KK
-----
C:\>KK.exe -a
Net-Worm.Win32.Kido removing tool, Kaspersky Lab 2010
version 3.4.14 Mar 19 2010 10:17:17
scanning jobs ...
scanning processes ...
scanning threads ...
scanning modules in svchost.exe...
scanning modules in services.exe...
scanning modules in explorer.exe...
disabling autorun on all drive types
scanning C:\WINDOWS\system32 ...
scanning C:\Program Files\Internet Explorer\ ...
scanning C:\Program Files\Movie Maker\ ...
scanning C:\Program Files\Windows Media Player\ ...
scanning C:\Program Files\Windows NT\ ...
scanning C:\Documents and Settings\Administrator\Data aplikací ...
scanning C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ ...
scanning Flash drives ...
scanning F:\ ...
F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx infected
Net-Worm.Win32.Kido ... cured
completed
Infected jobs: 0
Infected files: 1
Infected threads: 0
Spliced functions: 0
Cured files: 1
Fixed registry keys: 0
Pokračujte stisknutím libovolné klávesy...
-----------
FixDownadup
Symantec W32.Downadup Removal Tool 1.0.5
C:\_OTL\MovedFiles\06012012_085433\C_WINDOWS\system32\hwiwhtw.dll: W32.Downadup.B (unrepairable) (deleted)
F:\autorun.inf: W32.Downadup!autorun (unrepairable) (deleted)
scheduled job: Unable to enumerate scheduled jobs. Returned status 2184
registry: HKLM\system\CurrentControlSet\Services\wuauserv: Start (value set to 0x00000002 (2))
registry: HKLM\system\CurrentControlSet\Services\BITS: Start (value set to 0x00000003 (3))
W32.Downadup has been successfully removed from your computer!
Here is the report:
The total number of the scanned files: 28782
The number of deleted threat files: 2
The number of threat processes terminated: 0
The number of threat threads terminated: 0
The number of registry entries fixed: 2
-----------
RK
RogueKiller V7.5.2 [05/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP 64 / Windows Home Server / Windows Server 2003 (5.2.3790 Service Pack 2) 32 bits version
Spuštěno v: Normální režim
Uživatel: Administrator [Práva správce]
Mód: Odebrat -- Datum: 06/01/2012 09:47:25
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Záznamy Registrů: 3 ¤¤¤
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3750640AS +++++
--- User ---
[MBR] 0d889d2534b781df3d45acab4c30842b
[BSP] 21fb2ef31b54f8646ff4e2c6bdeb9b16 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 10244 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 20980890 | Size: 705157 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: ST3750640AS +++++
--- User ---
[MBR] 483b9fdd25cb60e9e19c1e33576637f6
[BSP] e24cb65d70c651335a1a1ce5303739d7 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 715402 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: Kingston DT 101 G2 USB Device +++++
--- User ---
[MBR] ca455948a4fc9194eb4e107db81605cf
[BSP] c3cad0b1bcd8ecc585f432dedd5c62f2 : MBR Code unknown
Partition table:
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 128 | Size: 3820 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
--
RogueKiller V7.5.2 [05/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP 64 / Windows Home Server / Windows Server 2003 (5.2.3790 Service Pack 2) 32 bits version
Spuštěno v: Normální režim
Uživatel: Administrator [Práva správce]
Mód: Oprava HOSTS -- Datum: 06/01/2012 09:47:31
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
--
RogueKiller V7.5.2 [05/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP 64 / Windows Home Server / Windows Server 2003 (5.2.3790 Service Pack 2) 32 bits version
Spuštěno v: Normální režim
Uživatel: Administrator [Práva správce]
Mód: Oprava Proxy -- Datum: 06/01/2012 09:47:34
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Záznamy Registrů: 0 ¤¤¤
Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
--
RogueKiller V7.5.2 [05/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP 64 / Windows Home Server / Windows Server 2003 (5.2.3790 Service Pack 2) 32 bits version
Spuštěno v: Normální režim
Uživatel: Administrator [Práva správce]
Mód: Oprava DNS -- Datum: 06/01/2012 09:47:36
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Záznamy Registrů: 0 ¤¤¤
Dokončeno : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
--
RogueKiller V7.5.2 [05/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP 64 / Windows Home Server / Windows Server 2003 (5.2.3790 Service Pack 2) 32 bits version
Spuštěno v: Normální režim
Uživatel: Administrator [Práva správce]
Mód: Oprava zástupců -- Datum: 06/01/2012 09:48:23
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Atributy souboru opraveny: ¤¤¤
Plocha: Success 0 / Fail 0
Rychlé spuštění: Success 0 / Fail 0
Programy: Success 5 / Fail 0
Menu Start: Success 0 / Fail 0
Složka uživatele: Success 66 / Fail 0
Dokumenty: Success 1 / Fail 0
Oblíbené: Success 0 / Fail 0
Obrázky: Success 0 / Fail 0
Hudba: Success 0 / Fail 0
Videa: Success 0 / Fail 0
Místní disky: Success 658 / Fail 0
Záloha: [NOT FOUND]
Ovladače:
[A:] \Device\Floppy0 -- 0x2 --> Skipped
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[F:] \Device\Harddisk2\DP(1)0-0+6 -- 0x2 --> Restored
¤¤¤ Nákaza : ¤¤¤
Dokončeno : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
---
USBfix
############################## | UsbFix V 7.088 | [Research]
User: Administrator (Administrator) # SERVER-NOVOB
Updated 16/05/2012 by El Desaparecido
Started at 09:49:41 | 01/06/2012
Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com
PC: System manufacturer (Maximus II Formula) (X86-based PC) # Desktop Computer
CPU: Intel(R) Core(TM)2 Quad CPU Q6700 @ 2.66GHz (2666)
CPU: Intel(R) Core(TM)2 Quad CPU Q6700 @ 2.66GHz (2666)
CPU: Intel(R) Core(TM)2 Quad CPU Q6700 @ 2.66GHz (2666)
CPU: Intel(R) Core(TM)2 Quad CPU Q6700 @ 2.66GHz (2666)
RAM -> [ Total : 4095 | Free : 3584 ]
BIOS: BIOS Date: 06/23/08 18:03:46 Ver: 08.00.14
BOOT: Normal boot
OS: Microsoft(R) Windows(R) Server 2003, Standard Edition (5.2.3790 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [ (!) Disabled ]
WU: Windows Update Service [ Enabled ]
FW: Windows FireWall Service [ Enabled ]
C:\ (%systemdrive%) -> Fixed drive # 10 Gb (2 Mb free - 24%) [System] # NTFS
D:\ -> Fixed drive # 699 Gb (699 Mb free - 100%) [Data1] # NTFS
E:\ -> Fixed drive # 689 Gb (688 Mb free - 100%) [Data2] # NTFS
F:\ -> Removable drive # 4 Gb (2 Mb free - 52%) [] # NTFS
################## | Active Processes |
C:\WINDOWS\system32\winlogon.exe (344)
C:\WINDOWS\system32\services.exe (392)
C:\WINDOWS\system32\lsass.exe (404)
C:\WINDOWS\system32\svchost.exe (612)
C:\WINDOWS\System32\svchost.exe (844)
C:\WINDOWS\system32\spoolsv.exe (1184)
C:\WINDOWS\system32\Dfssvc.exe (1340)
C:\WINDOWS\System32\dns.exe (1368)
C:\WINDOWS\System32\ismserv.exe (1428)
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (1440)
C:\WINDOWS\system32\ntfrs.exe (1488)
C:\WINDOWS\system32\svchost.exe (1608)
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (1684)
C:\WINDOWS\system32\tcpsvcs.exe (1860)
C:\WINDOWS\System32\svchost.exe (2168)
C:\WINDOWS\Explorer.EXE (3336)
C:\Program Files\TeamViewer\Version6\TeamViewer.exe (3392)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (3452)
C:\WINDOWS\system32\ctfmon.exe (3476)
C:\WINDOWS\system32\oobechk.exe (3500)
C:\WINDOWS\system32\mshta.exe (3548)
C:\WINDOWS\System32\svchost.exe (3568)
C:\WINDOWS\system32\NOTEPAD.EXE (3708)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe (3836)
C:\WINDOWS\system32\wuauclt.exe (664)
C:\UsbFix\Go.exe (3116)
################## | Files # Infected Folders |
Found ! C:\KK.exe
Found ! F:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665
################## | Registry |
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MSConfig
################## | Mountpoints2 |
################## | Vaccin |
(!) This computer is not vaccinated!
################## | E.O.F |
----
MBAM
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
http://www.malwarebytes.org
Verze databáze: v2012.06.01.02
Windows Server 2003 Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: SERVER-NOVOB [administrátor]
Ochrana: Zakázána
1.6.2012 9:52:22
mbam-log-2012-06-01 (09-52-22).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 203651
Uplynulý čas: 1 hodin, 2 minut, 27 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
---
ComboFix nejde spustit (říká, že není pro server a o aktualizacích jsem psal výše)
Vypadá to, že vše funguje OK. Díky za pomoc - ještě dodám TDSSKILLER
Postup z tvého blogu můžu použít na všechny infikovaná PC?
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nelze zobrazit stránky microsoftu a antivirových společností
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Nelze zobrazit stránky microsoftu a antivirových společn
TDSSKILLER
11:00:54.0140 3112 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
11:00:54.0250 3112 ============================================================
11:00:54.0250 3112 Current date / time: 2012/06/01 11:00:54.0250
11:00:54.0250 3112 SystemInfo:
11:00:54.0250 3112
11:00:54.0250 3112 OS Version: 5.2.3790 ServicePack: 2.0
11:00:54.0250 3112 Product type: Domain controller
11:00:54.0250 3112 ComputerName: SERVER-NOVOB
11:00:54.0250 3112 UserName: Administrator
11:00:54.0250 3112 Windows directory: C:\WINDOWS
11:00:54.0250 3112 System windows directory: C:\WINDOWS
11:00:54.0250 3112 Processor architecture: Intel x86
11:00:54.0250 3112 Number of processors: 4
11:00:54.0250 3112 Page size: 0x1000
11:00:54.0250 3112 Boot type: Normal boot
11:00:54.0250 3112 ============================================================
11:00:55.0828 3112 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:00:55.0843 3112 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:00:55.0843 3112 Drive \Device\Harddisk2\DR5 - Size: 0xEEE00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:00:55.0843 3112 ============================================================
11:00:55.0843 3112 \Device\Harddisk0\DR0:
11:00:55.0859 3112 MBR partitions:
11:00:55.0859 3112 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x140245B
11:00:55.0875 3112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14024D9, BlocksNum 0x56142E28
11:00:55.0875 3112 \Device\Harddisk1\DR1:
11:00:55.0875 3112 MBR partitions:
11:00:55.0875 3112 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
11:00:55.0875 3112 \Device\Harddisk2\DR5:
11:00:55.0875 3112 MBR partitions:
11:00:55.0875 3112 \Device\Harddisk2\DR5\Partition0: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x776700
11:00:55.0875 3112 ============================================================
11:00:55.0906 3112 D: <-> \Device\Harddisk1\DR1\Partition0
11:00:55.0937 3112 E: <-> \Device\Harddisk0\DR0\Partition1
11:00:55.0968 3112 C: <-> \Device\Harddisk0\DR0\Partition0
11:00:55.0968 3112 ============================================================
11:00:55.0968 3112 Initialize success
11:00:55.0968 3112 ============================================================
11:00:57.0953 1548 ============================================================
11:00:57.0953 1548 Scan started
11:00:57.0953 1548 Mode: Manual;
11:00:57.0953 1548 ============================================================
11:01:01.0093 1548 Abiosdsk - ok
11:01:01.0125 1548 ACPI (c8d767277d2b675de6be04f18b44ef67) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:01:01.0125 1548 ACPI - ok
11:01:01.0140 1548 ACPIEC (59a7172f3cec7bd1c7f00f59655fbc12) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:01:01.0140 1548 ACPIEC - ok
11:01:01.0140 1548 adpu160m - ok
11:01:01.0140 1548 adpu320 - ok
11:01:01.0156 1548 AeLookupSvc (5db198f5b68388724bafd79ada67ed3d) C:\WINDOWS\System32\aelupsvc.dll
11:01:01.0156 1548 AeLookupSvc - ok
11:01:01.0156 1548 afcnt - ok
11:01:01.0171 1548 AFD (5b69998f9d6ac16e25ffd7c690de54f5) C:\WINDOWS\System32\drivers\afd.sys
11:01:01.0171 1548 AFD - ok
11:01:01.0187 1548 aic78u2 - ok
11:01:01.0187 1548 aic78xx - ok
11:01:01.0203 1548 Alerter (d229dcf0a6e8eb882dcebd941ff21a71) C:\WINDOWS\system32\alrsvc.dll
11:01:01.0203 1548 Alerter - ok
11:01:01.0218 1548 ALG (7d8740605871deaf788e8b51e5d30d6b) C:\WINDOWS\System32\alg.exe
11:01:01.0218 1548 ALG - ok
11:01:01.0218 1548 AliIde - ok
11:01:01.0234 1548 AmdIde (a382e54a06c38731187c8213d184d52a) C:\WINDOWS\system32\drivers\AmdIde.sys
11:01:01.0234 1548 AmdIde - ok
11:01:01.0234 1548 AppMgmt (d1da59ba82c5feaa632fd25594348061) C:\WINDOWS\System32\appmgmts.dll
11:01:01.0250 1548 AppMgmt - ok
11:01:01.0265 1548 arc (a9c7273645a06a01ac2ca070d7d7ec87) C:\WINDOWS\system32\drivers\arc.sys
11:01:01.0265 1548 arc - ok
11:01:01.0453 1548 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:01:01.0453 1548 aspnet_state - ok
11:01:01.0468 1548 AsyncMac (a35b971f631d4dfdeb68d71e770d2ce9) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:01:01.0468 1548 AsyncMac - ok
11:01:01.0484 1548 atapi (ff953a8f08ca3f822127654375786bbe) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:01:01.0484 1548 atapi - ok
11:01:01.0500 1548 Atdisk - ok
11:01:01.0578 1548 Ati HotKey Poller (fe66abf84c0eb599a2d3b6323f2789f8) C:\WINDOWS\system32\Ati2evxx.exe
11:01:01.0578 1548 Ati HotKey Poller - ok
11:01:01.0625 1548 ATI Smart (576bb7e22e34ba94a75c855f980571b7) C:\WINDOWS\system32\ati2sgag.exe
11:01:01.0625 1548 ATI Smart - ok
11:01:01.0796 1548 ati2mtag (365e08750277c7319fbc721edd377929) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:01:01.0812 1548 ati2mtag - ok
11:01:02.0750 1548 Atmarpc (d12dad5032285343ce3aa4906f661181) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:01:02.0750 1548 Atmarpc - ok
11:01:02.0765 1548 AudioSrv (8b2f0eb741366ffd2cfb38f19df4c8f4) C:\WINDOWS\System32\audiosrv.dll
11:01:02.0765 1548 AudioSrv - ok
11:01:02.0796 1548 audstub (5bfd980c2107d88101d1dc14055526fc) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:01:02.0796 1548 audstub - ok
11:01:02.0796 1548 Beep (99572503e15a3d10239b7b9887cbaf89) C:\WINDOWS\system32\drivers\Beep.sys
11:01:02.0812 1548 Beep - ok
11:01:02.0828 1548 BITS (7de111d387fb879afc740256bf01dbcb) C:\WINDOWS\system32\qmgr.dll
11:01:02.0828 1548 BITS - ok
11:01:02.0843 1548 Browser (6a8d9dcfcf0ef3ec8181610499798d50) C:\WINDOWS\System32\browser.dll
11:01:02.0843 1548 Browser - ok
11:01:02.0859 1548 cbidf2k (1342877de604a5a6bff986e288e3a8a7) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:01:02.0859 1548 cbidf2k - ok
11:01:02.0859 1548 cd20xrnt - ok
11:01:02.0890 1548 Cdfs (e6d72780c957b69c48bfc66bc3ecdad4) C:\WINDOWS\system32\drivers\Cdfs.sys
11:01:02.0890 1548 Cdfs - ok
11:01:02.0906 1548 Cdrom (825aa877a852ecc731fa0c39c8c37744) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:01:02.0906 1548 Cdrom - ok
11:01:02.0906 1548 Changer - ok
11:01:02.0921 1548 CiSvc (d15cc26204188e09ec9dd49a983d4351) C:\WINDOWS\system32\cisvc.exe
11:01:02.0921 1548 CiSvc - ok
11:01:02.0937 1548 ClipSrv (ab451cc4cde5994e7978c4128c8a5795) C:\WINDOWS\system32\clipsrv.exe
11:01:02.0937 1548 ClipSrv - ok
11:01:03.0109 1548 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:01:03.0109 1548 clr_optimization_v2.0.50727_32 - ok
11:01:03.0140 1548 ClusDisk (54308cdf97622fae1620bb1ec39ef014) C:\WINDOWS\system32\DRIVERS\ClusDisk.sys
11:01:03.0140 1548 ClusDisk - ok
11:01:03.0140 1548 CmdIde - ok
11:01:03.0140 1548 COMSysApp - ok
11:01:03.0140 1548 Cpqarray - ok
11:01:03.0140 1548 cpqarry2 - ok
11:01:03.0156 1548 cpqcissm - ok
11:01:03.0156 1548 cpqfcalm - ok
11:01:03.0171 1548 crcdisk (0ee27d9dbb208c13314f3c60f66aed26) C:\WINDOWS\system32\DRIVERS\crcdisk.sys
11:01:03.0171 1548 crcdisk - ok
11:01:03.0187 1548 CryptSvc (0db8ae9db459a146788e32f4b0daff83) C:\WINDOWS\System32\cryptsvc.dll
11:01:03.0187 1548 CryptSvc - ok
11:01:03.0187 1548 dac2w2k - ok
11:01:03.0187 1548 dac960nt - ok
11:01:03.0218 1548 Datascrn (56e00d53e7c6b25492aa8f45989a3360) C:\WINDOWS\system32\DRIVERS\datascrn.sys
11:01:03.0218 1548 Datascrn - ok
11:01:03.0250 1548 DcomLaunch (55ed2759baf4b85d5f0667e52a3ebc1c) C:\WINDOWS\system32\rpcss.dll
11:01:03.0250 1548 DcomLaunch - ok
11:01:03.0250 1548 dellcerc - ok
11:01:03.0281 1548 Dfs (a55275f92366e4a26fbb431d65d03478) C:\WINDOWS\system32\Dfssvc.exe
11:01:03.0281 1548 Dfs - ok
11:01:03.0281 1548 DfsDriver (444726b01c31d29c70e60f7c35de43e5) C:\WINDOWS\system32\drivers\Dfs.sys
11:01:03.0281 1548 DfsDriver - ok
11:01:03.0312 1548 Dhcp (2c61af71017a74b9d10c7d45094c5839) C:\WINDOWS\System32\dhcpcsvc.dll
11:01:03.0312 1548 Dhcp - ok
11:01:03.0328 1548 DHCPServer (ea38b76fb5dc39c89e4c07800829cc93) C:\WINDOWS\system32\tcpsvcs.exe
11:01:03.0328 1548 DHCPServer - ok
11:01:03.0343 1548 Disk (98433302c02f1168efb7364f8111a179) C:\WINDOWS\system32\DRIVERS\disk.sys
11:01:03.0343 1548 Disk - ok
11:01:03.0343 1548 dmadmin - ok
11:01:03.0359 1548 dmboot (74ec1bc61c76a5b5128af400f7e8077c) C:\WINDOWS\system32\drivers\dmboot.sys
11:01:03.0359 1548 dmboot - ok
11:01:03.0375 1548 dmio (254eb2d0a04d1ab073f5b619916f93d5) C:\WINDOWS\system32\drivers\dmio.sys
11:01:03.0375 1548 dmio - ok
11:01:03.0390 1548 dmload (3d9bfa13b6f1cd2d91c50c52b32e91a2) C:\WINDOWS\system32\drivers\dmload.sys
11:01:03.0390 1548 dmload - ok
11:01:03.0390 1548 dmserver (e6a3dba4c2f033423d95ba5f5c3c651b) C:\WINDOWS\System32\dmserver.dll
11:01:03.0390 1548 dmserver - ok
11:01:03.0406 1548 DNS (6038826d58063782aae5b0e3186a767d) C:\WINDOWS\System32\dns.exe
11:01:03.0406 1548 DNS - ok
11:01:03.0421 1548 Dnscache (46411cd4f7f01cc56de676f5b9cc996d) C:\WINDOWS\System32\dnsrslvr.dll
11:01:03.0421 1548 Dnscache - ok
11:01:03.0421 1548 dpti2o - ok
11:01:03.0421 1548 elxstor - ok
11:01:03.0437 1548 ERSvc (1f0f42ab862dc684457b7380f1ff9398) C:\WINDOWS\System32\ersvc.dll
11:01:03.0437 1548 ERSvc - ok
11:01:03.0453 1548 Eventlog (b79eba3c42a33cf4162d95abdb46f3bd) C:\WINDOWS\system32\services.exe
11:01:03.0453 1548 Eventlog - ok
11:01:03.0484 1548 EventSystem (f638c48e30c62bdec946bf86e1be0f57) C:\WINDOWS\system32\es.dll
11:01:03.0484 1548 EventSystem - ok
11:01:03.0531 1548 Fastfat (e792a18abdc32286212dce8e75baa124) C:\WINDOWS\system32\drivers\Fastfat.sys
11:01:03.0531 1548 Fastfat - ok
11:01:03.0531 1548 Fdc (5090cd3f6ab1d71ad507953cff556ea9) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:01:03.0531 1548 Fdc - ok
11:01:03.0578 1548 Fips (020c9839d3686510a66c67e5a778f007) C:\WINDOWS\system32\drivers\Fips.sys
11:01:03.0578 1548 Fips - ok
11:01:03.0593 1548 Flpydisk (c621a51f415419a3145a5939abde39fa) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:01:03.0593 1548 Flpydisk - ok
11:01:03.0765 1548 FltMgr (f978277ef786532195cdd9f88e908632) C:\WINDOWS\system32\drivers\fltmgr.sys
11:01:03.0781 1548 FltMgr - ok
11:01:03.0843 1548 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:01:03.0843 1548 FontCache3.0.0.0 - ok
11:01:03.0843 1548 Fs_Rec (aebff3d810b74971b91b2b77b289a98b) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:01:03.0843 1548 Fs_Rec - ok
11:01:03.0875 1548 Ftdisk (1f231871066f5060d79c98dc05dc7a60) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:01:03.0875 1548 Ftdisk - ok
11:01:03.0890 1548 Gpc (30b1653a955f548352024a5fee203cc3) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:01:03.0890 1548 Gpc - ok
11:01:03.0906 1548 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:01:03.0906 1548 HDAudBus - ok
11:01:03.0937 1548 helpsvc (93f9de03509fbf6aacefd62a1f5106b4) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:01:03.0937 1548 helpsvc - ok
11:01:03.0937 1548 HidServ - ok
11:01:03.0953 1548 hidusb (90a325e14f9b95f17712707b1a7181b5) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:01:03.0968 1548 hidusb - ok
11:01:03.0984 1548 hpcisss (8a445379d6e73731a6a37318dbb0c880) C:\WINDOWS\system32\drivers\hpcisss.sys
11:01:03.0984 1548 hpcisss - ok
11:01:03.0984 1548 hpn - ok
11:01:03.0984 1548 hpt3xx - ok
11:01:04.0015 1548 HTTP (40e177ffcda73034d3725b503e90d5a8) C:\WINDOWS\system32\Drivers\HTTP.sys
11:01:04.0015 1548 HTTP - ok
11:01:04.0015 1548 HTTPFilter (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\System32\lsass.exe
11:01:04.0015 1548 HTTPFilter - ok
11:01:04.0015 1548 i2omgmt - ok
11:01:04.0015 1548 i2omp - ok
11:01:04.0031 1548 i8042prt (65699f55ef1c396d44a6eb835e600be5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:01:04.0031 1548 i8042prt - ok
11:01:04.0109 1548 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:01:04.0140 1548 idsvc - ok
11:01:04.0140 1548 iirsp - ok
11:01:04.0156 1548 imapi (44c132b35921b54b4a9ac64369d86d83) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:01:04.0156 1548 imapi - ok
11:01:04.0171 1548 ImapiService (49a76bcf36940160eed20c7a442de5c0) C:\WINDOWS\system32\imapi.exe
11:01:04.0171 1548 ImapiService - ok
11:01:04.0171 1548 IntelIde - ok
11:01:04.0187 1548 intelppm (023e134a7ac283a4c98aa6b6e3071011) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:01:04.0187 1548 intelppm - ok
11:01:04.0203 1548 Ip6Fw (d7e7e7898a05c53dd862b49828747c1e) C:\WINDOWS\system32\drivers\ip6fw.sys
11:01:04.0203 1548 Ip6Fw - ok
11:01:04.0218 1548 IpFilterDriver (5a41f207b7c39ee4918f7496a4f19b14) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:01:04.0218 1548 IpFilterDriver - ok
11:01:04.0218 1548 IpInIp - ok
11:01:04.0234 1548 IpNat (890e7a14a63aec2ea9257a79a88be784) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:01:04.0234 1548 IpNat - ok
11:01:04.0250 1548 IPSec (1a9aeac49683b32df55b7fb1516f3028) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:01:04.0250 1548 IPSec - ok
11:01:04.0250 1548 ipsraidn - ok
11:01:04.0281 1548 IRENUM (11407ee682a2d5b0248de8af0f1a6996) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:01:04.0281 1548 IRENUM - ok
11:01:04.0296 1548 isapnp (594b3575841cce2d61fb1378d4d21c4b) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:01:04.0296 1548 isapnp - ok
11:01:04.0296 1548 IsmServ (e66dd05456c118d3eaa849119c776198) C:\WINDOWS\System32\ismserv.exe
11:01:04.0296 1548 IsmServ - ok
11:01:04.0312 1548 Kbdclass (5541f163eb44c8e8218ee64a401d4828) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:01:04.0312 1548 Kbdclass - ok
11:01:04.0328 1548 kbdhid (2bd6d1152ae200e461a2f63513a39a76) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:01:04.0328 1548 kbdhid - ok
11:01:04.0328 1548 kdc (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\System32\lsass.exe
11:01:04.0343 1548 kdc - ok
11:01:04.0359 1548 KSecDD (9a99005e1a41ab360de231fb8e2f6184) C:\WINDOWS\system32\drivers\KSecDD.sys
11:01:04.0359 1548 KSecDD - ok
11:01:04.0390 1548 lanmanserver (1ac1035516a5f5f0498fec20017e2760) C:\WINDOWS\System32\srvsvc.dll
11:01:04.0390 1548 lanmanserver - ok
11:01:04.0406 1548 lanmanworkstation (762f158557669a5286009ba96076bbef) C:\WINDOWS\System32\wkssvc.dll
11:01:04.0406 1548 lanmanworkstation - ok
11:01:04.0437 1548 LicenseService (ff4bcdfbcab29e3693e9f590a3bd049e) C:\WINDOWS\System32\llssrv.exe
11:01:04.0437 1548 LicenseService - ok
11:01:04.0453 1548 LmHosts (0d33e8556415df4d43b7f739f2b02cb6) C:\WINDOWS\System32\lmhsvc.dll
11:01:04.0453 1548 LmHosts - ok
11:01:04.0453 1548 lp6nds35 - ok
11:01:04.0484 1548 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
11:01:04.0484 1548 MBAMProtector - ok
11:01:04.0531 1548 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:01:04.0609 1548 MBAMService - ok
11:01:04.0640 1548 Messenger (8546e3d3080f6523f3468a7bea90f563) C:\WINDOWS\System32\msgsvc.dll
11:01:04.0640 1548 Messenger - ok
11:01:04.0640 1548 mnmdd (c35bb38904d843c0465858195b30dab7) C:\WINDOWS\system32\drivers\mnmdd.sys
11:01:04.0640 1548 mnmdd - ok
11:01:04.0718 1548 mnmsrvc (e168f4dc68b11a7afb47caf061fdc518) C:\WINDOWS\system32\mnmsrvc.exe
11:01:04.0718 1548 mnmsrvc - ok
11:01:04.0734 1548 Modem (72932940895e750c035593703704e180) C:\WINDOWS\system32\drivers\Modem.sys
11:01:04.0734 1548 Modem - ok
11:01:04.0750 1548 Mouclass (a4d407dc70a148f56ce8b9b74f1761a9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:01:04.0750 1548 Mouclass - ok
11:01:04.0781 1548 mouhid (c428dccf73fe393fa936b7fb6ef5bc10) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:01:04.0781 1548 mouhid - ok
11:01:04.0781 1548 MountMgr (fc43a7a34309c750b9daeadf2f6ec9b9) C:\WINDOWS\system32\drivers\MountMgr.sys
11:01:04.0781 1548 MountMgr - ok
11:01:04.0781 1548 mraid35x - ok
11:01:04.0812 1548 MRxDAV (ab6db63a1791f8e86b085291686464fd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:01:04.0812 1548 MRxDAV - ok
11:01:04.0859 1548 MRxSmb (da38b4528a78a1adab76e28669f2a6e7) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:01:04.0859 1548 MRxSmb - ok
11:01:04.0875 1548 MSDTC (2eaa1763a77be385b9a71a843c7f159e) C:\WINDOWS\system32\msdtc.exe
11:01:04.0875 1548 MSDTC - ok
11:01:04.0890 1548 Msfs (8f50b87361585763841c6b603d23260c) C:\WINDOWS\system32\drivers\Msfs.sys
11:01:04.0890 1548 Msfs - ok
11:01:04.0890 1548 MSIServer - ok
11:01:04.0906 1548 mssmbios (92afab2f216ce8ffbad3bc510fcf4a33) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:01:04.0906 1548 mssmbios - ok
11:01:04.0921 1548 Mup (e0c7b0d27376d7341fc0a0797476adec) C:\WINDOWS\system32\drivers\Mup.sys
11:01:04.0921 1548 Mup - ok
11:01:04.0953 1548 NDIS (33739ab31d36184772af1ee132d5c2e2) C:\WINDOWS\system32\drivers\NDIS.sys
11:01:04.0953 1548 NDIS - ok
11:01:04.0968 1548 NdisTapi (bbab8ce7a8d2b1302da0b03825d9cae4) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:01:04.0968 1548 NdisTapi - ok
11:01:04.0968 1548 Ndisuio (8b8e682b03483092e17ab9dfe70fedff) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:01:04.0968 1548 Ndisuio - ok
11:01:04.0984 1548 NdisWan (1b397eef4614419be5679e0209f7848b) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:01:04.0984 1548 NdisWan - ok
11:01:05.0015 1548 NDProxy (5298ed90bbe5c5eeedc363eed2888a25) C:\WINDOWS\system32\drivers\NDProxy.sys
11:01:05.0015 1548 NDProxy - ok
11:01:05.0015 1548 NetBIOS (a0d5d6ae530ca78a062fc0471f1e6f78) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:01:05.0015 1548 NetBIOS - ok
11:01:05.0031 1548 NetBT (5cd7cca08498ec8753b22e92d367ca11) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:01:05.0031 1548 NetBT - ok
11:01:05.0062 1548 NetDDE (abb4edcf188410f8a161d95e04d413fe) C:\WINDOWS\system32\netdde.exe
11:01:05.0062 1548 NetDDE - ok
11:01:05.0062 1548 NetDDEdsdm (abb4edcf188410f8a161d95e04d413fe) C:\WINDOWS\system32\netdde.exe
11:01:05.0062 1548 NetDDEdsdm - ok
11:01:05.0062 1548 Netlogon (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:05.0078 1548 Netlogon - ok
11:01:05.0093 1548 Netman (77762f17701a7ea1ea55c146b47c4153) C:\WINDOWS\System32\netman.dll
11:01:05.0093 1548 Netman - ok
11:01:05.0187 1548 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:01:05.0203 1548 NetTcpPortSharing - ok
11:01:05.0203 1548 nfrd960 - ok
11:01:05.0218 1548 Nla (de6da4d7eb502a3a6e907beaf0a1c357) C:\WINDOWS\System32\mswsock.dll
11:01:05.0218 1548 Nla - ok
11:01:05.0234 1548 Npfs (d5bb605f6dcbdfe0129670c8de57913e) C:\WINDOWS\system32\drivers\Npfs.sys
11:01:05.0234 1548 Npfs - ok
11:01:05.0281 1548 NtFrs (a873e1f1380a0a8aacdbbb68fd98d4af) C:\WINDOWS\system32\ntfrs.exe
11:01:05.0281 1548 NtFrs - ok
11:01:05.0312 1548 Ntfs (482ea51aadb8763a0f67588c394ec693) C:\WINDOWS\system32\drivers\Ntfs.sys
11:01:05.0312 1548 Ntfs - ok
11:01:05.0312 1548 NtLmSsp (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:05.0312 1548 NtLmSsp - ok
11:01:05.0343 1548 NtmsSvc (d00dc457ae061255376d01daa7e12215) C:\WINDOWS\system32\ntmssvc.dll
11:01:05.0343 1548 NtmsSvc - ok
11:01:05.0359 1548 Null (5db0ede7aaf3a7bc9110d18c12524be0) C:\WINDOWS\system32\drivers\Null.sys
11:01:05.0359 1548 Null - ok
11:01:05.0375 1548 Parport (84fa4b753afb258b1a5f6dcb0f02f7cc) C:\WINDOWS\system32\drivers\Parport.sys
11:01:05.0375 1548 Parport - ok
11:01:05.0375 1548 PartMgr (4eb6f7418959444a06d3c51eb81bff04) C:\WINDOWS\system32\drivers\PartMgr.sys
11:01:05.0375 1548 PartMgr - ok
11:01:05.0390 1548 PCI (cb24a8b8a7ddd3b0544b6fe8d3fe66d6) C:\WINDOWS\system32\DRIVERS\pci.sys
11:01:05.0390 1548 PCI - ok
11:01:05.0406 1548 PCIIde (6b1bfb220a66b3dcfdceef7a811ca7a5) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:01:05.0406 1548 PCIIde - ok
11:01:05.0421 1548 Pcmcia (e467ec1aeb4c1fde2855a9e77919023b) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:01:05.0421 1548 Pcmcia - ok
11:01:05.0421 1548 PDCOMP - ok
11:01:05.0421 1548 PDFRAME - ok
11:01:05.0421 1548 PDRELI - ok
11:01:05.0421 1548 PDRFRAME - ok
11:01:05.0421 1548 perc2 - ok
11:01:05.0437 1548 perc2hib - ok
11:01:05.0453 1548 PlugPlay (b79eba3c42a33cf4162d95abdb46f3bd) C:\WINDOWS\system32\services.exe
11:01:05.0453 1548 PlugPlay - ok
11:01:05.0453 1548 PolicyAgent (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:05.0453 1548 PolicyAgent - ok
11:01:05.0468 1548 PptpMiniport (4454f2639bcca93be86a45137e427277) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:01:05.0468 1548 PptpMiniport - ok
11:01:05.0468 1548 ProtectedStorage (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:05.0468 1548 ProtectedStorage - ok
11:01:05.0484 1548 Ptilink (0320fd91fb5ed4298355977cecfc0eb4) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:01:05.0484 1548 Ptilink - ok
11:01:05.0484 1548 ql1080 - ok
11:01:05.0484 1548 Ql10wnt - ok
11:01:05.0484 1548 ql12160 - ok
11:01:05.0484 1548 ql1240 - ok
11:01:05.0484 1548 ql1280 - ok
11:01:05.0484 1548 ql2100 - ok
11:01:05.0500 1548 ql2200 - ok
11:01:05.0500 1548 ql2300 - ok
11:01:05.0515 1548 Quota (4170b0aa11263977f487402a65ff23da) C:\WINDOWS\system32\DRIVERS\quota.sys
11:01:05.0515 1548 Quota - ok
11:01:05.0515 1548 RasAcd (48ee7b6802c0306f9a66f34db7e9ef75) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:01:05.0515 1548 RasAcd - ok
11:01:05.0531 1548 RasAuto (c9734bc62a2f8d2984afebb81f668aff) C:\WINDOWS\System32\rasauto.dll
11:01:05.0531 1548 RasAuto - ok
11:01:05.0703 1548 Rasl2tp (3633175613e052ecb41776dee2777a89) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:01:05.0703 1548 Rasl2tp - ok
11:01:05.0718 1548 RasMan (df77f3b4c3bb121123fd1b2b2334f7d3) C:\WINDOWS\System32\rasmans.dll
11:01:05.0718 1548 RasMan - ok
11:01:05.0734 1548 RasPppoe (59842f0a22216a71cade6f89fe84c973) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:01:05.0734 1548 RasPppoe - ok
11:01:05.0734 1548 Raspti (5b11871de804d3ed28bbdcc65fe14ede) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:01:05.0734 1548 Raspti - ok
11:01:05.0765 1548 Rdbss (4496b15c44ccb703fbc54f2cf5b67f15) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:01:05.0765 1548 Rdbss - ok
11:01:05.0765 1548 RDPCDD (ac5bb528ecd2bea4ff4bff9df9baf749) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:01:05.0765 1548 RDPCDD - ok
11:01:05.0781 1548 rdpdr (ff678596b761e1ccba79f49981ef51bc) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:01:05.0781 1548 rdpdr - ok
11:01:05.0812 1548 RDPWD (477d7af3c3583eb85e23375225650b1c) C:\WINDOWS\system32\drivers\RDPWD.sys
11:01:05.0812 1548 RDPWD - ok
11:01:05.0828 1548 RDSessMgr (a27b1d24a1121513382194b32ea6b4f6) C:\WINDOWS\system32\sessmgr.exe
11:01:05.0828 1548 RDSessMgr - ok
11:01:05.0859 1548 redbook (6d876fa36ddd3da0b1294867141abb2d) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:01:05.0859 1548 redbook - ok
11:01:05.0890 1548 RemoteAccess (4aca887b1a6b26f24dc8b03bd12a2d33) C:\WINDOWS\System32\mprdim.dll
11:01:05.0890 1548 RemoteAccess - ok
11:01:05.0906 1548 RemoteRegistry (0a4623c5c3ebb192d127b43c2319d085) C:\WINDOWS\system32\regsvc.dll
11:01:05.0906 1548 RemoteRegistry - ok
11:01:05.0921 1548 RpcLocator (afb5bfd1ec830a18478029766ec1ac89) C:\WINDOWS\system32\locator.exe
11:01:05.0921 1548 RpcLocator - ok
11:01:05.0953 1548 RpcSs (55ed2759baf4b85d5f0667e52a3ebc1c) C:\WINDOWS\system32\rpcss.dll
11:01:05.0953 1548 RpcSs - ok
11:01:05.0968 1548 RSoPProv (8692ffbd25112db70d80c5e80bf70a47) C:\WINDOWS\system32\RSoPProv.exe
11:01:05.0968 1548 RSoPProv - ok
11:01:05.0984 1548 sacdrv (93f7e478182436fb28b5bc4efefba3f2) C:\WINDOWS\system32\drivers\sacdrv.sys
11:01:05.0984 1548 sacdrv - ok
11:01:06.0000 1548 sacsvr (ad4a6c910c94d93d49e9b08ee7302100) C:\WINDOWS\system32\sacsvr.dll
11:01:06.0000 1548 sacsvr - ok
11:01:06.0015 1548 SamSs (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:06.0015 1548 SamSs - ok
11:01:06.0031 1548 SCardSvr (1e2e1ffc16eea0f0a97ba8b8806aca02) C:\WINDOWS\System32\SCardSvr.exe
11:01:06.0031 1548 SCardSvr - ok
11:01:06.0046 1548 Schedule (0fb88f92dabb7cefd99dc4d6b6dc003a) C:\WINDOWS\system32\schedsvc.dll
11:01:06.0046 1548 Schedule - ok
11:01:06.0078 1548 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:01:06.0078 1548 Secdrv - ok
11:01:06.0093 1548 seclogon (b79afcd405a2f2982ea1c8cd11d232a0) C:\WINDOWS\System32\seclogon.dll
11:01:06.0093 1548 seclogon - ok
11:01:06.0109 1548 SENS (5ef9462a8b97a4a9ee154d7ffb04b51b) C:\WINDOWS\system32\sens.dll
11:01:06.0109 1548 SENS - ok
11:01:06.0125 1548 Serial (fd5aab58d58c10af5fcf76ad32ace1a2) C:\WINDOWS\system32\drivers\Serial.sys
11:01:06.0125 1548 Serial - ok
11:01:06.0140 1548 Sfloppy (831826dc54fa225f0b654ef2f1e13af9) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:01:06.0140 1548 Sfloppy - ok
11:01:06.0171 1548 SharedAccess (1259c7b94c1ed5675d64bb5c5629bfe5) C:\WINDOWS\system32\ipnathlp.dll
11:01:06.0171 1548 SharedAccess - ok
11:01:06.0187 1548 ShellHWDetection (f58d7f5c5666e34f9408765e48b84d64) C:\WINDOWS\System32\shsvcs.dll
11:01:06.0187 1548 ShellHWDetection - ok
11:01:06.0187 1548 Simbad - ok
11:01:06.0218 1548 Spooler (041f69258bcd69c68c67f963779b07bd) C:\WINDOWS\system32\spoolsv.exe
11:01:06.0218 1548 Spooler - ok
11:01:06.0234 1548 SrmReports (dd32563ad6423de26578506aa455570b) C:\WINDOWS\system32\srmhost.exe
11:01:06.0234 1548 SrmReports - ok
11:01:06.0296 1548 SrmSvc (8865c4e1139fb26957c41575b0b5c546) C:\WINDOWS\system32\srmsvc.dll
11:01:06.0296 1548 SrmSvc - ok
11:01:07.0375 1548 Srv (a0356a7f9bb65096aa901fd266061b8e) C:\WINDOWS\system32\DRIVERS\srv.sys
11:01:07.0375 1548 Srv - ok
11:01:07.0406 1548 stisvc (c2cfe3f0cf96a4ca395ea38d285fd42a) C:\WINDOWS\system32\wiaservc.dll
11:01:07.0406 1548 stisvc - ok
11:01:07.0421 1548 swenum (93965919785102ba847545ab460ce2df) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:01:07.0421 1548 swenum - ok
11:01:07.0453 1548 swprv (4dbd0c9ad9f642140d1b1cfad3407f41) C:\WINDOWS\System32\swprv.dll
11:01:07.0453 1548 swprv - ok
11:01:07.0453 1548 symc810 - ok
11:01:07.0468 1548 symc8xx - ok
11:01:07.0468 1548 symmpi - ok
11:01:07.0468 1548 sym_hi - ok
11:01:07.0468 1548 sym_u3 - ok
11:01:07.0484 1548 SysmonLog (51cb46c7a0715cc978e513c585725700) C:\WINDOWS\system32\smlogsvc.exe
11:01:07.0484 1548 SysmonLog - ok
11:01:07.0515 1548 TapiSrv (a8467a77ff20e6a36cb99e23245b0a31) C:\WINDOWS\System32\tapisrv.dll
11:01:07.0515 1548 TapiSrv - ok
11:01:07.0671 1548 Tcpip (238dc2b879d1b37b91f8d5d44f3815d3) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:01:07.0671 1548 Tcpip - ok
11:01:07.0703 1548 TDPIPE (45d49fb800463de84d1cc2e231319ad5) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:01:07.0703 1548 TDPIPE - ok
11:01:07.0703 1548 TDTCP (d7c31008de209b8b11ced207580e9c91) C:\WINDOWS\system32\drivers\TDTCP.sys
11:01:07.0703 1548 TDTCP - ok
11:01:07.0875 1548 TeamViewer6 (efd6843c137991cd253ca959e300e886) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
11:01:07.0953 1548 TeamViewer6 - ok
11:01:09.0000 1548 TermDD (a01e46fff445a38d35db188c5458582c) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:01:09.0000 1548 TermDD - ok
11:01:09.0031 1548 TermService (7d47faf49fec87419e768a6041aee1c8) C:\WINDOWS\System32\termsrv.dll
11:01:09.0031 1548 TermService - ok
11:01:09.0046 1548 Themes (f58d7f5c5666e34f9408765e48b84d64) C:\WINDOWS\System32\shsvcs.dll
11:01:09.0046 1548 Themes - ok
11:01:09.0062 1548 TlntSvr (660b841044ee9cfcb3a2fdc5436913c7) C:\WINDOWS\system32\tlntsvr.exe
11:01:09.0062 1548 TlntSvr - ok
11:01:09.0078 1548 TosIde - ok
11:01:09.0093 1548 TrkSvr (443d3670490deaf9ba01258546c72260) C:\WINDOWS\system32\trksvr.dll
11:01:09.0093 1548 TrkSvr - ok
11:01:09.0125 1548 TrkWks (a284615441fd1b8fb717bfe470725714) C:\WINDOWS\system32\trkwks.dll
11:01:09.0125 1548 TrkWks - ok
11:01:09.0125 1548 Tssdis (fceeea1418a223b95afea84539f10fca) C:\WINDOWS\System32\tssdis.exe
11:01:09.0125 1548 Tssdis - ok
11:01:09.0140 1548 Udfs (c26024265a7523312a5d06fc33aa57aa) C:\WINDOWS\system32\drivers\Udfs.sys
11:01:09.0140 1548 Udfs - ok
11:01:09.0140 1548 ultra - ok
11:01:09.0171 1548 UMWdf (dd32c6b33f9c1c77a5bc987770da8497) C:\WINDOWS\system32\wdfmgr.exe
11:01:09.0171 1548 UMWdf - ok
11:01:09.0203 1548 Update (b0e133858e63940755b496761834f334) C:\WINDOWS\system32\DRIVERS\update.sys
11:01:09.0203 1548 Update - ok
11:01:09.0218 1548 UPS (73663ca937f20d0f7e8e1f6fd35e0668) C:\WINDOWS\System32\ups.exe
11:01:09.0218 1548 UPS - ok
11:01:09.0234 1548 usbccgp (185959a7fccfd38aa71a274ae6252b88) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:01:09.0234 1548 usbccgp - ok
11:01:09.0250 1548 usbehci (9dd4aba9462938734bcbf51d8669c884) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:01:09.0250 1548 usbehci - ok
11:01:09.0250 1548 usbhub (17859937740bc0d422fe71a588d6ddf7) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:01:09.0250 1548 usbhub - ok
11:01:09.0265 1548 USBSTOR (d0740ff9f7e819486e88096826b4dc37) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:01:09.0265 1548 USBSTOR - ok
11:01:09.0281 1548 usbuhci (cbd3053337bb475f442a892edf671312) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:01:09.0281 1548 usbuhci - ok
11:01:09.0312 1548 vds (2ace9a1f493bccf1e6949beb72c9a7c0) C:\WINDOWS\System32\vds.exe
11:01:09.0312 1548 vds - ok
11:01:09.0328 1548 vga (2eb062b434792bb6bb614f107dd3a5cf) C:\WINDOWS\system32\DRIVERS\vgapnp.sys
11:01:09.0328 1548 vga - ok
11:01:09.0328 1548 VgaSave (062fbc10147fd837d819f94aa394e661) C:\WINDOWS\System32\drivers\vga.sys
11:01:09.0328 1548 VgaSave - ok
11:01:09.0328 1548 ViaIde - ok
11:01:09.0359 1548 VolSnap (f2f21e9a8f3664aacf466c4f0e6c7615) C:\WINDOWS\system32\DRIVERS\volsnap.sys
11:01:09.0359 1548 VolSnap - ok
11:01:09.0390 1548 VSS (ddf8202e75439cd0b950a5dd7943200e) C:\WINDOWS\System32\vssvc.exe
11:01:09.0406 1548 VSS - ok
11:01:09.0421 1548 W32Time (cf6b84697a41a1cd9bd3efa695fe4312) C:\WINDOWS\system32\w32time.dll
11:01:09.0421 1548 W32Time - ok
11:01:09.0437 1548 Wanarp (ce030b1d05a01fa012d32f2d25676b1c) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:01:09.0437 1548 Wanarp - ok
11:01:09.0437 1548 WDICA - ok
11:01:09.0453 1548 WebClient (4d620ef7673aa26368456b02ae030ded) C:\WINDOWS\System32\webclnt.dll
11:01:09.0468 1548 WebClient - ok
11:01:09.0468 1548 WinHttpAutoProxySvc - ok
11:01:09.0531 1548 winmgmt (f5c3eb2e0e8cdbaf27b7bdbbcbbbc0f2) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:01:09.0562 1548 winmgmt - ok
11:01:09.0687 1548 WLBS (731dc1bdcde63517a41cb5362de65413) C:\WINDOWS\system32\DRIVERS\wlbs.sys
11:01:09.0687 1548 WLBS - ok
11:01:09.0718 1548 WmdmPmSN (78b3f6a4e9c552ade391a7bc6c0fe14d) C:\WINDOWS\system32\mspmsnsv.dll
11:01:09.0718 1548 WmdmPmSN - ok
11:01:09.0765 1548 Wmi (57a0ac31bbba9b6401396fda5eddfbe4) C:\WINDOWS\System32\advapi32.dll
11:01:09.0765 1548 Wmi - ok
11:01:09.0781 1548 WmiApSrv (79149c460c84b5d0eebaeba3fc4928b6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:01:09.0781 1548 WmiApSrv - ok
11:01:09.0796 1548 wuauserv (944de567177944676391bafa4373d180) C:\WINDOWS\system32\wuauserv.dll
11:01:09.0796 1548 wuauserv - ok
11:01:09.0828 1548 WZCSVC (728100245b98d0360afad40b07672091) C:\WINDOWS\System32\wzcsvc.dll
11:01:09.0843 1548 WZCSVC - ok
11:01:09.0859 1548 xmlprov (5a396db61227f425c4f2ad1a2136ae4d) C:\WINDOWS\System32\xmlprov.dll
11:01:09.0859 1548 xmlprov - ok
11:01:09.0937 1548 yukonwxp (67331fd053f97a874a60374be6b59523) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
11:01:09.0937 1548 yukonwxp - ok
11:01:09.0953 1548 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
11:01:10.0203 1548 \Device\Harddisk0\DR0 - ok
11:01:10.0218 1548 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
11:01:10.0218 1548 \Device\Harddisk1\DR1 - ok
11:01:10.0218 1548 MBR (0x1B8) (a8456faca2873a12e264109df6178720) \Device\Harddisk2\DR5
11:01:10.0453 1548 \Device\Harddisk2\DR5 - ok
11:01:10.0609 1548 Boot (0x1200) (27583a07a07d33197a5cb01f5c8966d1) \Device\Harddisk0\DR0\Partition0
11:01:10.0671 1548 \Device\Harddisk0\DR0\Partition0 - ok
11:01:10.0687 1548 Boot (0x1200) (0890141af4f8bdc4b3ef84f29415c6d8) \Device\Harddisk0\DR0\Partition1
11:01:10.0718 1548 \Device\Harddisk0\DR0\Partition1 - ok
11:01:10.0734 1548 Boot (0x1200) (0493a2186e700231f57cebb0afe63736) \Device\Harddisk1\DR1\Partition0
11:01:10.0734 1548 \Device\Harddisk1\DR1\Partition0 - ok
11:01:10.0734 1548 Boot (0x1200) (1e94b80da274a537d1b519bd96bee072) \Device\Harddisk2\DR5\Partition0
11:01:10.0734 1548 \Device\Harddisk2\DR5\Partition0 - ok
11:01:10.0734 1548 ============================================================
11:01:10.0734 1548 Scan finished
11:01:10.0734 1548 ============================================================
11:01:10.0734 3272 Detected object count: 0
11:01:10.0734 3272 Actual detected object count: 0
11:00:54.0140 3112 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
11:00:54.0250 3112 ============================================================
11:00:54.0250 3112 Current date / time: 2012/06/01 11:00:54.0250
11:00:54.0250 3112 SystemInfo:
11:00:54.0250 3112
11:00:54.0250 3112 OS Version: 5.2.3790 ServicePack: 2.0
11:00:54.0250 3112 Product type: Domain controller
11:00:54.0250 3112 ComputerName: SERVER-NOVOB
11:00:54.0250 3112 UserName: Administrator
11:00:54.0250 3112 Windows directory: C:\WINDOWS
11:00:54.0250 3112 System windows directory: C:\WINDOWS
11:00:54.0250 3112 Processor architecture: Intel x86
11:00:54.0250 3112 Number of processors: 4
11:00:54.0250 3112 Page size: 0x1000
11:00:54.0250 3112 Boot type: Normal boot
11:00:54.0250 3112 ============================================================
11:00:55.0828 3112 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:00:55.0843 3112 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:00:55.0843 3112 Drive \Device\Harddisk2\DR5 - Size: 0xEEE00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:00:55.0843 3112 ============================================================
11:00:55.0843 3112 \Device\Harddisk0\DR0:
11:00:55.0859 3112 MBR partitions:
11:00:55.0859 3112 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x140245B
11:00:55.0875 3112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14024D9, BlocksNum 0x56142E28
11:00:55.0875 3112 \Device\Harddisk1\DR1:
11:00:55.0875 3112 MBR partitions:
11:00:55.0875 3112 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
11:00:55.0875 3112 \Device\Harddisk2\DR5:
11:00:55.0875 3112 MBR partitions:
11:00:55.0875 3112 \Device\Harddisk2\DR5\Partition0: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x776700
11:00:55.0875 3112 ============================================================
11:00:55.0906 3112 D: <-> \Device\Harddisk1\DR1\Partition0
11:00:55.0937 3112 E: <-> \Device\Harddisk0\DR0\Partition1
11:00:55.0968 3112 C: <-> \Device\Harddisk0\DR0\Partition0
11:00:55.0968 3112 ============================================================
11:00:55.0968 3112 Initialize success
11:00:55.0968 3112 ============================================================
11:00:57.0953 1548 ============================================================
11:00:57.0953 1548 Scan started
11:00:57.0953 1548 Mode: Manual;
11:00:57.0953 1548 ============================================================
11:01:01.0093 1548 Abiosdsk - ok
11:01:01.0125 1548 ACPI (c8d767277d2b675de6be04f18b44ef67) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:01:01.0125 1548 ACPI - ok
11:01:01.0140 1548 ACPIEC (59a7172f3cec7bd1c7f00f59655fbc12) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:01:01.0140 1548 ACPIEC - ok
11:01:01.0140 1548 adpu160m - ok
11:01:01.0140 1548 adpu320 - ok
11:01:01.0156 1548 AeLookupSvc (5db198f5b68388724bafd79ada67ed3d) C:\WINDOWS\System32\aelupsvc.dll
11:01:01.0156 1548 AeLookupSvc - ok
11:01:01.0156 1548 afcnt - ok
11:01:01.0171 1548 AFD (5b69998f9d6ac16e25ffd7c690de54f5) C:\WINDOWS\System32\drivers\afd.sys
11:01:01.0171 1548 AFD - ok
11:01:01.0187 1548 aic78u2 - ok
11:01:01.0187 1548 aic78xx - ok
11:01:01.0203 1548 Alerter (d229dcf0a6e8eb882dcebd941ff21a71) C:\WINDOWS\system32\alrsvc.dll
11:01:01.0203 1548 Alerter - ok
11:01:01.0218 1548 ALG (7d8740605871deaf788e8b51e5d30d6b) C:\WINDOWS\System32\alg.exe
11:01:01.0218 1548 ALG - ok
11:01:01.0218 1548 AliIde - ok
11:01:01.0234 1548 AmdIde (a382e54a06c38731187c8213d184d52a) C:\WINDOWS\system32\drivers\AmdIde.sys
11:01:01.0234 1548 AmdIde - ok
11:01:01.0234 1548 AppMgmt (d1da59ba82c5feaa632fd25594348061) C:\WINDOWS\System32\appmgmts.dll
11:01:01.0250 1548 AppMgmt - ok
11:01:01.0265 1548 arc (a9c7273645a06a01ac2ca070d7d7ec87) C:\WINDOWS\system32\drivers\arc.sys
11:01:01.0265 1548 arc - ok
11:01:01.0453 1548 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:01:01.0453 1548 aspnet_state - ok
11:01:01.0468 1548 AsyncMac (a35b971f631d4dfdeb68d71e770d2ce9) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:01:01.0468 1548 AsyncMac - ok
11:01:01.0484 1548 atapi (ff953a8f08ca3f822127654375786bbe) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:01:01.0484 1548 atapi - ok
11:01:01.0500 1548 Atdisk - ok
11:01:01.0578 1548 Ati HotKey Poller (fe66abf84c0eb599a2d3b6323f2789f8) C:\WINDOWS\system32\Ati2evxx.exe
11:01:01.0578 1548 Ati HotKey Poller - ok
11:01:01.0625 1548 ATI Smart (576bb7e22e34ba94a75c855f980571b7) C:\WINDOWS\system32\ati2sgag.exe
11:01:01.0625 1548 ATI Smart - ok
11:01:01.0796 1548 ati2mtag (365e08750277c7319fbc721edd377929) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:01:01.0812 1548 ati2mtag - ok
11:01:02.0750 1548 Atmarpc (d12dad5032285343ce3aa4906f661181) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:01:02.0750 1548 Atmarpc - ok
11:01:02.0765 1548 AudioSrv (8b2f0eb741366ffd2cfb38f19df4c8f4) C:\WINDOWS\System32\audiosrv.dll
11:01:02.0765 1548 AudioSrv - ok
11:01:02.0796 1548 audstub (5bfd980c2107d88101d1dc14055526fc) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:01:02.0796 1548 audstub - ok
11:01:02.0796 1548 Beep (99572503e15a3d10239b7b9887cbaf89) C:\WINDOWS\system32\drivers\Beep.sys
11:01:02.0812 1548 Beep - ok
11:01:02.0828 1548 BITS (7de111d387fb879afc740256bf01dbcb) C:\WINDOWS\system32\qmgr.dll
11:01:02.0828 1548 BITS - ok
11:01:02.0843 1548 Browser (6a8d9dcfcf0ef3ec8181610499798d50) C:\WINDOWS\System32\browser.dll
11:01:02.0843 1548 Browser - ok
11:01:02.0859 1548 cbidf2k (1342877de604a5a6bff986e288e3a8a7) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:01:02.0859 1548 cbidf2k - ok
11:01:02.0859 1548 cd20xrnt - ok
11:01:02.0890 1548 Cdfs (e6d72780c957b69c48bfc66bc3ecdad4) C:\WINDOWS\system32\drivers\Cdfs.sys
11:01:02.0890 1548 Cdfs - ok
11:01:02.0906 1548 Cdrom (825aa877a852ecc731fa0c39c8c37744) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:01:02.0906 1548 Cdrom - ok
11:01:02.0906 1548 Changer - ok
11:01:02.0921 1548 CiSvc (d15cc26204188e09ec9dd49a983d4351) C:\WINDOWS\system32\cisvc.exe
11:01:02.0921 1548 CiSvc - ok
11:01:02.0937 1548 ClipSrv (ab451cc4cde5994e7978c4128c8a5795) C:\WINDOWS\system32\clipsrv.exe
11:01:02.0937 1548 ClipSrv - ok
11:01:03.0109 1548 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:01:03.0109 1548 clr_optimization_v2.0.50727_32 - ok
11:01:03.0140 1548 ClusDisk (54308cdf97622fae1620bb1ec39ef014) C:\WINDOWS\system32\DRIVERS\ClusDisk.sys
11:01:03.0140 1548 ClusDisk - ok
11:01:03.0140 1548 CmdIde - ok
11:01:03.0140 1548 COMSysApp - ok
11:01:03.0140 1548 Cpqarray - ok
11:01:03.0140 1548 cpqarry2 - ok
11:01:03.0156 1548 cpqcissm - ok
11:01:03.0156 1548 cpqfcalm - ok
11:01:03.0171 1548 crcdisk (0ee27d9dbb208c13314f3c60f66aed26) C:\WINDOWS\system32\DRIVERS\crcdisk.sys
11:01:03.0171 1548 crcdisk - ok
11:01:03.0187 1548 CryptSvc (0db8ae9db459a146788e32f4b0daff83) C:\WINDOWS\System32\cryptsvc.dll
11:01:03.0187 1548 CryptSvc - ok
11:01:03.0187 1548 dac2w2k - ok
11:01:03.0187 1548 dac960nt - ok
11:01:03.0218 1548 Datascrn (56e00d53e7c6b25492aa8f45989a3360) C:\WINDOWS\system32\DRIVERS\datascrn.sys
11:01:03.0218 1548 Datascrn - ok
11:01:03.0250 1548 DcomLaunch (55ed2759baf4b85d5f0667e52a3ebc1c) C:\WINDOWS\system32\rpcss.dll
11:01:03.0250 1548 DcomLaunch - ok
11:01:03.0250 1548 dellcerc - ok
11:01:03.0281 1548 Dfs (a55275f92366e4a26fbb431d65d03478) C:\WINDOWS\system32\Dfssvc.exe
11:01:03.0281 1548 Dfs - ok
11:01:03.0281 1548 DfsDriver (444726b01c31d29c70e60f7c35de43e5) C:\WINDOWS\system32\drivers\Dfs.sys
11:01:03.0281 1548 DfsDriver - ok
11:01:03.0312 1548 Dhcp (2c61af71017a74b9d10c7d45094c5839) C:\WINDOWS\System32\dhcpcsvc.dll
11:01:03.0312 1548 Dhcp - ok
11:01:03.0328 1548 DHCPServer (ea38b76fb5dc39c89e4c07800829cc93) C:\WINDOWS\system32\tcpsvcs.exe
11:01:03.0328 1548 DHCPServer - ok
11:01:03.0343 1548 Disk (98433302c02f1168efb7364f8111a179) C:\WINDOWS\system32\DRIVERS\disk.sys
11:01:03.0343 1548 Disk - ok
11:01:03.0343 1548 dmadmin - ok
11:01:03.0359 1548 dmboot (74ec1bc61c76a5b5128af400f7e8077c) C:\WINDOWS\system32\drivers\dmboot.sys
11:01:03.0359 1548 dmboot - ok
11:01:03.0375 1548 dmio (254eb2d0a04d1ab073f5b619916f93d5) C:\WINDOWS\system32\drivers\dmio.sys
11:01:03.0375 1548 dmio - ok
11:01:03.0390 1548 dmload (3d9bfa13b6f1cd2d91c50c52b32e91a2) C:\WINDOWS\system32\drivers\dmload.sys
11:01:03.0390 1548 dmload - ok
11:01:03.0390 1548 dmserver (e6a3dba4c2f033423d95ba5f5c3c651b) C:\WINDOWS\System32\dmserver.dll
11:01:03.0390 1548 dmserver - ok
11:01:03.0406 1548 DNS (6038826d58063782aae5b0e3186a767d) C:\WINDOWS\System32\dns.exe
11:01:03.0406 1548 DNS - ok
11:01:03.0421 1548 Dnscache (46411cd4f7f01cc56de676f5b9cc996d) C:\WINDOWS\System32\dnsrslvr.dll
11:01:03.0421 1548 Dnscache - ok
11:01:03.0421 1548 dpti2o - ok
11:01:03.0421 1548 elxstor - ok
11:01:03.0437 1548 ERSvc (1f0f42ab862dc684457b7380f1ff9398) C:\WINDOWS\System32\ersvc.dll
11:01:03.0437 1548 ERSvc - ok
11:01:03.0453 1548 Eventlog (b79eba3c42a33cf4162d95abdb46f3bd) C:\WINDOWS\system32\services.exe
11:01:03.0453 1548 Eventlog - ok
11:01:03.0484 1548 EventSystem (f638c48e30c62bdec946bf86e1be0f57) C:\WINDOWS\system32\es.dll
11:01:03.0484 1548 EventSystem - ok
11:01:03.0531 1548 Fastfat (e792a18abdc32286212dce8e75baa124) C:\WINDOWS\system32\drivers\Fastfat.sys
11:01:03.0531 1548 Fastfat - ok
11:01:03.0531 1548 Fdc (5090cd3f6ab1d71ad507953cff556ea9) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:01:03.0531 1548 Fdc - ok
11:01:03.0578 1548 Fips (020c9839d3686510a66c67e5a778f007) C:\WINDOWS\system32\drivers\Fips.sys
11:01:03.0578 1548 Fips - ok
11:01:03.0593 1548 Flpydisk (c621a51f415419a3145a5939abde39fa) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:01:03.0593 1548 Flpydisk - ok
11:01:03.0765 1548 FltMgr (f978277ef786532195cdd9f88e908632) C:\WINDOWS\system32\drivers\fltmgr.sys
11:01:03.0781 1548 FltMgr - ok
11:01:03.0843 1548 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:01:03.0843 1548 FontCache3.0.0.0 - ok
11:01:03.0843 1548 Fs_Rec (aebff3d810b74971b91b2b77b289a98b) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:01:03.0843 1548 Fs_Rec - ok
11:01:03.0875 1548 Ftdisk (1f231871066f5060d79c98dc05dc7a60) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:01:03.0875 1548 Ftdisk - ok
11:01:03.0890 1548 Gpc (30b1653a955f548352024a5fee203cc3) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:01:03.0890 1548 Gpc - ok
11:01:03.0906 1548 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:01:03.0906 1548 HDAudBus - ok
11:01:03.0937 1548 helpsvc (93f9de03509fbf6aacefd62a1f5106b4) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:01:03.0937 1548 helpsvc - ok
11:01:03.0937 1548 HidServ - ok
11:01:03.0953 1548 hidusb (90a325e14f9b95f17712707b1a7181b5) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:01:03.0968 1548 hidusb - ok
11:01:03.0984 1548 hpcisss (8a445379d6e73731a6a37318dbb0c880) C:\WINDOWS\system32\drivers\hpcisss.sys
11:01:03.0984 1548 hpcisss - ok
11:01:03.0984 1548 hpn - ok
11:01:03.0984 1548 hpt3xx - ok
11:01:04.0015 1548 HTTP (40e177ffcda73034d3725b503e90d5a8) C:\WINDOWS\system32\Drivers\HTTP.sys
11:01:04.0015 1548 HTTP - ok
11:01:04.0015 1548 HTTPFilter (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\System32\lsass.exe
11:01:04.0015 1548 HTTPFilter - ok
11:01:04.0015 1548 i2omgmt - ok
11:01:04.0015 1548 i2omp - ok
11:01:04.0031 1548 i8042prt (65699f55ef1c396d44a6eb835e600be5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:01:04.0031 1548 i8042prt - ok
11:01:04.0109 1548 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:01:04.0140 1548 idsvc - ok
11:01:04.0140 1548 iirsp - ok
11:01:04.0156 1548 imapi (44c132b35921b54b4a9ac64369d86d83) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:01:04.0156 1548 imapi - ok
11:01:04.0171 1548 ImapiService (49a76bcf36940160eed20c7a442de5c0) C:\WINDOWS\system32\imapi.exe
11:01:04.0171 1548 ImapiService - ok
11:01:04.0171 1548 IntelIde - ok
11:01:04.0187 1548 intelppm (023e134a7ac283a4c98aa6b6e3071011) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:01:04.0187 1548 intelppm - ok
11:01:04.0203 1548 Ip6Fw (d7e7e7898a05c53dd862b49828747c1e) C:\WINDOWS\system32\drivers\ip6fw.sys
11:01:04.0203 1548 Ip6Fw - ok
11:01:04.0218 1548 IpFilterDriver (5a41f207b7c39ee4918f7496a4f19b14) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:01:04.0218 1548 IpFilterDriver - ok
11:01:04.0218 1548 IpInIp - ok
11:01:04.0234 1548 IpNat (890e7a14a63aec2ea9257a79a88be784) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:01:04.0234 1548 IpNat - ok
11:01:04.0250 1548 IPSec (1a9aeac49683b32df55b7fb1516f3028) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:01:04.0250 1548 IPSec - ok
11:01:04.0250 1548 ipsraidn - ok
11:01:04.0281 1548 IRENUM (11407ee682a2d5b0248de8af0f1a6996) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:01:04.0281 1548 IRENUM - ok
11:01:04.0296 1548 isapnp (594b3575841cce2d61fb1378d4d21c4b) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:01:04.0296 1548 isapnp - ok
11:01:04.0296 1548 IsmServ (e66dd05456c118d3eaa849119c776198) C:\WINDOWS\System32\ismserv.exe
11:01:04.0296 1548 IsmServ - ok
11:01:04.0312 1548 Kbdclass (5541f163eb44c8e8218ee64a401d4828) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:01:04.0312 1548 Kbdclass - ok
11:01:04.0328 1548 kbdhid (2bd6d1152ae200e461a2f63513a39a76) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:01:04.0328 1548 kbdhid - ok
11:01:04.0328 1548 kdc (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\System32\lsass.exe
11:01:04.0343 1548 kdc - ok
11:01:04.0359 1548 KSecDD (9a99005e1a41ab360de231fb8e2f6184) C:\WINDOWS\system32\drivers\KSecDD.sys
11:01:04.0359 1548 KSecDD - ok
11:01:04.0390 1548 lanmanserver (1ac1035516a5f5f0498fec20017e2760) C:\WINDOWS\System32\srvsvc.dll
11:01:04.0390 1548 lanmanserver - ok
11:01:04.0406 1548 lanmanworkstation (762f158557669a5286009ba96076bbef) C:\WINDOWS\System32\wkssvc.dll
11:01:04.0406 1548 lanmanworkstation - ok
11:01:04.0437 1548 LicenseService (ff4bcdfbcab29e3693e9f590a3bd049e) C:\WINDOWS\System32\llssrv.exe
11:01:04.0437 1548 LicenseService - ok
11:01:04.0453 1548 LmHosts (0d33e8556415df4d43b7f739f2b02cb6) C:\WINDOWS\System32\lmhsvc.dll
11:01:04.0453 1548 LmHosts - ok
11:01:04.0453 1548 lp6nds35 - ok
11:01:04.0484 1548 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
11:01:04.0484 1548 MBAMProtector - ok
11:01:04.0531 1548 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:01:04.0609 1548 MBAMService - ok
11:01:04.0640 1548 Messenger (8546e3d3080f6523f3468a7bea90f563) C:\WINDOWS\System32\msgsvc.dll
11:01:04.0640 1548 Messenger - ok
11:01:04.0640 1548 mnmdd (c35bb38904d843c0465858195b30dab7) C:\WINDOWS\system32\drivers\mnmdd.sys
11:01:04.0640 1548 mnmdd - ok
11:01:04.0718 1548 mnmsrvc (e168f4dc68b11a7afb47caf061fdc518) C:\WINDOWS\system32\mnmsrvc.exe
11:01:04.0718 1548 mnmsrvc - ok
11:01:04.0734 1548 Modem (72932940895e750c035593703704e180) C:\WINDOWS\system32\drivers\Modem.sys
11:01:04.0734 1548 Modem - ok
11:01:04.0750 1548 Mouclass (a4d407dc70a148f56ce8b9b74f1761a9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:01:04.0750 1548 Mouclass - ok
11:01:04.0781 1548 mouhid (c428dccf73fe393fa936b7fb6ef5bc10) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:01:04.0781 1548 mouhid - ok
11:01:04.0781 1548 MountMgr (fc43a7a34309c750b9daeadf2f6ec9b9) C:\WINDOWS\system32\drivers\MountMgr.sys
11:01:04.0781 1548 MountMgr - ok
11:01:04.0781 1548 mraid35x - ok
11:01:04.0812 1548 MRxDAV (ab6db63a1791f8e86b085291686464fd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:01:04.0812 1548 MRxDAV - ok
11:01:04.0859 1548 MRxSmb (da38b4528a78a1adab76e28669f2a6e7) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:01:04.0859 1548 MRxSmb - ok
11:01:04.0875 1548 MSDTC (2eaa1763a77be385b9a71a843c7f159e) C:\WINDOWS\system32\msdtc.exe
11:01:04.0875 1548 MSDTC - ok
11:01:04.0890 1548 Msfs (8f50b87361585763841c6b603d23260c) C:\WINDOWS\system32\drivers\Msfs.sys
11:01:04.0890 1548 Msfs - ok
11:01:04.0890 1548 MSIServer - ok
11:01:04.0906 1548 mssmbios (92afab2f216ce8ffbad3bc510fcf4a33) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:01:04.0906 1548 mssmbios - ok
11:01:04.0921 1548 Mup (e0c7b0d27376d7341fc0a0797476adec) C:\WINDOWS\system32\drivers\Mup.sys
11:01:04.0921 1548 Mup - ok
11:01:04.0953 1548 NDIS (33739ab31d36184772af1ee132d5c2e2) C:\WINDOWS\system32\drivers\NDIS.sys
11:01:04.0953 1548 NDIS - ok
11:01:04.0968 1548 NdisTapi (bbab8ce7a8d2b1302da0b03825d9cae4) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:01:04.0968 1548 NdisTapi - ok
11:01:04.0968 1548 Ndisuio (8b8e682b03483092e17ab9dfe70fedff) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:01:04.0968 1548 Ndisuio - ok
11:01:04.0984 1548 NdisWan (1b397eef4614419be5679e0209f7848b) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:01:04.0984 1548 NdisWan - ok
11:01:05.0015 1548 NDProxy (5298ed90bbe5c5eeedc363eed2888a25) C:\WINDOWS\system32\drivers\NDProxy.sys
11:01:05.0015 1548 NDProxy - ok
11:01:05.0015 1548 NetBIOS (a0d5d6ae530ca78a062fc0471f1e6f78) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:01:05.0015 1548 NetBIOS - ok
11:01:05.0031 1548 NetBT (5cd7cca08498ec8753b22e92d367ca11) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:01:05.0031 1548 NetBT - ok
11:01:05.0062 1548 NetDDE (abb4edcf188410f8a161d95e04d413fe) C:\WINDOWS\system32\netdde.exe
11:01:05.0062 1548 NetDDE - ok
11:01:05.0062 1548 NetDDEdsdm (abb4edcf188410f8a161d95e04d413fe) C:\WINDOWS\system32\netdde.exe
11:01:05.0062 1548 NetDDEdsdm - ok
11:01:05.0062 1548 Netlogon (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:05.0078 1548 Netlogon - ok
11:01:05.0093 1548 Netman (77762f17701a7ea1ea55c146b47c4153) C:\WINDOWS\System32\netman.dll
11:01:05.0093 1548 Netman - ok
11:01:05.0187 1548 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:01:05.0203 1548 NetTcpPortSharing - ok
11:01:05.0203 1548 nfrd960 - ok
11:01:05.0218 1548 Nla (de6da4d7eb502a3a6e907beaf0a1c357) C:\WINDOWS\System32\mswsock.dll
11:01:05.0218 1548 Nla - ok
11:01:05.0234 1548 Npfs (d5bb605f6dcbdfe0129670c8de57913e) C:\WINDOWS\system32\drivers\Npfs.sys
11:01:05.0234 1548 Npfs - ok
11:01:05.0281 1548 NtFrs (a873e1f1380a0a8aacdbbb68fd98d4af) C:\WINDOWS\system32\ntfrs.exe
11:01:05.0281 1548 NtFrs - ok
11:01:05.0312 1548 Ntfs (482ea51aadb8763a0f67588c394ec693) C:\WINDOWS\system32\drivers\Ntfs.sys
11:01:05.0312 1548 Ntfs - ok
11:01:05.0312 1548 NtLmSsp (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:05.0312 1548 NtLmSsp - ok
11:01:05.0343 1548 NtmsSvc (d00dc457ae061255376d01daa7e12215) C:\WINDOWS\system32\ntmssvc.dll
11:01:05.0343 1548 NtmsSvc - ok
11:01:05.0359 1548 Null (5db0ede7aaf3a7bc9110d18c12524be0) C:\WINDOWS\system32\drivers\Null.sys
11:01:05.0359 1548 Null - ok
11:01:05.0375 1548 Parport (84fa4b753afb258b1a5f6dcb0f02f7cc) C:\WINDOWS\system32\drivers\Parport.sys
11:01:05.0375 1548 Parport - ok
11:01:05.0375 1548 PartMgr (4eb6f7418959444a06d3c51eb81bff04) C:\WINDOWS\system32\drivers\PartMgr.sys
11:01:05.0375 1548 PartMgr - ok
11:01:05.0390 1548 PCI (cb24a8b8a7ddd3b0544b6fe8d3fe66d6) C:\WINDOWS\system32\DRIVERS\pci.sys
11:01:05.0390 1548 PCI - ok
11:01:05.0406 1548 PCIIde (6b1bfb220a66b3dcfdceef7a811ca7a5) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:01:05.0406 1548 PCIIde - ok
11:01:05.0421 1548 Pcmcia (e467ec1aeb4c1fde2855a9e77919023b) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:01:05.0421 1548 Pcmcia - ok
11:01:05.0421 1548 PDCOMP - ok
11:01:05.0421 1548 PDFRAME - ok
11:01:05.0421 1548 PDRELI - ok
11:01:05.0421 1548 PDRFRAME - ok
11:01:05.0421 1548 perc2 - ok
11:01:05.0437 1548 perc2hib - ok
11:01:05.0453 1548 PlugPlay (b79eba3c42a33cf4162d95abdb46f3bd) C:\WINDOWS\system32\services.exe
11:01:05.0453 1548 PlugPlay - ok
11:01:05.0453 1548 PolicyAgent (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:05.0453 1548 PolicyAgent - ok
11:01:05.0468 1548 PptpMiniport (4454f2639bcca93be86a45137e427277) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:01:05.0468 1548 PptpMiniport - ok
11:01:05.0468 1548 ProtectedStorage (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:05.0468 1548 ProtectedStorage - ok
11:01:05.0484 1548 Ptilink (0320fd91fb5ed4298355977cecfc0eb4) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:01:05.0484 1548 Ptilink - ok
11:01:05.0484 1548 ql1080 - ok
11:01:05.0484 1548 Ql10wnt - ok
11:01:05.0484 1548 ql12160 - ok
11:01:05.0484 1548 ql1240 - ok
11:01:05.0484 1548 ql1280 - ok
11:01:05.0484 1548 ql2100 - ok
11:01:05.0500 1548 ql2200 - ok
11:01:05.0500 1548 ql2300 - ok
11:01:05.0515 1548 Quota (4170b0aa11263977f487402a65ff23da) C:\WINDOWS\system32\DRIVERS\quota.sys
11:01:05.0515 1548 Quota - ok
11:01:05.0515 1548 RasAcd (48ee7b6802c0306f9a66f34db7e9ef75) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:01:05.0515 1548 RasAcd - ok
11:01:05.0531 1548 RasAuto (c9734bc62a2f8d2984afebb81f668aff) C:\WINDOWS\System32\rasauto.dll
11:01:05.0531 1548 RasAuto - ok
11:01:05.0703 1548 Rasl2tp (3633175613e052ecb41776dee2777a89) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:01:05.0703 1548 Rasl2tp - ok
11:01:05.0718 1548 RasMan (df77f3b4c3bb121123fd1b2b2334f7d3) C:\WINDOWS\System32\rasmans.dll
11:01:05.0718 1548 RasMan - ok
11:01:05.0734 1548 RasPppoe (59842f0a22216a71cade6f89fe84c973) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:01:05.0734 1548 RasPppoe - ok
11:01:05.0734 1548 Raspti (5b11871de804d3ed28bbdcc65fe14ede) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:01:05.0734 1548 Raspti - ok
11:01:05.0765 1548 Rdbss (4496b15c44ccb703fbc54f2cf5b67f15) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:01:05.0765 1548 Rdbss - ok
11:01:05.0765 1548 RDPCDD (ac5bb528ecd2bea4ff4bff9df9baf749) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:01:05.0765 1548 RDPCDD - ok
11:01:05.0781 1548 rdpdr (ff678596b761e1ccba79f49981ef51bc) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:01:05.0781 1548 rdpdr - ok
11:01:05.0812 1548 RDPWD (477d7af3c3583eb85e23375225650b1c) C:\WINDOWS\system32\drivers\RDPWD.sys
11:01:05.0812 1548 RDPWD - ok
11:01:05.0828 1548 RDSessMgr (a27b1d24a1121513382194b32ea6b4f6) C:\WINDOWS\system32\sessmgr.exe
11:01:05.0828 1548 RDSessMgr - ok
11:01:05.0859 1548 redbook (6d876fa36ddd3da0b1294867141abb2d) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:01:05.0859 1548 redbook - ok
11:01:05.0890 1548 RemoteAccess (4aca887b1a6b26f24dc8b03bd12a2d33) C:\WINDOWS\System32\mprdim.dll
11:01:05.0890 1548 RemoteAccess - ok
11:01:05.0906 1548 RemoteRegistry (0a4623c5c3ebb192d127b43c2319d085) C:\WINDOWS\system32\regsvc.dll
11:01:05.0906 1548 RemoteRegistry - ok
11:01:05.0921 1548 RpcLocator (afb5bfd1ec830a18478029766ec1ac89) C:\WINDOWS\system32\locator.exe
11:01:05.0921 1548 RpcLocator - ok
11:01:05.0953 1548 RpcSs (55ed2759baf4b85d5f0667e52a3ebc1c) C:\WINDOWS\system32\rpcss.dll
11:01:05.0953 1548 RpcSs - ok
11:01:05.0968 1548 RSoPProv (8692ffbd25112db70d80c5e80bf70a47) C:\WINDOWS\system32\RSoPProv.exe
11:01:05.0968 1548 RSoPProv - ok
11:01:05.0984 1548 sacdrv (93f7e478182436fb28b5bc4efefba3f2) C:\WINDOWS\system32\drivers\sacdrv.sys
11:01:05.0984 1548 sacdrv - ok
11:01:06.0000 1548 sacsvr (ad4a6c910c94d93d49e9b08ee7302100) C:\WINDOWS\system32\sacsvr.dll
11:01:06.0000 1548 sacsvr - ok
11:01:06.0015 1548 SamSs (ab43a68417864c942222bc64ce5932b3) C:\WINDOWS\system32\lsass.exe
11:01:06.0015 1548 SamSs - ok
11:01:06.0031 1548 SCardSvr (1e2e1ffc16eea0f0a97ba8b8806aca02) C:\WINDOWS\System32\SCardSvr.exe
11:01:06.0031 1548 SCardSvr - ok
11:01:06.0046 1548 Schedule (0fb88f92dabb7cefd99dc4d6b6dc003a) C:\WINDOWS\system32\schedsvc.dll
11:01:06.0046 1548 Schedule - ok
11:01:06.0078 1548 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:01:06.0078 1548 Secdrv - ok
11:01:06.0093 1548 seclogon (b79afcd405a2f2982ea1c8cd11d232a0) C:\WINDOWS\System32\seclogon.dll
11:01:06.0093 1548 seclogon - ok
11:01:06.0109 1548 SENS (5ef9462a8b97a4a9ee154d7ffb04b51b) C:\WINDOWS\system32\sens.dll
11:01:06.0109 1548 SENS - ok
11:01:06.0125 1548 Serial (fd5aab58d58c10af5fcf76ad32ace1a2) C:\WINDOWS\system32\drivers\Serial.sys
11:01:06.0125 1548 Serial - ok
11:01:06.0140 1548 Sfloppy (831826dc54fa225f0b654ef2f1e13af9) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:01:06.0140 1548 Sfloppy - ok
11:01:06.0171 1548 SharedAccess (1259c7b94c1ed5675d64bb5c5629bfe5) C:\WINDOWS\system32\ipnathlp.dll
11:01:06.0171 1548 SharedAccess - ok
11:01:06.0187 1548 ShellHWDetection (f58d7f5c5666e34f9408765e48b84d64) C:\WINDOWS\System32\shsvcs.dll
11:01:06.0187 1548 ShellHWDetection - ok
11:01:06.0187 1548 Simbad - ok
11:01:06.0218 1548 Spooler (041f69258bcd69c68c67f963779b07bd) C:\WINDOWS\system32\spoolsv.exe
11:01:06.0218 1548 Spooler - ok
11:01:06.0234 1548 SrmReports (dd32563ad6423de26578506aa455570b) C:\WINDOWS\system32\srmhost.exe
11:01:06.0234 1548 SrmReports - ok
11:01:06.0296 1548 SrmSvc (8865c4e1139fb26957c41575b0b5c546) C:\WINDOWS\system32\srmsvc.dll
11:01:06.0296 1548 SrmSvc - ok
11:01:07.0375 1548 Srv (a0356a7f9bb65096aa901fd266061b8e) C:\WINDOWS\system32\DRIVERS\srv.sys
11:01:07.0375 1548 Srv - ok
11:01:07.0406 1548 stisvc (c2cfe3f0cf96a4ca395ea38d285fd42a) C:\WINDOWS\system32\wiaservc.dll
11:01:07.0406 1548 stisvc - ok
11:01:07.0421 1548 swenum (93965919785102ba847545ab460ce2df) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:01:07.0421 1548 swenum - ok
11:01:07.0453 1548 swprv (4dbd0c9ad9f642140d1b1cfad3407f41) C:\WINDOWS\System32\swprv.dll
11:01:07.0453 1548 swprv - ok
11:01:07.0453 1548 symc810 - ok
11:01:07.0468 1548 symc8xx - ok
11:01:07.0468 1548 symmpi - ok
11:01:07.0468 1548 sym_hi - ok
11:01:07.0468 1548 sym_u3 - ok
11:01:07.0484 1548 SysmonLog (51cb46c7a0715cc978e513c585725700) C:\WINDOWS\system32\smlogsvc.exe
11:01:07.0484 1548 SysmonLog - ok
11:01:07.0515 1548 TapiSrv (a8467a77ff20e6a36cb99e23245b0a31) C:\WINDOWS\System32\tapisrv.dll
11:01:07.0515 1548 TapiSrv - ok
11:01:07.0671 1548 Tcpip (238dc2b879d1b37b91f8d5d44f3815d3) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:01:07.0671 1548 Tcpip - ok
11:01:07.0703 1548 TDPIPE (45d49fb800463de84d1cc2e231319ad5) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:01:07.0703 1548 TDPIPE - ok
11:01:07.0703 1548 TDTCP (d7c31008de209b8b11ced207580e9c91) C:\WINDOWS\system32\drivers\TDTCP.sys
11:01:07.0703 1548 TDTCP - ok
11:01:07.0875 1548 TeamViewer6 (efd6843c137991cd253ca959e300e886) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
11:01:07.0953 1548 TeamViewer6 - ok
11:01:09.0000 1548 TermDD (a01e46fff445a38d35db188c5458582c) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:01:09.0000 1548 TermDD - ok
11:01:09.0031 1548 TermService (7d47faf49fec87419e768a6041aee1c8) C:\WINDOWS\System32\termsrv.dll
11:01:09.0031 1548 TermService - ok
11:01:09.0046 1548 Themes (f58d7f5c5666e34f9408765e48b84d64) C:\WINDOWS\System32\shsvcs.dll
11:01:09.0046 1548 Themes - ok
11:01:09.0062 1548 TlntSvr (660b841044ee9cfcb3a2fdc5436913c7) C:\WINDOWS\system32\tlntsvr.exe
11:01:09.0062 1548 TlntSvr - ok
11:01:09.0078 1548 TosIde - ok
11:01:09.0093 1548 TrkSvr (443d3670490deaf9ba01258546c72260) C:\WINDOWS\system32\trksvr.dll
11:01:09.0093 1548 TrkSvr - ok
11:01:09.0125 1548 TrkWks (a284615441fd1b8fb717bfe470725714) C:\WINDOWS\system32\trkwks.dll
11:01:09.0125 1548 TrkWks - ok
11:01:09.0125 1548 Tssdis (fceeea1418a223b95afea84539f10fca) C:\WINDOWS\System32\tssdis.exe
11:01:09.0125 1548 Tssdis - ok
11:01:09.0140 1548 Udfs (c26024265a7523312a5d06fc33aa57aa) C:\WINDOWS\system32\drivers\Udfs.sys
11:01:09.0140 1548 Udfs - ok
11:01:09.0140 1548 ultra - ok
11:01:09.0171 1548 UMWdf (dd32c6b33f9c1c77a5bc987770da8497) C:\WINDOWS\system32\wdfmgr.exe
11:01:09.0171 1548 UMWdf - ok
11:01:09.0203 1548 Update (b0e133858e63940755b496761834f334) C:\WINDOWS\system32\DRIVERS\update.sys
11:01:09.0203 1548 Update - ok
11:01:09.0218 1548 UPS (73663ca937f20d0f7e8e1f6fd35e0668) C:\WINDOWS\System32\ups.exe
11:01:09.0218 1548 UPS - ok
11:01:09.0234 1548 usbccgp (185959a7fccfd38aa71a274ae6252b88) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:01:09.0234 1548 usbccgp - ok
11:01:09.0250 1548 usbehci (9dd4aba9462938734bcbf51d8669c884) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:01:09.0250 1548 usbehci - ok
11:01:09.0250 1548 usbhub (17859937740bc0d422fe71a588d6ddf7) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:01:09.0250 1548 usbhub - ok
11:01:09.0265 1548 USBSTOR (d0740ff9f7e819486e88096826b4dc37) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:01:09.0265 1548 USBSTOR - ok
11:01:09.0281 1548 usbuhci (cbd3053337bb475f442a892edf671312) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:01:09.0281 1548 usbuhci - ok
11:01:09.0312 1548 vds (2ace9a1f493bccf1e6949beb72c9a7c0) C:\WINDOWS\System32\vds.exe
11:01:09.0312 1548 vds - ok
11:01:09.0328 1548 vga (2eb062b434792bb6bb614f107dd3a5cf) C:\WINDOWS\system32\DRIVERS\vgapnp.sys
11:01:09.0328 1548 vga - ok
11:01:09.0328 1548 VgaSave (062fbc10147fd837d819f94aa394e661) C:\WINDOWS\System32\drivers\vga.sys
11:01:09.0328 1548 VgaSave - ok
11:01:09.0328 1548 ViaIde - ok
11:01:09.0359 1548 VolSnap (f2f21e9a8f3664aacf466c4f0e6c7615) C:\WINDOWS\system32\DRIVERS\volsnap.sys
11:01:09.0359 1548 VolSnap - ok
11:01:09.0390 1548 VSS (ddf8202e75439cd0b950a5dd7943200e) C:\WINDOWS\System32\vssvc.exe
11:01:09.0406 1548 VSS - ok
11:01:09.0421 1548 W32Time (cf6b84697a41a1cd9bd3efa695fe4312) C:\WINDOWS\system32\w32time.dll
11:01:09.0421 1548 W32Time - ok
11:01:09.0437 1548 Wanarp (ce030b1d05a01fa012d32f2d25676b1c) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:01:09.0437 1548 Wanarp - ok
11:01:09.0437 1548 WDICA - ok
11:01:09.0453 1548 WebClient (4d620ef7673aa26368456b02ae030ded) C:\WINDOWS\System32\webclnt.dll
11:01:09.0468 1548 WebClient - ok
11:01:09.0468 1548 WinHttpAutoProxySvc - ok
11:01:09.0531 1548 winmgmt (f5c3eb2e0e8cdbaf27b7bdbbcbbbc0f2) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:01:09.0562 1548 winmgmt - ok
11:01:09.0687 1548 WLBS (731dc1bdcde63517a41cb5362de65413) C:\WINDOWS\system32\DRIVERS\wlbs.sys
11:01:09.0687 1548 WLBS - ok
11:01:09.0718 1548 WmdmPmSN (78b3f6a4e9c552ade391a7bc6c0fe14d) C:\WINDOWS\system32\mspmsnsv.dll
11:01:09.0718 1548 WmdmPmSN - ok
11:01:09.0765 1548 Wmi (57a0ac31bbba9b6401396fda5eddfbe4) C:\WINDOWS\System32\advapi32.dll
11:01:09.0765 1548 Wmi - ok
11:01:09.0781 1548 WmiApSrv (79149c460c84b5d0eebaeba3fc4928b6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:01:09.0781 1548 WmiApSrv - ok
11:01:09.0796 1548 wuauserv (944de567177944676391bafa4373d180) C:\WINDOWS\system32\wuauserv.dll
11:01:09.0796 1548 wuauserv - ok
11:01:09.0828 1548 WZCSVC (728100245b98d0360afad40b07672091) C:\WINDOWS\System32\wzcsvc.dll
11:01:09.0843 1548 WZCSVC - ok
11:01:09.0859 1548 xmlprov (5a396db61227f425c4f2ad1a2136ae4d) C:\WINDOWS\System32\xmlprov.dll
11:01:09.0859 1548 xmlprov - ok
11:01:09.0937 1548 yukonwxp (67331fd053f97a874a60374be6b59523) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
11:01:09.0937 1548 yukonwxp - ok
11:01:09.0953 1548 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
11:01:10.0203 1548 \Device\Harddisk0\DR0 - ok
11:01:10.0218 1548 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
11:01:10.0218 1548 \Device\Harddisk1\DR1 - ok
11:01:10.0218 1548 MBR (0x1B8) (a8456faca2873a12e264109df6178720) \Device\Harddisk2\DR5
11:01:10.0453 1548 \Device\Harddisk2\DR5 - ok
11:01:10.0609 1548 Boot (0x1200) (27583a07a07d33197a5cb01f5c8966d1) \Device\Harddisk0\DR0\Partition0
11:01:10.0671 1548 \Device\Harddisk0\DR0\Partition0 - ok
11:01:10.0687 1548 Boot (0x1200) (0890141af4f8bdc4b3ef84f29415c6d8) \Device\Harddisk0\DR0\Partition1
11:01:10.0718 1548 \Device\Harddisk0\DR0\Partition1 - ok
11:01:10.0734 1548 Boot (0x1200) (0493a2186e700231f57cebb0afe63736) \Device\Harddisk1\DR1\Partition0
11:01:10.0734 1548 \Device\Harddisk1\DR1\Partition0 - ok
11:01:10.0734 1548 Boot (0x1200) (1e94b80da274a537d1b519bd96bee072) \Device\Harddisk2\DR5\Partition0
11:01:10.0734 1548 \Device\Harddisk2\DR5\Partition0 - ok
11:01:10.0734 1548 ============================================================
11:01:10.0734 1548 Scan finished
11:01:10.0734 1548 ============================================================
11:01:10.0734 3272 Detected object count: 0
11:01:10.0734 3272 Actual detected object count: 0
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Nelze zobrazit stránky microsoftu a antivirových společn
Ano, mozes , ak vsetko ok, tak to je vsetko.Postup z tvého blogu můžu použít na všechny infikovaná PC?
Nemas zaco.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Přispějete na provoz fóra?