859 3804 Simbad - ok
20:08:17.0000 3804 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
20:08:17.0031 3804 SkypeUpdate - ok
20:08:17.0062 3804 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:08:17.0062 3804 SLIP - ok
20:08:17.0109 3804 Sparrow - ok
20:08:17.0171 3804 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:08:17.0171 3804 splitter - ok
20:08:17.0234 3804 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:08:17.0234 3804 Spooler - ok
20:08:17.0312 3804 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
20:08:17.0312 3804 sr - ok
20:08:17.0375 3804 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
20:08:17.0375 3804 srservice - ok
20:08:17.0453 3804 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:08:17.0468 3804 Srv - ok
20:08:17.0515 3804 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
20:08:17.0531 3804 SSDPSRV - ok
20:08:17.0593 3804 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
20:08:17.0609 3804 stisvc - ok
20:08:17.0640 3804 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:08:17.0640 3804 streamip - ok
20:08:17.0687 3804 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:08:17.0687 3804 swenum - ok
20:08:17.0734 3804 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:08:17.0734 3804 swmidi - ok
20:08:17.0750 3804 SwPrv - ok
20:08:17.0765 3804 symc810 - ok
20:08:17.0765 3804 symc8xx - ok
20:08:17.0781 3804 sym_hi - ok
20:08:17.0796 3804 sym_u3 - ok
20:08:17.0843 3804 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:08:17.0843 3804 sysaudio - ok
20:08:17.0890 3804 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
20:08:17.0906 3804 SysmonLog - ok
20:08:17.0953 3804 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
20:08:18.0000 3804 TapiSrv - ok
20:08:18.0078 3804 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:08:18.0093 3804 Tcpip - ok
20:08:18.0125 3804 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:08:18.0125 3804 TDPIPE - ok
20:08:18.0156 3804 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:08:18.0156 3804 TDTCP - ok
20:08:18.0203 3804 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:08:18.0203 3804 TermDD - ok
20:08:18.0250 3804 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
20:08:18.0296 3804 TermService - ok
20:08:18.0359 3804 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
20:08:18.0359 3804 Themes - ok
20:08:18.0359 3804 TosIde - ok
20:08:18.0421 3804 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
20:08:18.0437 3804 TrkWks - ok
20:08:18.0468 3804 tv2ktunr (dec0e131b20f36246549c0db2b23a677) C:\WINDOWS\system32\drivers\wf2ktunr.sys
20:08:18.0515 3804 tv2ktunr - ok
20:08:18.0546 3804 Tv2kXbar (53db0d251b022c034a1eb0b8b7264cc5) C:\WINDOWS\system32\drivers\wf2kxbar.sys
20:08:18.0593 3804 Tv2kXbar - ok
20:08:18.0625 3804 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:08:18.0625 3804 Udfs - ok
20:08:18.0718 3804 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
20:08:18.0718 3804 UleadBurningHelper - ok
20:08:18.0718 3804 ultra - ok
20:08:18.0765 3804 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:08:18.0781 3804 Update - ok
20:08:18.0828 3804 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
20:08:18.0843 3804 upnphost - ok
20:08:18.0875 3804 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
20:08:18.0890 3804 UPS - ok
20:08:18.0968 3804 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:08:18.0968 3804 usbccgp - ok
20:08:18.0984 3804 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:08:18.0984 3804 usbehci - ok
20:08:19.0000 3804 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:08:19.0000 3804 usbhub - ok
20:08:19.0015 3804 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:08:19.0015 3804 usbohci - ok
20:08:19.0031 3804 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:08:19.0031 3804 usbprint - ok
20:08:19.0046 3804 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:08:19.0046 3804 usbscan - ok
20:08:19.0062 3804 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:08:19.0062 3804 usbstor - ok
20:08:19.0078 3804 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:08:19.0078 3804 VgaSave - ok
20:08:19.0093 3804 ViaIde - ok
20:08:19.0125 3804 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
20:08:19.0125 3804 VolSnap - ok
20:08:19.0156 3804 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
20:08:19.0171 3804 VSS - ok
20:08:19.0218 3804 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
20:08:19.0234 3804 W32Time - ok
20:08:19.0250 3804 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:08:19.0250 3804 Wanarp - ok
20:08:19.0265 3804 WDICA - ok
20:08:19.0312 3804 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:08:19.0312 3804 wdmaud - ok
20:08:19.0343 3804 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
20:08:19.0343 3804 WebClient - ok
20:08:19.0437 3804 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:08:19.0437 3804 winmgmt - ok
20:08:19.0515 3804 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
20:08:19.0546 3804 WinRM - ok
20:08:19.0593 3804 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:08:19.0593 3804 WmdmPmSN - ok
20:08:19.0671 3804 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:08:19.0671 3804 WmiApSrv - ok
20:08:19.0828 3804 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
20:08:19.0843 3804 WMPNetworkSvc - ok
20:08:20.0078 3804 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:08:20.0093 3804 WPFFontCache_v0400 - ok
20:08:20.0203 3804 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
20:08:20.0218 3804 wscsvc - ok
20:08:20.0234 3804 WSearch - ok
20:08:20.0281 3804 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:08:20.0281 3804 WSTCODEC - ok
20:08:20.0312 3804 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
20:08:20.0343 3804 wuauserv - ok
20:08:20.0375 3804 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:08:20.0375 3804 WudfPf - ok
20:08:20.0390 3804 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:08:20.0406 3804 WudfRd - ok
20:08:20.0421 3804 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:08:20.0437 3804 WudfSvc - ok
20:08:20.0484 3804 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
20:08:20.0500 3804 WZCSVC - ok
20:08:20.0531 3804 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
20:08:20.0593 3804 xmlprov - ok
20:08:20.0640 3804 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
20:08:21.0093 3804 \Device\Harddisk0\DR0 - ok
20:08:21.0093 3804 Boot (0x1200) (1d7eb5e72843e025a943067469491c00) \Device\Harddisk0\DR0\Partition0
20:08:21.0109 3804 \Device\Harddisk0\DR0\Partition0 - ok
20:08:21.0109 3804 ============================================================
20:08:21.0109 3804 Scan finished
20:08:21.0109 3804 ============================================================
20:08:21.0125 3404 Detected object count: 0
20:08:21.0125 3404 Actual detected object count: 0

[dvorak.josef01]

Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.447.230 [GMT 1:00]
Spuštěný z: c:\documents and settings\Josef\Dokumenty\Stažené soubory\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-28 do 2012-10-31 )))))))))))))))))))))))))))))))
.
.
2012-10-31 19:12 . 2012-10-31 19:12 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0C8FF404-696B-4F6E-A15F-E025C7403D91}\MpKsl7226eddb.sys
2012-10-30 19:24 . 2012-10-12 05:56 6918632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0C8FF404-696B-4F6E-A15F-E025C7403D91}\mpengine.dll
2012-10-29 08:48 . 2012-10-12 05:56 6918632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-10 12:20 . 2012-10-10 12:20 -------- d-----w- c:\program files\Common Files\Java
2012-10-10 12:19 . 2012-10-10 12:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-10 12:19 . 2012-10-10 12:19 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 12:59 . 2012-03-31 09:35 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-10 12:59 . 2012-03-17 20:01 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-10 12:19 . 2012-03-15 07:59 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-10 12:19 . 2012-03-13 13:04 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 15:04 . 2012-03-16 14:58 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-30 20:03 . 2010-10-24 20:25 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-28 15:18 . 2008-12-05 11:51 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2008-12-05 11:50 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2008-12-05 11:50 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2008-12-05 11:50 385024 ------w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2008-04-14 06:52 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2008-04-14 08:06 2071808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-23 06:27 . 2008-04-14 06:07 2195072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-27 18:28 . 2012-10-27 18:25 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-12-05 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-08-11 2920448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-05 13574144]
"nwiz"="nwiz.exe" [2008-12-05 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-05 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-05 16861184]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2011-06-08 101888]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 MpKsl7226eddb;MpKsl7226eddb;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0C8FF404-696B-4F6E-A15F-E025C7403D91}\MpKsl7226eddb.sys [31.10.2012 20:12 29904]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [15.3.2012 10:23 59776]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [15.3.2012 10:23 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [15.3.2012 10:23 9600]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17.3.2012 18:35 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31.3.2012 10:35 250808]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [17.3.2012 18:35 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4.5.2012 8:29 115168]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL7226EDDB
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 12:59]
.
2012-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-17 17:35]
.
2012-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-17 17:35]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.21.0.1 10.21.60.1
FF - ProfilePath - c:\documents and settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.5.3&q=
FF - prefs.js: network.proxy.type - 0
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-31 20:29
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-10-31 20:31:32
ComboFix-quarantined-files.txt 2012-10-31 19:31
ComboFix2.txt 2012-06-27 18:25
.
Před spuštěním: Volných bajtů: 302 463 021 056
Po spuštění: Volných bajtů: 302 461 562 880
.
- - End Of File - - 586F7D8C24482EC627F7692CF8378D6A

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Google\Update
c:\program files\Skype\Updater

Driver::
gupdate
SkypeUpdate
gupdatem

Firefox::
FF - ProfilePath - c:\documents and settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.5.3&q=
pref('extensions.autoDisableScopes',0);

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\sfcfiles.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[dvorak.josef01]

Posílám Vám vše postupně. Děkuji
ComboFix 12-10-31.03 - Josef 01.11.2012 9:26.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.447.206 [GMT 1:00]
Spuštěný z: c:\documents and settings\Josef\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Josef\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
FILE ::
"c:\program files\Google\Update\GoogleUpdate.exe"
"c:\program files\Skype\Updater\Updater.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{567526A9-CEE4-4AAB-9730-8C02D2697724}\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Legacy_SKYPEUPDATE
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-01 do 2012-11-01 )))))))))))))))))))))))))))))))
.
.
2012-11-01 08:12 . 2012-10-12 05:56 6918632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{66FC085F-7454-436D-ADE2-0AC1D9599984}\mpengine.dll
2012-10-30 19:24 . 2012-10-12 05:56 6918632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-10 12:20 . 2012-10-10 12:20 -------- d-----w- c:\program files\Common Files\Java
2012-10-10 12:19 . 2012-10-10 12:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-10 12:19 . 2012-10-10 12:19 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 12:59 . 2012-03-31 09:35 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-10 12:59 . 2012-03-17 20:01 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-10 12:19 . 2012-03-15 07:59 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-10 12:19 . 2012-03-13 13:04 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 15:04 . 2012-03-16 14:58 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-30 20:03 . 2010-10-24 20:25 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-28 15:18 . 2008-12-05 11:51 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2008-12-05 11:50 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2008-12-05 11:50 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2008-12-05 11:50 385024 ------w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2008-04-14 06:52 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2008-04-14 08:06 2071808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-23 06:27 . 2008-04-14 06:07 2195072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-27 18:28 . 2012-10-27 18:25 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-12-05 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-08-11 2920448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-05 13574144]
"nwiz"="nwiz.exe" [2008-12-05 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-05 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-05 16861184]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2011-06-08 101888]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [15.3.2012 10:23 59776]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [15.3.2012 10:23 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [15.3.2012 10:23 9600]
S1 MpKsl7226eddb;MpKsl7226eddb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0C8FF404-696B-4F6E-A15F-E025C7403D91}\MpKsl7226eddb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0C8FF404-696B-4F6E-A15F-E025C7403D91}\MpKsl7226eddb.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31.3.2012 10:35 250808]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4.5.2012 8:29 115168]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 12:59]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.21.0.1 10.21.60.1
FF - ProfilePath - c:\documents and settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-01 09:34
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3460)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-11-01 09:36:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-01 08:36
ComboFix2.txt 2012-10-31 19:31
ComboFix3.txt 2012-06-27 18:25
.
Před spuštěním: Volných bajtů: 302 329 704 448
Po spuštění: Volných bajtů: 302 294 597 632
.
- - End Of File - - C26308FABE2C07A7E287A3E9844CA4BA

[dvorak.josef01]

https://www.virustotal.com/file/7ab3119 ... 351760043/

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-01 09:56:44
-----------------------------
09:56:44.968 OS Version: Windows 5.1.2600 Service Pack 3
09:56:44.968 Number of processors: 1 586 0x4F02
09:56:44.968 ComputerName: PCDVORAK UserName: Josef
09:56:46.265 Initialize success
09:59:03.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
09:59:03.125 Disk 0 Vendor: WDC_WD3200AAKX-083CA1 19.01H19 Size: 305245MB BusType: 3
09:59:03.125 Disk 0 MBR read successfully
09:59:03.140 Disk 0 MBR scan
09:59:03.140 Disk 0 Windows XP default MBR code
09:59:03.140 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305242 MB offset 63
09:59:03.140 Disk 0 scanning sectors +625137345
09:59:03.234 Disk 0 scanning C:\WINDOWS\system32\drivers
09:59:07.421 Service scanning
09:59:13.875 Modules scanning
09:59:18.531 Disk 0 trace - called modules:
09:59:18.546 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
09:59:18.546 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84339030]
09:59:18.546 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\0000005d[0x843a33e0]
09:59:18.562 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x843a04e0]
09:59:18.562 Scan finished successfully
09:59:31.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Josef\Plocha\MBR.dat"
09:59:31.937 The log file has been saved successfully to "C:\Documents and Settings\Josef\Plocha\aswMBR.txt"



----------------------------------------------------------------------------
CrystalDiskInfo 5.0.5 Shizuku Edition (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/11/01 10:13:45

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVDRAM GSA-H10N
- Sekundární kanál IDE (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- WDC WD3200AAKX-083CA1
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200AAKX-083CA1 : 320,0 GB [0/1/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD3200AAKX-083CA1
----------------------------------------------------------------------------
Model : WDC WD3200AAKX-083CA1
Firmware : 19.01H19
Serial Number : WD-WMAYUL783478
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 281 hod.
Power On Count : 78 krát
Temparature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 137 137 _21 000000001036 Čas na roztočení ploten
04 100 100 __0 000000000053 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 100 100 __0 000000000119 Hodin v činnosti
0A 100 253 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 253 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 00000000004E Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000008 Počet vypnutí disku
C1 200 200 __0 00000000004A Počet cyklů načítání/vymazání
C2 111 _96 __0 000000000020 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 4159 554C 3738 3334 3738
020: 0000 8000 0032 3139 2E30 3148 3139 5744 4320 5744
030: 3332 3030 4141 4B58 2D30 3833 4341 3120 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 150E 0004 0044 0040
080: 01FE 0000 346B 7D01 4123 3469 BC01 4123 203F 0020
090: 0020 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 5888 CBAD 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0125 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 89 89 36 10 00 00 00 00 00 04 32 00 64 64 53
020: 00 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 64 64 19 01 00 00 00 00 00 0A 32 00 64 FD 00
050: 00 00 00 00 00 00 0B 32 00 64 FD 00 00 00 00 00
060: 00 00 0C 32 00 64 64 4E 00 00 00 00 00 00 C0 32
070: 00 C8 C8 08 00 00 00 00 00 00 C1 32 00 C8 C8 4A
080: 00 00 00 00 00 00 C2 22 00 6F 60 20 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 D8 18 01 7B
170: 03 00 01 00 02 42 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6F

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D5

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Je třeba zkusit defragmentaci HDD

vlož nový log z HJT+ info o problému.

[dvorak.josef01]

Memtest nic nenasel, HDD mam cca mesic stary úplně mi odesel. mám tam ted HDD Western Digital 320GB. Ale i tak stejne nevim jaky program k tomu pouzit. Stahl sem si OO Defrag a moc se v tom nevyznam. Posilam novy log a problem -je to lepsi mozna by to malinko jeste necoo chtelo.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:46, on 2.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Josef\Dokumenty\Stažené soubory\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 5978 bytes

[memphisto]

Vše se zdá ok. Defragmentaci disku můžeš spustit i ve Windows. Nepotřebuješ na to extra program. STačí klik pravým na disk Vlastnosti - Nástroje - Defragmentace

[dvorak.josef01]

Děkuji vsem davam vyřeseno Měj te se