Prosím o kontrolu Logu

Zpráva

addulka · #31 Příspěvek od **addulka** » 31 bře 2012 20:10

21:05:05.0453 0960 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
21:05:05.0562 0960 ============================================================
21:05:05.0562 0960 Current date / time: 2012/03/31 21:05:05.0562
21:05:05.0562 0960 SystemInfo:
21:05:05.0562 0960
21:05:05.0562 0960 OS Version: 5.1.2600 ServicePack: 3.0
21:05:05.0562 0960 Product type: Workstation
21:05:05.0562 0960 ComputerName: ANDREJ-PC
21:05:05.0562 0960 UserName: Andrej
21:05:05.0562 0960 Windows directory: C:\WINDOWS
21:05:05.0562 0960 System windows directory: C:\WINDOWS
21:05:05.0562 0960 Processor architecture: Intel x86
21:05:05.0562 0960 Number of processors: 1
21:05:05.0562 0960 Page size: 0x1000
21:05:05.0562 0960 Boot type: Normal boot
21:05:05.0562 0960 ============================================================
21:05:07.0437 0960 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:05:07.0437 0960 \Device\Harddisk0\DR0:
21:05:07.0437 0960 MBR used
21:05:07.0437 0960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
21:05:07.0531 0960 Initialize success
21:05:07.0531 0960 ============================================================
21:05:42.0078 3664 ============================================================
21:05:42.0078 3664 Scan started
21:05:42.0078 3664 Mode: Manual; SigCheck; TDLFS;
21:05:42.0078 3664 ============================================================
21:05:42.0484 3664 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
21:05:42.0687 3664 Aavmker4 - ok
21:05:42.0750 3664 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:05:44.0140 3664 ACPI - ok
21:05:44.0234 3664 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:05:44.0390 3664 ACPIEC - ok
21:05:44.0453 3664 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
21:05:44.0515 3664 aeaudio - ok
21:05:44.0609 3664 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:05:44.0812 3664 aec - ok
21:05:44.0937 3664 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:05:44.0984 3664 AFD - ok
21:05:45.0046 3664 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
21:05:45.0218 3664 Alerter - ok
21:05:45.0296 3664 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
21:05:46.0125 3664 ALG - ok
21:05:48.0046 3664 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:05:49.0921 3664 AliIde - ok
21:05:50.0109 3664 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
21:05:50.0187 3664 AmdPPM - ok
21:05:50.0265 3664 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:05:50.0265 3664 Apple Mobile Device - ok
21:05:50.0359 3664 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
21:05:50.0437 3664 AppMgmt - ok
21:05:50.0531 3664 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:05:50.0578 3664 aspnet_state - ok
21:05:50.0750 3664 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:05:50.0765 3664 aswFsBlk - ok
21:05:50.0796 3664 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
21:05:50.0812 3664 aswMon2 - ok
21:05:50.0890 3664 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
21:05:50.0906 3664 aswRdr - ok
21:05:51.0015 3664 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
21:05:51.0062 3664 aswSnx - ok
21:05:51.0156 3664 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
21:05:51.0187 3664 aswSP - ok
21:05:51.0234 3664 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
21:05:51.0250 3664 aswTdi - ok
21:05:51.0312 3664 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:05:51.0453 3664 AsyncMac - ok
21:05:51.0609 3664 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:05:51.0750 3664 atapi - ok
21:05:51.0812 3664 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
21:05:52.0015 3664 Ati HotKey Poller - ok
21:05:52.0125 3664 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
21:05:52.0156 3664 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
21:05:52.0156 3664 ATI Smart - detected UnsignedFile.Multi.Generic (1)
21:05:52.0250 3664 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:05:52.0328 3664 ati2mtag - ok
21:05:52.0406 3664 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:05:52.0609 3664 Atmarpc - ok
21:05:52.0703 3664 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
21:05:52.0859 3664 AudioSrv - ok
21:05:52.0953 3664 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:05:53.0125 3664 audstub - ok
21:05:53.0218 3664 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:05:53.0234 3664 avast! Antivirus - ok
21:05:53.0328 3664 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:05:53.0484 3664 Beep - ok
21:05:53.0625 3664 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
21:05:53.0859 3664 BITS - ok
21:05:53.0968 3664 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
21:05:54.0000 3664 Bonjour Service - ok
21:05:54.0093 3664 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
21:05:54.0250 3664 Browser - ok
21:05:54.0312 3664 catchme - ok
21:05:54.0390 3664 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:05:54.0546 3664 cbidf2k - ok
21:05:54.0640 3664 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:05:54.0812 3664 Cdaudio - ok
21:05:54.0968 3664 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:05:55.0156 3664 Cdfs - ok
21:05:55.0234 3664 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:05:55.0421 3664 Cdrom - ok
21:05:55.0484 3664 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
21:05:55.0656 3664 CiSvc - ok
21:05:55.0718 3664 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
21:05:55.0890 3664 ClipSrv - ok
21:05:56.0000 3664 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:05:56.0015 3664 clr_optimization_v2.0.50727_32 - ok
21:05:56.0062 3664 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:05:56.0093 3664 clr_optimization_v4.0.30319_32 - ok
21:05:56.0140 3664 COMSysApp - ok
21:05:56.0218 3664 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
21:05:56.0375 3664 CryptSvc - ok
21:05:56.0437 3664 dac2w2k - ok
21:05:56.0500 3664 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
21:05:56.0578 3664 DcomLaunch - ok
21:05:56.0687 3664 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
21:05:56.0859 3664 Dhcp - ok
21:05:56.0968 3664 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:05:57.0109 3664 Disk - ok
21:05:57.0156 3664 dmadmin - ok
21:05:57.0218 3664 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
21:05:57.0437 3664 dmboot - ok
21:05:57.0531 3664 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
21:05:57.0718 3664 dmio - ok
21:05:57.0750 3664 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:05:57.0890 3664 dmload - ok
21:05:57.0937 3664 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
21:05:58.0109 3664 dmserver - ok
21:05:58.0203 3664 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:05:58.0375 3664 DMusic - ok
21:05:58.0468 3664 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
21:05:58.0546 3664 Dnscache - ok
21:05:58.0625 3664 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
21:05:58.0812 3664 Dot3svc - ok
21:05:59.0031 3664 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:05:59.0171 3664 drmkaud - ok
21:05:59.0234 3664 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
21:05:59.0406 3664 EapHost - ok
21:05:59.0484 3664 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
21:05:59.0640 3664 ERSvc - ok
21:05:59.0703 3664 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
21:05:59.0718 3664 Eventlog - ok
21:05:59.0796 3664 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
21:05:59.0890 3664 EventSystem - ok
21:06:00.0000 3664 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:06:00.0187 3664 Fastfat - ok
21:06:00.0265 3664 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
21:06:00.0328 3664 FastUserSwitchingCompatibility - ok
21:06:00.0406 3664 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:06:00.0578 3664 Fdc - ok
21:06:00.0625 3664 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
21:06:00.0781 3664 Fips - ok
21:06:00.0906 3664 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:06:01.0046 3664 Flpydisk - ok
21:06:01.0125 3664 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:06:01.0312 3664 FltMgr - ok
21:06:01.0421 3664 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:06:01.0437 3664 FontCache3.0.0.0 - ok
21:06:01.0484 3664 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:06:01.0656 3664 Fs_Rec - ok
21:06:01.0718 3664 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:06:01.0890 3664 Ftdisk - ok
21:06:01.0953 3664 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:06:01.0968 3664 GEARAspiWDM - ok
21:06:02.0015 3664 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:06:02.0187 3664 Gpc - ok
21:06:02.0234 3664 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:06:02.0390 3664 helpsvc - ok
21:06:02.0484 3664 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
21:06:02.0656 3664 HidServ - ok
21:06:02.0718 3664 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:06:02.0890 3664 hidusb - ok
21:06:02.0984 3664 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
21:06:03.0218 3664 hkmsvc - ok
21:06:03.0359 3664 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:06:03.0390 3664 HTTP - ok
21:06:03.0468 3664 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
21:06:03.0656 3664 HTTPFilter - ok
21:06:03.0796 3664 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
21:06:03.0968 3664 i8042prt - ok
21:06:04.0031 3664 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:06:04.0031 3664 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:06:04.0031 3664 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:06:04.0156 3664 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:06:04.0203 3664 idsvc - ok
21:06:04.0281 3664 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:06:04.0453 3664 Imapi - ok
21:06:04.0515 3664 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
21:06:04.0687 3664 ImapiService - ok
21:06:04.0781 3664 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:06:04.0937 3664 Ip6Fw - ok
21:06:04.0984 3664 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:06:05.0156 3664 IpFilterDriver - ok
21:06:05.0250 3664 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:06:05.0421 3664 IpInIp - ok
21:06:05.0468 3664 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:06:05.0625 3664 IpNat - ok
21:06:05.0718 3664 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
21:06:05.0765 3664 iPod Service - ok
21:06:05.0906 3664 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:06:06.0062 3664 IPSec - ok
21:06:06.0125 3664 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:06:06.0203 3664 IRENUM - ok
21:06:06.0296 3664 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:06:06.0437 3664 isapnp - ok
21:06:06.0531 3664 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
21:06:06.0609 3664 JavaQuickStarterService - ok
21:06:06.0796 3664 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:06:06.0953 3664 Kbdclass - ok
21:06:07.0015 3664 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:06:07.0187 3664 kbdhid - ok
21:06:07.0281 3664 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:06:07.0453 3664 kmixer - ok
21:06:07.0515 3664 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:06:07.0562 3664 KSecDD - ok
21:06:07.0718 3664 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
21:06:07.0796 3664 LanmanServer - ok
21:06:07.0890 3664 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
21:06:07.0937 3664 lanmanworkstation - ok
21:06:08.0031 3664 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
21:06:08.0203 3664 LmHosts - ok
21:06:08.0281 3664 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
21:06:08.0328 3664 m5289 - ok
21:06:08.0390 3664 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
21:06:08.0421 3664 McAfee SiteAdvisor Service - ok
21:06:08.0484 3664 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
21:06:08.0515 3664 McComponentHostService - ok
21:06:08.0718 3664 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
21:06:08.0906 3664 Messenger - ok
21:06:08.0968 3664 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:06:09.0125 3664 mnmdd - ok
21:06:09.0218 3664 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
21:06:09.0375 3664 mnmsrvc - ok
21:06:09.0437 3664 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
21:06:09.0593 3664 Modem - ok
21:06:09.0734 3664 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:06:09.0890 3664 Mouclass - ok
21:06:09.0953 3664 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:06:10.0125 3664 mouhid - ok
21:06:10.0203 3664 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:06:10.0343 3664 MountMgr - ok
21:06:10.0406 3664 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:06:10.0578 3664 MRxDAV - ok
21:06:10.0718 3664 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:06:10.0796 3664 MRxSmb - ok
21:06:10.0890 3664 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
21:06:11.0062 3664 MSDTC - ok
21:06:11.0171 3664 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:06:11.0328 3664 Msfs - ok
21:06:11.0375 3664 MSIServer - ok
21:06:11.0484 3664 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:06:11.0625 3664 MSKSSRV - ok
21:06:11.0718 3664 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:06:11.0890 3664 MSPCLOCK - ok
21:06:11.0984 3664 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:06:12.0140 3664 MSPQM - ok
21:06:12.0218 3664 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:06:12.0375 3664 mssmbios - ok
21:06:12.0484 3664 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:06:12.0562 3664 Mup - ok
21:06:12.0718 3664 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
21:06:12.0906 3664 napagent - ok
21:06:13.0078 3664 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
21:06:13.0171 3664 NAUpdate - ok
21:06:13.0250 3664 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
21:06:13.0296 3664 NBService - ok
21:06:13.0390 3664 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:06:13.0562 3664 NDIS - ok
21:06:13.0734 3664 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:06:13.0781 3664 NdisTapi - ok
21:06:13.0890 3664 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:06:14.0062 3664 Ndisuio - ok
21:06:14.0140 3664 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:06:14.0328 3664 NdisWan - ok
21:06:14.0406 3664 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:06:14.0453 3664 NDProxy - ok
21:06:14.0500 3664 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:06:14.0656 3664 NetBIOS - ok
21:06:14.0718 3664 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:06:14.0906 3664 NetBT - ok
21:06:15.0000 3664 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
21:06:15.0187 3664 NetDDE - ok
21:06:15.0203 3664 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
21:06:15.0359 3664 NetDDEdsdm - ok
21:06:15.0437 3664 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
21:06:15.0593 3664 Netlogon - ok
21:06:15.0671 3664 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
21:06:15.0828 3664 Netman - ok
21:06:15.0953 3664 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:06:15.0984 3664 NetTcpPortSharing - ok
21:06:16.0062 3664 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
21:06:16.0109 3664 Nla - ok
21:06:16.0218 3664 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
21:06:16.0250 3664 NMIndexingService - ok
21:06:16.0343 3664 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:06:16.0515 3664 Npfs - ok
21:06:16.0562 3664 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:06:16.0828 3664 Ntfs - ok
21:06:16.0875 3664 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
21:06:17.0046 3664 NtLmSsp - ok
21:06:17.0156 3664 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
21:06:17.0359 3664 NtmsSvc - ok
21:06:17.0453 3664 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:06:17.0609 3664 Null - ok
21:06:17.0703 3664 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:06:17.0859 3664 NwlnkFlt - ok
21:06:17.0921 3664 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:06:18.0078 3664 NwlnkFwd - ok
21:06:18.0156 3664 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:06:18.0187 3664 odserv - ok
21:06:18.0250 3664 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
21:06:18.0265 3664 OMSI download service ( UnsignedFile.Multi.Generic ) - warning
21:06:18.0265 3664 OMSI download service - detected UnsignedFile.Multi.Generic (1)
21:06:18.0296 3664 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:06:18.0328 3664 ose - ok
21:06:18.0421 3664 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
21:06:18.0593 3664 Parport - ok
21:06:18.0703 3664 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:06:18.0843 3664 PartMgr - ok
21:06:18.0906 3664 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
21:06:19.0078 3664 ParVdm - ok
21:06:19.0156 3664 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
21:06:19.0328 3664 PCI - ok
21:06:19.0375 3664 PCIDump - ok
21:06:19.0437 3664 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:06:19.0609 3664 Pcmcia - ok
21:06:19.0734 3664 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
21:06:19.0765 3664 PlugPlay - ok
21:06:19.0828 3664 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
21:06:19.0984 3664 PolicyAgent - ok
21:06:20.0046 3664 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:06:20.0203 3664 PptpMiniport - ok
21:06:20.0281 3664 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
21:06:20.0437 3664 Processor - ok
21:06:20.0515 3664 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
21:06:20.0656 3664 ProtectedStorage - ok
21:06:20.0734 3664 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:06:20.0906 3664 PSched - ok
21:06:20.0984 3664 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:06:21.0125 3664 Ptilink - ok
21:06:21.0187 3664 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:06:21.0203 3664 PxHelp20 - ok
21:06:21.0250 3664 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:06:21.0406 3664 RasAcd - ok
21:06:21.0484 3664 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
21:06:21.0640 3664 RasAuto - ok
21:06:21.0734 3664 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:06:21.0875 3664 Rasl2tp - ok
21:06:21.0953 3664 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
21:06:22.0140 3664 RasMan - ok
21:06:22.0218 3664 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:06:22.0359 3664 RasPppoe - ok
21:06:22.0421 3664 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:06:22.0609 3664 Raspti - ok
21:06:22.0734 3664 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:06:22.0906 3664 Rdbss - ok
21:06:22.0984 3664 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:06:23.0140 3664 RDPCDD - ok
21:06:23.0203 3664 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:06:23.0375 3664 rdpdr - ok
21:06:23.0484 3664 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
21:06:23.0546 3664 RDPWD - ok
21:06:23.0656 3664 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
21:06:23.0828 3664 RDSessMgr - ok
21:06:23.0906 3664 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:06:24.0062 3664 redbook - ok
21:06:24.0125 3664 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
21:06:24.0296 3664 RemoteAccess - ok
21:06:24.0375 3664 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
21:06:24.0531 3664 RemoteRegistry - ok
21:06:24.0671 3664 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
21:06:24.0843 3664 RpcLocator - ok
21:06:24.0921 3664 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
21:06:24.0953 3664 RpcSs - ok
21:06:25.0031 3664 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
21:06:25.0187 3664 RSVP - ok
21:06:25.0281 3664 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
21:06:25.0421 3664 SamSs - ok
21:06:25.0484 3664 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
21:06:25.0656 3664 SCardSvr - ok
21:06:25.0718 3664 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
21:06:25.0890 3664 Schedule - ok
21:06:25.0968 3664 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:06:26.0031 3664 Secdrv - ok
21:06:26.0109 3664 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
21:06:26.0281 3664 seclogon - ok
21:06:26.0359 3664 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
21:06:26.0421 3664 seehcri - ok
21:06:26.0500 3664 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
21:06:26.0656 3664 SENS - ok
21:06:26.0734 3664 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:06:26.0890 3664 serenum - ok
21:06:26.0953 3664 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
21:06:27.0125 3664 Serial - ok
21:06:27.0234 3664 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:06:27.0406 3664 Sfloppy - ok
21:06:27.0500 3664 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
21:06:27.0687 3664 SharedAccess - ok
21:06:27.0796 3664 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
21:06:27.0828 3664 ShellHWDetection - ok
21:06:27.0921 3664 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
21:06:27.0968 3664 smwdm - ok
21:06:28.0015 3664 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
21:06:28.0031 3664 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning
21:06:28.0031 3664 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1)
21:06:28.0109 3664 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:06:28.0281 3664 splitter - ok
21:06:28.0343 3664 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
21:06:28.0390 3664 Spooler - ok
21:06:28.0484 3664 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
21:06:28.0562 3664 sr - ok
21:06:28.0671 3664 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
21:06:28.0750 3664 srservice - ok
21:06:28.0890 3664 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:06:28.0968 3664 Srv - ok
21:06:29.0031 3664 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
21:06:29.0109 3664 SSDPSRV - ok
21:06:29.0203 3664 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
21:06:29.0375 3664 stisvc - ok
21:06:29.0421 3664 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:06:29.0593 3664 swenum - ok
21:06:29.0718 3664 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:06:29.0875 3664 swmidi - ok
21:06:29.0906 3664 SwPrv - ok
21:06:29.0968 3664 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:06:30.0140 3664 sysaudio - ok
21:06:30.0234 3664 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
21:06:30.0390 3664 SysmonLog - ok
21:06:30.0437 3664 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
21:06:30.0625 3664 TapiSrv - ok
21:06:30.0718 3664 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:06:30.0781 3664 Tcpip - ok
21:06:30.0890 3664 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:06:31.0046 3664 TDPIPE - ok
21:06:31.0125 3664 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:06:31.0281 3664 TDTCP - ok
21:06:31.0328 3664 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:06:31.0500 3664 TermDD - ok
21:06:31.0609 3664 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
21:06:31.0765 3664 TermService - ok
21:06:31.0843 3664 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
21:06:31.0859 3664 Themes - ok
21:06:31.0921 3664 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
21:06:32.0000 3664 TlntSvr - ok
21:06:32.0093 3664 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
21:06:32.0250 3664 TrkWks - ok
21:06:32.0312 3664 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:06:32.0468 3664 Udfs - ok
21:06:32.0593 3664 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
21:06:32.0609 3664 ULI5261 - ok
21:06:32.0656 3664 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
21:06:32.0671 3664 uliagpkx - ok
21:06:32.0750 3664 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:06:32.0921 3664 Update - ok
21:06:33.0015 3664 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
21:06:33.0109 3664 upnphost - ok
21:06:33.0156 3664 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
21:06:33.0312 3664 UPS - ok
21:06:33.0406 3664 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:06:33.0562 3664 usbccgp - ok
21:06:33.0781 3664 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:06:33.0937 3664 usbehci - ok
21:06:34.0015 3664 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:06:34.0171 3664 usbhub - ok
21:06:34.0265 3664 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:06:34.0406 3664 usbohci - ok
21:06:34.0500 3664 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:06:34.0656 3664 usbprint - ok
21:06:34.0734 3664 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:06:34.0890 3664 usbscan - ok
21:06:34.0953 3664 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
21:06:35.0156 3664 usbser - ok
21:06:35.0234 3664 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:06:35.0390 3664 USBSTOR - ok
21:06:35.0468 3664 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:06:35.0625 3664 VgaSave - ok
21:06:35.0687 3664 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
21:06:35.0859 3664 VolSnap - ok
21:06:35.0937 3664 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
21:06:36.0062 3664 VSS - ok
21:06:36.0140 3664 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
21:06:36.0281 3664 W32Time - ok
21:06:36.0359 3664 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:06:36.0515 3664 Wanarp - ok
21:06:36.0625 3664 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:06:36.0796 3664 wdmaud - ok
21:06:36.0906 3664 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
21:06:37.0078 3664 WebClient - ok
21:06:37.0171 3664 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
21:06:37.0359 3664 winmgmt - ok
21:06:37.0468 3664 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
21:06:37.0562 3664 WinRM - ok
21:06:37.0703 3664 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
21:06:37.0765 3664 WmdmPmSN - ok
21:06:37.0890 3664 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
21:06:37.0968 3664 Wmi - ok
21:06:38.0062 3664 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:06:38.0203 3664 WmiApSrv - ok
21:06:38.0296 3664 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
21:06:38.0375 3664 WMPNetworkSvc - ok
21:06:38.0484 3664 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:06:38.0500 3664 WpdUsb - ok
21:06:38.0687 3664 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:06:38.0734 3664 WPFFontCache_v0400 - ok
21:06:38.0812 3664 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:06:38.0984 3664 WS2IFSL - ok
21:06:39.0062 3664 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
21:06:39.0234 3664 wscsvc - ok
21:06:39.0296 3664 WSearch - ok
21:06:39.0375 3664 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
21:06:39.0515 3664 wuauserv - ok
21:06:39.0640 3664 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:06:39.0671 3664 WudfPf - ok
21:06:39.0765 3664 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:06:39.0781 3664 WudfRd - ok
21:06:39.0859 3664 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
21:06:39.0875 3664 WudfSvc - ok
21:06:39.0953 3664 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
21:06:40.0140 3664 WZCSVC - ok
21:06:40.0218 3664 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
21:06:40.0406 3664 xmlprov - ok
21:06:40.0437 3664 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
21:06:40.0625 3664 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
21:06:40.0625 3664 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
21:06:41.0000 3664 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
21:06:41.0000 3664 \Device\Harddisk0\DR0\Partition0 - ok
21:06:41.0000 3664 ============================================================
21:06:41.0000 3664 Scan finished
21:06:41.0000 3664 ============================================================
21:06:41.0125 1464 Detected object count: 5
21:06:41.0125 1464 Actual detected object count: 5
21:07:03.0156 1464 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:03.0156 1464 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:03.0156 1464 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:03.0156 1464 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:03.0156 1464 OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:03.0156 1464 OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:03.0156 1464 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user
21:07:03.0156 1464 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:03.0156 1464 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
21:07:03.0156 1464 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip

#32 Příspěvek od **cernohous13** » 31 bře 2012 20:27

Spustíme znovu TDSS
u řádku Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) nastav "Cure"

addulka · #33 Příspěvek od **addulka** » 31 bře 2012 20:32

kde najdem ten riadok?

#34 Příspěvek od **cernohous13** » 31 bře 2012 21:05

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) nastav "Cure"
u ostatních "Skip"

addulka · #35 Příspěvek od **addulka** » 31 bře 2012 21:09

21:33:42.0015 2908 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
21:33:42.0156 2908 ============================================================
21:33:42.0156 2908 Current date / time: 2012/03/31 21:33:42.0156
21:33:42.0156 2908 SystemInfo:
21:33:42.0156 2908
21:33:42.0156 2908 OS Version: 5.1.2600 ServicePack: 3.0
21:33:42.0156 2908 Product type: Workstation
21:33:42.0156 2908 ComputerName: ANDREJ-PC
21:33:42.0156 2908 UserName: Andrej
21:33:42.0156 2908 Windows directory: C:\WINDOWS
21:33:42.0156 2908 System windows directory: C:\WINDOWS
21:33:42.0156 2908 Processor architecture: Intel x86
21:33:42.0156 2908 Number of processors: 1
21:33:42.0156 2908 Page size: 0x1000
21:33:42.0156 2908 Boot type: Normal boot
21:33:42.0156 2908 ============================================================
21:33:43.0750 2908 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:33:43.0750 2908 \Device\Harddisk0\DR0:
21:33:43.0750 2908 MBR used
21:33:43.0750 2908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
21:33:43.0875 2908 Initialize success
21:33:43.0890 2908 ============================================================
22:06:28.0875 0272 ============================================================
22:06:28.0875 0272 Scan started
22:06:28.0875 0272 Mode: Manual;
22:06:28.0875 0272 ============================================================
22:06:29.0250 0272 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
22:06:29.0250 0272 Aavmker4 - ok
22:06:29.0312 0272 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:06:29.0312 0272 ACPI - ok
22:06:29.0375 0272 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:06:29.0375 0272 ACPIEC - ok
22:06:29.0437 0272 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
22:06:29.0437 0272 aeaudio - ok
22:06:29.0484 0272 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:06:29.0484 0272 aec - ok
22:06:29.0562 0272 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:06:29.0578 0272 AFD - ok
22:06:29.0640 0272 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
22:06:29.0640 0272 Alerter - ok
22:06:29.0687 0272 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
22:06:29.0687 0272 ALG - ok
22:06:29.0734 0272 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:06:29.0734 0272 AliIde - ok
22:06:29.0796 0272 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
22:06:29.0796 0272 AmdPPM - ok
22:06:29.0890 0272 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:06:29.0890 0272 Apple Mobile Device - ok
22:06:29.0984 0272 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
22:06:29.0984 0272 AppMgmt - ok
22:06:30.0078 0272 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:06:30.0093 0272 aspnet_state - ok
22:06:30.0156 0272 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:06:30.0156 0272 aswFsBlk - ok
22:06:30.0203 0272 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
22:06:30.0218 0272 aswMon2 - ok
22:06:30.0281 0272 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
22:06:30.0296 0272 aswRdr - ok
22:06:30.0343 0272 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
22:06:30.0343 0272 aswSnx - ok
22:06:30.0390 0272 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
22:06:30.0390 0272 aswSP - ok
22:06:30.0453 0272 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
22:06:30.0453 0272 aswTdi - ok
22:06:30.0515 0272 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:06:30.0515 0272 AsyncMac - ok
22:06:30.0625 0272 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:06:30.0625 0272 atapi - ok
22:06:30.0750 0272 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
22:06:30.0750 0272 Ati HotKey Poller - ok
22:06:30.0828 0272 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
22:06:30.0843 0272 ATI Smart - ok
22:06:30.0921 0272 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:06:30.0937 0272 ati2mtag - ok
22:06:31.0015 0272 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:06:31.0015 0272 Atmarpc - ok
22:06:31.0093 0272 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
22:06:31.0093 0272 AudioSrv - ok
22:06:31.0156 0272 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:06:31.0171 0272 audstub - ok
22:06:31.0234 0272 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:06:31.0234 0272 avast! Antivirus - ok
22:06:31.0328 0272 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:06:31.0328 0272 Beep - ok
22:06:31.0406 0272 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
22:06:31.0421 0272 BITS - ok
22:06:31.0484 0272 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:06:31.0484 0272 Bonjour Service - ok
22:06:31.0593 0272 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
22:06:31.0593 0272 Browser - ok
22:06:31.0640 0272 catchme - ok
22:06:31.0687 0272 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:06:31.0687 0272 cbidf2k - ok
22:06:31.0750 0272 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:06:31.0750 0272 Cdaudio - ok
22:06:31.0781 0272 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:06:31.0781 0272 Cdfs - ok
22:06:31.0859 0272 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:06:31.0859 0272 Cdrom - ok
22:06:31.0921 0272 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
22:06:31.0921 0272 CiSvc - ok
22:06:31.0968 0272 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
22:06:31.0968 0272 ClipSrv - ok
22:06:32.0062 0272 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:06:32.0062 0272 clr_optimization_v2.0.50727_32 - ok
22:06:32.0109 0272 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:06:32.0109 0272 clr_optimization_v4.0.30319_32 - ok
22:06:32.0203 0272 COMSysApp - ok
22:06:32.0281 0272 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
22:06:32.0281 0272 CryptSvc - ok
22:06:32.0312 0272 dac2w2k - ok
22:06:32.0375 0272 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
22:06:32.0375 0272 DcomLaunch - ok
22:06:32.0421 0272 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
22:06:32.0421 0272 Dhcp - ok
22:06:32.0500 0272 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:06:32.0500 0272 Disk - ok
22:06:32.0562 0272 dmadmin - ok
22:06:32.0625 0272 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
22:06:32.0625 0272 dmboot - ok
22:06:32.0671 0272 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
22:06:32.0671 0272 dmio - ok
22:06:32.0703 0272 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:06:32.0703 0272 dmload - ok
22:06:32.0734 0272 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
22:06:32.0750 0272 dmserver - ok
22:06:32.0796 0272 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:06:32.0796 0272 DMusic - ok
22:06:32.0875 0272 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
22:06:32.0875 0272 Dnscache - ok
22:06:32.0953 0272 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
22:06:32.0953 0272 Dot3svc - ok
22:06:33.0031 0272 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:06:33.0031 0272 drmkaud - ok
22:06:33.0093 0272 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
22:06:33.0093 0272 EapHost - ok
22:06:33.0187 0272 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
22:06:33.0187 0272 ERSvc - ok
22:06:33.0250 0272 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
22:06:33.0250 0272 Eventlog - ok
22:06:33.0359 0272 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
22:06:33.0375 0272 EventSystem - ok
22:06:33.0437 0272 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:06:33.0437 0272 Fastfat - ok
22:06:33.0531 0272 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:06:33.0531 0272 FastUserSwitchingCompatibility - ok
22:06:33.0593 0272 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:06:33.0593 0272 Fdc - ok
22:06:33.0640 0272 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
22:06:33.0656 0272 Fips - ok
22:06:33.0687 0272 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:06:33.0687 0272 Flpydisk - ok
22:06:33.0750 0272 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:06:33.0750 0272 FltMgr - ok
22:06:33.0812 0272 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:06:33.0828 0272 FontCache3.0.0.0 - ok
22:06:33.0890 0272 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:06:33.0890 0272 Fs_Rec - ok
22:06:33.0937 0272 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:06:33.0937 0272 Ftdisk - ok
22:06:34.0000 0272 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:06:34.0000 0272 GEARAspiWDM - ok
22:06:34.0046 0272 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:06:34.0046 0272 Gpc - ok
22:06:34.0093 0272 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:06:34.0093 0272 helpsvc - ok
22:06:34.0171 0272 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
22:06:34.0187 0272 HidServ - ok
22:06:34.0250 0272 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:06:34.0250 0272 hidusb - ok
22:06:34.0390 0272 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
22:06:34.0390 0272 hkmsvc - ok
22:06:34.0500 0272 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:06:34.0500 0272 HTTP - ok
22:06:34.0546 0272 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
22:06:34.0546 0272 HTTPFilter - ok
22:06:34.0609 0272 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
22:06:34.0609 0272 i8042prt - ok
22:06:34.0671 0272 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:06:34.0671 0272 IDriverT - ok
22:06:34.0796 0272 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:06:34.0796 0272 idsvc - ok
22:06:34.0875 0272 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:06:34.0875 0272 Imapi - ok
22:06:34.0921 0272 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
22:06:34.0921 0272 ImapiService - ok
22:06:35.0000 0272 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:06:35.0000 0272 Ip6Fw - ok
22:06:35.0078 0272 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:06:35.0078 0272 IpFilterDriver - ok
22:06:35.0125 0272 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:06:35.0125 0272 IpInIp - ok
22:06:35.0187 0272 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:06:35.0187 0272 IpNat - ok
22:06:35.0343 0272 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
22:06:35.0343 0272 iPod Service - ok
22:06:35.0453 0272 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:06:35.0453 0272 IPSec - ok
22:06:35.0515 0272 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:06:35.0531 0272 IRENUM - ok
22:06:35.0593 0272 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:06:35.0593 0272 isapnp - ok
22:06:35.0656 0272 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
22:06:35.0656 0272 JavaQuickStarterService - ok
22:06:35.0734 0272 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:06:35.0734 0272 Kbdclass - ok
22:06:35.0781 0272 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:06:35.0796 0272 kbdhid - ok
22:06:35.0843 0272 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:06:35.0843 0272 kmixer - ok
22:06:35.0906 0272 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:06:35.0906 0272 KSecDD - ok
22:06:35.0984 0272 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
22:06:35.0984 0272 LanmanServer - ok
22:06:36.0093 0272 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
22:06:36.0093 0272 lanmanworkstation - ok
22:06:36.0171 0272 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
22:06:36.0171 0272 LmHosts - ok
22:06:36.0218 0272 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
22:06:36.0218 0272 m5289 - ok
22:06:36.0343 0272 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
22:06:36.0343 0272 McAfee SiteAdvisor Service - ok
22:06:36.0406 0272 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
22:06:36.0406 0272 McComponentHostService - ok
22:06:36.0500 0272 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
22:06:36.0515 0272 Messenger - ok
22:06:36.0578 0272 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:06:36.0578 0272 mnmdd - ok
22:06:36.0671 0272 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
22:06:36.0671 0272 mnmsrvc - ok
22:06:36.0890 0272 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
22:06:36.0890 0272 Modem - ok
22:06:36.0937 0272 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:06:36.0953 0272 Mouclass - ok
22:06:36.0984 0272 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:06:36.0984 0272 mouhid - ok
22:06:37.0046 0272 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:06:37.0046 0272 MountMgr - ok
22:06:37.0093 0272 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:06:37.0093 0272 MRxDAV - ok
22:06:37.0171 0272 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:06:37.0187 0272 MRxSmb - ok
22:06:37.0265 0272 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
22:06:37.0265 0272 MSDTC - ok
22:06:37.0375 0272 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:06:37.0375 0272 Msfs - ok
22:06:37.0421 0272 MSIServer - ok
22:06:37.0484 0272 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:06:37.0484 0272 MSKSSRV - ok
22:06:37.0531 0272 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:06:37.0531 0272 MSPCLOCK - ok
22:06:37.0562 0272 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:06:37.0562 0272 MSPQM - ok
22:06:37.0640 0272 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:06:37.0640 0272 mssmbios - ok
22:06:37.0718 0272 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:06:37.0718 0272 Mup - ok
22:06:37.0781 0272 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
22:06:37.0781 0272 napagent - ok
22:06:37.0906 0272 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
22:06:37.0906 0272 NAUpdate - ok
22:06:37.0968 0272 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
22:06:37.0984 0272 NBService - ok
22:06:38.0078 0272 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:06:38.0078 0272 NDIS - ok
22:06:38.0140 0272 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:06:38.0156 0272 NdisTapi - ok
22:06:38.0187 0272 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:06:38.0187 0272 Ndisuio - ok
22:06:38.0218 0272 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:06:38.0218 0272 NdisWan - ok
22:06:38.0328 0272 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:06:38.0328 0272 NDProxy - ok
22:06:38.0359 0272 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:06:38.0359 0272 NetBIOS - ok
22:06:38.0406 0272 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:06:38.0406 0272 NetBT - ok
22:06:38.0484 0272 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:06:38.0500 0272 NetDDE - ok
22:06:38.0500 0272 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:06:38.0515 0272 NetDDEdsdm - ok
22:06:38.0593 0272 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:06:38.0593 0272 Netlogon - ok
22:06:38.0656 0272 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
22:06:38.0671 0272 Netman - ok
22:06:38.0750 0272 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:06:38.0750 0272 NetTcpPortSharing - ok
22:06:38.0828 0272 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
22:06:38.0843 0272 Nla - ok
22:06:38.0937 0272 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
22:06:38.0937 0272 NMIndexingService - ok
22:06:39.0015 0272 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:06:39.0015 0272 Npfs - ok
22:06:39.0093 0272 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:06:39.0109 0272 Ntfs - ok
22:06:39.0156 0272 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:06:39.0156 0272 NtLmSsp - ok
22:06:39.0218 0272 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
22:06:39.0218 0272 NtmsSvc - ok
22:06:39.0359 0272 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:06:39.0359 0272 Null - ok
22:06:39.0421 0272 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:06:39.0421 0272 NwlnkFlt - ok
22:06:39.0453 0272 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:06:39.0468 0272 NwlnkFwd - ok
22:06:39.0546 0272 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:06:39.0546 0272 odserv - ok
22:06:39.0609 0272 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
22:06:39.0609 0272 OMSI download service - ok
22:06:39.0640 0272 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:06:39.0640 0272 ose - ok
22:06:39.0734 0272 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
22:06:39.0734 0272 Parport - ok
22:06:39.0812 0272 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:06:39.0812 0272 PartMgr - ok
22:06:39.0859 0272 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
22:06:39.0859 0272 ParVdm - ok
22:06:39.0890 0272 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
22:06:39.0890 0272 PCI - ok
22:06:39.0937 0272 PCIDump - ok
22:06:40.0000 0272 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:06:40.0000 0272 Pcmcia - ok
22:06:40.0109 0272 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
22:06:40.0125 0272 PlugPlay - ok
22:06:40.0156 0272 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:06:40.0171 0272 PolicyAgent - ok
22:06:40.0218 0272 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:06:40.0218 0272 PptpMiniport - ok
22:06:40.0250 0272 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
22:06:40.0250 0272 Processor - ok
22:06:40.0343 0272 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:06:40.0359 0272 ProtectedStorage - ok
22:06:40.0390 0272 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:06:40.0390 0272 PSched - ok
22:06:40.0421 0272 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:06:40.0421 0272 Ptilink - ok
22:06:40.0484 0272 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:06:40.0484 0272 PxHelp20 - ok
22:06:40.0562 0272 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:06:40.0562 0272 RasAcd - ok
22:06:40.0609 0272 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
22:06:40.0609 0272 RasAuto - ok
22:06:40.0656 0272 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:06:40.0656 0272 Rasl2tp - ok
22:06:40.0718 0272 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
22:06:40.0718 0272 RasMan - ok
22:06:40.0765 0272 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:06:40.0765 0272 RasPppoe - ok
22:06:40.0828 0272 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:06:40.0828 0272 Raspti - ok
22:06:40.0859 0272 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:06:40.0859 0272 Rdbss - ok
22:06:40.0921 0272 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:06:40.0921 0272 RDPCDD - ok
22:06:40.0984 0272 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:06:40.0984 0272 rdpdr - ok
22:06:41.0046 0272 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
22:06:41.0046 0272 RDPWD - ok
22:06:41.0109 0272 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
22:06:41.0109 0272 RDSessMgr - ok
22:06:41.0203 0272 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:06:41.0203 0272 redbook - ok
22:06:41.0265 0272 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
22:06:41.0265 0272 RemoteAccess - ok
22:06:41.0406 0272 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
22:06:41.0421 0272 RemoteRegistry - ok
22:06:41.0453 0272 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
22:06:41.0453 0272 RpcLocator - ok
22:06:41.0500 0272 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
22:06:41.0515 0272 RpcSs - ok
22:06:41.0609 0272 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
22:06:41.0625 0272 RSVP - ok
22:06:41.0656 0272 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:06:41.0656 0272 SamSs - ok
22:06:41.0718 0272 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
22:06:41.0718 0272 SCardSvr - ok
22:06:41.0781 0272 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
22:06:41.0796 0272 Schedule - ok
22:06:41.0875 0272 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:06:41.0875 0272 Secdrv - ok
22:06:41.0937 0272 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
22:06:41.0953 0272 seclogon - ok
22:06:42.0000 0272 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
22:06:42.0000 0272 seehcri - ok
22:06:42.0031 0272 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
22:06:42.0046 0272 SENS - ok
22:06:42.0093 0272 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:06:42.0093 0272 serenum - ok
22:06:42.0140 0272 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
22:06:42.0140 0272 Serial - ok
22:06:42.0234 0272 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:06:42.0234 0272 Sfloppy - ok
22:06:42.0343 0272 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
22:06:42.0359 0272 SharedAccess - ok
22:06:42.0453 0272 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:06:42.0453 0272 ShellHWDetection - ok
22:06:42.0515 0272 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
22:06:42.0515 0272 smwdm - ok
22:06:42.0562 0272 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
22:06:42.0562 0272 SoundMAX Agent Service (default) - ok
22:06:42.0640 0272 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:06:42.0640 0272 splitter - ok
22:06:42.0703 0272 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:06:42.0718 0272 Spooler - ok
22:06:42.0781 0272 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
22:06:42.0781 0272 sr - ok
22:06:42.0843 0272 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
22:06:42.0843 0272 srservice - ok
22:06:42.0953 0272 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:06:42.0968 0272 Srv - ok
22:06:43.0031 0272 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
22:06:43.0031 0272 SSDPSRV - ok
22:06:43.0093 0272 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
22:06:43.0109 0272 stisvc - ok
22:06:43.0187 0272 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:06:43.0187 0272 swenum - ok
22:06:43.0250 0272 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:06:43.0250 0272 swmidi - ok
22:06:43.0328 0272 SwPrv - ok
22:06:43.0390 0272 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:06:43.0390 0272 sysaudio - ok
22:06:43.0468 0272 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
22:06:43.0468 0272 SysmonLog - ok
22:06:43.0531 0272 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
22:06:43.0531 0272 TapiSrv - ok
22:06:43.0609 0272 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:06:43.0625 0272 Tcpip - ok
22:06:43.0687 0272 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:06:43.0687 0272 TDPIPE - ok
22:06:43.0734 0272 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:06:43.0734 0272 TDTCP - ok
22:06:43.0796 0272 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:06:43.0796 0272 TermDD - ok
22:06:43.0843 0272 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
22:06:43.0843 0272 TermService - ok
22:06:43.0906 0272 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:06:43.0921 0272 Themes - ok
22:06:44.0000 0272 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
22:06:44.0000 0272 TlntSvr - ok
22:06:44.0078 0272 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
22:06:44.0078 0272 TrkWks - ok
22:06:44.0156 0272 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:06:44.0156 0272 Udfs - ok
22:06:44.0265 0272 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
22:06:44.0265 0272 ULI5261 - ok
22:06:44.0375 0272 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
22:06:44.0375 0272 uliagpkx - ok
22:06:44.0453 0272 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:06:44.0453 0272 Update - ok
22:06:44.0531 0272 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
22:06:44.0546 0272 upnphost - ok
22:06:44.0625 0272 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
22:06:44.0625 0272 UPS - ok
22:06:44.0687 0272 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:06:44.0687 0272 usbccgp - ok
22:06:44.0750 0272 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:06:44.0750 0272 usbehci - ok
22:06:44.0859 0272 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:06:44.0859 0272 usbhub - ok
22:06:44.0921 0272 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:06:44.0921 0272 usbohci - ok
22:06:44.0984 0272 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:06:44.0984 0272 usbprint - ok
22:06:45.0062 0272 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:06:45.0062 0272 usbscan - ok
22:06:45.0109 0272 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
22:06:45.0125 0272 usbser - ok
22:06:45.0203 0272 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:06:45.0203 0272 USBSTOR - ok
22:06:45.0265 0272 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:06:45.0265 0272 VgaSave - ok
22:06:45.0406 0272 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
22:06:45.0406 0272 VolSnap - ok
22:06:45.0484 0272 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
22:06:45.0500 0272 VSS - ok
22:06:45.0562 0272 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
22:06:45.0578 0272 W32Time - ok
22:06:45.0640 0272 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:06:45.0640 0272 Wanarp - ok
22:06:45.0703 0272 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:06:45.0703 0272 wdmaud - ok
22:06:45.0765 0272 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
22:06:45.0781 0272 WebClient - ok
22:06:45.0859 0272 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:06:45.0859 0272 winmgmt - ok
22:06:45.0953 0272 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
22:06:45.0968 0272 WinRM - ok
22:06:46.0062 0272 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:06:46.0078 0272 WmdmPmSN - ok
22:06:46.0156 0272 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
22:06:46.0171 0272 Wmi - ok
22:06:46.0234 0272 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:06:46.0234 0272 WmiApSrv - ok
22:06:46.0390 0272 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
22:06:46.0406 0272 WMPNetworkSvc - ok
22:06:46.0500 0272 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:06:46.0500 0272 WpdUsb - ok
22:06:46.0625 0272 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:06:46.0625 0272 WPFFontCache_v0400 - ok
22:06:46.0703 0272 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:06:46.0703 0272 WS2IFSL - ok
22:06:46.0781 0272 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
22:06:46.0781 0272 wscsvc - ok
22:06:46.0812 0272 WSearch - ok
22:06:46.0859 0272 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
22:06:46.0875 0272 wuauserv - ok
22:06:46.0937 0272 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:06:46.0937 0272 WudfPf - ok
22:06:47.0015 0272 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:06:47.0015 0272 WudfRd - ok
22:06:47.0078 0272 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
22:06:47.0078 0272 WudfSvc - ok
22:06:47.0140 0272 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
22:06:47.0156 0272 WZCSVC - ok
22:06:47.0203 0272 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
22:06:47.0218 0272 xmlprov - ok
22:06:47.0234 0272 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
22:06:47.0515 0272 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
22:06:47.0515 0272 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
22:06:47.0531 0272 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
22:06:47.0531 0272 \Device\Harddisk0\DR0\Partition0 - ok
22:06:47.0531 0272 ============================================================
22:06:47.0531 0272 Scan finished
22:06:47.0531 0272 ============================================================
22:06:47.0546 2392 Detected object count: 1
22:06:47.0546 2392 Actual detected object count: 1
22:07:43.0468 2392 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
22:07:43.0468 2392 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
22:08:16.0703 0768 Deinitialize success

#36 Příspěvek od **cernohous13** » 01 dub 2012 00:44

Tak ještě jednou - tady musíš nastavit Cure
22:07:43.0468 2392 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip

addulka · #37 Příspěvek od **addulka** » 01 dub 2012 17:24

Ponúka mi to iba 3 možnosti skip, restore a copy to quarantine. Žiadna možnosť care. Dala som teda tú karanténu tu je log:

18:15:45.0203 3512 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
18:15:45.0531 3512 ============================================================
18:15:45.0531 3512 Current date / time: 2012/04/01 18:15:45.0531
18:15:45.0531 3512 SystemInfo:
18:15:45.0531 3512
18:15:45.0531 3512 OS Version: 5.1.2600 ServicePack: 3.0
18:15:45.0531 3512 Product type: Workstation
18:15:45.0546 3512 ComputerName: ANDREJ-PC
18:15:45.0546 3512 UserName: Andrej
18:15:45.0546 3512 Windows directory: C:\WINDOWS
18:15:45.0546 3512 System windows directory: C:\WINDOWS
18:15:45.0546 3512 Processor architecture: Intel x86
18:15:45.0546 3512 Number of processors: 1
18:15:45.0546 3512 Page size: 0x1000
18:15:45.0546 3512 Boot type: Normal boot
18:15:45.0546 3512 ============================================================
18:15:47.0718 3512 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:15:47.0812 3512 \Device\Harddisk0\DR0:
18:15:47.0812 3512 MBR used
18:15:47.0812 3512 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
18:15:47.0875 3512 Initialize success
18:15:47.0875 3512 ============================================================
18:15:50.0000 3732 ============================================================
18:15:50.0000 3732 Scan started
18:15:50.0000 3732 Mode: Manual;
18:15:50.0000 3732 ============================================================
18:15:51.0531 3732 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
18:15:51.0531 3732 Aavmker4 - ok
18:15:51.0656 3732 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:15:51.0656 3732 ACPI - ok
18:15:51.0781 3732 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:15:51.0796 3732 ACPIEC - ok
18:15:51.0921 3732 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
18:15:51.0921 3732 aeaudio - ok
18:15:52.0250 3732 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:15:52.0296 3732 aec - ok
18:15:52.0671 3732 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:15:52.0718 3732 AFD - ok
18:15:52.0906 3732 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
18:15:52.0921 3732 Alerter - ok
18:15:53.0125 3732 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
18:15:53.0156 3732 ALG - ok
18:15:53.0593 3732 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
18:15:53.0609 3732 AliIde - ok
18:15:53.0703 3732 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
18:15:53.0703 3732 AmdPPM - ok
18:15:53.0781 3732 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:15:53.0796 3732 Apple Mobile Device - ok
18:15:54.0093 3732 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
18:15:54.0125 3732 AppMgmt - ok
18:15:54.0593 3732 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:15:54.0609 3732 aspnet_state - ok
18:15:55.0546 3732 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:15:55.0546 3732 aswFsBlk - ok
18:15:56.0187 3732 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
18:15:56.0187 3732 aswMon2 - ok
18:15:56.0546 3732 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
18:15:56.0546 3732 aswRdr - ok
18:15:56.0937 3732 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
18:15:56.0937 3732 aswSnx - ok
18:15:57.0203 3732 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
18:15:57.0203 3732 aswSP - ok
18:15:57.0515 3732 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
18:15:57.0515 3732 aswTdi - ok
18:15:57.0687 3732 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:15:57.0687 3732 AsyncMac - ok
18:15:57.0859 3732 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:15:57.0859 3732 atapi - ok
18:15:58.0046 3732 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
18:15:58.0062 3732 Ati HotKey Poller - ok
18:15:58.0296 3732 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
18:15:58.0296 3732 ATI Smart - ok
18:15:58.0453 3732 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:15:58.0468 3732 ati2mtag - ok
18:15:58.0562 3732 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:15:58.0578 3732 Atmarpc - ok
18:15:58.0828 3732 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
18:15:58.0843 3732 AudioSrv - ok
18:15:59.0328 3732 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:15:59.0359 3732 audstub - ok
18:15:59.0921 3732 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:15:59.0921 3732 avast! Antivirus - ok
18:16:00.0046 3732 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:16:00.0062 3732 Beep - ok
18:16:00.0281 3732 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
18:16:00.0390 3732 BITS - ok
18:16:00.0546 3732 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:16:00.0562 3732 Bonjour Service - ok
18:16:00.0906 3732 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
18:16:00.0906 3732 Browser - ok
18:16:01.0078 3732 catchme - ok
18:16:01.0234 3732 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:16:01.0234 3732 cbidf2k - ok
18:16:01.0421 3732 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:16:01.0421 3732 Cdaudio - ok
18:16:01.0546 3732 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:16:01.0546 3732 Cdfs - ok
18:16:01.0921 3732 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:16:01.0937 3732 Cdrom - ok
18:16:02.0468 3732 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
18:16:02.0531 3732 CiSvc - ok
18:16:02.0703 3732 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
18:16:02.0718 3732 ClipSrv - ok
18:16:02.0937 3732 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:02.0968 3732 clr_optimization_v2.0.50727_32 - ok
18:16:03.0312 3732 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:16:03.0390 3732 clr_optimization_v4.0.30319_32 - ok
18:16:03.0562 3732 COMSysApp - ok
18:16:03.0671 3732 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
18:16:03.0671 3732 CryptSvc - ok
18:16:03.0937 3732 dac2w2k - ok
18:16:04.0046 3732 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
18:16:04.0078 3732 DcomLaunch - ok
18:16:04.0250 3732 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
18:16:04.0265 3732 Dhcp - ok
18:16:04.0343 3732 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:16:04.0343 3732 Disk - ok
18:16:04.0484 3732 dmadmin - ok
18:16:04.0718 3732 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
18:16:04.0859 3732 dmboot - ok
18:16:05.0031 3732 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
18:16:05.0062 3732 dmio - ok
18:16:05.0265 3732 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:16:05.0265 3732 dmload - ok
18:16:05.0484 3732 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
18:16:05.0500 3732 dmserver - ok
18:16:05.0718 3732 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:16:05.0734 3732 DMusic - ok
18:16:05.0906 3732 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
18:16:05.0906 3732 Dnscache - ok
18:16:06.0109 3732 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
18:16:06.0156 3732 Dot3svc - ok
18:16:06.0609 3732 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:16:06.0703 3732 drmkaud - ok
18:16:07.0140 3732 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
18:16:07.0156 3732 EapHost - ok
18:16:07.0312 3732 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
18:16:07.0328 3732 ERSvc - ok
18:16:07.0453 3732 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
18:16:07.0453 3732 Eventlog - ok
18:16:07.0593 3732 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
18:16:07.0734 3732 EventSystem - ok
18:16:08.0000 3732 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:16:08.0062 3732 Fastfat - ok
18:16:08.0250 3732 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
18:16:08.0296 3732 FastUserSwitchingCompatibility - ok
18:16:08.0421 3732 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:16:08.0437 3732 Fdc - ok
18:16:08.0609 3732 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
18:16:08.0609 3732 Fips - ok
18:16:08.0828 3732 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:16:08.0828 3732 Flpydisk - ok
18:16:09.0125 3732 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:16:09.0218 3732 FltMgr - ok
18:16:09.0421 3732 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:16:09.0453 3732 FontCache3.0.0.0 - ok
18:16:09.0546 3732 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:16:09.0546 3732 Fs_Rec - ok
18:16:09.0609 3732 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:16:09.0625 3732 Ftdisk - ok
18:16:09.0765 3732 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:16:09.0765 3732 GEARAspiWDM - ok
18:16:09.0875 3732 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:16:09.0890 3732 Gpc - ok
18:16:10.0000 3732 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:16:10.0000 3732 helpsvc - ok
18:16:10.0203 3732 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
18:16:10.0218 3732 HidServ - ok
18:16:11.0093 3732 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:16:11.0109 3732 hidusb - ok
18:16:11.0625 3732 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
18:16:11.0625 3732 hkmsvc - ok
18:16:13.0281 3732 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:16:13.0734 3732 HTTP - ok
18:16:14.0640 3732 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
18:16:14.0687 3732 HTTPFilter - ok
18:16:15.0437 3732 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
18:16:15.0656 3732 i8042prt - ok
18:16:16.0625 3732 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:16:16.0671 3732 IDriverT - ok
18:16:18.0250 3732 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:16:18.0562 3732 idsvc - ok
18:16:19.0562 3732 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:16:19.0578 3732 Imapi - ok
18:16:20.0187 3732 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
18:16:20.0250 3732 ImapiService - ok
18:16:20.0750 3732 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:16:20.0765 3732 Ip6Fw - ok
18:16:21.0671 3732 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:16:21.0687 3732 IpFilterDriver - ok
18:16:22.0468 3732 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:16:22.0484 3732 IpInIp - ok
18:16:23.0531 3732 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:16:23.0562 3732 IpNat - ok
18:16:24.0453 3732 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
18:16:24.0593 3732 iPod Service - ok
18:16:25.0203 3732 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:16:25.0218 3732 IPSec - ok
18:16:25.0921 3732 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:16:25.0968 3732 IRENUM - ok
18:16:26.0578 3732 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:16:26.0593 3732 isapnp - ok
18:16:27.0000 3732 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
18:16:27.0109 3732 JavaQuickStarterService - ok
18:16:28.0609 3732 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:16:28.0640 3732 Kbdclass - ok
18:16:31.0218 3732 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:16:31.0234 3732 kbdhid - ok
18:16:32.0953 3732 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:16:32.0984 3732 kmixer - ok
18:16:35.0046 3732 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:16:35.0093 3732 KSecDD - ok
18:16:36.0937 3732 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
18:16:37.0031 3732 LanmanServer - ok
18:16:43.0812 3732 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
18:16:43.0921 3732 lanmanworkstation - ok
18:16:46.0843 3732 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
18:16:46.0890 3732 LmHosts - ok
18:16:49.0296 3732 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
18:16:49.0500 3732 m5289 - ok
18:16:51.0062 3732 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
18:16:51.0328 3732 McAfee SiteAdvisor Service - ok
18:16:51.0843 3732 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
18:16:51.0937 3732 McComponentHostService - ok
18:16:52.0515 3732 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
18:16:52.0531 3732 Messenger - ok
18:16:53.0046 3732 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:16:53.0093 3732 mnmdd - ok
18:16:53.0640 3732 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
18:16:53.0703 3732 mnmsrvc - ok
18:16:54.0312 3732 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
18:16:54.0328 3732 Modem - ok
18:16:54.0687 3732 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:16:54.0703 3732 Mouclass - ok
18:16:54.0890 3732 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:16:54.0906 3732 mouhid - ok
18:16:55.0187 3732 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:16:55.0281 3732 MountMgr - ok
18:16:55.0562 3732 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:16:55.0671 3732 MRxDAV - ok
18:16:55.0921 3732 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:16:56.0109 3732 MRxSmb - ok
18:16:56.0765 3732 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
18:16:57.0312 3732 MSDTC - ok
18:16:58.0609 3732 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:16:58.0625 3732 Msfs - ok
18:16:58.0734 3732 MSIServer - ok
18:16:58.0921 3732 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:16:58.0953 3732 MSKSSRV - ok
18:16:59.0031 3732 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:16:59.0031 3732 MSPCLOCK - ok
18:16:59.0140 3732 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:16:59.0140 3732 MSPQM - ok
18:16:59.0421 3732 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:16:59.0437 3732 mssmbios - ok
18:16:59.0890 3732 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:16:59.0968 3732 Mup - ok
18:17:00.0375 3732 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
18:17:00.0531 3732 napagent - ok
18:17:00.0718 3732 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
18:17:01.0046 3732 NAUpdate - ok
18:17:01.0500 3732 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:17:01.0625 3732 NBService - ok
18:17:01.0937 3732 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:17:02.0078 3732 NDIS - ok
18:17:02.0390 3732 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:17:02.0406 3732 NdisTapi - ok
18:17:02.0843 3732 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:17:02.0906 3732 Ndisuio - ok
18:17:03.0171 3732 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:17:03.0968 3732 NdisWan - ok
18:17:04.0437 3732 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:17:04.0687 3732 NDProxy - ok
18:17:04.0890 3732 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:17:05.0046 3732 NetBIOS - ok
18:17:05.0453 3732 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:17:05.0578 3732 NetBT - ok
18:17:05.0906 3732 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
18:17:05.0921 3732 NetDDE - ok
18:17:05.0921 3732 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
18:17:05.0937 3732 NetDDEdsdm - ok
18:17:06.0031 3732 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:17:06.0078 3732 Netlogon - ok
18:17:06.0515 3732 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
18:17:06.0656 3732 Netman - ok
18:17:06.0921 3732 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:17:06.0968 3732 NetTcpPortSharing - ok
18:17:07.0453 3732 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
18:17:07.0703 3732 Nla - ok
18:17:08.0093 3732 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:17:08.0218 3732 NMIndexingService - ok
18:17:08.0734 3732 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:17:08.0734 3732 Npfs - ok
18:17:09.0156 3732 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:17:09.0406 3732 Ntfs - ok
18:17:10.0078 3732 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:17:10.0078 3732 NtLmSsp - ok
18:17:10.0812 3732 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
18:17:11.0234 3732 NtmsSvc - ok
18:17:11.0578 3732 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:17:11.0765 3732 Null - ok
18:17:12.0156 3732 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:17:12.0234 3732 NwlnkFlt - ok
18:17:12.0531 3732 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:17:12.0656 3732 NwlnkFwd - ok
18:17:13.0140 3732 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:17:13.0375 3732 odserv - ok
18:17:13.0765 3732 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
18:17:13.0765 3732 OMSI download service - ok
18:17:14.0406 3732 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:17:14.0625 3732 ose - ok
18:17:14.0750 3732 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
18:17:14.0765 3732 Parport - ok
18:17:15.0046 3732 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:17:15.0062 3732 PartMgr - ok
18:17:15.0171 3732 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
18:17:15.0187 3732 ParVdm - ok
18:17:15.0343 3732 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
18:17:15.0406 3732 PCI - ok
18:17:15.0593 3732 PCIDump - ok
18:17:15.0843 3732 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:17:16.0031 3732 Pcmcia - ok
18:17:16.0359 3732 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
18:17:16.0453 3732 PlugPlay - ok
18:17:16.0750 3732 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:17:16.0828 3732 PolicyAgent - ok
18:17:17.0109 3732 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:17:17.0109 3732 PptpMiniport - ok
18:17:17.0234 3732 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
18:17:17.0234 3732 Processor - ok
18:17:17.0359 3732 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:17:17.0359 3732 ProtectedStorage - ok
18:17:17.0468 3732 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:17:17.0484 3732 PSched - ok
18:17:17.0625 3732 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:17:17.0625 3732 Ptilink - ok
18:17:17.0812 3732 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:17:17.0875 3732 PxHelp20 - ok
18:17:18.0046 3732 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:17:18.0078 3732 RasAcd - ok
18:17:18.0187 3732 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
18:17:18.0203 3732 RasAuto - ok
18:17:18.0359 3732 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:17:18.0375 3732 Rasl2tp - ok
18:17:18.0546 3732 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
18:17:18.0625 3732 RasMan - ok
18:17:18.0812 3732 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:17:18.0812 3732 RasPppoe - ok
18:17:19.0093 3732 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:17:19.0109 3732 Raspti - ok
18:17:19.0250 3732 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:17:19.0296 3732 Rdbss - ok
18:17:19.0453 3732 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:17:19.0453 3732 RDPCDD - ok
18:17:19.0562 3732 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:17:19.0578 3732 rdpdr - ok
18:17:19.0656 3732 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
18:17:19.0671 3732 RDPWD - ok
18:17:19.0734 3732 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
18:17:19.0765 3732 RDSessMgr - ok
18:17:19.0953 3732 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:17:19.0968 3732 redbook - ok
18:17:20.0109 3732 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
18:17:20.0125 3732 RemoteAccess - ok
18:17:20.0406 3732 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
18:17:20.0421 3732 RemoteRegistry - ok
18:17:20.0578 3732 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
18:17:20.0578 3732 RpcLocator - ok
18:17:20.0734 3732 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
18:17:20.0875 3732 RpcSs - ok
18:17:21.0125 3732 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
18:17:21.0140 3732 RSVP - ok
18:17:21.0328 3732 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
18:17:21.0328 3732 SamSs - ok
18:17:21.0453 3732 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
18:17:21.0484 3732 SCardSvr - ok
18:17:21.0593 3732 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
18:17:21.0656 3732 Schedule - ok
18:17:21.0859 3732 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:17:21.0921 3732 Secdrv - ok
18:17:22.0078 3732 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
18:17:22.0078 3732 seclogon - ok
18:17:22.0187 3732 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
18:17:22.0187 3732 seehcri - ok
18:17:22.0375 3732 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
18:17:22.0375 3732 SENS - ok
18:17:22.0468 3732 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:17:22.0468 3732 serenum - ok
18:17:22.0546 3732 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
18:17:22.0562 3732 Serial - ok
18:17:22.0671 3732 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:17:22.0687 3732 Sfloppy - ok
18:17:22.0984 3732 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
18:17:23.0062 3732 SharedAccess - ok
18:17:23.0359 3732 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
18:17:23.0375 3732 ShellHWDetection - ok
18:17:23.0609 3732 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
18:17:23.0718 3732 smwdm - ok
18:17:23.0796 3732 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
18:17:23.0796 3732 SoundMAX Agent Service (default) - ok
18:17:23.0921 3732 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:17:23.0937 3732 splitter - ok
18:17:24.0031 3732 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:17:24.0046 3732 Spooler - ok
18:17:24.0156 3732 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
18:17:24.0156 3732 sr - ok
18:17:24.0296 3732 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
18:17:24.0343 3732 srservice - ok
18:17:24.0500 3732 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:17:25.0125 3732 Srv - ok
18:17:25.0656 3732 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
18:17:25.0656 3732 SSDPSRV - ok
18:17:25.0859 3732 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
18:17:25.0953 3732 stisvc - ok
18:17:26.0312 3732 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:17:26.0312 3732 swenum - ok
18:17:26.0437 3732 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:17:26.0437 3732 swmidi - ok
18:17:26.0500 3732 SwPrv - ok
18:17:26.0609 3732 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:17:26.0609 3732 sysaudio - ok
18:17:26.0734 3732 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
18:17:26.0750 3732 SysmonLog - ok
18:17:26.0890 3732 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
18:17:26.0921 3732 TapiSrv - ok
18:17:27.0046 3732 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:17:27.0093 3732 Tcpip - ok
18:17:27.0203 3732 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:17:27.0203 3732 TDPIPE - ok
18:17:27.0312 3732 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:17:27.0312 3732 TDTCP - ok
18:17:27.0406 3732 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:17:27.0406 3732 TermDD - ok
18:17:27.0500 3732 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
18:17:27.0562 3732 TermService - ok
18:17:27.0656 3732 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
18:17:27.0656 3732 Themes - ok
18:17:27.0734 3732 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
18:17:27.0750 3732 TlntSvr - ok
18:17:27.0890 3732 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
18:17:27.0890 3732 TrkWks - ok
18:17:28.0093 3732 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:17:28.0093 3732 Udfs - ok
18:17:28.0218 3732 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
18:17:28.0234 3732 ULI5261 - ok
18:17:28.0359 3732 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
18:17:28.0375 3732 uliagpkx - ok
18:17:28.0500 3732 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:17:28.0593 3732 Update - ok
18:17:28.0781 3732 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
18:17:28.0812 3732 upnphost - ok
18:17:29.0000 3732 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
18:17:29.0000 3732 UPS - ok
18:17:29.0093 3732 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:17:29.0093 3732 usbccgp - ok
18:17:29.0234 3732 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:17:29.0234 3732 usbehci - ok
18:17:29.0406 3732 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:17:29.0406 3732 usbhub - ok
18:17:29.0500 3732 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:17:29.0500 3732 usbohci - ok
18:17:29.0625 3732 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:17:29.0625 3732 usbprint - ok
18:17:29.0796 3732 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:17:29.0796 3732 usbscan - ok
18:17:29.0875 3732 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
18:17:29.0890 3732 usbser - ok
18:17:30.0046 3732 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:17:30.0062 3732 USBSTOR - ok
18:17:30.0203 3732 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:17:30.0218 3732 VgaSave - ok
18:17:30.0687 3732 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
18:17:30.0687 3732 VolSnap - ok
18:17:30.0796 3732 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
18:17:30.0828 3732 VSS - ok
18:17:30.0984 3732 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
18:17:31.0000 3732 W32Time - ok
18:17:31.0109 3732 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:17:31.0109 3732 Wanarp - ok
18:17:31.0250 3732 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:17:31.0250 3732 wdmaud - ok
18:17:31.0375 3732 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
18:17:31.0390 3732 WebClient - ok
18:17:31.0546 3732 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:17:31.0578 3732 winmgmt - ok
18:17:31.0765 3732 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
18:17:31.0828 3732 WinRM - ok
18:17:31.0921 3732 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
18:17:31.0937 3732 WmdmPmSN - ok
18:17:32.0093 3732 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
18:17:32.0156 3732 Wmi - ok
18:17:32.0250 3732 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:17:32.0250 3732 WmiApSrv - ok
18:17:32.0500 3732 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
18:17:32.0765 3732 WMPNetworkSvc - ok
18:17:32.0921 3732 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:17:32.0921 3732 WpdUsb - ok
18:17:33.0109 3732 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:17:33.0265 3732 WPFFontCache_v0400 - ok
18:17:33.0359 3732 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:17:33.0359 3732 WS2IFSL - ok
18:17:33.0468 3732 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
18:17:33.0468 3732 wscsvc - ok
18:17:33.0515 3732 WSearch - ok
18:17:33.0625 3732 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
18:17:33.0640 3732 wuauserv - ok
18:17:33.0812 3732 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:17:33.0812 3732 WudfPf - ok
18:17:33.0921 3732 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:17:33.0921 3732 WudfRd - ok
18:17:34.0031 3732 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:17:34.0046 3732 WudfSvc - ok
18:17:34.0125 3732 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
18:17:34.0171 3732 WZCSVC - ok
18:17:34.0312 3732 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
18:17:34.0328 3732 xmlprov - ok
18:17:34.0343 3732 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
18:17:34.0593 3732 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
18:17:34.0593 3732 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
18:17:34.0609 3732 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
18:17:34.0625 3732 \Device\Harddisk0\DR0\Partition0 - ok
18:17:34.0625 3732 ============================================================
18:17:34.0625 3732 Scan finished
18:17:34.0625 3732 ============================================================
18:17:34.0640 3724 Detected object count: 1
18:17:34.0640 3724 Actual detected object count: 1
18:22:35.0500 3724 \Device\Harddisk0\DR0\# - copied to quarantine
18:22:35.0500 3724 \Device\Harddisk0\DR0 - copied to quarantine
18:22:35.0500 3724 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine
18:22:53.0015 3424 Deinitialize success

#38 Příspěvek od **cernohous13** » 02 dub 2012 07:01

Výborně

Upravil jsem si chybný návod

Podle předchozího návodu stáhni a spusť ComboFix dej mi log a napiš jestli ještě Mozilla přesměrovává

addulka · #39 Příspěvek od **addulka** » 02 dub 2012 13:05

ComboFix 12-04-01.01 - Andrej . 04. 2012 13:45:14.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.511.232 [GMT 2:00]
Running from: c:\documents and settings\Andrej\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2012-03-02 to 2012-04-02 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-03 09:57 . 2008-04-14 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-29 14:10 . 2011-08-06 10:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-11 19:07 . 2012-02-15 19:41 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2011-01-26 18:41 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 04:38 . 2012-03-30 12:02 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-19_09.23.25 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-14 12:00 . 2012-02-15 20:02 86528 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2012-04-02 11:36 86528 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2012-04-02 11:36 499384 c:\windows\system32\perfh009.dat
- 2008-04-14 12:00 . 2012-02-15 20:02 499384 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2012-04-02 11:36 514792 c:\windows\system32\perfh005.dat
- 2008-04-14 12:00 . 2012-02-15 20:02 514792 c:\windows\system32\perfh005.dat
+ 2008-04-14 12:00 . 2012-04-02 11:36 108732 c:\windows\system32\perfc005.dat
- 2008-04-14 12:00 . 2012-02-15 20:02 108732 c:\windows\system32\perfc005.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALi5289"="c:\program files\ULI5289\ALi5289.exe" [2005-03-10 405504]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"OrderReminder"="c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-01-30 98304]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [26. 1. 2011 21:14 51840]
R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [26. 1. 2011 21:14 44928]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1. 1. 2012 22:54 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1. 1. 2012 22:54 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1. 1. 2012 22:54 20568]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [4. 5. 2010 13:07 503080]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [31. 7. 2011 13:59 27632]
R3 ULI5261;ULi Based Ethernet NT Driver;c:\windows\system32\drivers\ULILAN.SYS [26. 1. 2011 21:14 28160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 14:16 130384]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [29. 1. 2012 18:27 95200]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [31. 7. 2011 13:58 90112]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15. 1. 2010 14:49 227232]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14. 4. 2008 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 14:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
.
------- Supplementary Scan -------
.
uStart Page =
mStart Page =
mSearch bar =
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 217.119.113.244 217.119.113.245
FF - ProfilePath - c:\documents and settings\Andrej\Data aplikací\Mozilla\Firefox\Profiles\eazdrzbk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Usbfix - c:\usbfix\Un-Usbfix.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-02 13:54
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\## aswSnx private storage
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2076)
c:\progra~1\mcafee\SITEAD~1\saHook.dll
c:\windows\system32\msi.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-04-02 13:57:01
ComboFix-quarantined-files.txt 2012-04-02 11:56
.
Pre-Run: Volných bajtů: 100 616 839 168
Post-Run: Volných bajtů: 100 717 432 832
.
- - End Of File - - AF742CB5AE67087AE74BFD775C221555

Stále presmerováva...

#40 Příspěvek od **cernohous13** » 02 dub 2012 19:22

podezření, že TDSSKiller nevyčistil MBR - můžeš jej spustit znovu zatím s volbou "Skip"

Pak po sobě uklidím

ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Stáhni a spusť T-cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe - uklidí po použitých čističích.
Po spuštění ignoruj případné varování antiviru - je to v pořádku
Po provedení akce T-cleaner smažeš

Stáhni TempFolderCleaner http://oldtimer.geekstogo.com/TFC.exe
Zavři všechny programy a spusť. Po ukončení akce bude PC restartován.
Pokud ne, restartuj sám.
(čistí Temp složky , nečistí URL, historii, prefetch ani cookies)

stáhni program OTC tady: http://oldtimer.geekstogo.com/OTC.exe - spusť ho -> "CleanUp" (smaže dříve použité čističe)

Vypni Obnovení systému -> restartuj -> zapni Obnovení systému http://www.viry.cz/forum/viewtopic.php?t=47040

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar"

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Po vyčištění by se hodila defragmentace
doporučuji http://www.slunecnice.cz/sw/defraggler/ + čeština

Kdyby něco z návodu nefungovalo, pokračuj dalším krokem.

Spustíš Firefox se zakázanými doplňky - a metodou pokus/omyl je po jednom budeš povolovat

addulka · #41 Příspěvek od **addulka** » 02 dub 2012 21:03

Aj napriek tomu že som všetko toto urobila stále vyhadzuje to výstražné okno.

#42 Příspěvek od **cernohous13** » 02 dub 2012 21:12

Nový log z TDSSKiller bys nabídla

addulka · #43 Příspěvek od **addulka** » 03 dub 2012 10:33

Našlo mi tam ten istý rootkit, dala som ho znovu do karantény... No aj tak ešte stále vyhadzuje to okno... LOG je tu :

11:28:12.0109 3508 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
11:28:12.0578 3508 ============================================================
11:28:12.0578 3508 Current date / time: 2012/04/03 11:28:12.0578
11:28:12.0578 3508 SystemInfo:
11:28:12.0578 3508
11:28:12.0578 3508 OS Version: 5.1.2600 ServicePack: 3.0
11:28:12.0578 3508 Product type: Workstation
11:28:12.0578 3508 ComputerName: ANDREJ-PC
11:28:12.0578 3508 UserName: Andrej
11:28:12.0578 3508 Windows directory: C:\WINDOWS
11:28:12.0578 3508 System windows directory: C:\WINDOWS
11:28:12.0578 3508 Processor architecture: Intel x86
11:28:12.0578 3508 Number of processors: 1
11:28:12.0578 3508 Page size: 0x1000
11:28:12.0578 3508 Boot type: Normal boot
11:28:12.0578 3508 ============================================================
11:28:14.0843 3508 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:28:14.0843 3508 \Device\Harddisk0\DR0:
11:28:14.0843 3508 MBR used
11:28:14.0843 3508 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE4F80E2
11:28:14.0937 3508 Initialize success
11:28:14.0937 3508 ============================================================
11:28:18.0343 1924 ============================================================
11:28:18.0343 1924 Scan started
11:28:18.0343 1924 Mode: Manual;
11:28:18.0343 1924 ============================================================
11:28:20.0000 1924 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
11:28:20.0078 1924 Aavmker4 - ok
11:28:20.0281 1924 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:28:20.0312 1924 ACPI - ok
11:28:20.0656 1924 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:28:20.0656 1924 ACPIEC - ok
11:28:20.0750 1924 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
11:28:20.0750 1924 aeaudio - ok
11:28:20.0953 1924 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:28:20.0953 1924 aec - ok
11:28:21.0031 1924 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:28:21.0046 1924 AFD - ok
11:28:21.0171 1924 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
11:28:21.0171 1924 Alerter - ok
11:28:21.0281 1924 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
11:28:21.0296 1924 ALG - ok
11:28:21.0421 1924 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:28:21.0421 1924 AliIde - ok
11:28:21.0546 1924 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
11:28:21.0546 1924 AmdPPM - ok
11:28:21.0671 1924 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:28:21.0671 1924 Apple Mobile Device - ok
11:28:21.0843 1924 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
11:28:21.0875 1924 AppMgmt - ok
11:28:22.0000 1924 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:28:22.0000 1924 aspnet_state - ok
11:28:22.0140 1924 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:28:22.0140 1924 aswFsBlk - ok
11:28:22.0296 1924 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
11:28:22.0312 1924 aswMon2 - ok
11:28:22.0468 1924 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
11:28:22.0468 1924 aswRdr - ok
11:28:22.0578 1924 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
11:28:22.0625 1924 aswSnx - ok
11:28:22.0718 1924 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
11:28:22.0734 1924 aswSP - ok
11:28:22.0890 1924 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
11:28:22.0890 1924 aswTdi - ok
11:28:23.0000 1924 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:28:23.0000 1924 AsyncMac - ok
11:28:23.0125 1924 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:28:23.0125 1924 atapi - ok
11:28:23.0265 1924 Ati HotKey Poller (df7ce16cff3217e71742e3d700844c07) C:\WINDOWS\system32\Ati2evxx.exe
11:28:23.0281 1924 Ati HotKey Poller - ok
11:28:23.0406 1924 ATI Smart (01b14b2ec8123995e2b961d42bac8ef9) C:\WINDOWS\system32\ati2sgag.exe
11:28:23.0453 1924 ATI Smart - ok
11:28:23.0609 1924 ati2mtag (49c75e63b8b23b0e534447ba25ce2e76) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:28:23.0671 1924 ati2mtag - ok
11:28:23.0750 1924 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:28:23.0750 1924 Atmarpc - ok
11:28:23.0812 1924 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
11:28:23.0812 1924 AudioSrv - ok
11:28:23.0906 1924 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:28:23.0906 1924 audstub - ok
11:28:24.0000 1924 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:28:24.0000 1924 avast! Antivirus - ok
11:28:24.0140 1924 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:28:24.0140 1924 Beep - ok
11:28:24.0265 1924 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
11:28:24.0343 1924 BITS - ok
11:28:24.0484 1924 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:28:24.0546 1924 Bonjour Service - ok
11:28:24.0656 1924 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
11:28:24.0656 1924 Browser - ok
11:28:24.0718 1924 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:28:24.0734 1924 cbidf2k - ok
11:28:24.0812 1924 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:28:24.0812 1924 Cdaudio - ok
11:28:24.0906 1924 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:28:24.0906 1924 Cdfs - ok
11:28:25.0031 1924 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:28:25.0031 1924 Cdrom - ok
11:28:25.0093 1924 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
11:28:25.0109 1924 CiSvc - ok
11:28:25.0203 1924 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
11:28:25.0234 1924 ClipSrv - ok
11:28:25.0359 1924 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:28:25.0375 1924 clr_optimization_v2.0.50727_32 - ok
11:28:25.0468 1924 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:28:25.0484 1924 clr_optimization_v4.0.30319_32 - ok
11:28:25.0609 1924 COMSysApp - ok
11:28:25.0890 1924 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
11:28:25.0890 1924 CryptSvc - ok
11:28:25.0937 1924 dac2w2k - ok
11:28:26.0093 1924 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
11:28:26.0109 1924 DcomLaunch - ok
11:28:26.0234 1924 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
11:28:26.0250 1924 Dhcp - ok
11:28:26.0359 1924 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:28:26.0359 1924 Disk - ok
11:28:26.0421 1924 dmadmin - ok
11:28:26.0515 1924 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
11:28:26.0593 1924 dmboot - ok
11:28:26.0781 1924 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
11:28:26.0812 1924 dmio - ok
11:28:26.0921 1924 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:28:26.0921 1924 dmload - ok
11:28:27.0000 1924 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
11:28:27.0000 1924 dmserver - ok
11:28:27.0109 1924 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:28:27.0109 1924 DMusic - ok
11:28:27.0218 1924 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
11:28:27.0218 1924 Dnscache - ok
11:28:27.0328 1924 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
11:28:27.0359 1924 Dot3svc - ok
11:28:27.0515 1924 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:28:27.0515 1924 drmkaud - ok
11:28:27.0593 1924 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
11:28:27.0609 1924 EapHost - ok
11:28:27.0687 1924 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
11:28:27.0687 1924 ERSvc - ok
11:28:27.0781 1924 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
11:28:27.0796 1924 Eventlog - ok
11:28:27.0890 1924 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
11:28:27.0937 1924 EventSystem - ok
11:28:28.0062 1924 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:28:28.0078 1924 Fastfat - ok
11:28:28.0171 1924 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
11:28:28.0203 1924 FastUserSwitchingCompatibility - ok
11:28:28.0359 1924 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:28:28.0359 1924 Fdc - ok
11:28:28.0468 1924 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
11:28:28.0468 1924 Fips - ok
11:28:28.0546 1924 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:28:28.0546 1924 Flpydisk - ok
11:28:28.0687 1924 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:28:28.0703 1924 FltMgr - ok
11:28:28.0859 1924 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:28:28.0890 1924 FontCache3.0.0.0 - ok
11:28:29.0031 1924 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:28:29.0031 1924 Fs_Rec - ok
11:28:29.0093 1924 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:28:29.0093 1924 Ftdisk - ok
11:28:29.0171 1924 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:28:29.0171 1924 GEARAspiWDM - ok
11:28:29.0312 1924 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:28:29.0312 1924 Gpc - ok
11:28:29.0375 1924 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:28:29.0390 1924 helpsvc - ok
11:28:29.0468 1924 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
11:28:29.0468 1924 HidServ - ok
11:28:29.0609 1924 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:28:29.0609 1924 hidusb - ok
11:28:29.0718 1924 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
11:28:29.0718 1924 hkmsvc - ok
11:28:29.0859 1924 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:28:29.0875 1924 HTTP - ok
11:28:29.0937 1924 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
11:28:29.0953 1924 HTTPFilter - ok
11:28:30.0062 1924 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\drivers\i8042prt.sys
11:28:30.0062 1924 i8042prt - ok
11:28:30.0218 1924 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:28:30.0281 1924 IDriverT - ok
11:28:30.0531 1924 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:28:30.0578 1924 idsvc - ok
11:28:30.0671 1924 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:28:30.0671 1924 Imapi - ok
11:28:30.0765 1924 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
11:28:30.0781 1924 ImapiService - ok
11:28:30.0859 1924 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:28:30.0859 1924 Ip6Fw - ok
11:28:30.0984 1924 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:28:30.0984 1924 IpFilterDriver - ok
11:28:31.0062 1924 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:28:31.0062 1924 IpInIp - ok
11:28:31.0140 1924 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:28:31.0171 1924 IpNat - ok
11:28:31.0328 1924 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
11:28:31.0421 1924 iPod Service - ok
11:28:31.0546 1924 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:28:31.0546 1924 IPSec - ok
11:28:31.0640 1924 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:28:31.0640 1924 IRENUM - ok
11:28:31.0734 1924 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:28:31.0750 1924 isapnp - ok
11:28:31.0828 1924 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
11:28:31.0843 1924 JavaQuickStarterService - ok
11:28:32.0015 1924 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:28:32.0015 1924 Kbdclass - ok
11:28:32.0078 1924 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:28:32.0078 1924 kbdhid - ok
11:28:32.0171 1924 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:28:32.0187 1924 kmixer - ok
11:28:32.0375 1924 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:28:32.0375 1924 KSecDD - ok
11:28:32.0500 1924 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
11:28:32.0531 1924 LanmanServer - ok
11:28:32.0671 1924 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
11:28:32.0687 1924 lanmanworkstation - ok
11:28:32.0781 1924 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
11:28:32.0796 1924 LmHosts - ok
11:28:32.0890 1924 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
11:28:32.0890 1924 m5289 - ok
11:28:32.0984 1924 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
11:28:32.0984 1924 McAfee SiteAdvisor Service - ok
11:28:33.0046 1924 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
11:28:33.0093 1924 McComponentHostService - ok
11:28:33.0250 1924 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
11:28:33.0250 1924 Messenger - ok
11:28:33.0312 1924 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:28:33.0312 1924 mnmdd - ok
11:28:33.0406 1924 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
11:28:33.0421 1924 mnmsrvc - ok
11:28:33.0531 1924 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
11:28:33.0531 1924 Modem - ok
11:28:33.0609 1924 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:28:33.0609 1924 Mouclass - ok
11:28:33.0687 1924 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:28:33.0687 1924 mouhid - ok
11:28:33.0765 1924 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:28:33.0765 1924 MountMgr - ok
11:28:33.0859 1924 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:28:33.0875 1924 MRxDAV - ok
11:28:33.0984 1924 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:28:34.0031 1924 MRxSmb - ok
11:28:34.0156 1924 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
11:28:34.0156 1924 MSDTC - ok
11:28:34.0328 1924 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:28:34.0328 1924 Msfs - ok
11:28:34.0390 1924 MSIServer - ok
11:28:34.0468 1924 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:28:34.0468 1924 MSKSSRV - ok
11:28:34.0578 1924 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:28:34.0578 1924 MSPCLOCK - ok
11:28:34.0656 1924 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:28:34.0656 1924 MSPQM - ok
11:28:34.0765 1924 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:28:34.0765 1924 mssmbios - ok
11:28:34.0859 1924 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:28:34.0875 1924 Mup - ok
11:28:34.0984 1924 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
11:28:35.0015 1924 napagent - ok
11:28:35.0156 1924 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
11:28:35.0218 1924 NAUpdate - ok
11:28:35.0375 1924 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
11:28:35.0531 1924 NBService - ok
11:28:35.0703 1924 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:28:35.0718 1924 NDIS - ok
11:28:35.0781 1924 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:28:35.0796 1924 NdisTapi - ok
11:28:35.0859 1924 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:28:35.0859 1924 Ndisuio - ok
11:28:35.0921 1924 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:28:35.0921 1924 NdisWan - ok
11:28:36.0000 1924 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:28:36.0000 1924 NDProxy - ok
11:28:36.0046 1924 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:28:36.0046 1924 NetBIOS - ok
11:28:36.0171 1924 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:28:36.0187 1924 NetBT - ok
11:28:36.0656 1924 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
11:28:36.0734 1924 NetDDE - ok
11:28:36.0734 1924 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
11:28:36.0796 1924 NetDDEdsdm - ok
11:28:36.0875 1924 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
11:28:36.0921 1924 Netlogon - ok
11:28:37.0000 1924 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
11:28:37.0093 1924 Netman - ok
11:28:37.0281 1924 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:28:37.0328 1924 NetTcpPortSharing - ok
11:28:37.0515 1924 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
11:28:37.0578 1924 Nla - ok
11:28:37.0671 1924 NMIndexingService (e32686b4e27d11f83e3f2844e104c66c) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
11:28:37.0765 1924 NMIndexingService - ok
11:28:37.0890 1924 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:28:37.0921 1924 Npfs - ok
11:28:38.0000 1924 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:28:38.0015 1924 Ntfs - ok
11:28:38.0125 1924 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
11:28:38.0171 1924 NtLmSsp - ok
11:28:38.0343 1924 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
11:28:38.0437 1924 NtmsSvc - ok
11:28:38.0500 1924 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:28:38.0515 1924 Null - ok
11:28:38.0609 1924 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:28:38.0609 1924 NwlnkFlt - ok
11:28:38.0734 1924 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:28:38.0734 1924 NwlnkFwd - ok
11:28:38.0890 1924 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:28:38.0921 1924 odserv - ok
11:28:39.0000 1924 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
11:28:39.0093 1924 OMSI download service - ok
11:28:39.0171 1924 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:28:39.0218 1924 ose - ok
11:28:39.0390 1924 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
11:28:39.0406 1924 Parport - ok
11:28:39.0515 1924 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:28:39.0515 1924 PartMgr - ok
11:28:39.0656 1924 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
11:28:39.0656 1924 ParVdm - ok
11:28:39.0765 1924 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
11:28:39.0765 1924 PCI - ok
11:28:39.0906 1924 PCIDump - ok
11:28:40.0031 1924 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:28:40.0078 1924 Pcmcia - ok
11:28:40.0203 1924 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
11:28:40.0312 1924 PlugPlay - ok
11:28:40.0421 1924 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
11:28:40.0437 1924 PolicyAgent - ok
11:28:40.0531 1924 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:28:40.0562 1924 PptpMiniport - ok
11:28:40.0640 1924 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
11:28:40.0656 1924 Processor - ok
11:28:40.0750 1924 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
11:28:40.0812 1924 ProtectedStorage - ok
11:28:40.0953 1924 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:28:40.0953 1924 PSched - ok
11:28:41.0078 1924 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:28:41.0078 1924 Ptilink - ok
11:28:41.0484 1924 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:28:41.0484 1924 PxHelp20 - ok
11:28:41.0703 1924 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:28:41.0703 1924 RasAcd - ok
11:28:41.0843 1924 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
11:28:41.0859 1924 RasAuto - ok
11:28:41.0968 1924 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:28:41.0968 1924 Rasl2tp - ok
11:28:42.0109 1924 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
11:28:42.0125 1924 RasMan - ok
11:28:42.0265 1924 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:28:42.0265 1924 RasPppoe - ok
11:28:42.0421 1924 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:28:42.0437 1924 Raspti - ok
11:28:42.0578 1924 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:28:42.0609 1924 Rdbss - ok
11:28:42.0703 1924 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:28:42.0703 1924 RDPCDD - ok
11:28:42.0812 1924 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:28:42.0859 1924 rdpdr - ok
11:28:42.0953 1924 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
11:28:43.0000 1924 RDPWD - ok
11:28:43.0093 1924 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
11:28:43.0140 1924 RDSessMgr - ok
11:28:43.0421 1924 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:28:43.0421 1924 redbook - ok
11:28:43.0515 1924 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
11:28:43.0531 1924 RemoteAccess - ok
11:28:43.0640 1924 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
11:28:43.0656 1924 RemoteRegistry - ok
11:28:43.0765 1924 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
11:28:43.0765 1924 RpcLocator - ok
11:28:43.0859 1924 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
11:28:43.0859 1924 RpcSs - ok
11:28:44.0015 1924 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
11:28:44.0046 1924 RSVP - ok
11:28:44.0109 1924 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
11:28:44.0109 1924 SamSs - ok
11:28:44.0187 1924 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
11:28:44.0203 1924 SCardSvr - ok
11:28:44.0390 1924 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
11:28:44.0437 1924 Schedule - ok
11:28:44.0515 1924 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:28:44.0515 1924 Secdrv - ok
11:28:44.0625 1924 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
11:28:44.0640 1924 seclogon - ok
11:28:44.0734 1924 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
11:28:44.0734 1924 seehcri - ok
11:28:44.0796 1924 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
11:28:44.0812 1924 SENS - ok
11:28:44.0921 1924 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:28:44.0921 1924 serenum - ok
11:28:45.0015 1924 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
11:28:45.0015 1924 Serial - ok
11:28:45.0156 1924 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:28:45.0156 1924 Sfloppy - ok
11:28:45.0328 1924 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
11:28:45.0421 1924 SharedAccess - ok
11:28:45.0531 1924 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
11:28:45.0531 1924 ShellHWDetection - ok
11:28:45.0703 1924 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys
11:28:45.0734 1924 smwdm - ok
11:28:45.0828 1924 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
11:28:45.0828 1924 SoundMAX Agent Service (default) - ok
11:28:45.0937 1924 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:28:45.0937 1924 splitter - ok
11:28:46.0000 1924 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:28:46.0015 1924 Spooler - ok
11:28:46.0109 1924 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
11:28:46.0109 1924 sr - ok
11:28:46.0218 1924 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
11:28:46.0281 1924 srservice - ok
11:28:46.0453 1924 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:28:46.0484 1924 Srv - ok
11:28:46.0578 1924 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
11:28:46.0593 1924 SSDPSRV - ok
11:28:46.0703 1924 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
11:28:46.0718 1924 stisvc - ok
11:28:46.0843 1924 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:28:46.0843 1924 swenum - ok
11:28:46.0937 1924 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:28:46.0937 1924 swmidi - ok
11:28:46.0984 1924 SwPrv - ok
11:28:47.0109 1924 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:28:47.0109 1924 sysaudio - ok
11:28:47.0187 1924 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
11:28:47.0187 1924 SysmonLog - ok
11:28:47.0390 1924 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
11:28:47.0421 1924 TapiSrv - ok
11:28:47.0531 1924 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:28:47.0562 1924 Tcpip - ok
11:28:47.0687 1924 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:28:47.0687 1924 TDPIPE - ok
11:28:47.0812 1924 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:28:47.0812 1924 TDTCP - ok
11:28:47.0921 1924 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:28:47.0921 1924 TermDD - ok
11:28:48.0046 1924 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
11:28:48.0078 1924 TermService - ok
11:28:48.0156 1924 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
11:28:48.0156 1924 Themes - ok
11:28:48.0281 1924 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
11:28:48.0296 1924 TlntSvr - ok
11:28:48.0390 1924 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
11:28:48.0390 1924 TrkWks - ok
11:28:48.0562 1924 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:28:48.0562 1924 Udfs - ok
11:28:48.0640 1924 ULI5261 (564f1f82fb5c0249be0cfee4c826be95) C:\WINDOWS\system32\DRIVERS\ULILAN.SYS
11:28:48.0640 1924 ULI5261 - ok
11:28:48.0765 1924 uliagpkx (4acecaa41d5f1a4cd3c78afc4de0a8c3) C:\WINDOWS\system32\DRIVERS\agpkx.sys
11:28:48.0765 1924 uliagpkx - ok
11:28:48.0875 1924 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:28:48.0921 1924 Update - ok
11:28:49.0078 1924 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
11:28:49.0109 1924 upnphost - ok
11:28:49.0171 1924 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
11:28:49.0187 1924 UPS - ok
11:28:49.0484 1924 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:28:49.0500 1924 usbccgp - ok
11:28:49.0546 1924 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:28:49.0546 1924 usbehci - ok
11:28:49.0625 1924 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:28:49.0625 1924 usbhub - ok
11:28:49.0687 1924 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:28:49.0687 1924 usbohci - ok
11:28:49.0781 1924 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:28:49.0781 1924 usbprint - ok
11:28:49.0843 1924 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:28:49.0843 1924 usbscan - ok
11:28:49.0906 1924 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
11:28:49.0906 1924 usbser - ok
11:28:50.0015 1924 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:28:50.0015 1924 USBSTOR - ok
11:28:50.0078 1924 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:28:50.0078 1924 VgaSave - ok
11:28:50.0156 1924 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
11:28:50.0156 1924 VolSnap - ok
11:28:50.0312 1924 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
11:28:50.0343 1924 VSS - ok
11:28:50.0437 1924 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
11:28:50.0484 1924 W32Time - ok
11:28:50.0578 1924 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:28:50.0578 1924 Wanarp - ok
11:28:50.0640 1924 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:28:50.0640 1924 wdmaud - ok
11:28:50.0734 1924 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
11:28:50.0734 1924 WebClient - ok
11:28:50.0859 1924 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:28:50.0875 1924 winmgmt - ok
11:28:51.0031 1924 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
11:28:51.0109 1924 WinRM - ok
11:28:51.0203 1924 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
11:28:51.0218 1924 WmdmPmSN - ok
11:28:51.0328 1924 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
11:28:51.0375 1924 Wmi - ok
11:28:51.0484 1924 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:28:51.0484 1924 WmiApSrv - ok
11:28:51.0625 1924 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
11:28:51.0687 1924 WMPNetworkSvc - ok
11:28:51.0781 1924 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:28:51.0781 1924 WpdUsb - ok
11:28:51.0953 1924 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:28:51.0968 1924 WPFFontCache_v0400 - ok
11:28:52.0062 1924 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:28:52.0078 1924 WS2IFSL - ok
11:28:52.0140 1924 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
11:28:52.0156 1924 wscsvc - ok
11:28:52.0187 1924 WSearch - ok
11:28:52.0328 1924 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
11:28:52.0343 1924 wuauserv - ok
11:28:52.0421 1924 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:28:52.0421 1924 WudfPf - ok
11:28:52.0531 1924 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:28:52.0531 1924 WudfRd - ok
11:28:52.0578 1924 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
11:28:52.0593 1924 WudfSvc - ok
11:28:52.0703 1924 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
11:28:52.0750 1924 WZCSVC - ok
11:28:52.0843 1924 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
11:28:52.0859 1924 xmlprov - ok
11:28:52.0875 1924 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
11:28:53.0187 1924 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
11:28:53.0187 1924 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
11:28:53.0234 1924 Boot (0x1200) (9be5d266fcadabcb49b4955ca74310d9) \Device\Harddisk0\DR0\Partition0
11:28:53.0265 1924 \Device\Harddisk0\DR0\Partition0 - ok
11:28:53.0265 1924 ============================================================
11:28:53.0265 1924 Scan finished
11:28:53.0265 1924 ============================================================
11:28:53.0281 3760 Detected object count: 1
11:28:53.0281 3760 Actual detected object count: 1
11:29:25.0453 3760 \Device\Harddisk0\DR0\# - copied to quarantine
11:29:25.0453 3760 \Device\Harddisk0\DR0 - copied to quarantine
11:29:25.0453 3760 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine

#44 Příspěvek od **JaRon** » 03 dub 2012 10:57

zaskocim:
http://public.avast.com/~gmerek/aswMBR.htm
urob IBA scan + save log a ten vloz sem

addulka · #45 Příspěvek od **addulka** » 03 dub 2012 11:36

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-03 12:29:09
-----------------------------
12:29:09.203 OS Version: Windows 5.1.2600 Service Pack 3
12:29:09.203 Number of processors: 1 586 0x2C02
12:29:09.203 ComputerName: ANDREJ-PC UserName: Andrej
12:29:10.515 Initialize success
12:29:11.671 AVAST engine defs: 12040300
12:29:24.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:29:24.468 Disk 0 Vendor: Maxtor_6L120P0 BAJ41G20 Size: 117246MB BusType: 3
12:29:24.484 Disk 0 MBR read successfully
12:29:24.484 Disk 0 MBR scan
12:29:24.546 Disk 0 Windows XP default MBR code
12:29:24.546 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 117232 MB offset 63
12:29:24.546 Disk 0 scanning sectors +240091425
12:29:24.625 Disk 0 scanning C:\WINDOWS\system32\drivers
12:29:33.953 Service scanning
12:29:47.640 Modules scanning
12:29:53.406 Disk 0 trace - called modules:
12:29:53.421 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys aliide.sys PCIIDEX.SYS
12:29:53.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x825d1ab8]
12:29:53.953 3 CLASSPNP.SYS[f86b5fd7] -> nt!IofCallDriver -> \Device\0000005c[0x825d6f18]
12:29:53.953 5 ACPI.sys[f853c620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x825d4d98]
12:29:54.437 AVAST engine scan C:\WINDOWS
12:29:58.671 AVAST engine scan C:\WINDOWS\system32
12:32:01.250 AVAST engine scan C:\WINDOWS\system32\drivers
12:32:10.812 AVAST engine scan C:\Documents and Settings\Andrej
12:33:11.156 AVAST engine scan C:\Documents and Settings\All Users
12:33:23.937 Scan finished successfully
12:34:46.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Andrej\Plocha\MBR.dat"
12:34:46.859 The log file has been saved successfully to "C:\Documents and Settings\Andrej\Plocha\aswMBR.txt"

VIRY.CZ

Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu